Privacy Policy
1. Data Protection at a Glance
General Information
The following notes provide a simple overview of what happens to your personal data when you visit this website. Personal data comprises all data by which you can be personally identified. For detailed information on the subject of data protection, please refer to our privacy policy listed below this text.
Data Collection on this Website
Who is responsible for the data collection on this website?
Data processing on this website is carried out by the website operator. You can find their contact details in the section „Information on the Data Controller“ in this privacy policy.
How do we collect your data?
On the one hand, your data is collected when you communicate it to us. This could, for example, be data you enter into a contact form.
Other data is collected automatically or after your consent by our IT systems when you visit the website. This primarily involves technical data (e.g., internet browser, operating system, or time of the page request). This data is collected automatically as soon as you enter this website.
What do we use your data for?
Part of the data is collected to ensure the error-free provision of the website. Other data can be used to analyse your user behaviour. If we use analytics or marketing tools, this is done solely on the basis of your explicit consent in accordance with Art. 6(1)(a) GDPR in conjunction with Section 25(1) TTDSG.
What rights do you have regarding your data?
You have the right at any time to receive information free of charge about the origin, recipient, and purpose of your stored personal data. You also have a right to request the rectification or erasure of this data. If you have given your consent to data processing, you can withdraw this consent at any time for the future. Furthermore, you have the right to request the restriction of the processing of your personal data under certain circumstances. You also have the right to lodge a complaint with the competent supervisory authority.
You can contact us at any time regarding this and other questions on the subject of data protection.
Analytics and Third-Party Tools
When you visit this website, your browsing behaviour can be statistically evaluated. This happens primarily with so-called analytics programmes. The use of these tools takes place exclusively on the basis of your consent (Art. 6(1)(a) GDPR, Section 25(1) TTDSG). You can withdraw your consent at any time via our cookie banner.
Detailed information about these analytics programmes can be found in the following privacy policy.
2. Hosting and Content Delivery Networks (CDN)
External Hosting
This website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster’s servers. This may primarily include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website access, and other data generated via a website.
The hoster is used for the purpose of fulfilling our contract with our potential and existing customers (Art. 6(1)(b) GDPR) and in the interest of a secure, fast, and efficient provision of our online services by a professional provider (Art. 6(1)(f) GDPR).
Our hoster will only process your data to the extent necessary to fulfil its performance obligations and will follow our instructions regarding this data.
We use the following hoster: sk.media Werbeagentur Gerberstraße 24 42899 Remscheid, Germany
Conclusion of a Data Processing Agreement
To ensure processing complies with data protection regulations, we have concluded a data processing agreement with our hoster.
3. General Information and Mandatory Information
Data Protection
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.
When you use this website, various personal data is collected. Personal data is data by which you can be personally identified. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this happens.
We would like to point out that data transmission over the internet (e.g., communication by email) can have security gaps. Complete protection of data against access by third parties is not possible.
Information on the Data Controller
The data controller responsible for data processing on this website is:
Sopp Industrie GmbH Gerberstr. 24 42899 Remscheid Germany Legally represented by its Managing Directors: Kevin Maar, Stephanie Peskov Telephone: +49 (0)2191-5670 Email: info@sopp.de
The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g., names, email addresses, etc.).
Storage Duration
Unless a more specific storage period has been specified within this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you assert a justified request for erasure or withdraw your consent to data processing, your data will be deleted, provided we have no other legally permissible reasons for storing your personal data (e.g., tax or commercial retention periods); in the latter case, the deletion takes place after these reasons cease to apply.
Statutory Data Protection Officer
We have appointed a data protection officer for our company.
Frank Peter Bechtle GmbH Systemhaus Solingen
Piepersberg 42
42653 Solingen,
Germany
Telephone: +49 (0)212 33900
Email: datenschutz@sopp.de
Information on Data Transfer to the USA and other Third Countries
Tools from companies based in the USA are integrated into our website. If these tools are active and data is transferred to the USA, we base these transfers on the EU-US Data Privacy Framework (DPF), which has been in force since 10 July 2023 and has been recognised by the EU Commission as providing an adequate level of data protection (adequacy decision pursuant to Art. 45 GDPR). US companies certified under the DPF (such as Google LLC, LinkedIn Corporation) are subject to strict data protection obligations. If a DPF certification is not available in individual cases, transfers are based on the standard contractual clauses of the EU Commission (Art. 46(2)(c) GDPR). Details can be found in the respective sections of this privacy policy.
