Detailed data protection declaration
We take protecting your data seriously
Thank you for visiting our website. We are delighted that you are interested in our company and our products / services. We take protecting your personal data very seriously, and we want you to feel secure with regard to the information you give us when you visit our website. For us, complying with German data security law is a matter of course.
We want you to know what data we collect at SUMIDA while you are visiting our website, when we collect it and how we use this information. We have taken technical and organisational measures that ensure that data protection regulations are observed by us and by any service providers we work together with.
Personal data is information about your identity. This includes your name, your address and telephone number, and your e-mail address. You don’t have to divulge personal information in order to be able to use our internet site. But in some cases we need your name and address, and further information so that we can provide you with the services you require.
The same applies when we want to give you information material or supply you with goods you have ordered, or when we need to answer your questions. We will always tell you when this is necessary. Also, we only store or process data that you have provided us with either voluntarily or automatically.
If you use one of our services, we usually only take the data that is necessary to provide you with the service you require. We may ask you for further information, but this is voluntary. Whenever we process personal data, we do it to provide you with the service you required or to fulfil our legitimate commercial interests.
Automatically collected non-personal data
When you visit our website, we store certain information for administration and technical reasons. These are: the browser type and version used, the date and time of access and the IP address.
This data remains anonymous and it is used solely for statistical purposes and to improve our website and online services. This anonymous data is stored separately from personal data on secure systems and allows no inference on individual persons. This means that your personal details are protected at all times.
If you visit our website, we might store information on your computer in the form of cookies. Cookies are small files that are sent from an internet server to your browser and stored on your computer’s hard drive. Only the internet protocol address is stored in this process, and no personal data is involved. The information stored on cookies means you will be automatically recognised next time you use our website, so you will find our site easier to navigate. For example, cookies enable us to adapt our website to your interests or to store your password, so you don’t have to enter it again.
You can, of course, visit our website without using cookies. If you don’t want us to recognise your computer next time you visit us, you can prevent cookies from being stored simply by setting your browser to “do not accept cookies.” Find out how to do this in your browser’s operating instructions. If you do choose not to accept cookies, you may have difficulty in accessing certain parts of our site.
This website is using Google Analytics, a web-analysis tool of Google Inc. (“Google”). Google Analytics is using so-called “cookies”, text-files that are being stored on your computer and enable an analysis of your use of the website. The information (including your IP address) about your use of the website that are created by the cookie are transferred to a Google server in the USA and saved there. Google will use this information to analyse your use of the website, to create reports about website-activities for the website owner and to provide further services connected to the use of the website or the internet. Google may also transfer this information to third parties in case law requires it or the third parties are processing that data on behalf of Google [people / companies processing data on behalf of Google are not considered third parties!]. Under no circumstances will Google make any connection between your IP address and any other data collected about you. You may prevent the installation of cookies by making certain adjustments in your browser settings; we would like to inform you that this may, however, restrict the functionality of certain parts of our site. By using this website you agree to the processing of the information collected about you by Google in the aforementioned way and to the aforementioned purpose.
You can further keep Google from using your data by installing the browser-add-on available for download at:
If you are reaching our pages via a mobile device (smartphone or tablet) you will have to click on this link, to prevent Google Analytics from tracking you on our website fort he future. This is also a viable alternative tot he above-mentioned browser-add-on. Clicking on the link will install an opt-out-cookie in your browser, which is only valid for this browser and webpage. If you delete all cookies in this browser, the opt-out-cookie will be equally deleted and you will have to click the link again to re-install it.
Using the Mobile App
In addition to our online services, we also provide a mobile app that you can download to your mobile device. You have the rights described below.
When the app is downloaded, the required information is transferred to the App Store or Google Play Store. This information includes your user name, e-mail address and customer number of your account, time of download, the International Mobile Equipment Identity (IMEI), the mobile phone number (MSISDN), the MAC address for WLAN use and the unique number of the network user (IMSI). We have no influence on this data collection and are not responsible for it. We process the data provided if this is necessary for downloading the app to your smartphone. The data will not be stored any further.
When using the app, we collect the following additional personal data to enable the functions of the app:
- IP address
When starting to use the app, the app requires the following access rights and only for the following purpose:
- Location data (via GPS and anonymous IP address): to display the navigation to the depots.
- Phone: to be able to call the depots from the app
- Photo camera: it can be used to scan barcodes in order to mark the corresponding sales products or to obtain information about them.
