Data protection policy
As the operator of these pages, we take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with data protection information.
When you use this website, various personal data are collected. Personal data is any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier. This privacy notice explains which information we collect and how we use it. It also explains how and for which purpose this is done.
Personal data is only collected, used and, if necessary, passed on by the provider if this is expressly permitted by law or if the user consents to the collection, processing, use and passing on of the data.
We would like to point out that data transmission on the Internet (e.g. communication by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.
1. General information
Provider and responsible entity within the meaning of the Data Protection Act
Please direct general enquiries relating to data protection, such as the enforcement of data subject rights, to the following e-mail address, from which your enquiry will be redirected to the Data Protection Officer and our Data Protection Team:
Confidential data protection enquiries can be directed to our data protection officer by telephone, post or e-mail (see below). His name and contact details are:
SIX DATENSCHUTZ GmbH
Kasseler Str. 30
D - 61118 Bad Vilbel
Tel: +49 6101 982 9422
firstname.lastname@example.org (for confidential enquiries)
Scope of application
This data protection notice provides users with information on the type, scope and purpose of the collection and use of their data, that is collected and used by the responsible provider.
The legal framework for data protection is provided by the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG-new).
Integration of third-party services and content
Our offer sometimes includes content and services of other providers. In order for this data to be called up and displayed in the user's browser, the transmission of the IP address is mandatory. The providers (hereinafter referred to as "third party providers") therefore perceive the IP address of the respective user.
Even though we endeavour to use only third-party providers who only need the IP address to be able to deliver content, we have no influence on whether the IP address may be stored. In this case, this process serves statistical purposes, among other things. If we are aware that the IP address is stored, we inform our users of this fact.
Transfer of personal data to third countries
If we transfer data to third countries, i.e. countries outside the European Union, then the transfer takes place exclusively in compliance with the legally regulated permissibility requirements.
If the transfer of data to a third country is not for the purpose of fulfilling our contract with you, we do not have your consent, the transfer is not necessary for the assertion, exercise or defence of legal claims and no other exemption under Article 49 of the GDPR applies, we will only transfer your data to a third country if an adequacy decision under Article 45 of the GDPR or appropriate safeguards under Article 46 of the GDPR are in place.
An adequate level of data protection in the USA has been declared most recently by the adequacy decision "Data Privacy Framework (DPF)" adopted in July 2023 which you can find here. U.S. companies must certify to be listed within the DPF. We have agreed so-called EU standard data protection clauses with the providers in third countries, as well as partially data processing on European and German servers. Timely data deletion reduces the risk of third-party access.
Alternatively or in addition, by entering into the EU standard data protection clauses adopted by the European Commission with the receiving entity, they create appropriate safeguards in accordance with Article 46(2)(c) of the GDPR and an adequate level of data protection. Copies of the EU standard data protection clauses are available on the website of the European Commission, available here
Disclosure of data to third parties
Your data will not be passed on to unauthorized third parties. Where external service providers receive your personal data we have ensured that they implement appropriate technical and organizational measures and that they comply with the applicable data protection regulations and laws.
In accordance with the principles of data avoidance and data minimization, we only store personal data for as long as is necessary or prescribed by law (statutory storage period). If the purpose of the information collected no longer applies or the storage period ends, we block or delete the data.
2. The processing operations in detail
This website uses so-called cookies. These are text files that are stored on your computer from the server. They may contain information about the browser, the IP address, the operating system and the internet connection. We do not pass this data on to third parties or link it to personal data without your consent.
Cookies fulfil two main tasks. They help us to make it easier for you to navigate through our website and enable the website to be displayed correctly. They are not used to introduce viruses or to launch programs.
Users have the option of accessing our website without cookies. To do this, the corresponding settings must be changed in the browser. Please use the help function of your browser to find out how to deactivate cookies. However, we would like to point out that this may impair some of the functions of this website and reduce user comfort.
Collection of personal data when visiting our website
In the case of merely informative use of the website, i.e. if you do not register or otherwise transmit information to us, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security (legal basis for this is Art. 6 para. 1 p. 1 lit. f) GDPR), legitimate interest:
- IP address
- host name
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status/HTTP status code
- Amount of data transferred in each case
- Website from which the request came (referrer)
- The specific pages of our website that you have accessed
- Browser: Type, version and language
- Operating system: type and version
- Screen resolution
- colour depth
- Size of the browser window
- Installed browser plug-ins
Use of essential cookies
Essential cookies do not require your consent and are processed by us in accordance with Art. 6 para. 1 lit. f) GDPR. Our legitimate interest here is the smooth and optimal use and presentation of our website.
