→ Version 5.2
This data protection notice informs you about the processing of your personal data and your rights under the General Data Protection Regulation (GDPR).
Unless otherwise stated below, the controller (Art. 4 No. 7 GDPR) for the data processing described below is
Schwarz Digits Cloud GmbH & Co. KG
Am Campus 1
74177 Bad Friedrichshall
Email: website@digits.schwarz
Phone: 07132 30 474747
The information contained in this section applies equally to our websites and the associated subdomains or subpages.
When you use our websites, the browser used on your end device automatically and without your intervention
are sent to the server of our website and temporarily stored in a log file for the following purposes
The legal basis for this data processing is Art. 6 para. 1 sentence 1 f) GDPR. The legitimate interest arises from the protection of our systems and the prevention of abusive or fraudulent behavior each time a user accesses this website.
The log files are stored for 30 days.
We process personal data that you send us as part of your inquiry by email/post/telephone/contact form exclusively for the purpose of processing your inquiry.
We process information that you send us via the contact or registration form for registration for events (e.g. trade fair events or our webinars) for the selection and processing of corresponding registrations as well as the organization and implementation of the event.
Otherwise, the legal basis is Art. 6 para. 1 sentence 1 f) GDPR. Our legitimate interest arises from the aim of responding to your customer inquiry and thus promoting customer satisfaction or selecting and processing corresponding event registrations and organizing and holding the event.
If you register for an event, we will also transmit the contact details you provided when registering for certain events (in particular your name, email address, company, job title, telephone number) to other participants and any exhibitors at this event in order to enable them to contact you after the event, e.g. for advertising purposes, networking, etc. We will indicate whether such data transmission takes place by means of a corresponding note in the registration form. The legal basis for data processing is your consent in accordance with Art. 6 para. 1 sentence 1 a) GDPR, which you give when registering for a corresponding event. Your consent is voluntary, as you are free not to register for the relevant events. You can also revoke your consent at any time by sending an email to info@stackit.cloud. In this case, your data will not be transmitted to other participants or exhibitors, unless this has already been done. This will not affect the lawfulness of the data processing carried out up until receipt of your revocation.
Insofar as we request your consent to data processing in advance in the context of communication with you, Art. 6 para. 1 sentence 1 a) GDPR is the legal basis.
If you provide us with personal data as part of the contact options in the course of initiating a contract or an existing contractual relationship, Art. 6 para. 1 sentence 1 b) GDPR is the legal basis for data processing. This also applies to data processing for the purposes of organizing and conducting events in which you participate, insofar as you are personally a party to the corresponding contract for event participation (conditions of participation) and not, for example, your employer.
The data will be stored for 90 days after completion of your request. Experience has shown that no further queries are to be expected after this period.
We delete personal data for the selection and processing of event participation 90 days after the final selection and processing, unless an event invitation is issued.
If the data processing is based on your consent, we store the logging of the consent you have given for verification purposes for three years, starting from the time at which you withdraw your consent or the associated data processing has ended.
If legal claims are asserted, your data will be stored for three years after your request has been completed, starting at the end of the calendar year, to prove that we have fulfilled any legal claims.
We store personal data that you transmit to us as part of the initiation or execution of a contract for up to twelve years due to statutory retention obligations.
We are partly responsible for the data collection and processing described below and partly the respective operators of the social media platforms. For certain processing operations, we and the platform operators also act as joint controllers within the meaning of Art. 26 GDPR.
We operate the following social media sites:
We have only limited influence on the data processing by the operators of the social media platform (e.g. management of members and the information shared). At the points where we can exert influence and parameterize data processing, we work towards data protection-compliant handling by the operator of the social media platform within the scope of the possibilities available to us. In many places, however, we cannot influence the data processing by the operator of the social media platform and do not know exactly what data it processes.
The platform operator operates the entire IT infrastructure of the service, maintains its own data protection regulations and maintains its own user relationship with you (if you are a registered user of the social media service). In addition, the operator is solely responsible for all questions relating to the data in your user profile, to which we as a company have no access.
You can find more information on data processing by the provider of the social media platform and other objection options in the provider's privacy policy:
The purpose of data processing by us on our social media presences is to inform customers about services, promotions, competitions, factual topics, company news and interaction with visitors to the social media presences on these topics, as well as to respond to corresponding queries, praise or criticism.
We only reserve the right to delete content should this be necessary. We may share your content on our site if this is a function of the social media platform and communicate with you via the social media platform. The legal basis is Art. 6 para. 1 sentence 1 f) GDPR. Data processing is carried out in the interest of our public relations and communication. The operator has no influence on the processing of your data carried out by us in the context of customer communication or competitions.
