For Steinmeyer Mechatronik GmbH ("Steinmeyer Mechatronik", "we", "us"), the protection of personal data is of utmost importance. In addition to complying with the statutory provisions on data protection as a matter of course, we would like to commit ourselves to the responsible handling of your data with this information.

With the following data protection information, we would like to inform you about the basis on which and the purposes for which we process personal data that we collect from you via this website or that you make available to us.

This data protection declaration is to be regarded as part of the offer of our website. If sections or individual terms of this statement are not legal or correct, the content or validity of the other parts remain uninfluenced by this fact. If we decide to change our privacy policy, we will post the changes appropriately on our website and notify you by email to the extent we are required to do so by applicable data protection laws.

We encourage all parents and guardians to instruct their children in the safe and responsible use of personal information on the Internet. Children should not submit any personal data to our website without the consent of their parents or guardians. We assure that we will not knowingly collect personal data from children, use it in any way or disclose it to third parties without authorization.

We would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. A complete protection of data against access by third parties is not possible.

[Status is August 2022]

1              General notes and mandatory information

1.1       Who is responsible for data processing and whom can I contact?

Responsible within the meaning of the General Data Protection Regulation (DSGVO) is

Steinmeyer Mechatronik GmbH

Fritz-Schreiter-Str. 32
01259 Dresden

Phone:                +49 (0)351 88585-0
Mail:           mechatronik(at)steinmeyer.com

You can reach our data protection officer at

dsb(at)te-site.de or under the aforementioned contact details with the addition of "the data protection officer".

1.2       What are personal data?

Personal data is any information relating to an identified or identifiable natural person. An identifiable person is a natural person who can be identified directly or indirectly, in particular by means of assignment to an identifier such as a name, customer number, location data, an online identifier or with regard to special characteristics. This includes, for example, information that you provide to us when using our contact form, including your name, possibly your telephone number, your address. This does not include purely statistical data that we collect when you visit our website, as we cannot link this to you personally.

1.3       Information on data transfer to "third countries" (e.g. the USA)

Among other things, tools/plugins/content from companies based in the USA are integrated on our website. If these are active, your personal data may be passed on to the US servers of the respective companies. We would like to point out that the USA is not a safe third country in the sense of EU data protection law. US companies are obliged to hand over personal data to security authorities without you as a data subject being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g. intelligence services) process, evaluate and permanently store your data located on US servers for monitoring purposes. We have no influence on these processing activities.

If we process data in a third country (i.e., outside the European Union (EU), the European Economic Area (EEA)) or the processing takes place in the context of using third-party services or disclosing or transferring data to other persons, entities or companies, this will only be done in accordance with legal requirements. Subject to express consent or contractually or legally required transfer, we only process or have data processed in third countries with a recognized level of data protection, contractual obligation through so-called standard protection clauses of the EU Commission, in the presence of certifications or binding internal data protection regulations (Art. 44 to 49 DSGVO, information page of the EU Commission: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu_de).

1.4       Your rights

Many data processing operations are only possible with your explicit consent. You can revoke consent you have already given at any time. For this purpose, an informal communication, e.g. by e-mail to us, is sufficient. You can find the contact details in the imprint or in this privacy policy under point 1.1.The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to object to data collection in special cases and to direct advertising (Art. 21 DSGVO)

If the data processing is carried out on the basis of Art. 6 (1) lit. e or f DSGVO, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation; this also applies to profiling based on these provisions. For this purpose, an informal communication by e-mail to us is sufficient.The respective legal basis on which processing is based can be found in this privacy policy. If you object, we will no longer process your personal data concerned unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims (objection under Article 21(1) DSGVO).

If your personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling, insofar as it is associated with such direct marketing. If you object, your personal data will subsequently no longer be used for the purpose of direct marketing (objection pursuant to Art. 21 (2) DSGVO).

Right of access (Art. 15 DSGVO), rectification (Art. 16 DSGVO), deletion (Art. 17 DSGVO)

Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of data processing and, if necessary, a right to correction or deletion of this data.For this purpose, as well as for further questions on the subject of data protection, you can contact us at any time. You can find the contact details in the imprint or in this data protection declaration under point 1.1.