On our website we use the cookie consent tool "Banny" of Kemweb GmbH, Mainz. The purpose of this processing is to request your consent for the non-technical cookies used on our website and to document it in accordance with applicable data protection regulations and laws.
When you visit our website, a cookie is stored in your browser to document the consents you have given or the revocation of these consents.
The legal basis for this data processing is Art. 6 (1) lit. c) GDPR - legal obligation, which is that consent must be obtained for non-technically necessary cookies before they are used in accordance with the ECJ ruling of 1 October 2019, AZ C-673/17.
The collected data will be stored until you request us to delete it or until you delete the cookie yourself or until the purpose for storing the data no longer applies. Mandatory statutory retention periods remain unaffected.
Registration on our website
If you register on our website in order to make use of personalized services, personal data will be collected. This includes the name, address, telephone number and e-mail address as contact and communication data.
Registration enables access to services and content that are only available to registered users. If necessary, registered users have the option of changing or deleting the data provided during registration at any time, taking into account the legal retention periods. Upon request, we will of course inform you which personal data has been collected and stored. The legal basis here is your consent within the scope of registration (Art. 6 para. 1 lit. a) GDPR).
In addition, we will correct or delete the data upon request, provided that there are no legal obligations to retain the data. For queries and your request for correction or deletion of the data, please use the contact details stated in this data protection information.
If you register for our newsletter, we will use the data you enter exclusively for this purpose or to inform you about circumstances relevant to this service or registration. We do not pass this data on to unauthorized third parties. We use Hubspot Inc., Cambridge, USA (complete address with contact data see paragraph „Hubspot“) as our newsletter service provider.
A valid e-mail address is required to receive the newsletter. The IP address used to register for the newsletter and the date on which you ordered the newsletter are also stored. This data serves us as proof in the event of misuse if a third-party email address is registered for the newsletter. In order to also ensure that an e-mail address is not improperly entered into our distribution list by third parties, we work in accordance with the law with the so-called "double opt-in" procedure. Within the scope of this procedure, the ordering of the newsletter, the sending of the confirmation email and the receipt of the registration confirmation are logged. The legal basis is your consent in accordance with Art. 6 Para. 1 lit. a) GDPR.
You have the option at any time to revoke your consent to the storage of data, e-mail address and their use for the newsletter dispatch. We will provide you with a link for revocation in each newsletter and on the website. You also have the option of informing us of your wish to revoke via the contact options mentioned in this document.
On our website, we offer you the opportunity to contact us via the online form or by e-mail. In this case, the information you provide will be stored for the purpose of processing the contact. The disclosure of your data is completely voluntary. The processing of the data you provide is based exclusively on your consent (Art. 6 para. 1 lit. a) GDPR) or if you wish to conclude a contract with us or have questions in this regard (Art. 6 para. 1 b) GDPR).
You can revoke your consent at any time. An informal e-mail to us is sufficient for this purpose. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.
Data will not be passed on to unauthorized third parties. A comparison of the data collected in this way with data that may be collected by other components of our website is also not carried out. The services offered may - as far as technically possible and reasonable - also be used without providing this data or by providing anonymized data or a pseudonym.
Your data will remain with us until you request us to delete it, revoke your consent to store it or the purpose for the data processing no longer applies (e.g. after we have completed processing your enquiry). Mandatory legal provisions - in particular retention periods - remain unaffected.
We use services of etracker GmbH from Hamburg, Germany (www.etracker.com) to analyze usage data. Cookies are used to enable a statistical analysis of the use of this website by its visitors and the display of usage-related content or advertising. Cookies are small text files that are stored by the Internet browser on the user's terminal device. etracker cookies do not contain any information that enables a user to be identified.
The data generated by etracker is processed and stored by etracker on behalf of us of this website exclusively in Germany and is therefore subject to the strict German and European data protection laws and standards. etracker has been independently audited and certified in this respect and awarded the ePrivacyseal data protection seal of approval.
The data processing is carried out on the legal basis of Art. 6 para. 1 lit f) (legitimate interest) of the EU General Data Protection Regulation (GDPR). Our legitimate interest is the optimization of our online offer and our web presence. As the privacy of our visitors is particularly important to us, the IP address is anonymized at the earliest possible stage by etracker and log-in or device identifiers are converted to a unique key at etracker that is not assigned to a person. etracker does not use the data in any other way, combine it with other data or pass it on to third parties.
You can object to the aforementioned data processing at any time, insofar as it is personal. Your objection will not have any adverse consequences for you.
Further information on data protection at etracker can be found here
For the graphically uniform appearance of fonts, we use the fonts of the provider Google Webfonts (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland).