As already mentioned, we take care to design our social media pages to be as data protection compliant as possible where the provider of the social media platform gives us the opportunity to do so.
The data you enter on our social media pages, such as comments, videos, images, likes, public messages, etc., are published by the social media platform for this purpose and are not used or processed by us for any other purpose at any time. We only reserve the right to delete illegal content if this should be necessary. This is the case, for example, with posts that violate the law or are illegal, hate comments, offensive comments (explicitly sexual content) or attachments (e.g. images or videos) that may violate copyrights, personal rights or criminal laws.
We may share your content on our site if this is a function of the social media platform and communicate via the social media platform. If you send us a request on the social media platform, we may also refer you to other secure communication channels that guarantee confidentiality, depending on the required response. You always have the option of sending us confidential inquiries to our address stated under point 1 or in the legal notice.
We will delete or securely anonymize all personal data that you provide to us in the event of inquiries no later than 90 days after the final response to you. The 90-day retention period is due to the fact that you may occasionally contact us again about the same matter after a reply and we may then need to refer to the previous correspondence. Experience has shown that, as a rule, there are no further queries about our responses after 90 days. If you assert your rights as a data subject, your personal data will be stored for three years after the final reply to prove that we have provided you with comprehensive information and that the legal requirements have been met.
All public posts by you on one of our social media pages will remain in the timeline indefinitely, unless we delete them due to an update of the underlying topic, a legal violation or a violation of our guidelines, or you delete the post yourself. We have no means of influencing the deletion of your data by the operator itself. The data protection provisions of the respective operator therefore also apply.
We use the Sales Navigator function on LinkedIn. This enables us to search for corresponding profiles of LinkedIn users based on certain criteria, such as interests, professional background, place of work specified in the profile or similar, and to contact these users based on this. The Sales Navigator includes a messaging function that we can use to contact you via the profiles of our employees on LinkedIn. Messages that we exchange with you via this function on LinkedIn are stored by us for the duration of your use of the Sales Navigator. The communication that takes place in this way is not publicly visible to other users on LinkedIn. The legal basis for the data processing described is Art. 6 para. 1 sentence 1 f) GDPR. The legitimate interest lies in establishing contact and forming a network of people who may be interested in STACKIT.
We also use the "Generate leads" function on the LinkedIn platform. In a first step, certain characteristics are used to pre-filter which profiles are shown our advertisements. The legal basis for this is Art. 6 para. 1 sentence 1 f) GDPR. The legitimate interest is to be able to display the ads to target groups relevant to STACKIT.
When you click on our advertisements on LinkedIn, you have the option of leaving your name and business contact details and requesting that STACKIT contact you to obtain further information about our products. The data you provide will be transferred to our customer database. The legal basis for this is Art. 6 para. 1 sentence 1 f) GDPR. The legitimate interest lies in effective communication with interested parties. If you provide us with personal data in the course of initiating a contract or an existing contractual relationship, Art. 6 para. 1 sentence 1 b) GDPR is the legal basis for data processing.
All personal data that you provide to us in the aforementioned manner will be deleted or securely anonymized by us no later than 90 days after the final reply to you. The 90-day retention period is due to the fact that you may occasionally contact us again about the same matter after a reply and we may then need to refer to the previous correspondence. Experience has shown that, as a rule, there are no more queries about our responses after 90 days.
We store personal data that you transmit to us as part of the initiation or execution of a contract for a period of up to twelve years due to statutory retention obligations.
There is a partial relationship with the operator of the social media service in accordance with Art. 26 para. 1 GDPR (joint responsibility):
For the web tracking methods used by the operator of the social media platform, the platform operators and we act as joint controllers. Web tracking can also take place regardless of whether you are logged in or registered with the social media platform. As already explained, we unfortunately have little influence on the web tracking methods of the social media platform. For example, we cannot switch this off.
The legal basis for the web tracking methods is Art. 6 para. 1 sentence 1 f) GDPR. The interest in optimizing the social media platform and the respective fan page is to be regarded as legitimate within the meaning of the aforementioned provision.
Further information on the recipients or categories of recipients as well as the storage period or the criteria for determining the storage period can be found in the data protection declarations of the platform operators. We have no influence over these.
The options for exercising your rights to prevent these web tracking methods can be found in the privacy policies of the platform operators. You can also contact the platform operators using the contact details provided in the respective legal notice.
With regard to statistics that the provider of the social media platform makes available to us, we can only influence and prevent these to a limited extent. However, we make sure that no additional optional statistics are made available to us.
Please be aware that it cannot be ruled out that the provider of the social media platform may use your profile and behavioral data, for example to evaluate your habits, personal relationships, preferences, etc. Schwarz Digits Cloud GmbH & Co. KG has no influence on the processing or disclosure of your data by the provider of the social media platform.
