Simona America

As the operator of these pages, we take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with data privacy information.

When you use this website, various personal data are collected. Personal data is any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier. This privacy notice explains which information we collect and how we use it. It also explains how and for which purpose this is done.

Personal data is only collected, used and, if necessary, passed on by the provider if this is expressly permitted by law or if the user consents to the collection, processing, use and passing on of the data.

We would like to point out that data transmission on the Internet (e.g. communication by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.

1 General information

 

1.1 Provider and responsible entity within the meaning of the Data Privacy Act

SIMONA AG
Teichweg 16
D-55606 Kirn

Please direct general enquiries relating to data privacy, such as the enforcement of data subject rights, to the following e-mail address, from which your enquiry will be redirected to the Data Privacy Officer and our Data Privacy Team:

datenschutz@simona-group.com 

Confidential data privacy enquiries can be directed to our data privacy officer by telephone, post or e-mail (see below). His name and contact details are:

Ronald Baranowski
SIX DATENSCHUTZ GmbH 
Kasseler Str. 30
D - 61118 Bad Vilbel
Tel: +49 6101 982 9422
rb@six-datenschutz.de (for confidential enquiries)

1.2 Scope of application

This data privacy information applies to the following offers:

All of these offers are collectively also referred to as "services".

1.3 Integration of third-party services and content

Our offer sometimes includes content and services of other providers. In order for this data to be called up and displayed in the user's browser, the transmission of the IP address is mandatory. The providers (hereinafter referred to as "third party providers") therefore perceive the IP address of the respective user.

Even though we endeavour to use only third-party providers who only need the IP address to be able to deliver content, we have no influence on whether the IP address may be stored. In this case, this process serves statistical purposes, among other things. If we are aware that the IP address is stored, we inform our users of this fact.

1.4 Transfer of personal data to third countries

If we transfer data to third countries, i.e. countries outside the European Union, then the transfer takes place exclusively in compliance with the legally regulated permissibility requirements.

If the transfer of data to a third country is not for the purpose of fulfilling our contract with you, we do not have your consent, the transfer is not necessary for the assertion, exercise or defence of legal claims and no other exemption under Article 49 of the GDPR applies, we will only transfer your data to a third country if an adequacy decision under Article 45 of the GDPR or appropriate safeguards under Article 46 of the GDPR are in place.

An adequate level of data privacy in the USA has been declared most recently by the adequacy decision "Data Privacy Framework (DPF)" adopted in July 2023 which you can find here: commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en. U.S. companies must certify to be listed within the DPF. We have agreed so-called EU standard data protection clauses with the providers in third countries, as well as partially data processing on European and German servers. Timely data deletion reduces the risk of third-party access.

Alternatively or in addition, by entering into the EU standard data protection clauses adopted by the European Commission with the receiving entity, they create appropriate safeguards in accordance with Article 46(2)(c) of the GDPR and an adequate level of data protection. Copies of the EU standard data protection clauses are available on the website of the European Commission, available here:
https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de

1.5 Disclosure of data to third parties

Your data will not be passed on to unauthorized third parties. Where external service providers receive your personal data we have ensured that they implement appropriate technical and organizational measures and that they comply with the applicable data protection regulations and laws.

1.6 Data minimisation

In accordance with the principles of data avoidance and data minimization, we only store personal data for as long as is necessary or prescribed by law (statutory storage period). If the purpose of the information collected no longer applies or the storage period ends, we block or delete the data.

2 The processing operations in detail

In the following we inform you for what purpose, in what way and to what extent,
your personal data may be processed when you visit our website.

2.1 Cookies

This website uses so-called cookies. These are text files that are stored on your computer from the server. They may contain information about the browser, the IP address, the operating system and the internet connection. We do not pass this data on to third parties or link it to personal data without your consent.

Cookies fulfil two main tasks. They help us to make it easier for you to navigate through our website and enable the website to be displayed correctly. They are not used to introduce viruses or to launch programs.

