We use cookies to personalize your experience. By continuing to visit this website you agree to our use of cookies.

Privacy Policy

Privacy policy Solum
Booth: 03.05.2022

General part
Introduction
The protection of your personal data is important to us. It is an important part of our development and sales activities. With the following data protection declaration, we would like to inform you about the types of personal data (hereinafter referred to as "data") we process, for what purposes and to what extent.

Responsible
SoluM Europe GmbH
Frankfurter Str. 10-14
65760 Eschborn
Germany
Telephone: +49 (0) 6196 780 740
Fax: +49(0)6196 780 74 99 90
Email: [email protected]

President: Eugene Paik
Legal Representative: Michael Kim
WEEE reg. n o.: DE830t23477
VAT No.: DE303928834
Tax No: 043 243 40106

Dataprotection Officer: MFM Datenschutz-Consulting GmbH, Florian Kaiser
[email protected]

Processing overview
Below you will first find an overview of the types of data processed and the persons affected by the processing.

Types of processed data
We divide the processed data into the following types:

  1. Usage data: This includes, in particular, websites visited and interests in content.
  2. Metadata: This means the data generated during the communication process, such as IP addresses, browser identification, and device details.
  3. Content data: These mean those data that are provided when using our services themselves (texts, images, forms).
  4. Contact details: This includes e-mail addresses, telephone numbers, and postal addresses.
  5. Contract data: The data necessary for the conclusion of the contract, such as the subject of the contract and the parties concluding it.
  6. Inventory data: This is the existing core data such as names and addresses.
  7. Geodata: This includes, for example, the own location or the location targeted within a route.
  8. Payment data: Data on payment methods.

 

Categories of data subjects
We divide the persons concerned by the data processing into the following categories:

  1. Users: Visitors to our websites and online services.
  2. Applicant: People who apply to us.
  3. Interested parties: People who are interested in our services contact us through this.
  4. Communication partner: People who establish communication with us.
  5. Customers: People who use our services as clients.
  6. Contractors: Persons with whom we have contractual relationships without them being customers.

Purposes for the pursuit of which the processing is carried out
In general, the processing of personal data is carried out for the following purposes:

  1. Provision of our online offer: We process data in order to be able to provide our online offer at all.
  2. Improvement of the user-friendliness of our online offer: We process data in order to improve the user-friendliness of our offer. We achieve this in particular by analyzing visits to our online offering.
  3. Analysis of the behavior of visitors to our online offer: Analysis of accessed pages, e.g. by recording click paths and bounce rates.
  4. Obtaining feedback: Request and evaluate feedback on services and performance.
  5. Interest-based and behavioral (re-)marketing: Marketing tailored to the interests of users, which in turn is derived from their behavior.
  6. Conversion measurement: Measurement of the effectiveness of marketing measures.
  7. Security measures: Measures to protect our technical infrastructure.
  8. Contact requests and communication: Processing of contact requests, etc.
  9. Office organization: Measures to organize the office, e.g. scheduling, division of tasks, etc.
  10. Direct marketing: Direct marketing to customers, especially via individual letters by mail.
  11. Provision of contractual services: Processing of data during the execution and initiation of contracts.
  12. Implementation of the application process: In the case of an application procedure, the data is processed within it.
  13. Implementation of the employment relationship: Data processing for the purpose of implementation, management, and termination of the employment relationship.

Overview and explanation of the legal basis
In the following, we inform you about the legal basis of the General Data Protection Regulation (GDPR), on the basis of which we process personal data. In addition to the regulations of the DSGVO, national regulations of the respective user's country of residence or domicile may apply.