We compile the content you share publicly and voluntarily on social media platforms (e.g. X, Facebook) using certain hashtags with reference to our company on so-called social walls. These social walls are published on our website and on our social media channels, for example for the external presentation of our company, for the implementation of marketing campaigns or competitions and for customer loyalty purposes.
Depending on the type of content, the following data is processed:
The legal basis for this data processing is Art. 6 para. 1 sentence 1 f) GDPR. Our legitimate interest arises from the above-mentioned purposes.
The data used for the social wall is processed for as long as the social wall is displayed. If you delete your post displayed on the social media platform, it will no longer be displayed on the social wall.
If you agree to receive our newsletter, we will process your data:
for sending information about products, offers, promotions, services, announcements and invitations to competitions, surveys, training courses, events and webinars relating to STACKIT services and, if applicable, information about goods and services from affiliated partner and associated companies. These are currently in particular
We also use tracking mechanisms (cookies or pixel tags) to record your usage behavior in the newsletters (in particular opening, clicking on links and other activities) and create personalized usage profiles on this basis and by assigning them to your person and/or e-mail address in order to tailor the information to your interests and to improve the offers.
The legal basis for this data processing is your consent in accordance with Art. 6 para. 1 sentence 1 a) GDPR (for data processing) and Section 25 para. 1 TDDDG (for the use of cookies, etc.). You can revoke your consent to receive the newsletter and the recording of newsletter activities at any time with effect for the future, e.g. by unsubscribing from the newsletter on our website. You will find the link to the unsubscribe page at the end of each newsletter. When you unsubscribe, we consider your consent to the sending of the newsletter and the recording of your usage behavior and the receipt of newsletters based on this to be revoked. Your usage data will be deleted by us. This does not affect the legality of the data processing carried out up to receipt of your revocation.
To ensure that no errors have been made when entering the e-mail address, we use the so-called double opt-in procedure: After you have entered your e-mail address in the registration field, we will send you a confirmation link. Only when you click on this link will your e-mail address be added to our mailing list.
We also process the following data to document your consent and to defend our rights:
IP address of the end device used for registration,
date and time of registration and email verification,
registration and unsubscription source and
newsletter history.
The legal basis for this data processing is Art. 6 para. 1 sentence 1 f) GDPR. Our legitimate interest arises from the above-mentioned purposes.
Under certain circumstances, it may be necessary for us to transfer your personal data to other recipients.
For our newsletter, we use IT service providers who process personal data on our behalf.
If the confirmation link is not confirmed within 24 hours, your data will be deleted completely.
As soon as you unsubscribe from the newsletter, we will delete your e-mail address, your name (if provided), your company (if provided), profession (if provided), your interest and your usage data.
To prove your consent, the required data will be stored for three years, starting at the end of the calendar year in which you unsubscribe from the newsletter.
If you would like to participate in a live webinar or view it as a call-up afterwards, you will be asked to provide your name, your business e-mail address (mandatory) and your company, business telephone number and job title (optional) in order to register.
If you use the interactive functions as part of your participation, the content of your chat or other contributions (e.g. questions, answers to surveys) may also be processed. Please note that the webinar will be recorded and therefore the content of your interactions will also become part of the recording. In this context, please do not provide any personal information about yourself or third parties in your contributions.
Further information can be found in the data protection information of the respective webinar itself.
We collect the above-mentioned identity and contact data in order to be able to include them in our customer database and to be able to provide you with information about our products and, if necessary, training documents for the webinar by e-mail and telephone afterwards on the basis of your voluntary consent in accordance with Art. 6 para. 1 sentence 1 a) GDPR and § 7 a para. 1 UWG. In addition, the other data is required to make the webinar, including the interactive functions, technically available. This data is processed on the basis of legitimate interests in accordance with Art. 6 para. 1 sentence 1 f) GDPR to enable the webinar to be held to the extent necessary. With regard to contacting us by email, please refer to the information on sending newsletters.
Your consent is voluntary and can be revoked at any time. In this case, your contact details will be deleted immediately. The legality of the processing that has already taken place up to receipt of the revocation is not affected by the revocation.
Under certain circumstances, it may be necessary for us to transfer your personal data to other recipients.
In this context, the service provider Cisco International Limited, 9-11 New Square Park, Bedfont Lakes, Feltham, England TW14 8HA, United Kingdom, is used to provide the webinar tool Webex. We use the service provider Microsoft Ireland Operations Ltd South County Business Park, One Microsoft Court, Carmanhall an Leopardstown, Dublin, D18 P521, Ireland to provide the webinar tool MS Teams Webinar/ MS Teams Live and to operate our customer database.
