Protecting your personal data is very important to us. In this privacy policy, we would like to inform you about the type of personal data (hereinafter data) we collect, use and process as well as the scope and purpose of these activities. Additionally, we would like to explain the rights that you have.
1. Name and address of the controller 2. Data subjects 2.1 Customers, potential customers, suppliers and business partners 2.2 Individuals who apply for a job 2.3 Visiting and using our website 2.4 Video conference 3. Legal basis for data processing 4. Recipients or categories of recipients of personal data 5. Duration of data storage 6. Automated decision-making processes 7. Data security 8. Your rights as data subject 9. Data protection information updatesResponsible for the processing personal data in accordance with the provisions of the EU General Data Protection Regulation (GDPR) is:
You can contact our data protection officer at: datenschutz@sinn.de
This privacy policy applies to all natural persons who are customers, potential customers, suppliers or business partners of Sinn Spezialuhren GmbH or employees of a customer, supplier or business partner that cooperates with Sinn Spezialuhren GmbH as well as those who apply for a job with Sinn Spezialuhren GmbH. The privacy policy explains how Sinn Spezialuhren GmbH, Wilhelm-Fay-Strasse 21, 65936 Frankfurt am Main, Germany (hereinafter Sinn Spezialuhren, we, us) collects and processes your personal data in connection with the management of our business relationship.
Unless restricted by local laws, Sinn Spezialuhren collects, processes and uses the following categories of personal data about you:
If necessary, we process your personal data solely to ensure an effective customer relationship with you. This includes:
Sinn Spezialuhren collects, processes and uses the following categories of personal data, among others, in connection with your application:
If necessary, we process your personal data solely to ensure the effective management of your application. This includes:
When our website is visited, we may collect certain technical data about users, which is automatically sent to us by their web browser when they access a website online or use an application on a mobile device.
Such data is automatically recorded by our servers. It includes, but is not limited to, the IP address, browser type, browser language, the date and time of the visit, and uniform resource locators (URLs, i.e. website addresses) you visited before or after accessing our website.
Depending on the location of the user and the data concerned, such technical information may fall under the category of personal data.
The following list outlines the specific data concerned as well as the processing purposes, legal basis, recipients and transfers to third countries:
We create a log of your visit to our website. The following data is processed: name of the accessed website page, date and time of access, data transfer volumes, browser type and version, operating system in use, referrer URL (the previously visited website), your IP address and the requesting provider. This is necessary to ensure the security of the website and for analysis purposes. We process data accordingly on the basis of our legitimate interests in accordance with article (6)(1)(f) of the GDPR. The log file is deleted after seven days unless it is required to provide clarification or evidence of specific infringements that become known during the stipulated retention period.
With regard to hosting, all data to be processed in connection with the running of this website is stored. This is necessary to enable website operation. We process data accordingly on the basis of our legitimate interests in accordance with article (6)(1)(f) of the GDPR. To make our website available, we use the services of web hosting providers, with whom we share the above data.
If you contact us, your data (name, contact and address details, if provided) and your message will be processed solely for the purpose of processing and managing your enquiry. We process this data on the basis of article 6(1)(b) or article 6(1)(f) of the GDPR in order to manage your enquiry.
We process your order data in order to process the purchase contract. This data processing is carried out in accordance with the legal basis set out in article 6(1)(b) of the GDPR.
We share your address information with the company charged with delivery. If it is necessary for processing the contract, we also provide your email address or telephone number so that a delivery date can be agreed with the company charged with delivery (advance notice).
We share your transaction data (name, order date, payment method, dispatch and/or receipt date, amount and payee, if applicable, bank details or credit card details, if applicable address information, if applicable email adress) with the payment service provider responsible for processing payment. In the Sinn online shop, you will be taken from the ordering process directly to the payment pages, where you can then pay. Payment by credit card at our business locations is handled via the terminals of our external payment service provider.
We use cookies to enable the use of certain features. These are short data files that are stored on your device and exchanged with other providers. Some of the cookies we use are immediately deleted after you close your browser (‘session cookies’). Other cookies remain on your device and allow us to recognise your browser when you next visit (‘persistent cookies’). You can delete all of the cookies stored on your device, and the most popular browsers have settings that can prevent the storage of cookies. If these settings are active, you may need to make some settings every time you visit this website and accept that some features may be compromised as a result.
We use the service Cisco Webex which is provided by Cisco Systems, Inc., Legal Department, 170 West Tasman Dr., San Jose, CA 95134, USA for our video conferences.
When a video conference is held with Cisco Webex, Cisco processes the following three categories of personal data.
For more information about what data are processed from each category, see the Webex Meetings Privacy Data Sheet:
https://trustportal.cisco.com/c/dam/r/ctp/docs/privacydatasheet/collaboration/cisco-webex-meetings-privacy-data-sheet.pdf
All confidential data are encrypted by the service when they are stored. Stored data that are not encrypted are protected by highly secure protective mechanisms and conventional operating procedures for computing centres. The computing centres of Webex Meetings have a communications infrastructure which boasts industry-leading performance and availability. Cisco has secured its data centres for Webex Meetings both physically and logically. The corresponding certifications have been awarded pursuant to BSI C5 and ISO/IEC 27001:
https://trustportal.cisco.com/c/dam/r/ctp/docs/iso/collaboration/cisco-webex-teams-meetings-iso-27001.pdf
Cisco Webex meets the criteria of the following certificates and regulatory requirements:
Available certificates can be found at: https://trustportal.cisco.com/
We always process your personal data in accordance with the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG new).