We only use locally pre-installed fonts. This means that the fonts are initially loaded and installed by us and that no personal data is required for the operation of these services and is not transmitted to the providers.
The above-mentioned services are used in the interest of a uniform and appealing presentation of our online offers. This represents a legitimate interest within the meaning of the legal basis of Art. 6 Para. 1 lit. f) GDPR.
Further information on data processing by Google can be found at:
We use a solution from HubSpot Inc., Cambridge, USA for our online marketing activities. This is an integrated software-as-a-service (SaaS) solution that we use to cover various aspects of our online marketing.
- Email marketing (newsletters, personal emails as well as automated emailings).
- Social media publishing & reporting
- Reporting (e.g. traffic sources, hits, etc. ...)
- Contact management (e.g. user segmentation & CRM)
- Landing pages and contact forms
This information is stored on servers of the software supplier HubSpot Inc. It can be used by us to contact visitors to our website and to determine which of our company's services are of interest to them.
The data processing is based on our legitimate interest Art. 6. para. 1 lit. f) GDPR or for the analysis of your user behaviour (tracking, analyses) on your consent according to Art. 6 para. 1 lit. a) GDPR. You can revoke your consent at any time with effect for the future. The legality of the data processing operations already carried out remains unaffected by the revocation.
All information collected by us is subject to this data protection notice. We use all collected information exclusively to optimize our marketing.
HubSpot is a USA based software company at 25 First Street, Cambridge, MA 02141 USA, Phone: +1 888 HUBSPOT. (+1 888 482 7768), Fax: +1 617 812 5820 with an office in Ireland: HubSpot European Office, Ground Floor, Two Dockland Central, Guild St, North Dock, Dublin, D01 K2C5, Ireland, Phone: +353 1 5187500.
An adequate level of data protection in the US has been declared by the Data Privacy Framework (DPF) adequacy decision most recently adopted in July 2023. Hubspot is one of the companies listed and certified therein. We have also agreed so-called EU standard data protection clauses with the provider as well as partial data processing on servers in Germany and the EU.
Please also note the information on transfer to third countries.
This website contains plugins from YouTube of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, associated with Google Inc. based in San Bruno/California, USA.
When you start an embedded YouTube video on our website, a connection to the YouTube servers is established. This tells YouTube which website you have visited. If you have your own YouTube account and you are already logged in there, you enable YouTube to assign your surfing behaviour directly to your personal profile. You can prevent this association if you log out of your account beforehand.
If you wish, you can use the "YouTube button" or the share function. To do so, it is necessary to register with YouTube. The registration has the effect that the service of the provider is activated.
The processing is carried out in accordance with your consent (Art. 6 para. 1 lit. a DSGVO). If you have given your consent, you can revoke it at any time in the cookie settings.
Through the embedded use of YouTube, further services are reloaded, we cannot prevent this and we do not actively use these services ourselves.
These services are:
- Google Fonts
For details see section Google Fonts
For details see section Google Marketing Platform
- Google Fotos
Supporting service on YouTube for image display
- Google APIs
Supporting service on Google for providing the programming interface
- Google Video
Supporting service on YouTube for video viewing
- YouTube Images
Supporting service on YouTube for the display of images
Google Marketing Platform / DoubleClick / Campaign Manager
If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, it is possible that the provider will find out and store your IP address.
The processing is carried out in accordance with your consent (Art. 6 para. 1 lit. a DSGVO). If you have given your consent, you can revoke it at any time in the cookie settings.
You can prevent participation in Google tracking processes in various ways:
- By setting your browser accordingly; in particular, the suppression of third-party cookies will result in you not receiving third-party ads;
- by disabling conversion tracking cookies by setting your browser to block cookies from the googleadservices.com domain, https://adssettings.google.de/anonymous?hl=en, this setting being deleted when you delete your cookies;
- by disabling the interest-based ads of the providers that are part of the self-regulatory campaign "About Ads", via the link http://www.aboutads.info/choices, this setting being deleted when you delete your cookies;
- by permanently deactivating them in your Firefox, Internet Explorer or Google Chrome browser using the link http://www.google.com/settings/ads/plugin, by using the appropriate cookie setting. We would like to point out that in this case you may not be able to use all functions of this offer to their full extent. In addition, you can prevent Google from collecting the data generated by the cookies about your use of the websites and the processing of this data by Google by downloading and installing the browser plugin available at https://support.google.com/adsense/answer/142293?hl=en under "Display settings", "Extension for Campaign Manager deactivation".