We delete personal data as soon as it is no longer required for the above-mentioned purposes.
Recordings of the webinar are stored for five years.
Your contact details will be stored in our customer database until you withdraw your consent. Your consent itself will also be retained for verification purposes for a further three years after deletion or for five years after the last telephone contact as part of the statutory documentation obligations.
If you would like to download one of our whitepapers, you will be asked to provide your name, your business e-mail address (mandatory) and your company and business telephone number (optional).
We collect the above-mentioned identity and contact data in order to include them in our customer database and to be able to subsequently provide you with information about our products by e-mail and telephone on the basis of your voluntary consent in accordance with Art. 6 para. 1 sentence 1 a) GDPR and Section 7 a para. 1 UWG. With regard to contacting us by email, please refer to the information on sending newsletters.
Your consent is voluntary and can be revoked at any time. In this case, your contact details will be deleted immediately. The legality of the processing that has already taken place up to receipt of the revocation is not affected by the revocation.
We delete personal data as soon as it is no longer required for the above-mentioned purposes.
Your contact data will be stored in our customer database until you withdraw your consent. Your consent itself will also be retained for verification purposes for a further three years after deletion or for five years after the last telephone contact as part of the statutory documentation obligations.
Under certain circumstances, it may be necessary for us to transfer your personal data to other recipients.
The processed data is accessible to IT service providers, in particular Google Ireland, Limited Gordon House, Barrow Street Dublin 4, Ireland, as this service provider is the provider of YouTube.
Your processed data will be deleted after the end of use.
If we receive inquiries from public authorities about our customers or business partners, we process these inquiries on the basis of Art. 6 para. 1 sentence 1 f) GDPR for the purpose of examining, documenting and responding to the request in our legitimate interest or in the legitimate interest of a third party, including the public, in effective law enforcement and the assertion, defense or defense of legal claims. As a result, personal data of our customers or business partners may be transferred to the respective public authority. If there is a legal obligation for us to respond to inquiries from authorities, the legal basis for the transfer of personal data is Art. 6 para. 1 sentence 1 c) GDPR in conjunction with a relevant special law.
The public authority may provide us with information on the content of the request and other data that we need to identify the data subject. Otherwise, we use the data already known to us to process the request, insofar as this is absolutely necessary to process the request. The content of the request and the data processed depend on the specific individual case. This may include, for example, names, contact details, information on the payment method and information on possible criminal offenses or administrative offenses.
If necessary to process the request and covered by the above-mentioned legal basis, we transmit personal data to public authorities (e.g. police authorities, public prosecutors or courts) and external parties who support us in processing the request (e.g. law firms, legal advice service providers, credit agencies, detectives). Furthermore, the request, including the relevant data, may be forwarded within our group of companies to the departments responsible for processing.
In exceptional cases, data is processed on our behalf by processors in the area of customer service.
We store the inquiries and the associated communication until the expiry of the applicable statutory periods.
When cookies and similar technologies are used to process usage data (in particular local storage), files are stored locally on your end device when you visit our website. They are used to store information in connection with the device you are using. However, this does not mean that we obtain direct knowledge of your identity.
The use of cookies and similar technologies to process usage data serves the following purposes, depending on the category of cookie or similar technology:
Technically necessary: These are cookies and other technologies without which you cannot use our services (websites/apps) (for example, to display our services correctly, including the language, font and font color, to provide the functions you have requested, to take into account your settings, such as your selection regarding cookies and other technologies, to save your login in the login area, to fill the shopping cart when shopping online, etc.).
The use of technically necessary cookies and similar technologies in the "Technically necessary" category is based on Section 25 (2) No. 2 TDDDG. Subsequent data processing is carried out on the basis of legitimate interests in accordance with Art. 6 para. 1 sentence 1 f) GDPR.
Depending on the purpose, the following types of personal data in particular are processed and the following cookies and similar technologies are used
User input to retain input across multiple subpages (e.g. selection of your preferred store in our store finder);
authentication data to identify a user after login in order to gain access to authorized content on subsequent visits (e.g. access to the customer account);
security-related events (e.g. detection of frequently failed login attempts);
data to play multimedia content (e.g. playback of (product) videos selected by the user).
An overview of information on the cookies and similar technologies used, the storage periods and any integrated third-party providers in this category can be found in our cookie policy.
Convenience: With the help of these technologies, we can take into account your actual or presumed preferences for the convenient use of our services. For example, we may be able to save goods placed in your shopping cart if you leave the online store before completing your order. We may also avoid showing you products that are not available in your region.