  1. Legitimate interests (Art. 6 para. 1 p.1 lit. f DSGVO): The processing is necessary for the purposes of the legitimate interests of the controller or of a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data.
  2. Contract fulfillment and pre-contractual inquiries (Art. 6 para. 1 p. 1 lit. b. DSGVO): The processing is necessary for the performance of a contract to which the data subject is party or for the implementation of pre-contractual measures taken at the request of the data subject.
  3. Legal obligation (Art. 6 para. 1 p. 1 lit. c. DSGVO): The processing is necessary for compliance with a legal obligation to which the controller is subject.
  4. Protection of vital interests (Art. 6 para. 1 p. 1 lit. d. DSGVO): The processing is necessary to protect the vital interests of the data subject or another natural person.
  5. Application procedure as a pre-contractual or contractual relationship (Art. 9 para. 1 p. 1 lit. b DSGVO): (Insofar as special categories of personal data within the meaning of Article 9 (1) of the GDPR (e.g. health data, such as severely disabled status or ethnic origin) are requested from applicants in the context of the application process so that the controller or the data subject can exercise the rights accruing to him or her under labor law and social security and social protection law and fulfill his or her obligations in this regard, their processing shall be carried out in accordance with Article 9 (2) b. DSGVO, in case of protection of vital interests of the applicants or other persons according to Art. 9 para. 2 lit. c. DSGVO or for the purposes of preventive health care or occupational medicine, for the assessment of the employee's ability to work, for medical diagnostics, care or treatment in the health or social sector, or for the management of systems and services in the health or social sector pursuant to Art. 9 para. 2 lit. h. DSGVO. In the case of communication of special categories of data based on voluntary consent, their processing is based on Art. 9 para. 2 lit. a. DSGVO.).
  6. Data processing for the purposes of the employment relationship (§ 26 BDSG): We process (special) types of personal data in the employment relationship on the basis of the statutory provision for the purpose of establishing, implementing, and terminating the employment relationship.
  7. Consent (if requested) (Art. 6 para. 1 p. 1 lit. a DSGVO): The data subject has given his/her consent to the processing of personal data concerning him/her for a specific purpose or purposes.
  8. Storage of information in the end user's terminal equipment with the end user's consent (§ Section 25 (1) sentence 1 TTDSG): We use memory areas of the terminal equipment of our users for certain functions with the explicit and informed consent of the same.
  9. Storage of information in the end user's terminal equipment due to necessity (§ 25 Ab. 2 No. 2 TTDSG): Unless we have asked for your permission when you visit our website or use individual functions, we use the memory of your terminal device for the technical presentation and delivery of our telemedia service if this is technically absolutely necessary.
  10. Processing for the exercise of public interest (Art. 6 para. 1 lit. e DSGVO): To the extent that processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

Security measures
We take appropriate technical and organizational measures in accordance with the legal requirements, taking into account the state of the art, the implementation costs, and the nature, scope, circumstances, and purposes of the processing, as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, in order to ensure a level of protection appropriate to the risk, Article 32 GDPR. The security measures we take include, in particular, the following.

  • Secure Sockets Layer | Transport Layer Security (SSL): We use SSL / TLS for the encrypted transmission of data between the end devices of our visitors and our server. In this way, the risk of unauthorized viewing of the transmitted data is significantly reduced.

Transfer and disclosure of personal data to third parties
In the course of our processing of personal data, it may happen that the data is transferred to or data is disclosed to other bodies, companies, legally independent organizational units, or persons. The recipients of this data may include in particular:

 

  • IT service provider: This includes service providers for the provision of hosting, mail services, and server technology
  • Payment service provider: Service providers who cooperate with us to process payments.
  • Shipping service provider: Service providers who perform logistics tasks for us. These include parcel service providers in particular.
  • Authorities: Government agencies with which we exchange data for the purpose of fulfilling orders or for legal reasons.

In such a case, we ensure the protection of personal data by concluding contracts or agreements with the respective third parties that serve to adequately protect the data. We carefully and conscientiously select third parties to whom we disclose data. Insofar as we use third-party providers or platforms to provide our services, the terms and conditions and data protection notices of the respective third-party providers or platforms apply to the relationship between the users and the providers.

 

Data processing in third countries
Insofar as we process data in a third country, i.e. a country outside the European Union or the European Economic Area, or the processing is carried out by third parties outside this area, this processing is only carried out in accordance with the applicable legal provisions. Subject to the express consent of the data subjects or legally required transfers, we only process data or have data processed in third countries with an adequate level of protection. This includes, in particular, countries that process on the basis of special guarantees, such as contractual obligation through so-called standard protection clauses of the EU Commission, the existence of certifications, or binding internal data protection regulations (Art. 44 to 49 DSGVO).

General note on the deletion of data
The data processed by us will be deleted in accordance with the legal requirements as soon as the consent to its processing has been revoked or other permissions (e.g. legitimate interests, legal obligations, etc.) cease to apply. If the data is not deleted because it is required for other and legally permissible purposes, its processing is limited to these purposes. I.e., the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law or whose storage is necessary for the assertion, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person. Further information on the deletion of personal data is provided, where applicable, under the individual points of this data protection declaration.