pursuant to Art. 13, 14 and 21 of the General Data Protection Regulation (GDPR)
We, the Scheidt & Bachmann IoT Solutions GmbH (hereinafter "we", "us" or "Scheidt & Bachmann"), take the protection of your personal data very seriously and would like to inform you here about data protection at Scheidt & Bachmann.
Our data protection information is regularly updated in accordance with legal and technical requirements. Please note the current version of our data protection information.
This data protection information applies to the collection, processing and use of your personal data when we have contact with you as a contact person of interested companies, customers, suppliers, service providers, clients, contractors and cooperation partners (hereinafter "business partners").
Data controller in the sense of Art. 4 No. 7 GDPR is:
Scheidt & Bachmann IoT Solutions GmbH, Jülicherstr. 68, 52070 Aachen, Germany
Phone: +49 172/252-4818; e-mail: firstname.lastname@example.org
You can reach our data protection officer at the following contact details:
Scheidt & Bachmann GmbH
Data Protection Officer
Breite Straße 132, 41238 Mönchengladbach, Germany
Phone: +49 2166 266-839, e-mail: email@example.com
General data from the business relationship
We collect, process and use the following personal data in particular within the scope of the (developing) business relationship:
We collect, process and use personal data that is
Data from other sources
Furthermore, we also process - insofar as it is necessary for the fulfilment of the contract or pre-contractual measures with your employer or you or your employer have consented - such personal data that we have permissibly received from Scheidt & Bachmann group companies and other third parties.
We only process personal data from publicly accessible sources (e.g. authorities, internet) if this is legally permissible, for example because it is necessary for the provision of our services or you or your client/employer have consented.
We process your personal data insofar as this is necessary to protect the legitimate interests of Scheidt & Bachmann (Art. 6 para. 1 lit. f GDPR), in particular:
Furthermore, the processing of your personal data might be necessary in the context of the performance of a contract or a pre-contractual measure (Art. 6 para. 1 lit. b GDPR) with you as an individual (natural person).
Furthermore, the processing of your personal data may be required to comply with legal requirements (Art. 6 para. 1 lit. c GDPR), e. g. according to the provisions of the Money Laundering Act (GwG), or in the public interest (Art. 6 para. 1 lit. e GDPR). Likewise, you may also have given us your consent in accordance with Art. 6 para. 1 lit. a GDPR.
We process your personal data only for as long as is necessary to fulfil the respective processing purpose and to comply with regulatory requirements, usually for the duration of the respective business relationship, or for the duration of any statutory retention period.
In addition, we are subject to various storage and documentation obligations, which result from the German Commercial Code (HGB) or the German Fiscal Code (AO), among other things. These can be up to 10 years.
Finally, the storage period is also assessed according to the statutory limitation periods, which can be up to thirty years, for example, according to §§ 195 et seq. German Civil Code (BGB), with the regular limitation period being three years.
Should you wish to contact us by e-mail, we would like to point out that the content of unencrypted e-mails can be viewed by third parties. We therefore recommend sending confidential information by post. Please note that personal data transmitted by e-mail will be stored and processed for the purpose of following up your enquiry.
We only transfer your personal data to third parties if
In addition, we pass on your personal data to Scheidt & Bachmann group companies, which also process personal data partly under their own responsibility (so-called data controller, cf. Art. 4 No. 7 GDPR), to the extent necessary.
Within Scheidt & Bachmann, only those organisational units receive your data that require it to fulfil our contractual and legal obligations or in the context of processing and implementing our legitimate interest.
Beyond that, we do not pass on your personal data to third parties.
We do not intend to transfer your personal data to countries outside the European Union (EU) or the European Economic Area (EEA), but this may be done by external service providers if necessary. If external service providers come into contact with your personal data, we take legal, technical and organisational measures to ensure that they comply with the provisions of data protection laws and - if they act as processors - only process your data on our behalf and in accordance with our instructions.