The use of cookies and similar technologies in the convenience category is based on Section 25 (1) TDDDG. Subsequent data processing takes place on the basis of your consent in accordance with Art. 6 para. 1 sentence 1 a) GDPR.
Depending on the purpose, the following types of personal data in particular are processed and the following cookies and similar technologies are used:
User interface customization settings that are not linked to a persistent identifier (e.g. the specific display of search queries or the maps in the store finder).
You can find an information overview of the cookies and other technologies used, the storage periods and any integrated third-party providers in this category in our cookie policy.
Statistics: These technologies enable us to compile pseudonymous and possibly cross-device statistics on the use of our services for the purpose of tailoring them to your needs. This provides us with information on how or how often our services are used. This enables us to adapt our services even better to the habits of users.
The use of cookies and similar technologies in the statistics category is based on Section 25 (1) TDDDG. Subsequent data processing takes place on the basis of your consent in accordance with Art. 6 para. 1 sentence 1 a) GDPR.
Depending on the purpose, the following types of personal data in particular are processed and the following cookies and similar technologies are used
Pseudonymized user profiles with information about the use of our websites. These include in particular:
The IP address is regularly anonymized so that it cannot be traced back to you personally.
We only combine the user ID with other data from you (e.g. name, email address, etc.) with your separate express consent. The user ID itself does not allow us to identify you personally.
You can find an overview of the cookies and similar technologies used, the storage periods and any integrated third-party providers in this category in our cookie policy.
Marketing: This enables us and other responsible parties to show you and other users suitable advertising content on our services and third-party services (websites/ apps/ social media) based on the analysis of pseudonymous user behavior and to measure the success of the marketing measures. Your usage behavior can also be tracked across different websites, browsers or end devices using a user ID (unique identifier).
In addition, we analyse the use of our services (e.g. advertising banners viewed or clicked on) in order to optimize our advertisements and offers and provide our advertising partners with pseudonymous data for billing purposes and to optimize marketing campaigns. Our advertising partners cannot trace this information back to you personally.
The use of cookies and similar technologies in the marketing category is based on Section 25 (1) TDDDG. Subsequent data processing takes place on the basis of your consent in accordance with Art. 6 para. 1 sentence 1 a) GDPR.
Depending on the purpose, the following types of personal data in particular are processed and the following cookies and similar technologies are used
Pseudonymized usage profiles with information about the use of our websites. These include in particular:
The IP addresses are regularly anonymized so that they cannot be used to identify you personally.
We only combine the user ID with other data about you (e.g. name, email address, etc.) with your separate express consent. The user ID itself does not allow us to draw any conclusions about your person.
You can find an information overview of the cookies and other technologies used, the storage periods and any integrated third-party providers in this category in our cookie policy.
Integration of YouTube videos: The technology enables us to integrate and play content stored on http://www.YouTube.com on our website.
The use of cookies and similar technologies in this category is based on Section 25 (1) TDDDG. Subsequent data processing takes place on the basis of your consent in accordance with Art. 6 para. 1 sentence 1 a) GDPR.
Depending on the purpose, the following types of personal data in particular are processed
The processed data is accessible to IT service providers, in particular Google Ireland, Limited Gordon House, Barrow Street Dublin 4, Ireland, as this service provider is the provider of YouTube.
When YouTube videos are activated, Google sets cookies that may not be necessary for the provision of the videos. We have no influence on the processing and use of data by Google. Further information on data processing by Google can be found here: https://business.safety.google/privacy/.
You can find an information overview of the cookies and similar technologies used, the storage periods and any integrated third-party providers in this category in our cookie policy.
You can revoke/adjust your consent at any time with effect for the future without affecting the legality of the processing carried out on the basis of the consent until revocation. Simply click here and make your selection. By unchecking the relevant boxes, you can easily and simply withdraw your consent for the respective processing purposes.
Under certain circumstances, it may be necessary for us to transfer your personal data to other recipients.
In exceptional cases, your personal data may be accessible to IT service providers and online marketing service providers in accordance with the respective cookie category.
The storage period for cookies can be found in our cookie policy.
If "persistent" is specified in the "Expiry" column, the cookie is stored permanently until the corresponding consent is revoked.
If "Session" is specified in the "Expiry" column, the cookie is stored for the duration of your visit to the website. As soon as you end the respective session or close your browser, the locally stored cookies are deleted.
We use a consent management tool on our website to manage your consent to the use of cookies and similar technologies.
Insofar as we use technically necessary cookies and similar technologies as part of the integration of the tool, this is done in accordance with Section 25 (2) No. 2 TDDDG. Subsequent data processing is carried out on the basis of Art. 6 para. 1 sentence 1 f) GDPR for the purpose and in our legitimate interest of using cookies and similar technologies on our website in compliance with data protection regulations and to enable you to easily revoke your declaration of consent.