Right to restriction of processing (right to blocking, Art. 18 DSGVO)

You have the right to request the restriction of the processing of your personal data. For this purpose, as well as for further questions on the subject of data protection, you can contact us at any time. You can find the contact details in the imprint or in this privacy policy under point 1.1.The right to restriction of processing exists in the following cases:

• If you dispute the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the review, you have the right to request the restriction of the processing of your personal data. If the processing of your personal data happened/is happening unlawfully, you can request the restriction of data processing instead of deletion.
• If we no longer need your personal data, but you need it to exercise, defend or assert legal claims, you have the right to request restriction of the processing of your personal data instead of erasure.
• If you have lodged an objection pursuant to Art. 21 (1) DSGVO, a balancing of your and our interests must be carried out. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.
• If you have restricted the processing of your personal data, this data may - apart from being stored - only be processed with your consent or for the assertion, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the European Union or a Member State.

Right to data portability (according to Art. 20 DSGVO)

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another responsible party, this will only be done insofar as it is technically feasible. In this regard, as well as for further questions on the subject of data protection, you can contact us at any time. You can find the contact details in the imprint or in this data protection declaration under point 1.1.

Right of appeal to the competent supervisory authority (according to Art. 77 DSGVO)

In the event of violations of the GDPR, data subjects have a right of appeal to a supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place of the alleged violation. The right of appeal is without prejudice to other administrative or judicial remedies.
An overview of the supervisory authorities of Germany can be found at: https://www.datenschutzkonferenz-online.de/datenschutzaufsichtsbehoerden.html.

1.5       Applicable legal bases

In the following, we share the legal bases of the General Data Protection Regulation (DSGVO) on the basis of which we process personal data. Please note that in addition to the regulations of the DSGVO, the national data protection regulations in your or our country of residence and domicile may apply. Furthermore, should more specific legal bases be relevant in individual cases, we will inform you of these in the data protection declaration.

Consent (Art. 6 Abs. 1 lit. a DSGVO)

The data subject has given his/her consent to the processing of personal data relating to him/her for a specific purpose or purposes.

Contract performance and pre-contractual inquiries (Art. 6 Abs. 1 lit. b DSGVO)

The processing is necessary for the performance of a contract to which the data subject is party or for the implementation of pre-contractual measures taken at the request of the data subject.

Legal obligation (Art. 6 Abs. 1 lit. c. DSGVO)

Processing is necessary for compliance with a legal obligation to which the controller is subject.

Legitimate interests (Art. 6 Abs. 1 lit. f. DSGVO)

Processing is necessary for the purposes of the legitimate interests of the controller or a third party, unless such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data.

1.6       Purposes of the processing

• Provision of the online offer, its functions and contents.
• Provision of contractual services, service and customer care.
• Answering contact requests and communication with users.
• Security.

1.7       Types of data processed

• Inventory data (e.g. customer master data, such as names, addresses)
• Contact data (e.g. e-mail, telephone numbers)
• Content data (e.g. text entries, photographs, videos)
• Contract data (e.g. subject matter of contract, term, customer category)
• Usage data (e.g. websites visited, access times, browser used)
• Meta/communication data (e.g. device information, IP addresses)

1.8       Categories of affected persons

• Users (e.g., website visitors, users of online services)
• Communication partners
• Employees
• Customers
• Interested parties
• Business partners.

1.9       Cooperation with processors and third parties

Insofar as we disclose data to other persons and companies (order processors or third parties) in the course of our processing, transmit it to them or otherwise grant them access to the data, this shall only be done on the basis of a legal permission (e.g. if a transmission of the data to third parties, such as to payment service providers, is necessary for the performance of the contract pursuant to Art. 6 (1) lit. b DSGVO), you have consented, a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.).

If we commission third parties with the processing of data on the basis of a so-called "order processing agreement", this is done on the basis of Art. 28 DSGVO.

