Phone
Thank you for your interest in our company and products. Data protection is of particular importance for the management of STP Informationstechnologie Schweiz AG. We don't require any personal data for browsing our web pages. However, if you wish to reach us out, or to use some of our services via this website, we may require you to provide and to process your data. If that is the case, we will always ask for your prior and explicit consent. We use your data (e.g., name; address; email address; phone number; and other) strictly in compliance with the General Data Protection Regulation (hereinafter: the GDPR), We always process personal data (including, without limitation, name, address, email address or telephone number, and other) in full compliance with the GDPR and applicable country-specific data protection regulations. Through this privacy policy, we inform the public about 1) the nature, scope, and purpose of the personal information we collect, use and process; and 2) their rights under this privacy policy. STP Informationstechnologie Schweiz AG, as the controller, has implemented numerous technical and organizational measures to ensure the complete protection possible for personal data processed via this website. Nevertheless, Internet-based data transmissions can, in principle, have security gaps, so that absolute protection can not be guaranteed. For this reason, every person concerned is free to submit personal data to us by alternative means, for example, by telephone.
We (STP Informationstechnologie Schweiz AG) base our privacy policy on the terminology used by the European directive and regulatory authority that introduced of the GDPR (aka, DS-GVO). Our privacy policy should be easy to read and understand, both for the public and for our customers and business partners. To ensure this, we would like to explain the terminology used.
Among others, we use the following terms in this privacy policy:
Personal data: Personal data means any information relating to an identified or identifiable natural person (hereinafter: the "data subject"). A natural person is considered to be identifiable if, directly or indirectly, it can be related to a certain identifier. Such identifiers are, without limitation, name, an identification number, location data, online identifier, or one or more special features, such as the physical, physiological, genetic, mental, economic, cultural or social traits;The affected person: The affected person is any identified or identifiable natural person whose personal data is processed by the controller;
Processing: Processing means any process or series of operations related to personal data, such as collecting, capturing, organizing, storing, adapting or modifying, reading, querying, using, with or without the aid of automated procedures; disclosure through submission, dissemination or any other form of provision, reconciliation or association, restriction, deletion or destruction; Restriction of processing: Restriction of processing represents marking stored personal data to limit their future processing;
Profiling: Profiling is any automated processing of personal data that involves the use of such personal information to evaluate certain personal aspects relating to a natural person, and in particular, without limitation, aspects relating to: job performance; economic situation; health; persona; analyzing and/or predicting preferences, interests, reliability, behavior, whereabouts, or relocation of a natural person;
Pseudonymization: the personal data processing that renders said data unattributable to a specific data subject without additional information. Furthermore, such information must be subject to technical and organizational measures that ensure the personal data can't be attributed to an identified or identifiable natural person; The controller: The controller is a natural or legal person, public authority, agency, or body that, alone or in concert with others, decides on purposes and means of personal data processing. Where the purposes and means of processing are determined by the Community Law or the Law of the Member States, the controller or the specific criteria for his designation may be provided for under the Community Law or the Law of Member States;The processor: The processor is a natural or legal person, public authority, agency, or body that processes personal data on behalf of the controller;
The recipient: The recipient is a natural or legal person, agency, body, or other entity to whom Personal Data is disclosed (whether it is a third party or not). However, authorities which may receive personal data under the Community Law or the Member States Law in connection with a particular mission are not considered to be recipients;
Third parties: Third party is a natural or legal person, public authority, agency or body other than the data subject, the controller, the processor and any persons authorized under the direct responsibility of the controller or the processor to process the personal data;
Consent: Consent is any expression of will given voluntarily and unambiguously by the data subject. Consent can take the form of a statement or other clear confirmatory act that confirms the data subject's consent regarding processing their data.
The person responsible within the meaning of the GDPR, other data protection laws in the Member States of the European Union and other provisions with a data protection character is:
STP Informationstechnologie Schweiz AG
Bahnhofstrasse 7, 9470 Buchs SG, Schweiz
Tel. +41 44 552 96 00
Email info@stp-online.ch
The data protection officer of the controller is:
Daniel Kraft
STP Informationstechnologie GmbH
Brauerstraße 12, 76135 Karlsruhe, Deutschland
Tel. +49 72182815-0
Fax +49 72182815-555
Email dsb@stp-online.de
Any data subject can contact our data protection officer at any time with any questions or suggestions regarding data protection.
We use cookies on the websites of STP Informationstechnologie Schweiz AG . Cookies are text files that are stored on a computer system via an Internet browser. Many websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string through which Internet pages and servers can be assigned to the specific Internet browser in which the cookie was stored. Cookies allow visited websites and servers to distinguish the individual's browser from other Internet browsers that contain other cookies. A particular Internet browser can be recognized and identified by the unique cookie ID. Through the use of cookies, STP Informationstechnologie Schweiz AG can provide users of this website with more user-friendly services that otherwise would not be possible. Through a cookie, we can optimize the information and offers on our website for any particular website visitor. Cookies allow us, as already mentioned, to recognize the users of our website. The purpose of this recognition is to make it easier for users to use our website. The data subject can prevent the use of cookies on our website at any time via their Internet browser settings page. Furthermore, users can delete set cookies from their browsers at any time. If the data subject deactivates the use of cookies in their web browser, not all functions of our website may be fully usable.