Users have the option of accessing our website without cookies. To do this, the corresponding settings must be changed in the browser. Please use the help function of your browser to find out how to deactivate cookies. However, we would like to point out that this may impair some of the functions of this website and reduce user comfort.

The site www.aboutads.info/choices/ (USA) and www.youronlinechoices.com/uk/your-ad-choices/ (Europe) allow you to manage online ad cookies.

 

2.2 Collection of personal data when visiting our website

In the case of merely informative use of the website, i.e. if you do not register or otherwise transmit information to us, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security (legal basis for this is Art. 6 para. 1 p. 1 lit. f) GDPR), legitimate interest:

If JavaScript is enabled, also:

2.3 Use of essential cookies

Essential cookies do not require your consent and are processed by us in accordance with Art. 6 para. 1 lit. f) GDPR. Our legitimate interest here is the smooth and optimal use and presentation of our website.

 

 

 

2.4 Cookie-Consent

On our website we use the cookie consent tool "Banny" of Kemweb GmbH, Mainz. The purpose of this processing is to request your consent for the non-technical cookies used on our website and to document it in accordance with applicable data protection regulations and laws.

When you visit our website, a cookie is stored in your browser to document the consents you have given or the revocation of these consents.

The legal basis for this data processing is Art. 6 para. 1 lit. c) GDPR - legal obligation, which is that consent must be obtained for non-technically necessary cookies before they are used in accordance with the ECJ ruling of 1 October 2019, AZ C-673/17.

The collected data will be stored until you request us to delete it or until you delete the cookie yourself or until the purpose for storing the data no longer applies. Mandatory statutory retention periods remain unaffected.

2.5 Registration on our website

If you register on our website in order to make use of personalized services, personal data will be collected. This includes the name, address, telephone number and e-mail address as contact and communication data.

Registration enables access to services and content that are only available to registered users. If necessary, registered users have the option of changing or deleting the data provided during registration at any time, taking into account the legal retention periods. Upon request, we will of course inform you which personal data has been collected and stored. The legal basis here is your consent within the scope of registration (Art. 6 para. 1 lit. a) GDPR).

In addition, we will correct or delete the data upon request, provided that there are no legal obligations to retain the data. For queries and your request for correction or deletion of the data, please use the contact details stated in this data privacy information.

2.6 Newsletter

If you register for our newsletter, we will use the data you enter exclusively for this purpose or to inform you about circumstances relevant to this service or registration. The registration is carried out via this link: news.simona-info.com/simona-newsletter-registration. We do not pass this data on to unauthorized third parties. We use Hubspot Inc., Cambridge, USA (complete address with contact data see paragraph „Hubspot“) as our newsletter service provider.

A valid e-mail address is required to receive the newsletter. The IP address used to register for the newsletter and the date on which you ordered the newsletter are also stored. This data serves us as proof in the event of misuse if a third-party email address is registered for the newsletter. We also ensure that an e-mail address is not improperly entered into our distribution list by third parties, we work in accordance with the law with the so-called "double opt-in" procedure. Within the scope of this procedure, the ordering of the newsletter, the sending of the confirmation email and the receipt of the registration confirmation are logged. The legal basis is your consent in accordance with Art. 6 para. 1 lit. a) GDPR.

You have the option at any time to revoke your consent to the storage of data, e-mail address and their use for the newsletter dispatch. We will provide you with a link for revocation in each newsletter and on the website. You also have the option of informing us of your wish to revoke via the contact options mentioned in this document.

2.7 Contact

On our website, we offer you the opportunity to contact us via the online form or by e-mail. In this case, the information you provide will be stored for the purpose of processing the contact. The disclosure of your data is completely voluntary. The processing of the data transmitted by you takes place exclusively on the basis of your consent (Art. 6 para. 1 lit. a) GDPR) or if you wish to conclude a contract with us or have questions about this (Art. 6 para. 1 lit. b) GDPR). You can withdraw your consent at any time. An informal email to us is sufficient. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.

Your data will not be passed on to unauthorised third parties. The data collected in this way will also not be compared with data that may be collected by other components of our website. The services offered can - as far as technically possible and reasonable - also be used without providing this data or by providing anonymised data or a pseudonym.