If you give your consent via our consent banner, we process the following data:
This enables our website to check your consent status for all subsequent and future page views and to activate or deactivate cookies and similar technologies in accordance with your decision to use them when you return to the site.
The check is carried out by comparing the consent ID and the consent status from the "CookieConsent" cookie with the values transmitted when you gave your consent in order to ensure that the status of your original consent has not changed.
Your consent ID and your consent status are stored both in the browser of your end device in the "CookieConsent" cookie and on the OneTrust servers for a period of one year.
We use the web analysis service Google Analytics to evaluate user access to our website. The legal basis for this data processing is your consent pursuant to Art. 6 para. 1 sentence 1 a) GDPR (for data processing) and Section 25 para. 1 TDDDG (for the use of technologies similar to cookies).
Data collected during your use of our website is used by us for user guidance, for statistical evaluations and to adapt our website to your needs. This is the following data:
Google Analytics 4 works largely without the setting of classic cookies, but on the basis of the evaluation of your behavior on our website. The processed IP address is automatically shortened so that direct identification is not possible.
Further information on data processing when using Google Analytics can be found here: https://business.safety.google/privacy/
Under certain circumstances, it may be necessary for us to transfer your personal data to other recipients.
The use of Google Analytics takes place by transmitting your data specified above to Google Ireland, Limited Gordon House, Barrow Street Dublin 4, Ireland.
The user data collected via Google Analytics is generally deleted after 14 months.
We use Google Tag Manager on our website. This service allows us to manage and integrate various tools and scripts (known as "tags") on our website via a central user interface.
Google Tag Manager itself is a secondary solution that merely loads other services. Generally, it does not collect personal data and does not use cookies beyond what is technically necessary for the operation of the manager. However, it triggers other tags (e.g., analytical services), which may collect data themselves.
The legal basis for the use of Google Tag Manager and the services controlled through it is your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR (for data processing) and Section 25 para. 1 TDDDG (for the storage of information on your terminal device, e.g., cookies).
The scripts loaded via Google Tag Manager collect data during your use of our website for user guidance, statistical analysis, and the demand-oriented design of our website. This specifically includes:
Name and URL of the retrieved file,
Date and time of access,
Amount of data transferred and the access status (e.g., "file transferred"),
Information regarding the browser used,
Anonymized IP address (shortened by the last digits), so that direct identification is excluded.
The services integrated via the Tag Manager use cookies to manage your connection during the session or to create an anonymized user profile. This allows your browser to be recognized when you visit again, enabling us to continuously optimize our content. Direct personal reference is excluded, as IP addresses are largely anonymized, allowing only for a vague determination of location.
You can withdraw your consent at any time with effect for the future via our cookie policy.
Alternatively, you can prevent collection by Google Tag Manager altogether by setting a "Do Not Track" cookie in your browser or by disabling JavaScript in your browser settings. Please note that this may affect the functionality of the website.
Further information on data privacy at Google can be found here: https://policies.google.com/privacy
Under certain circumstances, it may be necessary for us to transfer your personal data to other recipients.
The use of Google Tag Manager and the services integrated via it involves the transfer of your aforementioned data to Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
For the use of Google Tag Manager, a persistent (permanent) cookie is set on your end device and stored until you withdraw your consent.
The storage period for cookies can be found in our cookie policy.
We use the Google Advertising service of the provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (Google) and the Microsoft Advertising and Microsoft Clarity services of the provider Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland (Microsoft) for our own advertising on our website. Google and Microsoft also process your data as part of the Google and Microsoft Advertising services on their own responsibility.
Google Advertising and Microsoft Advertising can be used to display targeted advertisements via the Google and Microsoft networks (e.g. in search engines and email programs), to optimize them and to track the activities of users on our website if they have reached our website via advertisements. Microsoft Clarity can be used to track and visualize user interactions with our website.
We also use Google and Microsoft Advertising services to collect information that allows us to track target groups using remarketing lists. Google Advertising and Microsoft Advertising can be used to recognize that our website has been visited and to display an advertisement when Google or Microsoft networks are subsequently used. The information is also used to create conversion statistics, i.e. to record how many users have reached our website after clicking on an advertisement. This tells us the total number of users who clicked on our ad and were redirected to our website. However, we do not receive any information with which users can be personally identified.
You can deactivate personalized advertising with Google and Microsoft or set it individually. Details on this can be found on the respective support pages of our partners:
You can also find setting options for personalized advertising at https://youradchoices.com/ and https://optout.networkadvertising.org/?c=1.