Below you can read a description of the legal basis on which we process your personal data. Please note that these details are examples only and do not represent a complete or exhaustive list of the possible legal basis for data processing.
We process certain personal data only with your prior, explicit consent. This is the case, for example, if you have agreed that we may send advertising or promotional information in electronic format. You are entitled to revoke your consent at any time in order to stop the continued processing of this data.
Data processing is necessary in order to fulfil a contract or to complete pre-contractual measures. Sinn Spezialuhren processes your personal data solely in order to meet the legal obligations resulting from such contracts.
Sinn Spezialuhren is subject to a range of legal requirements. In order to comply with these requirements, we need to process certain personal data.
Sinn Spezialuhren processes certain personal data in order to safeguard its legitimate interests or the interests of third parties. However, this only happens in individual cases if your interests as data subject do not have priority over the interests of Sinn Spezialuhren.
As a rule, Sinn Spezialuhren ensures that your personal data is accessible only to a limited number of authorised persons who need to know this information in line with the purposes of processing outlined above.
Your personal data is not disclosed, sold or otherwise transmitted to third parties unless this is necessary for the purpose of fulfilling the contract with you or you have given your express consent to such transmission.
We also employ external contractors when processing your enquiries and providing access to our services. These service providers are contractually obliged to comply with data protection regulations, and they process personal data only in line with our instructions.
Under these conditions, the recipients of personal data may include service providers, processors or other third parties tasked with providing the following services:
All data processing takes place in Germany or member states of the European Union. Should any personal data that we collect or process about you be shared with recipients located outside the European Economic Area (EEA), we have taken appropriate action to ensure compliance with the Data Protection Regulation, such as concluding appropriate EU model contract clauses, obtaining Privacy Shield certification (US), and implementing recognised codes of conduct or certification mechanisms under article 42 of the GDPR.
Payment by credit card at our business locations is handled by the external payment service provider Wirecard Bank AG, Einsteinring 35, 85609 Aschheim, Germany (Wirecard). For more details about data privacy and other legal information, please refer to: https://www.wirecardbank.com/GDPR
Payments by credit card in Sinn’s online shop are handled by the external payment service providers Commerzbank AG, Kaiserplatz, 60311 Frankfurt am Main, Germany and SIX Payment Services (Europe) S.A., 10, rue Gabriel Lippmann, 5365 Munsbach, Luxembourg. Further information about data protection policy as well as other legal information can be found under the following links.
Commerzbank AG: https://www.commerzbank.de/portal/de/footer1/recht/rechtliche_hinweise.html
SIX Payment Services (Europe) S.A.:https://www.six-payment-services.com/en/services/legal/privacy-statement.html
If you order a catalog with a delivery address in Switzerland, we will pass on your data for the purpose of processing the order to our Swiss sales partner Uhrenatelier Sonja Lobeto, Breitestrasse 13, 8472 Seuzach.
In accordance with article 17(1)(a) of the GDPR, your personal data is routinely deleted if it is no longer necessary for fulfilment of contract and no longer subject to statutory retention periods.
Instead of being deleted, data is blocked if there are legal or factual obstacles to deletion, for instance in the case of special commercial or tax-related retention obligations, to preserve evidence under a statute of limitations or to deal with outstanding claims.
In principle, we delete applicants’ data three months after the employment decision has been made by Sinn Spezialuhren or after candidates reject an offer from Sinn Spezialuhren. Sinn Spezialuhren may retain your application data for two years if you have agreed to be considered for other positions at Sinn Spezialuhren.
As a rule, we do not use automated decision-making processes under article 25 of the GDPR to justify and manage the business relationship. If such processes are used in individual cases, we will inform you about this separately in advance to the extent required by law.
Sinn Spezialuhren has taken appropriate technical and organisational measures to prevent the unauthorised or unlawful disclosure of your personal data and unauthorised or unlawful access to your personal data as well as the inadvertent or unlawful loss, destruction or modification of your personal data and any damage. These measures ensure a level of security that corresponds to the risks involved in processing and the nature of the personal data to be protected. Our security measures are continuously improved in line with developments in technology.
On request and at no cost, you may receive information about the personal data we have stored about you at any time.
If you no longer agree that your personal data may be stored or if this information is no longer correct, we will have your data deleted or blocked with appropriate notice or make the necessary corrections (to the extent possible under the applicable law). The same applies if we receive the instruction to restrict processing with future effect.
Upon request, we will provide you with your data in a structured, commonly used and machine-readable format so that you can share this information with another controller if desired.
You have the right to complain to the responsible supervisory authority about your rights as a data subject. Contact details of the Federal and State Commissioner for Data Protection can be found at:
(https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html).
You are able to revoke any consent given at any time with future effect. Your withdrawal of consent does not affect the legality of any data processing carried out with your consent before the time of revocation.
In cases where we are unable to identify the data subject of information, for instance if it has been made anonymous for analysis purposes, the rights outlined above do not apply. It may be possible to exercise the right to information, deletion, blocking, correction or transfer to another company with respect to such information if you provide us with additional information that allows us to identify the data subject.
If you have any questions concerning the processing of your personal data, or if you would like to exercise your right to information, correction, blocking, objection or deletion with respect to your personal data, or to have it transferred to another company, please contact datenschutz@sinn.de.