Your data will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your enquiry has been processed). Mandatory statutory provisions - in particular retention periods - remain unaffected.

2.8 Information on the processing of personal data in SAP C4C in accordance with Art. 13 and Art. 14 GDPR for interested parties, customers and business partners

We hereby inform you about the processing of your personal data with the SAP software we use, in particular C4C CRM. We strictly adhere to the applicable data protection laws and regulations - the German Federal Data Privacy Act (BDSG new) and the General Data Privacy Regulation (GDPR).

What data do we process from you and where does it come from?

As part of the business initiation process and during our business relationship, we process personal data that you provide to us before or during the business relationship. You can provide us with the data listed below using the "Supplier self-disclosure" form, for example. The legal basis for this is Art. 6 para. 1 lit. b) GDPR.

As a rule, this involves the following data

Purposes of data processing

The data controllers process your personal data for marketing/sales purposes to establish contact and to initiate, establish or implement a business and/or contractual relationship and to respond to your enquiries (pre-contractual and/or contractual measures, contract fulfilment) and, if applicable, to send you our newsletter, provided you have consented to this or it is in our legitimate interest.

Those responsible will only process your personal data if there is a legal basis for doing so. In particular, the following legal bases come into consideration:

Recipients of your personal data

Recipients of your personal data are authorised employees of SIMONA in various divisions of the SIMONA Group (worldwide) who are entrusted with activities and processes in the context of customer and prospective customer relationships as well as financial authorities, auditors and, if applicable, other institutions or authorities (e.g. customs authorities). As a result, your personal data may be transferred to and processed in third countries in which SIMONA maintains sales and/or production facilities (USA, Asia, Europe) - primarily for internal purposes, unless otherwise agreed. Contractually bound service providers may also be used for order processing. In this case, your data is processed on servers located in Germany by SAP Deutschland SE & Co. KG, Walldorf (in the SAP cloud). An IT service provider for maintenance and support (currently Sybit GmbH, Radolfzell) may also gain access to your data. Your personal data will not be transferred to unauthorised third parties for purposes other than those listed above.

Data processing also outside the European Union

Among other things, the SAP C4C software application, a cloud-based CRM software with analysis, reporting and recording options as well as interfaces to other systems, is used. Software and data are physically located in Germany.

We also use software such as SnapADDY (Würzburg, Germany) and Microsoft 365 incl. "Teams" and Hubspot (both USA), or other software from providers in third countries for data processing for the aforementioned purposes. Your data may therefore also be transferred to the USA or other third countries. An adequate level of data protection in the USA was last declared by the "Data Privacy Framework (DPF)" adequacy decision adopted in July 2023. The above-mentioned US companies are among the companies listed and certified therein. We have agreed so-called EU standard data protection clauses with the providers in third countries and, in some cases, data processing on servers in Germany and the EU. Timely deletion of data reduces the risk of unauthorised access.

Storage period

Your personal data will only be stored for the above-mentioned purposes and will be deleted after expiry of legal (primarily commercial and tax law) retention periods. If the personal data is not affected by legal retention periods, it will be deleted if it is no longer required for the purposes described above or if you withdraw your consent to receive our newsletter. The retention periods are 6 years for business letters (e.g. offers, delivery notes) and 10 years (e.g. invoices) - counting from the year following the document date. Prospect data is deleted 24 months after the last contact, unless otherwise agreed.

2.9 SIMONA Academy

With the SIMONA Academy, we offer you specialised training courses on a wide range of knowledge areas. You can register via a web form. We require your personal data, your business contact and address details, as well as details of your position in your company in order to process and implement the training programme. Interested parties, customers and business partners are processed in accordance with section 2.8 of this data protection notice. We also use your data for the electronic dispatch of further training offers from the same or similar subject area that may be of interest to you. You can object to the use of your data for this purpose at any time. To do so, please use the contact details provided in section 1.1. Your personal data will not be transferred to unauthorised third parties for purposes other than those listed above. The legal basis for the processing is Art. 6 para. 1 lit. b) GDPR, for contract fulfilment or contract initiation.