If you access the Microsoft Teams website, the Microsoft Teams provider is responsible for data processing. However, accessing the website is only necessary for using Microsoft Teams in order to download the software for using Microsoft Teams. If you do not want to or cannot use the Microsoft Teams app, you can also use Microsoft Teams via your browser. The service will then also be provided via the Microsoft Teams website.
For more information on data protection at Microsoft, click here:
1. What data is processed?
When using Microsoft Teams, various types of data are processed. The scope of the data also depends on the data provided before or during participation in a Teams meeting.
The following personal data are subject to processing:
2. Purposes and legal bases of data processing
We use Microsoft Teams to conduct online meetings. If online meetings are to be recorded, this will be transparently communicated in advance and consent requested where necessary. The chat content is logged when using Microsoft Teams. Automated decision-making within the meaning of Art. 22 GDPR does not take place.
Insofar as personal data of our employees (or applicants) is processed, § 26 para. 1 Federal Data Protection Act (BDSG) is the legal basis for the data processing. If, in connection with the use of Microsoft Teams, personal data is not required for the establishment, implementation or termination of the employment relationship, but is nevertheless an elementary component in the use of Microsoft Teams, Art. 6 para. 1 lit. f GDPR is the legal basis for data processing. In these cases, our interest lies in the effective implementation of online meetings.
The legal basis for data processing when conducting online meetings is Art. 6 para. 1 lit. f GDPR. Here, too, our interest is in the effective implementation of online meetings.
3. Recipients of the collected contact data
Personal data processed in connection with participation in online meetings will not be disclosed to third parties unless it is intended for disclosure. Please note that the content of online meetings, as well as face-to-face meetings, may be used to communicate information to third parties and are therefore intended for disclosure.
Other recipients: The Microsoft Teams provider necessarily receives knowledge of the above-mentioned data insofar as this is provided for in the context of the order processing agreement with Microsoft.
4. Data transfer to a third country
Data processing in a third country outside the European Union (EU) does not take place in principle, as we have restricted the storage location to data centres in the European Union. However, we cannot exclude the possibility that data is routed via internet servers located outside the EU. This may be the case in particular if participants in online meetings are located in a third country. However, the data is encrypted during transport via the internet and thus protected against unauthorised access by third parties.
5. Storage period
Personal data is generally deleted if there is no need for further storage. A requirement may exist if the data is still needed, for example, to fulfil contractual services. In the case of statutory retention obligations, deletion is only considered after the expiry of the respective retention obligation.
Every data subject has the right to information under Art. 15 GDPR, the right to rectification under Art. 16 GDPR, the right to erasure under Art. 17 GDPR, the right to restriction of processing under Art. 18 GDPR and the right to data portability under Art. 20 GDPR. In order to exercise the aforementioned rights, you can contact the offices mentioned under clauses II and III.
If you have given us your consent to data processing, you can revoke this consent at any time without formalities. If possible, the revocation should be addressed to the offices mentioned under clauses II and III.
Furthermore, there is a right of appeal to a data protection supervisory authority (Art. 77 GDPR). The competent supervisory authority for Scheidt & Bachmann is:
North Rhine-Westphalia State Commissioner for Data Protection and Freedom of Information (LDI NRW)
However, we recommend that you first contact our data protection officer with a complaint.
You have the right to file an objection at any time, on grounds relating to your particular situation, against the processing of personal data relating to you which is carried out on the basis of Art. 6 para. 1 lit. f GDPR (processing of data on the basis of a weighing-up of interests) or Art. 6 para 1 lit. e GDPR; this also applies to any profiling based on this provision within the meaning of Art. 4 para. 4 GDPR.
If you file an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
In individual cases, we process your personal data for the purpose of direct advertising. You have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising.
If you file an objection to processing for direct marketing purposes, we will no longer process your personal data for these purposes.
The objection can be made form-free and should, if possible, be addressed to the offices mentioned in the data protection statement under clauses and III.
Security: We use technical and organisational security measures in order to adequately protect your personal data processed by us against accidental or intentional manipulation, loss, destruction or against access by unauthorised persons.
If you do not agree with the data collection and processing described below when access-ing our website from the Internet, please leave this website, do not load any further parts of our website onto your computer and do not contact us by e-mail. This is because the collection and storage of data is automatic.
