SAHM GmbH + Co. KG
Phone: +49 26 24 1 88 0
Fax: +49 26 24 1 88 11
We are delighted that you are visiting our website. Your privacy and, by association, protection of your personal data are important to us. This is why our business operations comply with the applicable legal regulations relating to data protection and data security. We are very keen to ensure that you feel safe visiting our website. This is why both we and our data protection officer ensure compliance with the stipulations under data protection legislation.
We are aware of the significance of the data you entrust us with and would like to inform you of the following:
In simplified terms, “processing” under the terms of Art. 28 of the General Data Protection Regulation (GDPR) is understood to mean a service where personal data is collected, processed and/or used by a service provider (processor according to the GDPR) on the behalf of and under the instruction of the “controller”. Before an order such as this is placed with a service provider, we conclude a special contract with the service provider and implement other measures to protect your personal data.
“Cookies” are small text files which are stored on your terminal device (e.g. computer or smartphone) and save certain settings and data concerning exchange with our system through your browser. A cookie usually contains the name of the visited web page from which the cookie data was sent, information about how old the cookie is, and an alphanumerical ID. Cookies enable the systems to recognise the user’s device and make any default settings immediately available.
A third party is any natural or legal person or agency other than the data subject, the controller, the processor and the persons who, under the direct authority of the controller or processor, are authorised to process personal data, cf. Art. 4, Para. 10 of the GDPR. A person is not, therefore, considered a third party if, for example, personal data is disclosed to a service provider during the course of processing according to Art. 28 of the GDPR.
IP addresses are numerical sequences which can be assigned to individual IT devices or a group. In a similar way to postal addresses, the IP is used to be able to assign data to the correct recipient.
“Personal data” is understood to mean all information which relates to an identified or identifiable natural person, particularly their first name and surname, date of birth, email address, postal address, and bank and payment details, as well as health data, cf. Art. 4, Para. 1 of the GDPR.
The “controller” according to Art. 4, Para. 7 of the GDPR is any person or agency who, either alone or together with others, decides on the purposes and means of personal data processing. (In this situation: the website operator).
The controller in relation to your personal data on this website is:
SAHM GmbH + Co. KG
Phone: +49 26 24 1 88 0
Fax: +49 26 24 1 88 11
If an agency other than the one mentioned above is the “controller” under the terms of the General Data Protection Regulation, you shall be explicitly and separately informed to this effect, if this is not obvious.
Every time this website is accessed, data is logged automatically; this also applies to file retrieval (log data). In this regard, we collect and use the technically necessary data in order to make the website available to you. The technically necessary data transmitted to our web server by your browser includes the following: browser type / browser version, the operating system used, the referrer URL, the pages accessed, the IP address, and the date and time of access.
We need this data to ensure the website’s functionality and to make your visit to this website as pleasant as possible. We reserve the right to analyse the logged data specifically for the purpose of data security. We do not use the technically necessary data to create individual profiles which provide information about your personalised user behaviour. The log data is not linked or merged with other sources of data.
The legal basis for processing the described data – if it is personal – is Art. 6, Para. 1, lit. f of the GDPR. Our legitimate interest is to offer you an appealing, user-friendly and technically functional website.
If you contact us by email, fax, phone or post, we use your details for contact purposes and to process and respond to your request in a purpose-related manner. Your data is not disclosed to third parties. Your information shall be deleted within an appropriate period of time following completion of our processing activities, provided that there are no other legal regulations to the contrary and your request does not serve the purpose of preparation to conclude a contract.
The legal basis for processing is Art. 6, Para. 1, lit. f of the GDPR. Our legitimate interest lies in appropriately responding to and processing your request. If your request serves the purpose of preparing / initiating the process of concluding a contract with you, Art. 6, Para. 1, lit. b of the GDPR forms an alternative legal basis.
We collect and use your data in line with the legal requirements and only for our own purposes. Disclosure to “third parties” does not take place unless there is a legal obligation to this effect, you have given your consent to such disclosure, or disclosure is necessary to fulfil a contract concluded between you and ourselves.
Insofar as we engage other service providers to enable provision of the products and services we offer and potentially grant such service providers necessary access to your data, we have naturally concluded a commissioned data processing contract (known as a “CDP contract” for short) according to Art. 28 of the GDPR with our commissioned data processing service providers (known as “processors” for short). We also still remain responsible for protecting your data. By concluding the contract, the engaged service providers shall not be considered “third parties”.