Your personal data will only be stored for the above-mentioned purposes and will be deleted after expiry of legal (primarily commercial and tax law) retention periods. If the personal data is not affected by legal retention periods, it will be deleted when it is no longer required for the purposes described above. The retention periods are 6 years for business letters (e.g. offers, delivery notes) and 10 years (e.g. invoices) - counting from the year following the document date. Prospect data is deleted 24 months after the last contact, unless otherwise agreed.

Digital training

Digital training is provided using the ‘Microsoft Teams’ service. The provider is Microsoft Ireland Operations Ltd (One Microsoft Place, South County Business Park, Leopardstown, Dublin 18 D18, Ireland), hereinafter referred to as ‘Microsoft’. When using this service, it cannot be ruled out that personal data may be transferred to servers of the parent company Microsoft Corporation, based in the USA (1 Microsoft Way, Redmond, WA 98052, USA). Microsoft is certified in accordance with the Data Privacy Framework and also uses the EU standard contractual clauses to ensure a European data protection standard (see also section 1.4: Transfer of personal data to third countries).

When using the service, the following data is generally processed: User data, your IP address, meeting ID, log data, browser information, as well as your Microsoft access data, unless you are participating as a guest. Training sessions are not recorded. Chat histories are not saved. If we intend to record training sessions, you will be informed transparently in advance and asked for your express consent. The processing takes place exclusively for the provision of our training services, for the security of the IT systems against unauthorised access by third parties and to improve system stability. The legal basis for the processing is your consent in accordance with Art. 6 para. 1 lit. a) GDPR, through your voluntary registration for the training offer with the service provider, or Art. 6 para. 1 lit. b) GDPR, for the fulfilment of the contract. Please note that the digital training programme cannot be used without your consent. We have concluded a contractual basis with Microsoft in accordance with Art. 28 GDPR for the processing of personal data. Information on the use of your data by Microsoft can be found here. Data processed by Microsoft is stored for a ‘minimum required period’ in accordance with their data protection information for provision and then deleted.

When you register, we will also ask you for your consent to pass on your personal data with your contact details to the speaker for the purpose of establishing contact and sending you our own product information by e-mail. This is done for marketing/sales reasons, serves the exchange of experience with the speaker and can also serve the development of your products and the further processing of materials. The legal basis for this is your consent in accordance with Art. 6 para. 1 lit. a) GDPR. You can withdraw your consent at any time by contacting SIMONA using the contact details above or by contacting the speaker directly.

2.10 etracker

We use the services of etracker GmbH from Hamburg, Germany (www.etracker.com) to analyse usage data. etracker first receives the information transmitted by your browser. This is done in so-called "cookie-less" mode. No data is transmitted that enables the user to be identified. The purpose is to statistically analyse the use of this website by its visitors and to display usage-related content or advertising. This type of processing is carried out in our legitimate interest in accordance with Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the optimisation of our online offering and our website.

ertracker also provides additional functionalities for analysis purposes. For this purpose, a cookie is set for "anonymous recognition" to enable further analyses. As the privacy of our visitors is particularly important to us, etracker anonymises the IP address as early as possible and converts login or device identifiers into a unique key that is not assigned to a person. No other use, merging with other data or transfer to third parties is carried out by etracker. This further processing takes place with your consent in accordance with Art. 6 para. 1 lit. a) GDPR. You can revoke your consent at any time in the cookie settings.

The data generated with etracker is processed and stored by etracker on our behalf exclusively in Germany and is therefore subject to strict German and European data protection laws and standards. etracker has been independently audited and certified in this regard and has been awarded the ePrivacyseal data protection seal of approval.

Further information on data protection at etracker can be found here.

2.11 HubSpot

We use HubSpot for our online marketing activities and customer relationship management. HubSpot is a software company based in the USA with a branch in Ireland: HubSpot, Ground Floor, Two Dockland Central, Guild Street, Dublin 1, Ireland (hereinafter referred to as "HubSpot").  This is an integrated software-as-a-service solution ("SaaS solution") that we use to cover various aspects of our online marketing.