The data sent by us and linked to cookies are automatically deleted after 14 months. The deletion of data whose retention period has been reached takes place automatically once a month.
Further information on the Google Marketing Platform can be found at https://marketingplatform.google.com/intl/en_uk/about/ and on data protection at Google in general: https://policies.google.com/privacy?hl=en&gl=de . Alternatively, you can visit the website of the Network Advertising Initiative (NAI) at http://www.networkadvertising.org.
We use the service "ARIVA" (ARIVA.DE AG, Neufeldtstraße 9, 24118 Kiel, hereinafter referred to as "ARIVA"). ARIVA is a bank-independent financial portal that provides stock quotes, market prices, news and other financial information. This service is integrated into our website. Technical data (e.g. IP address, browser type, date and time of the request) may be processed. The processing is carried out in accordance with Art. 6 par. 1 lit. a) DSGVO with your consent. Further information on data protection and the processing of your data by Ariva can be found here.
With the service of EQS News we have integrated financial news on current information on our site. This service is provided by EQS Group AG Karlstraße 47, 80333 Munich, Germany (hereinafter referred to as "EQS News"). This service is integrated into our website. Technical data (e.g. IP address, browser type, date and time of request) may be processed. The processing takes place in accordance with Art. 6 par. 1 lit. a) DSGVO with your consent. Further information on data protection and the processing of your data by EQS News can be found here and here
We are pleased if you are interested in an open position in our company or would like to send us your application documents by way of a speculative application and provide you with the option of applying online. We collect and process the personal data of applicants for the purpose of processing the application procedure and for the decision on the establishment of an employment relationship. This takes place and is carried out on the basis of Art. 6 para. 1 lit. b GDPR - pre-contractual measures as well as Art. 88 (1) GDPR in conjunction with Section 26 of the German Federal Data Protection Act (BDSG).
Your online application will be processed by our HR department as quickly as possible. Your application documents will be forwarded to the relevant specialist department or the affiliated company in which the vacancy exists or for which your application could be of interest. We will use your application documents exclusively within the company and its affiliated companies for application purposes. The data will not be passed on to unauthorized third parties.
If we are unable to identify a suitable position for your profile internally, we will delete all data upon delivery of the rejection, provided that deletion does not conflict with any contractual, legal or other legitimate interests of the person responsible. Other legitimate interests in this sense include, for example, a burden of proof in the event of legal defense in proceedings under the General Equal Treatment Act (AGG).
Please understand that the review may take some time. However, if your profile is of interest in principle and there are merely no suitable positions available at the moment, we will contact you again to obtain your consent to the retention and storage of your application data. If you agree in principle, you should note this immediately in your covering letter.
If the data controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions.
Please read our note notifiable information in the case of direct collection.
3. your rights to information, correction, blocking, deletion and objection
- gemäß Art. 18 DSGVO das Recht, die Einschränkung der Verarbeitung Ihrer personenbezogenen Daten zu verlangen, soweit
- die Richtigkeit der Daten von Ihnen bestritten wird;
- Pursuant to Art. 15 of the GDPR, the right to request information about your personal data processed by us to the extent specified therein;
- pursuant to Art. 16 GDPR, the right to demand the correction of inaccurate or incomplete personal data stored by us without undue delay;
- in accordance with Art. 17 GDPR, the right to request the deletion of your personal data stored by us, unless further processing is necessary
- to exercise the right to freedom of expression and information;
- to comply with a legal obligation;
- for reasons of public interest; or
- necessary for the assertion, exercise or defence of legal claims;
- the accuracy of the data is disputed by you;
- the processing is unlawful, but you object to its erasure;
- we no longer require the data, but you need it to assert, exercise or defend legal claims; or
- you have objected to the processing in accordance with Art. 21 GDPR;
As a data subject, you have the following rights:
· Pursuant to Art. 18 GDPR, you have the right to request the restriction of the processing of your personal data if
· pursuant to Art. 20 GDPR, the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request that it shall be transferred to another controller;
· pursuant to Art. 77 GDPR, the right to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters for this purpose.
The supervisory authority responsible for us is:
Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Rheinland-Pfalz
Hintere Bleiche 34
phone: +49 6131 8920-0, fax: +49 6131 8920-299
4. changes to our data protection information
In order to ensure that our data protection information always complies with the current legal requirements, we reserve the right to make changes at any time. This also applies in the event that the data protection information has to be adapted due to new or revised services, for example new services. The new data protection information will then apply the next time you visit our website. This data protection notice is valid as of July 2023.