1.10  Deletion of data and information on the storage period

The data processed by us will be deleted or restricted in its processing in accordance with Articles 17 and 18 DSGVO. Unless expressly stated within the scope of this data protection declaration, the data stored by us will be deleted as soon as they are no longer required for their intended purpose and the deletion does not conflict with any statutory retention obligations.

If the data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted. That is, the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law.

According to legal requirements in Germany, data is stored in particular for 10 years in accordance with §§ 147 para. 1 AO, 257 para. 1 nos. 1 and 4, para. 4 HGB (books, records, management reports, accounting vouchers, commercial books, documents relevant for taxation, etc.) and 6 years in accordance with § 257 para. 1 nos. 2 and 3, para. 4 HGB (commercial letters).

1.11  Automated decision according to Art. 22 Abs. 1,4 DSGVO (so-called profiling).

No automated decision is made by us.

1.12  Security measures

We take appropriate technical and organizational measures to ensure a level of protection appropriate to the risk in accordance with Article 32 of the GDPR, taking into account the state of the art, the costs of implementation and the nature, scope, circumstances and purposes of the processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons.

The measures include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical access to the data, as well as access to, entry into, disclosure of, assurance of availability of and segregation of the data. Furthermore, we have established procedures to ensure the exercise of data subjects' rights, deletion of data, and response to data compromise. Furthermore, we already take the protection of personal data into account during the development or selection of hardware, software and procedures, in accordance with the principle of data protection through technology design and through data protection-friendly default settings (Art. 25 DSGVO).

Therefore, for security reasons and to protect the transmission of confidential content, such as requests that you send to us, our site uses the latest transport encryption of the HTTPS communication protocol that your browser supports.

You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the "lock symbol" in your browser line. If this encryption is activated, the data you transmit to us cannot be read by third parties.

2              External hosting

This website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster's servers. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, contractual data, contact details, names, website accesses and other data generated via a website.The hoster is used for the purpose of fulfilling contracts with our potential and existing customers (Art. 6 para. 1 lit. b DSGVO) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f DSGVO).Our hoster will only process your data to the extent necessary to fulfill its service obligations and follow our instructions regarding this data.We use the following hoster:

Host Europe GmbH

Hansestrasse 111
51149 Köln

Conclusion of a contract on order processing:To ensure data protection-compliant processing, we have concluded an order processing contract with our hoster.

3              Data collection on our website

3.1       Cookies

On our online offer we use so-called "cookies". Cookies are small text files and do not cause any damage to your end device. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your end device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or until they are automatically deleted by your web browser.

In some cases, cookies from third-party companies may also be stored on your terminal device when you enter our site (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. cookies for processing payment services). Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies are used to evaluate user behavior or display advertising.

Cookies that are necessary to carry out the electronic communication process (necessary cookies) or to provide certain functions that you have requested (functional cookies, e.g. for the shopping cart function) or to optimize the website (e.g. cookies to measure the web audience) are stored on the basis of Art. 6 (1) lit. f DSGVO, unless another legal basis is specified. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies has been requested, the relevant cookies will be stored exclusively on the basis of this consent (Art. 6 para. 1 lit. a DSGVO); consent can be revoked at any time.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. You can find out how to delete cookies in the most common browsers and change the cookie settings here, among other things:

• Google Chrome:                               Direct link of the provider
• Mozilla Firefox:                                 Direct link of the provider
• Apple Safari:                                     https://support.apple.com/de-de/guide/safari/sfri11471/macDirect link of the provider
• MS Internet Explorer / Edge:            Direct link of the provider

A general objection to the use of cookies for online marketing purposes can be declared for a large number of services, especially in the case of tracking, via the U.S. site www.aboutads.info/choices/ or the EU site www.youronlinechoices.com. If cookies are deactivated, the functionality of this website may be limited.Insofar as cookies are used by third-party companies or for analysis purposes, we will inform you separately about this within the framework of this data protection declaration and, if necessary, request your consent.