Withdrawal of your Consent to Data Processing
Many data processing operations are only possible with your explicit consent. You can withdraw consent already given at any time. The lawfulness of the data processing carried out until the withdrawal remains unaffected by the withdrawal.
Right to Object to Data Collection in Special Cases and to Direct Marketing (Art. 21 GDPR)
IF DATA PROCESSING IS BASED ON ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR CONCERNED PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS, OR THE PROCESSING SERVES THE ESTABLISHMENT, EXERCISE, OR DEFENCE OF LEGAL CLAIMS (OBJECTION PURSUANT TO ART. 21(1) GDPR).
IF YOUR PERSONAL DATA IS PROCESSED FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH MARKETING; THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR THE PURPOSE OF DIRECT MARKETING (OBJECTION PURSUANT TO ART. 21(2) GDPR).
Right to Lodge a Complaint with the Competent Supervisory Authority
In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, their place of work, or the place of the alleged violation. The right to lodge a complaint is without prejudice to any other administrative or judicial remedies. For North Rhine-Westphalia, the competent supervisory authority is the State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia (LDI NRW), Kavalleriestr. 2–4, 40213 Düsseldorf, www.ldi.nrw.de.
Right to Data Portability
You have the right to have data that we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.
SSL and/or TLS Encryption
For security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognise an encrypted connection by the fact that the address line of the browser changes from „http://“ to „https://“ and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Access, Erasure, and Rectification
Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipients, and the purpose of data processing and, if applicable, a right to rectification or erasure of this data. You can contact us at any time regarding this and other questions on the subject of personal data.
Right to Restriction of Processing
You have the right to request the restriction of the processing of your personal data. You can contact us at any time for this purpose. The right to restriction of processing exists in the following cases:
If you dispute the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the review, you have the right to request the restriction of the processing of your personal data. If the processing of your personal data happened/is happening unlawfully, you can request the restriction of data processing instead of erasure. If we no longer need your personal data, but you need it to exercise, defend, or assert legal claims, you have the right to request the restriction of the processing of your personal data instead of erasure. If you have lodged an objection pursuant to Art. 21(1) GDPR, a balance must be struck between your interests and ours. As long as it is not yet clear whose interests prevail, you have the right to request the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, this data – apart from its storage – may only be processed with your consent or for the establishment, exercise, or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State.
Objection to Promotional Emails
The use of contact data published within the framework of the legal notice obligation to send unsolicited advertising and informational materials is hereby objected to. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as through spam emails.
Automated Individual Decision-Making, including Profiling
We do not make automated individual decisions, including profiling, which produce legal effects concerning you or similarly significantly affect you (Art. 22(1) GDPR). Insofar as we use analytics tools (e.g., Google Analytics), these serve exclusively for the statistical evaluation of user behaviour and do not lead to automated individual decisions.
4. Data Collection on this Website
Cookies
Our internet pages use so-called „cookies“. Cookies are small text files and do not cause any damage to your end device. They are either stored temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your end device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or they are automatically deleted by your web browser.
We distinguish between:
Technically necessary cookies: These are absolutely necessary for the operation of the website and are set without consent on the basis of Art. 6(1)(f) GDPR. Analytics and marketing cookies: These are only set if you have given your consent (Art. 6(1)(a) GDPR in conjunction with Section 25(1) TTDSG). You can withdraw or adjust your consent at any time via our cookie consent banner.
On the first level, we offer you an equal choice: „Accept“ / „Reject“ / „Settings“. You can change your decision at any time in the banner.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for specific cases or in general, and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.
Server Log Files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
Browser type and browser version
Operating system used
Referrer URL
Hostname of the accessing computer
Time of the server request
IP address
This data is not merged with other data sources.
Server log files are stored for 14 days. Longer retention only occurs on an incident-related basis (e.g., security incident).
The collection of this data takes place on the basis of Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimisation of its website – for this purpose, the server log files must be recorded.
Enquiries by Email, Telephone, or Facsimile
If you contact us by email, telephone, or facsimile, your enquiry, including all resulting personal data (name, enquiry), will be stored and processed by us for the purpose of processing your request. We do not pass this data on without your consent. The provision of personal data is necessary for processing your contact request; without it, we cannot answer the request.