- Photos/Media/Files: depends on the use of the camera for the barcode scanner
- Bluetooth: connection to external devices such as printers or measuring systems
- Internet: Sending and receiving trip and vehicle data
If you reject this, we will not use this data. However, you will not be able to use the corresponding functions of the app. You can grant or revoke the permission later in the settings. When you permit access to this data, the app will only access this data and transfer it to our server insofar as this is necessary to provide the functionality. This data will be treated confidentially by us and deleted if you revoke the rights of use or if these are no longer necessary for the provision of the service and there are no legal retention obligations.
In the system, data is only transmitted to ERP in the scope of an order. Third parties are not currently involved in processing and do not have dedicated access. In general, the app is an additional offer to the online system.
Currently, neither advertising identifiers nor user profiles are used. We only receive statistics directly from the Appstore or Google Play Store.
We have put technical and administrative safety measures in place in order to protect your personal data against loss, destruction, manipulation and unauthorised access. All our employees and service providers are bound by the Federal Data Protection regulations.
Whenever we collect and process personal data, this information is coded before it is transferred. This means that your data cannot be misused by unauthorised third parties. Our safety measures are subject to an on-going optimisation process. Our data protection regulations are constantly updated. Please make sure you read the current version.
Your information according to Art. 13 DSGV
1. Which data is processed and where is this data coming from?
We process the data which we have received from you within the scope of the contract initiation or processing or on the basis of your consent.
The personal data includes:
Your master/contact data, this includes for end customers e.g. first and last name, address, contact data (e-mail address, telephone number, and fax), bank details, and pictures.
In addition, we also process the following other personal data:
- Information on the type and content of contract data, order data, sales and document data, customer and supplier history and consulting documents,
- Advertising and sales data,
- Information from your electronic communication with us (e.g. IP address, log-in data),
- other data that we have received from you in the context of our business relationship (e.g. in customer meetings),
- Data that we generate ourselves from master/contact data and other data, such as customer requirement and customer potential analyses,
- The documentation of your declaration of consent for receiving e.g. newsletters.
- Photographs at events.
2. For which purposes and on what legal basis are the data processed?
We process your data in accordance with the regulations of the data protection basic regulation (DS-GVO) and the Federal Law for Data Protection 2018 in the respectively valid version:
• To fulfil (pre-)contractual obligations (Art. 6 Para. 1 lit.b DS-GVO):
The processing of your data is used for the contract processing online or in one of our branches, for the contract processing of your employees in our company. The data will be processed in particular during the initiation of business transactions and the execution of contracts with you.
• To fulfil legal obligations (Art. 6 Para. 1 lit.c DS-GVO):
A processing of your data is necessary for the purpose of the fulfilment of different legal obligations, e.g. from the commercial code or the tax code.
• To protect legitimate interests (Art. 6 Para. 1 lit.f DS-GVO):
On the basis of a weighing-up of interests, data processing may take place beyond the actual fulfilment of the contract in order to protect the legitimate interests of us or third parties. Data processing to protect legitimate interests is done, for example, in the following cases:
- Advertising or marketing (see point 4),
- Business management and development measures for services and products;
- Managing a group-wide customer database to improve customer service
- In the context of a prosecution.
- within the scope of your consent (Art. 6 Para. 1lit.a DSGVO):
…if you have given us your consent to process your data, e.g. to send you our newsletter, to publish photos etc.
3. Processing of personal data for advertising purposes
You may at any time revoke the use of your personal data for advertising purposes totally or for individual measures without incurring any costs other than the transmission costs according to the basic tariffs. We are authorized under the legal requirements of § 7 Para. 3 UWG to use the e-mail address you provided when concluding the contract for direct advertising for our own similar goods or services. You will receive these product recommendations from us irrespective of whether you have subscribed to a newsletter or not.
If you do not wish to receive such recommendations by e-mail from us, you can revoke the use of your address for this purpose at any time without incurring any costs other than the transmission costs according to the basic tariffs. A message in text form is sufficient for this purpose. Of course, every e-mail always contains an unsubscribe link.
4. Who receives my data?
If we use a service provider for order processing, we nevertheless remain responsible for the protection of your data. All contract processors are contractually obliged to treat your data confidentially and to process it only within the scope of the service provision. The processors commissioned by us will receive your data if they need the data to perform their respective services. These are, for example, IT service providers that we need for the operation and security of our IT system as well as advertising and address publishers for our own advertising campaigns.