We process personal data collected during visits to our website for the purpose of providing the website and improving our internet services in compliance with the applicable data protection regulations. Personal data will neither be published by us without authorisation nor otherwise passed on to third parties without authorisation.
When you visit our website, our web servers temporarily save each access in a log file. The follow-ing data is collected and stored until automated deletion:
(*The IP address is not linked to other collected data. Only the date, time and IP address are rec-orded in the system access log file, in case of an attack and its defence).
This data is processed for the purpose of enabling the use of the website (connection establish-ment), system security, technical administration of the network infrastructure and optimisation of the Internet offer. The IP address is only evaluated by us in the event of attacks on the network infrastructure of Scheidt & Bachmann. Personal, non-anonymised user profiles are not created. Art. 29 of the GDPR refers to the use of user profiles under a pseudonym, provided that the infor-mation with which the personal data can be assigned to a specific person is stored separately.
The above data is technically necessary for us to display our website to you and to ensure the sta-bility and security of the website. The legal basis is Art. 6 para. 1 lit. f GDPR.
To make visiting our website more attractive and to enable the use of certain functions, we use so-called cookies on various pages in addition to the data mentioned above. These are small text files that are stored on your end device. The cookies can be transmitted to a page when it is called up and thus enable the user to be identified. Cookies help to simplify the use of Internet pages for users. Some of the cookies we use are deleted again after the end of the browser session, i. e. after you close your browser (so-called session cookies). Other cookies remain on your terminal device and enable us to recognise your browser on your next visit (so-called persistent cookies). You can set your browser so that the cookies on our site are automatically deleted at the end of a session.
This website uses the following types of cookies, the scope and functionality of which are explained below:
You can configure your browser settings according to your preferences and, for example, refuse to accept third-party cookies or all cookies. Please note that you may then not be able to use all the functions of this website.
Information is stored in the cookie that arises in connection with the specific end device used. However, this does not mean that we gain direct knowledge of your identity.
In addition, we also use temporary cookies to optimise user-friendliness, which are stored on your end device for a certain fixed period of time. If you visit our site again to use our services, it is au-tomatically recognised that you have already been with us and which entries and settings you have made so that you do not have to enter them again.
Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a notice always appears before a new cookie is created. However, the complete deactivation of cookies may mean that you cannot use all the functions of our website.
We use necessary cookies to make our website more user-friendly. They enable basic functions on the website, without which the website would not function properly.
|Name||Provider||Purpose||Expiry / Procedure||Type|
|tx_cookies_consent||scheidt-bachmann.de||Stores the user's consent status for cookies on the current domain.||1 year||http cookie|
|tx_cookies_type_essential||scheidt-bachmann.de||Used to determine whether the visitor has accepted the "Essential" category in the cookie banner.||1 year||http cookie|
|tx_cookies_type_analytics||scheidt-bachmann.de||Used to determine whether the visitor has accepted the "Statistics" category in the cookie banner.||1 year||http cookie|
|tx_cookies_type_marketing||scheidt-bachmann.de||Used to determine whether the visitor has accepted the "Marketing" category in the cookie banner.||1 year||http cookie|
Statistics cookies help website owners understand how visitors interact with websites by col-lecting and reporting information anonymously.
|Name||Provider||Purpose||Expiry / Procedure||Type|
|_ga||Registers a unique ID that is used to generate statis-tical data on how the visitor uses the website.||2 years||http cookie|
|_ga_#||Collects data on how often a user has visited a web-site, as well as data for the first and last visit. Used by Google Analytics.||2 years||http cookie|
|_gid||Registers a unique ID that is used to generate statis-tical data on how the visitor uses the website.||1 day||http cookie|
|_gat||Used by Google Analytics to limit the request rate.||1 day||http cookie|
Marketing cookies are used to follow visitors on websites. The intention is to show ads that are relevant and engaging to the individual user and therefore more valuable to publishers and advertising third parties.
|Name||Provider||Purpose||Expiry / Procedure||Type|
|VISITOR_INFO1_LIVE||YouTube||Attempts to estimate user bandwidth on pages with integrated YouTube videos.||179 days||http cookie|
|YSC||YouTube||Registers a unique ID to keep statistics of the videos from YouTube that the user has watched.||Session||http cookie|
We use the information contained in cookies to enable the operation and use of our website and to ensure our IT security. The legal basis for data processing is Art. 6 para. 1 lit. f DS-GVO.