3.2       Cookie consent with our cookie consent technology

Our website uses its own consent cookie technology to obtain your consent to store certain cookies in your browser and to document this in accordance with data protection law. The provider of this technology is the owner of this website.When you enter our website, a consent cookie is stored in your browser, in which the consents you have given or the revocation of these consents are stored. This collected data is stored exclusively by us until you request us to delete it or delete the consent cookie yourself, or until the purpose for storing the data no longer applies. The duration of the consent cookie is 1 year. Mandatory legal retention periods remain unaffected.Our consent cookie technology is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 Abs. 1 lit. c DSGVO.

You would like to change the cookie settings?

3.3       Server-Log-Files

The hoster of the pages automatically collects and stores information in so-called server log files  (https://www.hosteurope.de/faq/webhosting/webhosting-logfiles/logfiles-einsehen-und-aendern/), which your browser automatically transmits to us.

This data is not merged with other data sources.

Which technologies does the hoster use to collect the data?
The data is determined either by a pixel or by a log file. Cookies are not used to protect personal data.

The visitor's IP is transmitted during the transmission of a page request, anonymized directly after the transmission and processed without personal reference.

What data does the hoster store from visitors to our website?
The hoster does not store any personal data of website visitors, so that no conclusions can be drawn about individual visitors.

The following data is collected:

- Referrer (previously visited website)- Requested web page or file- Browser type and version- Operating system used- Type of device used- Date and time of access- IP address in anonymized form (only used to determine the location of the access)For what purpose is the data collected?In WebAnalytics, data is collected exclusively for statistical evaluation and technical optimization of the web offer.Is data passed on to third parties?No data is passed on to third parties.

3.4       Contact form

If you send us inquiries via the contact form, your data from the inquiry form, including the contact data you provided there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not pass on this data without your consent.

The processing of the data entered in the contact form is therefore based exclusively on your consent (Art. 6 Abs. 1 lit. a DSGVO). You can revoke this consent at any time. For this purpose, an informal communication by e-mail to us is sufficient. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.

The data you entered in the contact form will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after we have completed processing your request). Mandatory legal provisions - in particular retention periods - remain unaffected.

3.5       Request by e-mail, telephone or fax

If you contact us by e-mail, telephone or fax, your contact request including all resulting personal data (e.g. name, e-mail, telephone number, request reason "subject") will be stored and processed by us for the purpose of processing your request. We do not pass on this data without your consent.

The processing of this data is based on Art. 6 (1) lit. b DSGVO, if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on your consent (Art. 6 (1) (a) DSGVO) and/or on our legitimate interests (Art. 6 (1) (f) DSGVO), as we have a legitimate interest in the effective processing of requests addressed to us.

The data you send to us via contact requests will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after we have completed processing your request). Mandatory legal provisions - in particular legal retention periods - remain unaffected.

3.6       Processing of contractual data (customers, suppliers, partners, etc.)

We collect, process and use personal data only to the extent that they are necessary for the establishment, content or modification of the legal relationship (inventory data). This is done on the basis of Art. 6 (1) lit. b DSGVO, which permits the processing of data for the performance of a contract or pre-contractual measures. We collect, process and use personal data about the use of our online offer (usage data) only to the extent necessary to enable the user to use the service or to bill the user.

The collected customer data is deleted after completion of the order or termination of the business relationship. Legal retention periods remain unaffected.

In addition to this website-specific data protection information, the data protection information in accordance with the EU General Data Protection Regulation also applies: Information requirements for customers.

3.7       Applications

We offer you the opportunity to apply to us (e.g. by e-mail or post). In the following, we inform you about the scope, purpose and use of your personal data collected as part of the application process. We assure you that the collection, processing and use of your data will be carried out in accordance with applicable data protection law and all other statutory provisions and that your data will be treated in strict confidence.Scope and purpose of data collectionWhen you send us an application, we process your associated personal data (e.g. contact and communication data, application documents, notes taken during interviews, etc.) to the extent necessary to decide whether to establish an employment relationship. The legal basis for this is Section 26 BDSG-neu under German law (initiation of an employment relationship), Art. 6 (1) lit. b DSGVO (general contract initiation) and - if you have given your consent - Art. 6 (1) lit. a DSGVO. The consent can be revoked at any time. Your personal data will only be passed on within our company to persons involved in processing your application.If the application is successful, the data submitted by you will be stored in our data processing systems on the basis of Section 26 BDSG-neu and Art. 6 (1) lit. b DSGVO for the purpose of implementing the employment relationship.