Third-party contents, such as YouTube or Vimeo videos, Google Maps map materials, RSS feeds or graphics from other websites may be integrated into this website based on our legitimate interests (i.e. our interest in analysing, optimising and commercially running our website under the terms of Art. 6, Para. 1, lit. f. of the GDPR). This always requires the provider of such content (hereinafter referred to as the “third-party provider”) to record the user’s IP address. This is because they would generally be unable to send the content to the respective user’s browser without the IP address. The IP address is therefore required to show this content. We strive to only use content from such providers who only use the IP address to deliver content. However, we have no control over whether third-party providers save the IP address for statistical purposes, for example. We shall inform users to this effect as soon as we become aware of such practices.
Your personal data is deleted provided that there are no legal retention requirements to the contrary and if you have asserted a claim for deletion, if the data is no longer required to fulfil the purpose pursued by storage, or if storage of the data is impermissible on other legal grounds.
Your data is generally processed in Germany. In exceptional cases, information which you transmit to us may be stored on servers within the European Union (EU). We shall notify you accordingly if we deviate from this regulation as the “controller”.
We would like to explain to you that security loopholes can occur during data transmission over the Internet (e.g. via email). We cannot, therefore, offer complete protection against access by third parties. We back up our IT systems (including the web pages / website) using what are known as technical and organisational measures (known as “TOMs” for short) to protect against unwanted: access, admission, disclosure, entry, loss, dissemination, destruction and alternation by unauthorised individuals.
Your personal data is transmitted over the Internet in encrypted format using the Secure Socket Layer coding system (256-bit SSL encryption).
Under the legal requirements set forth in Art. 15 of the GDPR, you can naturally and at any time request information as to whether we process personal data about you. If we do process personal data about you, you can request information about the circumstances and form of processing, and more detailed information about the processed data.
According to Art. 16 of the GDPR, you can request that incorrect information about you be corrected if you cannot make the change yourself.
Under the legal requirements set forth in Art. 17 of the GDPR, you are entitled to request that we delete personal data concerning you without delay. To name but a few examples, the right to deletion does not exist if processing of the personal data is necessary for exercising the right to freedom of expression and information, for fulfilling a legal obligation to which we are subject (e.g. legal retention requirements), or for establishing, exercising or defending legal claims.
According to Art. 18 of the GDPR, you can request that processing of your personal data be restricted.
Under the requirements set forth in Art. 20 of the GDPR, you are entitled to request that we provide you with the personal data concerning you which we process in a structured, common and machine-readable format.
Under the requirements set forth in Art. 21 of the GDPR, you have the right to object to the processing of your personal data and request that we stop our processing activities. The right to object only exists to the extent stipulated by law. Legitimate interests necessitating further processing may be in conflict with your objection.
According to Art. 7, Para. 3 of the GDPR, you can revoke the consent you granted with respect to processing of your personal data at any time and with effect for the future, without incurring any costs exceeding the transmission costs according to the basic tariffs.
According to Art. 19 of the GDPR, we are obligated to inform all recipients to whom personal data was disclosed of corrections, deletions and restrictions on processing with regard to your personal data. Exceptions to this rule may exist in this regard if doing so is impossible or would involve a disproportionate effort. We shall provide you with information about these recipients upon request.
We also guarantee your rights according to Art. 22 of the GDPR. You or your data do not, therefore, form the subject matter of decisions based on automated processing – including profiling – on our website.
If you would like to assert your rights as a data subject, such as your right to delete or block data, please contact our data protection officer – preferably in writing – with sufficient identification:
Brands Consulting | Data Protection & Consulting
Mr Bernhard Brands
Auf dem Hahn 11
D-56412 Niedererbach (Westerwald)
Alternatively, you are also more than welcome to contact the data protection officer using SAHM GmbH + Co. KG’s address:
Data protection officer – personal –
SAHM GmbH + Co. KG
We are not liable for external links and third-party sites made accessible in this way. We would further like to point out that the information provided on this website is only for information procurement purposes and does not aim to produce any legal binding effect.
Last updated: 24.07.2018