Irrespective of the data processing described above, we process personal data of customers in connection with the associated contractual relationship and/or pre-contractual measures.
We generally collect your data ourselves. However, it may also be necessary to process personal data that we receive from other companies, authorities or other third parties, for example credit agencies, tax offices or similar. This may also include personal data that we receive via our established whistleblower channels regarding possible compliance violations or as part of compliance investigations.
Relevant personal data may include: personal details (e.g. first/last name, address and other contact details, date and place of birth and nationality), legitimation and authentication data (e.g. extracts from the commercial register, ID card data, specimen signature), data relating to our business relationship (e.g. payment data, data on orders), creditworthiness data, data on company structures and ownership structures, photographs and video recordings and other data comparable to the categories mentioned.
You always have the choice of communicating with us by e-mail or by post. For technical reasons, communication by e-mail may be unencrypted.
The purposes of data processing arise from the implementation of pre-contractual measures that precede a contractually regulated business relationship and in the fulfillment of obligations arising from the contract concluded.
The purposes of data processing arise in individual cases from legal requirements. These legal obligations include, for example, the fulfillment of retention and identification obligations, e.g. in the context of requirements for the prevention of money laundering, tax control and reporting obligations and data processing in the context of inquiries from authorities.
It may be necessary to process your personal data beyond the actual fulfillment of the contract. The legitimate interests here are in particular the selection of suitable customers, research on potential customers, e.g. to ensure compliance requirements, etc, assertion of legal claims, defence against liability claims, avoidance of legal risks and economic disadvantages (also for third parties), protection of our IT infrastructure, management of access authorizations to our systems, access controls, other internal administrative purposes (e.g. process and workflow optimization, ensuring data quality), in the event of your prior willingness to participate, sending the invitation email to provide feedback via your contact persons in the Schwarz Group companies, conducting and facilitating communication (e.g. web meeting, telephone, etc.) and contacting you via our group-wide user directory, clarifying possible compliance violations, preventing criminal offenses and settling damages resulting from the business relationship.
When a contract is concluded, we occasionally collect data about your creditworthiness via credit agencies to fulfill the above-mentioned legitimate interests. We use the credit rating data from the credit agencies to check your creditworthiness. The credit agencies store data that they receive from banks or companies, for example. This data includes, in particular, surname, first name, date of birth, address and information on payment history. You can obtain information about the data stored about you directly from the credit agencies.
If you participate in the conclusion of a contract offered by us by means of a digital signature (e.g. Adobe Sign), we process your data, in particular your e-mail address, IP address and the times at which you have processed the respective contract document, e.g. approved, displayed or digitally signed, in each case with the time and date. Our legitimate interest lies in the efficient and fast digital processing of contract signatures and the corresponding logging of the signature process for verification purposes. It is also possible to sign certain contracts with a so-called qualified electronic signature. In this case, we also process the certificate data of your signature in addition to the aforementioned data. Our legitimate interest here is to check whether you have a valid qualified electronic signature, which can be used to replace a possible legal requirement for the written form. A prerequisite for the use of a qualified electronic signature is registration with a trust service provider (e.g. D-Trust/ Bundesdruckerei), which you must carry out independently. However, the respective provider processes the data you provide during registration under its own responsibility and not on our behalf.
In order to check for marketing purposes whether products from other Schwarz Group companies are also of interest to you, they may be given access to your contact data.
In addition, we occasionally process personal data to document important historical milestones and events in the development of the Schwarz Group companies in order to create a company chronicle.
Within our company, access to the data provided by you is granted to those areas that require it to fulfill contractual or legal obligations or to fulfill legitimate interests. Processors or service providers may also have access to your personal data within the scope of contractual relationships, to fulfill legal obligations and to protect legitimate interests. Compliance with data protection regulations is ensured by contract.
The data may also be transferred to Schwarz Group companies for the fulfillment of contractual obligations or legitimate interests (e.g. marketing purposes).
If a contract is concluded using a digital signature, your data will also be accessible to all persons involved in approving and signing the contract, as they will receive a log after the contract has been signed showing all processing steps, including e-mail address, IP address, date and time. Furthermore, your data may be accessible to the respective service providers that we use for the corresponding digital signature process. In the case of Adobe Sign, this is Adobe Systems Software Ireland Limited, 4-6 Riverwalk, City West, Business Campus, Saggart D24, Dublin, Ireland. If a qualified electronic signature is used when concluding digital contracts, your data is also accessible to D-Trust GmbH, Kommandantenstraße 18, 10969 Berlin, Germany, as they check the validity of the signature.