Retention period of the data

If we are unable to make you a job offer, you reject a job offer, withdraw your application, revoke your consent to data processing or request us to delete the data, the data you have submitted, including any remaining physical application documents, will be stored or retained (retention period) for a maximum of 6 months after completion of the application process in order to be able to trace the details of the application process in the event of discrepancies (Art. 6 (1) f DSGVO).

You can object to this storage if there are legitimate interests on your part that outweigh our interests.

After expiry of the retention period, the data will be deleted, unless there is a legal obligation to retain the data or another legal reason for further storage. If it is apparent that it will be necessary to retain your data after the retention period has expired (e.g. due to an impending or pending legal dispute), the data will not be deleted until it has become irrelevant. Other statutory retention obligations remain unaffected.

In addition to this website-specific data protection information, the data protection information pursuant to the EU General Data Protection Regulation also applies: Information requirements for applicants.

4              Analyse-Tools und Werbung

4.1       Google Analytics 4

Insofar as you have given your consent, this website uses Google Analytics 4, a web analytics service provided by Google LLC. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland (parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA).

Website: marketingplatform.google.com; Privacy policy: policies.google.com/privacy; Order processing agreement:
business.safety.google/adsprocessorterms; Other information: Terms of use: marketingplatform.google.com/about/analytics/terms/de/;Types of processing as well as data processed: privacy.google.com/businesses/adsservices; Data processing terms for Google advertising products and standard contractual clauses for third country transfers of data: https://business.safety.google/adsprocessorterms.

Scope of processing

Google Analytics uses cookies that enable an analysis of your use of our websites. The information collected by means of the cookies about your use of this website is usually transferred to a Google server in the USA and stored there.

We use the User ID function. With the help of the User ID, we can assign a unique, permanent ID to one or more sessions (and the activities within these sessions) and analyze user behavior across devices.

During your website visit, your user behavior is recorded in the form of "events". Events may include:
- Page views
- First visit to the website
- Start of session
- Your "click path", interaction with the website
- Scrolls (whenever a user scrolls to the bottom of the page (90%))
- clicks on external links
- internal search queries
- interaction with videos
- file downloads
- seen / clicked ads
- language settings

Also recorded:
- file downloads
- viewed / clicked ads
- language setting

Purposes of processing

On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, and compiling reports on website activity. The reports provided by Google Analytics are used to analyze the performance of our website and the success of our marketing campaigns.IP anonymizationGoogle Analytics 4 has IP anonymization enabled by default. Due to IP anonymization, your IP address will be truncated by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. According to Google, the IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.Recipient

·                Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland (als Auftragsverarbeiter nach Art. 28 DSGVO)

·                Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA

·                Alphabet Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA

It cannot be ruled out that U.S. authorities will access the data stored by Google.

Third country transfer

Insofar as data is processed outside the EU/EEA and there is no level of data protection corresponding to the European standard, we have concluded EU standard contractual clauses with the service provider to establish an appropriate level of data protection. The parent company of Google Ireland, Google LLC, is based in California, USA. A transfer of data to the USA and access by US authorities to the data stored by Google cannot be ruled out. The USA is currently considered a third country from a data protection perspective. You do not have the same rights there as within the EU/EEA. You may not be entitled to any legal remedies against access by authorities.

Order processing
We have concluded an order processing agreement with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

Storage period
The data sent by us and linked to cookies are automatically deleted after 14 months. The deletion of data whose retention period has been reached takes place automatically once a month.

Legal basis
The legal basis for this data processing is your consent according to Art.6 Abs.1 S.1 lit.a DSGVO [if relevant: Art. 49a DSGVO].