These include:

This information is stored on servers of the software supplier HubSpot Inc. It can be used by us to contact visitors to our website and to determine which of our company's services are of interest to them.

The data processing is carried out on the basis of our legitimate interest Art. 6 para. 1 lit. f) GDPR, our legitimate interest lies in the provision of our services or the analysis of your user behaviour (tracking, analyses) is the legal basis on your consent pursuant to Art. 6 para. 1 lit. a) GDPR. You can withdraw your consent at any time with effect for the future. The legality of the data processing operations that have already taken place remains unaffected by the revocation.

All information collected by us is subject to this data privacy notice. We use all collected information exclusively to optimize our marketing.

An adequate level of data protection in the US has been declared by the Data Privacy Framework (DPF) adequacy decision most recently adopted in July 2023. Hubspot is one of the companies listed and certified therein. We have also agreed so-called EU standard data protection clauses with the provider as well as partial data processing on servers in Germany and the EU.

Please also note the information on transfer to third countries.

2.12 Google Fonts

We use the fonts of the provider Google Web Fonts (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland) for the graphically standardised display of fonts.

We only use locally pre-installed fonts ourselves. This means that the fonts are initially loaded and installed by us and no personal data is required for the operation of these services and is also not transmitted to the providers.

The use of the above-mentioned services is in the interest of a uniform and appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of the legal basis of Art. 6 para. 1 lit. f) GDPR.

Further information on data processing by Google can be found at

https://developers.google.com/fonts/faq

https://www.google.com/policies/privacy

2.13 YouTube

This website contains plugins from YouTube of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, associated with Google Inc. based in San Bruno/California, USA.

When you start an embedded YouTube video on our website, a connection to the YouTube servers is established. This tells YouTube which website you have visited. If you have your own YouTube account and you are already logged in there, you enable YouTube to assign your surfing behaviour directly to your personal profile. You can prevent this association if you log out of your account beforehand.

If you wish, you can use the "YouTube button" or the share function. To do so, it is necessary to register with YouTube. The registration has the effect that the service of the provider is activated.
The processing is carried out in accordance with your consent (Art. 6 para. 1 lit. a DSGVO). If you have given your consent, you can revoke it at any time in the cookie settings.

Through the embedded use of YouTube, further services are reloaded, we cannot prevent this and we do not actively use these services ourselves.

These services are:

Google Marketing Platform / DoubleClick / Campaign Manager

The embedded use of YouTube loads the online marketing tool Campaign Manager from Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland. Campaign Manager uses cookies to serve ads that are relevant to users, to improve campaign performance reports or to prevent a user from seeing the same ads more than once. Google uses a cookie ID to record which ads are served in which browser and can thus prevent them from being shown more than once. In addition, Campaign Manager can use cookie IDs to record so-called conversions that are related to ad requests. This is the case, for example, when a user sees a Campaign Manager ad and later visits the advertiser's website with the same browser and makes a purchase. According to Google, Campaign Manager cookies do not contain any personal information.

If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, it is possible that the provider will find out and store your IP address.

The processing is carried out in accordance with your consent (Art. 6 para. 1 lit. a) DSGVO). If you have given your consent, you can revoke it at any time in the cookie settings.

You can prevent participation in Google tracking processes in various ways:

The data sent by us and linked to cookies are automatically deleted after 14 months. The deletion of data whose retention period has been reached takes place automatically once a month.

Further information on the Google Marketing Platform can be found at marketingplatform.google.com/intl/en_uk/about/  and on data protection at Google in general: policies.google.com/privacy . Alternatively, you can visit the website of the Network Advertising Initiative (NAI) at http://www.networkadvertising.org.