Your data will be processed in our customer database. The customer database supports the improvement of the data quality of the existing customer data (duplicate cleaning, moved/deceased indicator, address correction) and enables the enrichment with data from public sources.
This data is provided to the group companies if required for contract processing. Customer data is stored separately for each company, whereby our parent company acts as a service provider for the individual participating companies.
If there is a legal obligation and in the context of legal prosecution, authorities and courts as well as external auditors can be recipients of your data.
In addition, insurance companies, banks, credit agencies and service providers may be recipients of your data for the purpose of initiating and fulfilling contracts.
5. How long will my data be stored?
We process your data till the end of the business relationship or till the end of the valid legal retention periods (e.g. from the German Commercial Code, the German Tax Code); furthermore till the end of possible legal disputes where the data is needed as evidence.
6. Is personal data transferred to a third country?
In general, we do not transfer any data to a third country. In individual cases, data will only be transferred on the basis of an adequacy decision by the European Commission, standard contractual clauses, suitable guarantees or your express consent.
7. Which data protection rights do I have?
You have the right at any time to information, correction, deletion or restriction of the processing of your stored data, a right of objection to the processing as well as a right to data transfer and a right of appeal in accordance with the requirements of data protection law.
Right to information:
You can request information from us whether and to what extent we process your data.
Right to correction:
If we process your incomplete or inaccurate data, you may request that we correct or complete it at any time.
Right to deletion:
You can demand that we delete your data if we process it illegally or if the processing disproportionately interferes with your legitimate protection interests. Please note that there may be reasons that prohibit an immediate deletion, e.g. in the case of legally regulated storage obligations.
Regardless of the exercise of your right to deletion, we will delete your data immediately and completely, as long as there is no legal or statutory obligation to retain data.
Right to limit the processing:
You can demand that we restrict the processing of your data if
- you dispute the correctness of the data, for a period of time which enables us to verify the correctness of the data,
- the processing of the data is illegal, but you reject a deletion and instead demand a restriction on the use of the data,
- we no longer need the data for the intended purpose, but you still need this data to assert or defend legal claims, or
- you have objected to the processing of the data.
Right to data transfer:
You may request that we provide you with the information you have provided to us in a structured, common and machine-readable format and that you may provide that information to another responsible person without our interference, if
- we process this data on the basis of a consent given and revocable by you or for the fulfilment of a contract between us, and
- this processing is done using automated methods.
If technically feasible, you have the right to demand the direct transfer of your data to another responsible person.
Right of objection:
If we process your data for legitimate reasons, you may object to such processing at any time; this would also apply to profiling based on these provisions. We will then no longer process your data unless we can prove compelling grounds for processing worthy of protection which outweigh your interests, rights and freedoms or the processing serves the assertion, exercise or defence of legal claims. You can revoke the processing of your data for the purpose of direct marketing at any time without giving reasons.
Right of appeal:
If you are of the opinion that we violate German or European data protection law when processing your data, we please you to contact us to clarify questions. Of course, you also have the right to contact the responsible supervisory authority, the respective state office for data protection supervision.
If you wish to assert any of the aforementioned rights against us, please contact our data protection officer. In case of any doubt, we may request additional information to confirm your identity.
8. Am I obliged to provide data?
The processing of your data is necessary to conclude or fulfil your contract with us. If you do not provide this data to us, we will usually have to refuse the conclusion of the contract or will no longer be able to execute an existing contract and will therefore have to terminate it. However, you are not obliged to give your consent to data processing regarding data which is not relevant for the performance of the contract or which is not required by law.
Rights of the persons affected
Please contact us at any time if you would like to find out which personal data we store about you. Also if you want to correct or delete them. You also have the right to restrict processing (Art. 18 GDPR), a right to object to processing (Art. 21 GDPR) and the right of data transferability (Art. 20 GDPR).
In these cases, please contact us directly.
Changes to our data protection regulations
We reserve the right to alter our data safety and protection regulations if and when this becomes necessary as a result of new technology. In these cases, we will alter the data protection advice. Please make sure that you always use the current version of the data protection regulations. If this declaration undergoes major changes, we will make those changes public on our webpages.
All interested parties and visitors are welcome to contact us for data privacy issues under:
Mr. Christian Volkmer
Projekt 29 GmbH & Co. KG
93047 Regensburg – Germany
Phone +49 941 29 86 93 0
Fax +49 29 86 93 16