Revocation

You can revoke your consent at any time with effect for the future by calling up the cookie settings in our cookie consent technology and changing your selection there. The lawfulness of the processing carried out on the basis of the consent until the revocation remains unaffected.

You can also prevent the storage of cookies from the outset by setting your browser software accordingly. However, if you configure your browser to reject all cookies, this may result in a restriction of functionalities on this and other websites. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by

a) not giving your consent to the setting of the cookie or

b) using the browser add-on to disable Google Analytics HERE

4.2       Google-Re/Marketing-Services (e.g. Google Ads, Conversations & DoubleClick)

We use the marketing and remarketing services (in short "Google marketing services"). The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland (parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA).Website: marketingplatform.google.com; Privacy policy: policies.google.com/privacy; Order processing agreement:https://business.safety.google/adsprocessorterms; Further information: Types of processing as well as data processed: privacy.google.com/businesses/adsservices; Data processing terms for Google advertising products and standard contractual clauses for third country transfers of data: business.safety.google/adsprocessorterms.Scope and purposes of processing

Google's marketing services allow us to display advertisements for and on our website in a more targeted manner in order to present users only with ads that potentially match their interests. If, for example, a user is shown ads for products he or she was interested in on other websites, this is referred to as "remarketing".

For these purposes, when our website and other websites on which Google marketing services are active are called up, a code is executed directly by Google and so-called (re)marketing tags (invisible graphics or code, also known as "web beacons") are integrated into the website. With their help, an individual cookie, i.e. a small file, is stored on the user's device (comparable technologies can also be used instead of cookies). The cookies can be set by various domains, including google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com or googleadservices.com. This file records which web pages the user has visited, which content the user is interested in and which offers the user has clicked on, as well as technical information about the browser and operating system, referring web pages, time of visit and other information about the use of the online offer.

IP anonymization
The IP address of the user is also recorded, whereby we inform Google Analytics that the IP address is truncated within Member States of the European Union or in other contracting states to the Agreement on the European Economic Area and only in exceptional cases is transferred in full to a Google server in the USA and truncated there. The IP address is not merged with user data within other Google offerings.

The aforementioned information may also be linked on the part of Google with such information from other sources. If the user subsequently visits other websites, he can be shown ads tailored to his interests.

The user's data is processed pseudonymously as part of Google's marketing services. This means that Google does not store and process the name or e-mail address of the user, for example, but processes the relevant data on a cookie basis within pseudonymous user profiles. This means that from Google's perspective, the ads are not managed and displayed for a specifically identified person, but for the cookie holder, regardless of who this cookie holder is. This does not apply if a user has expressly allowed Google to process the data without this pseudonymization. The information collected by Google marketing services about users is transmitted to Google and stored on Google's servers in the USA.

The Google marketing services we use include the online advertising program "Google Ads". In the case of Google Ads, each Ads customer receives a different "conversion cookie". Cookies can therefore not be tracked across Ads customers' websites. The information obtained using the cookie is used to generate conversion statistics for Ads customers who have opted in to conversion tracking. Ads customers learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive information that personally identifies users.

Recipient

Recipients of the data are/may ben

·                Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland (as processor according to Art. 28 DSGVO)

·                Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA

·                Alphabet Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA

It cannot be ruled out that US authorities access the data stored by Google.

Third country transfer
Insofar as data is processed outside the EU/EEA and there is no level of data protection corresponding to the European standard, we have concluded EU standard contractual clauses with the service provider to establish an appropriate level of data protection. The parent company of Google Ireland, Google LLC, is based in California, USA. A transfer of data to the USA and access by US authorities to the data stored by Google cannot be ruled out. The USA is currently considered a third country from a data protection perspective. You do not have the same rights there as within the EU/EEA. You may not be entitled to any legal remedies against access by authorities.

Order processing
We have concluded an order processing agreement with Google and fully implement the strict requirements of the German data protection authorities when using Google marketing services.