2.14 ARIVA

For the display of share price data and other financial information relating to our company, we use the "ARIVA" service (ARIVA.DE AG Neufeldtstraße 9, 24118 Kiel, hereinafter referred to as "ARIVA"). ARIVA is a bank-independent financial portal that provides share prices, stock market prices, news and other financial information. This service is integrated into our website. Technical data (such as IP address, browser type, date and time of the enquiry) may be processed. The processing is carried out in accordance with Art. 6 para. 1 lit. a) GDPR, with your consent.

Further information on data protection and the processing of your data by Ariva can be found here: https://www.ariva.de/datenschutz

2.15 EQS News

With the EQS News service, we have integrated financial news on current information on our website. This service is provided by

EQS Group AG Karlstraße 47, 80333 Munich, Germany (hereinafter referred to as "EQS News"). This service is integrated into our website. Technical data (such as IP address, browser type, date and time of the enquiry) may be processed. The processing is carried out in accordance with Art. 6 para. 1 lit. a) GDPR, with your consent.

Further information on data protection and the processing of your data by EQS News can be found here: www.eqs-news.com/de/cookie-policy/ and here:
https://www.eqs-news.com/de/data-protection/

2.16 Highcharts

We use the functionalities of the external provider Highcharts (Highsoft AS, Sentrumsgata 44, 6893, Vik I Sogn, Norway, hereinafter referred to as "Highcharts") to display maps and data visualisations.

When you call up one of our web pages on which such an HTML code from Highcharts is integrated, your browser connects to the Highcharts servers. The content of the HTML code is transmitted directly to your browser, which processes it on the page you have accessed.

The legal basis for this type of processing is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the optimisation of our website. Further information on data protection can be found here.

2.17 Functionalities of WordPress

This website uses functionalities and tools of the provider WordPress. The provider is Aut O'Mattic, A8C Ireland Ltd, Business Centre, No.1 Lower Mayor Street, International Financial Services Centre, Dublin 1, Ireland, hereinafter: WordPress).

When these tools are used, technical data (as described in section 2.2) may be processed. The storage period depends on the respective tool as described below. This processing takes place with your consent in accordance with Art. 6 para. 1 a) GDPR. You can revoke your consent at any time in the cookie settings.

Further information about WordPress can be found here:

wordpress.com/support/your-site-and-the-gdpr/
"WPML" is a cookie that is used to save the language settings on our website. The cookie is stored for 1 day.

2.18 Online application

We are pleased if you are interested in an open position in our company or would like to send us your application documents by way of a speculative application and provide you with the option of applying online. We collect and process the personal data of applicants for the purpose of processing the application procedure and for the decision on the establishment of an employment relationship. This takes place and is carried out on the basis of Art. 6 para. 1 lit. b) GDPR - pre-contractual measures as well as Art. 88 (1) GDPR in conjunction with Section 26 of the German Federal Data Privacy Act (BDSG).

Your online application will be processed by our HR department as quickly as possible. Your application documents will be forwarded to the relevant specialist department or the affiliated company in which the vacancy exists or for which your application could be of interest. We will use your application documents exclusively within the company and its affiliated companies for application purposes. The data will not be passed on to unauthorized third parties.

If we are unable to identify a suitable position for your profile internally, we will delete all data upon delivery of the rejection, provided that deletion does not conflict with any contractual, legal or other legitimate interests of the person responsible. Other legitimate interests in this sense include, for example, a burden of proof in the event of legal defense in proceedings under the General Equal Treatment Act (AGG).

Please understand that the review may take some time. However, if your profile is of interest in principle and there are merely no suitable positions available at the moment, we will contact you again to obtain your consent to the retention and storage of your application data. If you agree in principle, you should note this immediately in your covering letter.

If the data controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions.

Please read our note notifiable information in the case of direct collection.

3 Your rights to information, correction, blocking, deletion and objection

As a data subject, you have the following rights:

4 Changes to our data privacy information

In order to ensure that our data privacy information always complies with the current legal requirements, we reserve the right to make changes at any time. This also applies in the event that the data privacy information has to be adapted due to new or revised services, for example new services. The new data privacy information will then apply the next time you visit our website. This data privacy notice is valid as of July 2024.