Information on the processing of personal data with SAP C4C pursuant to Art. 13 and Art. 14 GDPR for prospects, customers and business partners
We hereby inform you about the processing of your personal data in connection with the use of SAP software, in particular the SAP C4C CRM solution within the SIMONA Group. We comply with the applicable provisions of the European Union. The legal provisions can be found here: eur-lex.europa.eu/legal-content/DE/TXT/HTML/ and at http://www.gesetze-im-internet.de/bdsg_2018/.
Data Controllers are
Tel.: +49 67 52 14-0
Fax. +49 67 52 14-211
As well as the respective SIMONA company; a list of SIMONA companies can be found here: https://www.simona.de/nc/service/simona-weltweit/ .
Which data do we process and what is the legal basis?
As part of the business process and during our business relationship we process personal data that you provide to us prior to or during the business relationship. The legal basis for this is Art. 6 para. 1 lit. b GDPR. As a rule, this involves the following data:
- master data such as title, function, first name, last name, birth name, date/place of birth.
- contact data such as postal code, city, street, house number, email address(es), telephone numbers (landline and/or mobile), etc.
- if applicable, financial data, e.g. IBAN, BIC, bank institute, credit card data
- project or order-related data (e.g. company name, customer number, quotation, order, sales, invoice, payment, service and return data, as well as call and visit reports)
- identifiers, e.g. newsletter recipient yes/no
- email data Content data (e-mail body, header data)
- image/video data
Purposes of processing
The controllers process your personal data for marketing/sales purposes for contacting you and for initiating, establishing or implementing a business and/or contractual relationship as well as for responding to your inquiries (pre-contractual and/or contractual measures, contract performance) and, if applicable, for sending you our newsletter, provided you have consented to this or this is in our legitimate interest.
Legal Basis for processing your data
The controllers only process your personal data if there is a legal basis for doing so. In particular, the following legal bases come into consideration:
- Art. 6 para. 1 lit. b GDPR - if you have contacted us e.g. via contact form or approach at trade fairs and/or events, participation in academy offers or if a business relationship already exists. The processing of your data is then carried out for pre-contractual measures or in the context of a contract execution.
- If you are already a customer, your data may also be processed on the basis of legal requirements pursuant to Art. 6 (1) lit. c GDPR for the fulfillment of commercial or tax retention obligations, for the fulfillment of reporting or information obligations to authorities, etc.
- Art. 6 para. 1 lit. a GDPR - if you have given us consent, e.g. for direct marketing purposes (e.g. to receive our newsletter).
Recipients of your personal data
Recipients of your personal data are authorized SIMONA employees in various business units of the SIMONA Group (worldwide) who are entrusted with activities and processes within the scope of customer and prospect relationships (sales, branding), the IT department as well as, if applicable, financial authorities, auditors and, if applicable, other institutions or authorities (e.g. customs authorities). As a result, your personal data may be transferred to and processed in third countries in which SIMONA companies are located (e.g. USA, Asia and others), primarily for internal purposes, unless otherwise agreed. Furthermore, contractually bound service providers may be used for contract processing. In the current case your data will be stored on servers located in Germany by SAP Deutschland SE & Co. KG, Walldorf (in the SAP cloud). An IT service provider for maintenance and support (currently Sybit GmbH, Radolfzell) may also gain access to your data. Your personal data will not be transferred to unauthorized third parties for purposes other than those listed above.
Data processing also outside the European Union
Among others, the software application SAP C4C, a cloud-based CRM software with analysis, reporting and recording capabilities as well as interfaces to other systems, is used. Software and data are physically located in Germany.
Furthermore, we use software such as SnapADDY (Würzburg, Germany) as well as Microsoft 365 incl. "Teams" as well as Hubspot (both USA), or other software from providers in third countries for data processing for the purposes mentioned above. Your data may thus also be transferred to the USA or other third countries. An adequate level of data protection in the USA was declared by the most recent adequacy decision "Data Privacy Framework (DPF)" adopted in July 2023. The above-mentioned U.S. companies are among those listed and certified therein. We have agreed so-called EU standard data protection clauses with the providers in third countries as well as partial data processing on servers in Germany and the EU. Timely data deletion reduces the risk of third-party access.
Your personal data will only be stored for the above-mentioned purposes and will be deleted after expiry of legal (primarily commercial and tax law) retention periods. If the personal data is not affected by legal retention periods, it will be deleted if it is no longer required for the purposes described above or if you revoke a previously given consent to receive our newsletter. The storage periods are 6 years for business letters (e.g. offers, delivery bills) and 10 years (e.g. invoices) - counting in each case beginning with the following year of the document date. Prospect data will be deleted 24 months after the last contact, unless otherwise agreed.