Storage period
Data stored by Google at user and event level that is linked to cookies, user identifiers (e.g. User ID) or advertising IDs (e.g. DoubleClick cookies, Android advertising ID) is anonymized or deleted after 14 months. Details on this can be found under the following link: https://support.google.com/analytics/answer/7667196?hl=de.

Legal basis
The legal basis for this data processing is your consent according to Art.6 Abs.1 S.1 lit.a DSGVO [if relevant: Art. 49a DSGVO].

Revocation
You can revoke your consent at any time with effect for the future by calling up the cookie settings in our cookie consent technology and changing your selection there. The lawfulness of the processing carried out on the basis of the consent until the revocation remains unaffected.

You can also prevent the storage of cookies from the outset by setting your browser software accordingly. However, if you configure your browser to reject all cookies, this may result in a restriction of functionalities on this and other websites. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by

a) not giving your consent to the setting of the cookie or

b) If you wish to object to interest-based advertising by Google marketing services, you can use the settings and opt-out options provided by Google: http://www.google.com/ads/preferences.

4.3       Newsletter

With your consent, you can subscribe to our newsletter, with which we inform you about our current offers. The advertised goods and services are named in the declaration of consent.

For the registration to our newsletter we use the so-called double-opt-in procedure. This means that after your registration we will send you an e-mail to the e-mail address you provided, in which we ask you to confirm that you wish to receive the newsletter. If you do not confirm your registration within 24 hours, your information will be blocked and automatically deleted after one month. In addition, we store your respective IP addresses used and times of registration and confirmation. The purpose of this procedure is to be able to prove your registration and, if necessary, to clarify a possible misuse of your personal data.

The only mandatory information for sending the newsletter is your e-mail address. The provision of further, separately marked data is voluntary and will be used to address you personally. After your confirmation, we store your e-mail address for the purpose of sending the newsletter. The legal basis is consent according to Art. 6 Abs. 1 lit. a DSGVO.

You can revoke your consent to receive the newsletter and unsubscribe at any time. You can declare the revocation by clicking on the link provided in every newsletter e-mail, via this form on the website, by e-mail to mechatronik(at)steinmeyer.com or by sending a message to the contact details provided in the imprint.

We use the following service provider for the newsletter software:

Sendinblue GmbH

Köpenicker Straße 126
10179 Berlin

E-Mail: support(at)sendinblue.com

Data protection overview: https://de.sendinblue.com/datenschutz-uebersicht/

Conclusion of a contract on order processing:
To ensure data protection-compliant processing, we have concluded an order processing contract with our newsletter service provider. The service provider is a German certified provider, which was selected according to the requirements of the General Data Protection Regulation and the Federal Data Protection Act.

5              Integration of third-party plugins and content on this website

We integrate functional and content elements into our online offer that are obtained from the servers of their respective providers (hereinafter referred to as "third-party providers"). These can be, for example, graphics, videos or city maps (hereinafter uniformly referred to as "content").The integration always requires that the third-party providers of this content process the IP address of the user, since without the IP address they could not send the content to their browser. The IP address is thus required for the presentation of these contents or functions. We strive to use only such content whose respective providers use the IP address only for the delivery of the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. The "pixel tags" can be used to analyze information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may contain, among other things, technical information about the browser and operating system, referring websites, time of visit and other information about the use of our online offer as well as be linked to such information from other sources.

If we ask users for their consent to use the third-party providers, the legal basis for processing data is consent. Otherwise, the users' data is processed on the basis of our legitimate interests (i.e. interest in efficient, economical and recipient-friendly services). In this context, we would also like to refer you to the information on the use of cookies in this Data Protection Declaration.

Types of data processed
Inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. entries in online forms), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).

Data subjects: Users (e.g. website visitors, users of online services).

Purposes of processing: provision of our online offer and user-friendliness; provision of contractual services and customer service; marketing; profiling with user-related information (creating user profiles); feedback (e.g. collecting feedback via online form).