The processing of this data is based on Art. 6(1)(b) GDPR, provided that your request is related to the fulfilment of a contract or is necessary for the performance of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR) if this has been requested.
The data you sent to us via contact requests will remain with us until you request us to delete it, withdraw your consent to storage, or the purpose for data storage no longer applies (e.g., after your request has been processed). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.
5. Analytics Tools and Advertising
Google Analytics
This website uses functions of the web analytics service Google Analytics. The provider is Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics enables the website operator to analyse the behaviour of website visitors. The website operator receives various usage data, such as page views, length of stay, operating systems used, and the user’s origin.
The use of Google Analytics occurs exclusively on the basis of your consent in accordance with Art. 6(1)(a) GDPR in conjunction with Section 25(1) TTDSG. Google Analytics is only activated if you have consented to its use via our cookie consent banner. You can withdraw your consent at any time with effect for the future.
Data transfer to the USA is based on the adequacy decision of the EU Commission regarding the EU-US Data Privacy Framework (DPF) of 10 July 2023, as Google LLC is certified under the DPF. Details: https://www.dataprivacyframework.gov/.
Browser Plugin
You can prevent Google from collecting and processing your data by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
More information on how Google Analytics handles user data can be found in Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.
Data Processing Agreement
We have concluded a data processing agreement with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
Storage Duration
Data stored at Google at user and event level that is linked to cookies, user identifiers (e.g., User ID), or advertising IDs (e.g., DoubleClick cookies, Android advertising ID) is anonymised or deleted after 14 months. Details can be found at the following link: https://support.google.com/analytics/answer/7667196?hl=de
WordPress Statistics
This website uses „WordPress Statistics“ to statistically evaluate visitor access. The provider is Automattic Inc., 60 29th Street #343, San Francisco, CA 94110-4929, USA.
WordPress Statistics uses technologies that enable the recognition of the user for the purpose of analysing user behaviour (e.g., cookies or device fingerprinting). For analysis, WordPress Statistics collects log files (referrer, IP address, browser, etc.), the origin of website visitors (country, city), and what actions they have taken on the page (e.g., clicks, views, downloads). The information collected in this way about the use of this website is stored on servers in the USA. Your IP address is anonymised after processing and before storage.
The use of WordPress Statistics takes place exclusively on the basis of your consent according to Art. 6(1)(a) GDPR in conjunction with Section 25(1) TTDSG. The tool is only activated if you have agreed via our cookie consent banner. You can withdraw your consent at any time.
Data transfer to the USA is based on the EU-US Data Privacy Framework (DPF), under which Automattic Inc. is certified.
Google Ads
The website operator uses Google Ads. Google Ads is an online advertising programme of Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Ads allows us to display advertisements in the Google search engine or on third-party websites when the user enters certain search terms on Google (keyword targeting). Furthermore, targeted advertisements can be displayed based on the user data available at Google (e.g., location data and interests) (audience targeting). As a website operator, we can evaluate this data quantitatively by analysing, for example, which search terms led to the display of our advertisements and how many advertisements led to corresponding clicks.
The use of Google Ads takes place exclusively on the basis of your consent according to Art. 6(1)(a) GDPR in conjunction with Section 25(1) TTDSG. Conversion tracking cookies are only set if you have given your consent.
Data transfer to the USA is based on the EU-US Data Privacy Framework (DPF), under which Google LLC is certified.
6. Plugins and Tools
Vimeo without Tracking (Do-Not-Track)
This website uses plugins from the video portal Vimeo. The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.
When you visit one of our pages equipped with a Vimeo video, a connection to the Vimeo servers is only established after your active consent (clicking on the video). Only then is the Vimeo server informed which of our pages you have visited, and your IP address is transmitted to Vimeo. We have configured Vimeo so that Vimeo does not track your user activities and does not set tracking cookies (Do-Not-Track mode). The integration of Vimeo videos occurs exclusively on the basis of your consent (Art. 6(1)(a) GDPR in conjunction with Section 25(1) TTDSG). We base the data transfer to the USA on standard contractual clauses of the EU Commission (Art. 46(2)(c) GDPR), as Vimeo Inc. is currently not certified under the EU-US Data Privacy Framework (DPF).
Further information on the handling of user data can be found in Vimeo’s privacy policy at: https://vimeo.com/privacy.
Google Web Fonts (Local Hosting)
This site uses so-called web fonts provided by Google for the uniform representation of fonts. The Google Fonts are installed locally. A connection to Google’s servers does not take place.
Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://policies.google.com/privacy?hl=en.
7. Own Services
Handling Applicant Data
We offer you the opportunity to apply to us (e.g., by email, post, or via online application form). Below, we inform you about the scope, purpose, and use of your personal data collected during the application process. We assure you that the collection, processing, and use of your data takes place in accordance with applicable data protection law and all other statutory provisions, and that your data will be treated in strict confidence.
Scope and Purpose of Data Collection
If you send us an application, we process your associated personal data (e.g., contact and communication data, application documents, notes taken during job interviews, etc.) insofar as this is necessary to decide on the establishment of an employment relationship. The legal basis for this is Section 26 of the German Federal Data Protection Act (BDSG) under German law (initiation of an employment relationship), Art. 6(1)(b) GDPR (general contract initiation) and – provided you have given your consent – Art. 6(1)(a) GDPR. The consent can be withdrawn at any time. Your personal data will only be passed on within our company to persons who are involved in processing your application. If the application is successful, the data you submitted will be stored in our data processing systems on the basis of Section 26 BDSG and Art. 6(1)(b) GDPR for the purpose of carrying out the employment relationship.
Retention Period of the Data
If we cannot offer you a job, if you reject a job offer, or if you withdraw your application, we reserve the right to retain the data you submitted on the basis of our legitimate interests (Art. 6(1)(f) GDPR) for up to 6 months from the end of the application process (rejection or withdrawal of the application). Afterwards, the data is deleted, and the physical application documents are destroyed. The retention serves in particular for evidence purposes in the event of a legal dispute. If it is apparent that the data will be required after the 6-month period has expired (e.g., due to an impending or pending legal dispute), deletion will only take place when the purpose for further retention no longer applies. Longer retention may also take place if you have given corresponding consent (Art. 6(1)(a) GDPR) or if statutory retention obligations prevent deletion.
Inclusion in the Applicant Pool
If we do not make you a job offer, it may be possible to include you in our applicant pool. In the event of inclusion, all documents and details from the application will be transferred to the applicant pool in order to contact you in the event of suitable vacancies.
Inclusion in the applicant pool occurs solely on the basis of your explicit consent (Art. 6(1)(a) GDPR). The granting of consent is voluntary and has no connection to the ongoing application procedure. The data subject can withdraw their consent at any time. In this case, the data from the applicant pool will be irrevocably deleted, provided there are no statutory reasons for retention.
The data from the applicant pool will be irrevocably deleted no later than two years after consent has been given.
8. Our Social Media Presences
Data Processing by Social Networks
We maintain a publicly accessible corporate presence on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.
When you visit our LinkedIn profile, personal data is processed by LinkedIn and possibly also by us. We point out that LinkedIn can analyse your user behaviour when using its services, employing cookies or similar technologies among other things, regardless of whether you have your own account with LinkedIn or are logged in there.
If you have a LinkedIn user account, information can be assigned to your personal profile on LinkedIn. The processing of personal data by LinkedIn takes place on the basis of LinkedIn’s privacy policy and terms of use. For details, please refer to LinkedIn’s privacy policy.
We use LinkedIn for the purposes of external presentation and communication. The legal basis for the processing of this data is our legitimate interest in informing and interacting with users in accordance with Art. 6(1)(f) GDPR. The analytics and advertising processes initiated by LinkedIn may partly be based on divergent legal bases to be determined by LinkedIn.
We are jointly responsible with LinkedIn for the data collected on our LinkedIn company page within the meaning of Art. 26 GDPR. You can generally assert your data subject rights (e.g., access, erasure, objection) both against us and against LinkedIn. We do not have complete influence over the further processing of your data by LinkedIn itself; therefore, we recommend contacting LinkedIn directly if you have any questions relating to data protection law.
Data that you provide to us directly via LinkedIn (e.g., by direct message) is processed exclusively to answer your request and to communicate with you. This data will be deleted as soon as the purpose of processing ceases to apply, provided there are no opposing statutory retention obligations.
Data transfer to the USA at LinkedIn is based on the EU-US Data Privacy Framework (DPF), under which the LinkedIn Corporation is certified.
If you wish to deactivate LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Further information on the handling of your personal data can be found in LinkedIn’s privacy policy: https://www.linkedin.com/legal/privacy-policy.
Status: March 2026