Based on our legitimate interest in the analysis, optimisation and economic operation of our web-site in accordance with Art. 6 para. 1 lit. f GDPR, we integrate content and service offers from third-party providers on our website to use their content and services, unless we explicitly refer to the fact that we have linked third-party websites. The integration of third-party content and services requires that the third-party providers are aware of the IP address of the user, as without the IP address they cannot send the content to the user's browser. The IP address is required for the dis-play of this content.
We endeavour to only include content and service offers whose respective providers only use the IP address to deliver the content. Third-party providers may also use so-called tracking pixels to collect statistical data about user behaviour. The pseudonymous information may also be stored in cookies on the user's device and may contain, among other things, technical information about the browser and operating system, referring websites, time of visit and other information about the use of our online offer, as well as being linked to such information from other sources.
a) Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, 4 Barrow Street, Dublin, D04 E5W5, Ireland ("Google") with the involvement of its US parent company Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, ("Google"), provided that you have given us your voluntary consent, which can be revoked at any time. Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of this website may be transmitted to and stored by Google on servers in the United States. The anal-ysis measure we use is carried out by us based on Art. 6 para. 1 lit. f GDPR to optimise the internet offer.
However, in the event that IP anonymisation is activated on this website, your IP address will be shortened beforehand by Google within member states of the European Union or in other con-tracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. IP anony-misation is active on this website. The locations of Google's data centres can be found at: www.google.com/about/datacenters/locations/index.html.
On behalf of the operator of this website, Google will use this information for the purpose of eval-uating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data unless you have permitted this in your Google account.
b) Google Fonts
Provided you have given us your prior consent (Art. 6 para. 1 lit. a GDPR), we use the marketing and remarketing services (Google Marketing Services) of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland for analysis and optimisation purposes and for the economic operation of our.
Google Marketing Services allow us to show advertisements for and on websites in a more targeted way in order only to present users with advertisements that may be of interest to. If users, for example, are shown advertisements for products that they have shown an interest in on other websites, this is known as “remarketing.” For these purposes, when our website and other websites on which Google Marketing Services are active are accessed, a code is executed by Google and (re)marketing tags (invisible graphics or codes, which are also known as "web beacons") are incorporated into the website. These are used to save an individual cookie on the user’s device, i.e., a small file (comparable technologies can also be used instead of cookies). The cookies can be created by various different domains, including google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com, or googleadservices.com. This file records which websites users look at, what content they show an interest in, and which offerings they click on. The file also contains technical information about the browser and operating system, referring websites, duration of the visit, as well as other information about the use of the online content. The IP addresses of users are also recorded, although we state within Google Analytics that the IP addresses within the member states of the European Union or in other signatory states of the Agreement on the European Economic Area and only sent in full to Google server in the USA and abbreviated there. The IP address is not combined with the users’ data within other offers from Google. Google an also combine the aforementioned information with information from other sources. If users then visit other websites, they can be shown advertisements tailored to their interests.
The users’ data is processed in a pseudonymous manner within Google Marketing Services. This means that Google does not process the name or email addresses of the users, but rather processes the relevant data based on cookies within pseudonymized user profiles. This means that from the point of view of Google, the information is not managed and viewed for a concrete, identified person, but rather for the cookie owner, irrespective of who this cookie owner is. This does not apply if a user has expressly given Google permission to process the data without this pseudonymization. The information collected by Google Marketing Services about the users is transmitted to Google and stored on Google’s servers in the USA.
In addition, we may use the "Google Tag Manager" in order to incorporate the Google analysis and marketing services into our website and to manage them.