Legal basis: Consent(Art. 6 Abs. 1 lit. a DSGVO); Contract performance and pre-contractual inquiries (Art. 6 Abs. 1 lit. b DSGVO); Legitimate interests (Art. 6 Abs. 1 lit. f DSGVO).

5.1       Google Maps

We integrate the maps of the service "Google Maps" of the provider Google. The data processed may include, in particular, IP addresses and location data of the users, which, however, are not collected without their consent (usually executed in the context of the settings of their mobile devices); service provider: Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland (parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA).

Website: cloud.google.com/maps-platform; Data protection declaration: policies.google.com/privacy; Opt-out: Opt-Out-Plugin: tools.google.com/dlpage/gaoptout, Settings for the display of advertisements: https://adssettings.google.com/authenticated.

5.2       LinkedIn-plugins and content

LinkedIn Plugins and Content- This may include, for example, content such as images, videos or text and buttons that allow users to share content from this online offering within LinkedIn;

Service Provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Website: www.linkedin.com; Data protection declaration: www.linkedin.com/legal/privacy-policy; Standard contractual clauses (guaranteeing the level of data protection for processing in third countries): legal.linkedin.com/dpa; Opt-out option: www.linkedin.com/psettings/guest-controls/retargeting-opt-out; Order processing contract: https://legal.linkedin.com/dpa.

5.3       Xing plugins and buttons

Xing plugins and buttons - These may include, for example, content such as images, videos or texts and buttons with which users can share content from this online offering within Xing;

Service provider: XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany; Website: www.xing.com; Data protection declaration: https://privacy.xing.com/de/datenschutzerklaerung.

5.4       YouTube-plugins and content

Video content; service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) Website: www.youtube.com; Data protection declaration: policies.google.com/privacy; Opt-out: Opt-Out-Plugin: tools.google.com/dlpage/gaoptout, Settings for the display of advertisements: https://adssettings.google.com/authenticated.

6              Presence in social networks (social media)

We maintain online presences within social networks and process user data in this context in order to communicate with users active there or to offer information about us.

We would like to point out that user data may be processed outside the European Union. This may result in risks for the users because, for example, it could make it more difficult to enforce the rights of the users.

Furthermore, user data is usually processed within social networks for market research and advertising purposes. For example, usage profiles can be created based on the usage behavior and resulting interests of the users. The usage profiles can in turn be used, for example, to place advertisements within and outside the networks that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the users' computers, in which the usage behavior and interests of the users are stored. Furthermore, data independent of the devices used by the users may also be stored in the usage profiles (especially if the users are members of the respective platforms and are logged in to them).

For a detailed presentation of the respective forms of processing and the options to object (opt-out), we refer to the data protection declarations and information provided by the operators of the respective networks.

In the case of requests for information and the assertion of data subject rights, we would also like to point out that these can be asserted most effectively with the providers. Only the providers have access to the users' data and can take appropriate measures and provide information directly. If you still need assistance, you can contact us.

Types of data processed: inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. entries in online forms), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).

Data subjects: Users (e.g., website visitors, users of online services).

Purposes of processing: contact requests and communication, tracking (e.g. interest/behavioral profiling, use of cookies), remarketing, reach measurement (e.g. access statistics, recognition of returning visitors).

Legal basis: Legitimate interests (Art. 6 Abs. 1 lit. f. DSGVO).

6.1       LinkedIn

Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Website: www.linkedin.com; Data protection declaration: www.linkedin.com/legal/privacy-policy; Standard contractual clauses (ensuring level of data protection for processing in third countries): legal.linkedin.com/dpa; Opt-out: www.linkedin.com/psettings/guest-controls/retargeting-opt-out; Order processing contract: https://legal.linkedin.com/dpa.

6.2       Xing

Service provider: XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany; Website: www.xing.com; Data protection declaration: privacy.xing.com/de/datenschutzerklaerung.

6.3       YouTube

Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA); Website: www.youtube.com; Data protection declaration: policies.google.com/privacy; Opt-out: Opt-Out-Plugin: tools.google.com/dlpage/gaoptout, Settings for the display of advertisements: adssettings.google.com/authenticated.