If it is necessary for us to name existing customers and partners as references for the corresponding services in the context of tendering procedures, contract initiation, etc., we process your personal data (e.g. name, contact details, company and position) in order to be able to name you as a reference. In addition, we may process your data in order to name you as a reference on our website, our social media pages, in presentation materials (print and digital) and/or in press materials for the purpose of promoting our services and the Workspace by STACKIT brand.
The prerequisite for this is that a corresponding reference agreement exists with your employer or you, or that you have submitted a declaration of consent for the naming of references. The data actually processed and the publication media depend in this respect on the reference agreement or declaration of consent.
The legal basis in the case of a reference agreement is Art. 6 para. 1 sentence 1 f) GDPR. The legitimate interest arises from the stated purposes. If you yourself are a party to the reference agreement, the legal basis is Art. 6 para. 1 sentence 1 b) GDPR.
In the case of a declaration of consent, Art. 6 para. 1 sentence 1 a) GDPR is the legal basis.
We also process your data associated with the possible submission of a declaration of consent to document your consent and to defend our rights. The legal basis for this data processing is Art. 6 para. 1 sentence 1 f) GDPR. The legitimate interest arises from the purposes mentioned.
In the case of tendering procedures, contract initiation, etc., your personal data will be accessible to the respective tendering body or potential contractual partners. When references are mentioned on our website, our social media pages, in presentation materials and/or in press materials, your data will be accessible to visitors to the respective pages or the recipients of the materials.
We process your personal data for as long as the existing contractual relationship with your employer or you that is relevant for the customer or business relationship and reference exists. At the longest, however, for the duration of the reference agreement or the existence of your declaration of consent.
Irrespective of this, the data associated with the proof of your possible declaration of consent will be stored for three years, starting at the end of the calendar year in which you revoke your consent or your other data is deleted.
Depending on how you obtain Workspace by STACKIT Services or which business model we use, we may not collect your personal data from you ourselves, but may receive this data from third parties.
Third parties may, for example, be intermediaries who establish contact between us and you as a potential end customer. In this case, the intermediary provides us with your contact details (e.g. surname, first name, company, email address, address and your function/position within your company). We process this data on the basis of Art. 6 para. 1 sentence 1 f) GDPR in order to select potential end customers and contact them, as well as to initiate possible contracts. The legitimate interest arises from the aforementioned purposes.
If Workspace by STACKIT Services are sold by partner companies of Schwarz Digits Cloud GmbH & Co. KG, e.g. as part of reselling or as the basis for our own services, it may be necessary for these partners to provide us with information about a potential end customer in advance in order to take advantage of individual contractual conditions. This usually involves information about the company of the potential end customer, which may constitute personal data under certain circumstances. We process this data on the basis of Art. 6 para. 1 sentence 1 f) GDPR in order to check whether the partner is entitled to make use of individual contractual conditions. The legitimate interest arises from the stated purpose.
Unless otherwise stated above, you are neither contractually nor legally obliged to provide us with personal data.
However, some of the data is processed for technical reasons as soon as you use our website and the associated services. If you no longer wish to provide us with the data, you can only do so by no longer using our website or the corresponding services.
Insofar as personal data is required for the processing of an inquiry from you, a possible conclusion of a contract or other services on our part, we may also not be able to process your inquiry, conclude a contract with you or provide other services if you do not provide this data.
If the data processing is based on consent in accordance with Art. 6 para. 1 sentence 1 a) or Art. 9 para. 2 a) GDPR, you can revoke your consent at any time with effect for the future without affecting the legality of the previous processing.
In accordance with Art. 15 (1) GDPR, you have the right to receive information about the personal data stored about you free of charge upon request.
In addition, if the legal requirements are met, you have the right to rectification (Art. 16 GDPR), erasure (Art. 17 GDPR) and restriction of processing (Art. 18 GDPR) of your personal data.
If you have provided the processed data yourself, you have the right to data portability in accordance with Art. 20 GDPR.
If the data processing is carried out on the basis of Art. 6 para. 1 sentence 1 e) or f) GDPR, you have the right to object in accordance with Art. 21 GDPR. If you object to data processing, this will only be continued if we can demonstrate compelling legitimate grounds for further processing that outweigh your interest in objecting.
To exercise your rights as a data subject, if you have any questions or complaints, please contact the data protection officer in writing or by email. You also have the right to lodge a complaint with a data protection supervisory authority. The data protection supervisory authority of the federal state in which you live or in which the controller has its registered office is responsible.
If you have any further questions regarding the processing of your data or the exercise of your rights, you can contact the responsible data protection officer at the controller:
Schwarz Digits Cloud GmbH & Co. KG
- Data Protection Officer -
Stiftsbergstraße 1
74172 Neckarsulm
E-mail: datenschutz@digits.schwarz