If you want to opt-out of interest-based advertising by Google Marketing Services, you can make use of the settings and opt-out options provided by Google: https://accounts.google.com/
On our website you will find contact forms that can be used for electronic contact. Alternatively, it is possible to contact us via the e-mail addresses provided. If you contact us via one of these channels, we collect the personal data entered and transmitted.
Scheidt & Bachmann IoT Solutions GmbH use the services of Salesforce, Inc, San Francisco, USA. Salesforce is contractually obliged towards Scheidt & Bachmann to observe the applicable data protection regulations.
The personal data collected when using the contact form consists of the master data entered there (mandatory fields: Surname, e-mail address, country; voluntary fields: Salutation, First name, Company, Telephone number) and possibly further personal data entered by you in the "Message" field. If you contact us directly by e-mail, we collect your e-mail address and any personal data resulting from the text of the e-mail.
Should it be necessary to answer your enquiry, we will pass on personal data to Scheidt & Bachmann group companies.
The processing is based on Art. 6 para. 1 lit. f GDPR. The purpose of the data processing and our legitimate interest lie in the maintenance of business relations and in being able to answer the messages sent to us.
In the context of events, we may take photographs and/or film recordings and collect and process the following in this context:
If you do not wish to be photographed/filmed, please mention this directly to the photographer/cameraman so that your wish can be considered.
The legal basis for the data processing is Art. 6 para. 1 lit. f DSGVO. The photos/films will be taken for the purpose of documenting the event and will be used/saved/copied/distributed/exhibited/published on the internet via the company homepage of the data controller and/or on the intranet, in social media channels as well as in print media, in particular in the newsletter, for the purpose of documenting the event, for public relations and the presentation of the activities of the data controller in order to increase the level of awareness of the data controller as well as, if applicable, also for the long-term documentation of the company history of the data controller.
It can be assumed that the interest of the responsible person in the production and use of the photos/films does not unduly interfere with the rights and freedoms of the natural persons, especially since they are informed about the production and use of the photos/films in advance and/or at the event, and care is taken both in the production of photos/films and in the publication of the same that no legitimate interests of persons depicted are violated. If the rights and freedoms of a person depicted are violated for reasons particularly worthy of consideration, we will take appropriate measures to refrain from further processing. A deletion in print media that have already been issued cannot take place. Deletion on the website, in social media channels or on the intranet will be carried out within the scope of technical possibilities.
Departments of the data controller that necessarily need to receive the data in the course of carrying out the activity (e. g. marketing, IT, other administrative units), Scheidt & Bachmann group companies, contractors and processors involved in the processing (preparation as well as publication).
If applicable, tax advisors, authorities (tax office, other authorities) as well as legal representatives (in the enforcement of rights or defence against claims or in the context of official proceedings).
The data is made available on the internet to the worldwide public, on the intranet worldwide to the employees of the Scheidt & Bachmann group companies, and published in social media channels. The data will be published in print media: Employee newsletters distributed to employees of Scheidt & Bachmann group companies in a limited edition of 4,000 copies. Trade press/newsletters are distributed to the worldwide public.
The data will not be passed on to recipients who pursue their own purposes with this data. In the case of social media channels, however, it may be that the respective social media service receives the right to exploit the published data.
No other transfer to recipients in a third country (outside the EU) or to an international organisation is envisaged.
Through the use on the website, there is the possibility of worldwide access to the images/films or the retrieval of the posted data and images also from countries in which no or no sufficient data protection standard exists. The data controller can therefore neither influence the access to these data via the internet nor the use of these data and in this respect also cannot assume any guarantee for the observance of data protection.
Using suitable search engines, personal data can be found on the internet and the persons depicted in images can also be identified under certain circumstances. This also makes it possible to create personality profiles by combining this data and information with other data available on the internet and to open up additional possibilities of use, e. g. for advertising purposes. Due to the possibilities of worldwide retrieval and storage of data by other bodies or persons, further use by other bodies or persons or retrieval via archive functions of search engines cannot be ruled out in the event of revocation of consent and despite removal of your data and images from our website. Unidentification in print media that have already been issued cannot take place.