The website of STP Informationstechnologie Schweiz AG collects a series of general data and information each time visitors access our website(s). The general data and information are stored in the log files of the server, and comprise of the following, without limitation:
• browser types and versions used;
• operating system used by the accessing system;
• the website from which an accessing system accesses our website (so-called referrers);
• the sub-web pages;
• the date and time of access to the website;
• an Internet protocol address (IP address);
• internet service provider of the accessing system; and
• other similar data and information used in the event of attacks on our information technology systems.
When using this general data and information, STP Informationstechnologie Schweiz AG does not conclude about the data subject. Instead, we use this information to:
• correctly deliver the contents of our website;
• optimize the content of our website and to advertise it;
• ensure the continued functioning of our information technology systems and the technology of our website; and
• provide law enforcement authorities with the information necessary for law enforcement in the event of a cyberattack.
These anonymously collected data are therefore statistically processed and further evaluated by STP Informationstechnologie Schweiz AG to improve data protection and data security in our company and to ultimately ensure the highest level of personal data protection. The anonymous data of the server log files are stored separately from all personal data provided by an affected person.
The data subject has the opportunity to register on the website (http://stp-online.de and www.skr-inso.de) of the controller, providing their data in the process. The personal data is derived from the respective input mask used for the registration. The personal data entered by the data subject is collected and stored solely for internal use by the controller. The controller may transfer the data to one or more processors, such as a parcel service, that also uses personal data solely for internal use, which is attributable to the controller.
By registering on the website of the controller, the following data are collected and stored: the IP address assigned by the Internet service provider (ISP) of the data subject; the date and time of registration. These data are collected and stored to prevent and react upon any misuse of our services. In this respect, the storage of this data is required to secure the controller. The said data aren't disclosed to any third parties, barring the legal obligation to disclose to law enforcement serves.
By registering the data, the subjects voluntarily provide their data. Registered persons are free to modify provided personal data at any time or to delete them entirely from the database of the data controller. The controller shall, at any time upon request, provide information to each data subject as to which personal data the controller stores. Additionally, the controller shall correct or erase personal data at the data subjects' request.
Website visitors can subscribe to our newsletter, and their data are transmitted to the data controller at the moment of subscription. STP Informationstechnologie Schweiz AG informs its customers from time to time via a newsletter about our commercial offers. The newsletter of our company can only be received by the data subject if:
(1) the data subject has provided their valid email address andThe newsletters of STP Informationstechnologie Schweiz AG contain so-called counting pixels. A counting pixel is a miniature graphic that embedded in emails that are sent in php format to enable log file recording and log file analysis. Pixels allows us to track the success rate of online marketing campaigns. For example, STP Informationstechnologie Schweiz AG can detect whether an affected person has opened an email and if it has clicked any links placed in said email. Such personal data will be stored and evaluated by the controller, to optimize the newsletter distribution and to appropriate the content of future newsletters to affected persons' interests. We will not disclose personal data to third parties. Affected persons can revoke their consent given via the double-opt-in procedure at any time. If revoked, the controller will delete the personal data. We will construe any request to unsubscribe from the newsletter as a revoking the consent.
STP Informationstechnologie Schweiz AG website contains information that enables quick electronic contact with our company and direct communication with us, which also includes a general address of the so-called electronic mail (email address). If an affected person contacts the data controller by email or through a contact form, the personal data provided by the data subject will be automatically saved. Such personal information, provided voluntarily by a data subject to the controller, is stored for processing or contacting the data subject.
Our websites may also contain the blog section, which may provide our visitors with an option to leave comments therein. A blog is a web-based, usually public-accessible portal in which one or more authors can post articles or write down thoughts in so-called blogposts. Usually, visitors and readers can leave comments on said articles and posts. If an affected person leaves a comment in the blog published on this website, we will save and store certain data, and namely:
• the comment(s) left by the affected person;The controller processes and stores personal data only for the period necessary to achieve the storage purpose or, if so required by the European directives and regulations or any other Member States' legislation, a specific purpose. If the storage purpose is not communicated or if a storage period prescribed by the Law expires, the personal data will be routinely blocked or deleted per the statutory provisions.
• processing purposes;
• categories of personal data being processed;
• the recipients or categories of recipients to whom the personal data have been disclosed or are still being disclosed, in particular to recipients in third countries or international organizations;
• to the extent possible, the planned duration for which the personal data will be stored or, failing that, the criteria for determining that duration;
• the right to rectify or erase personal data, as well as any limitation of the processing by the person responsible, or a right to object to such processing;
• the right to appeal to a supervisory authority;
• (if the personal data are not collected from the data subject, but a third party): all available information on the source of the data;
• any eventuality of automated decision-making including profiling per Article 22 (1) and (4) of the GDPR and - at least in these cases - meaningful information on the logic, scope, and intended impact of such processing on the data subject.
Furthermore, the data subject has a right of access as to whether personal data has been transmitted to a third country or an international organization. If this is the case, then the data subject has the right to obtain information about the appropriate guarantees concerning the transfer. If data subjects wish to avail themselves of the right to information, they may, at any time, contact any employee of the controller.
Right to rectification: Any affected person affected has the right to demand the immediate correction of any inaccuracies in their data. Furthermore, the data subject has the right to request the completion of incomplete personal data, including through a supplementary declaration, taking into account the purposes of the processing. If an affected person wishes to exercise this right of rectification, they may, at any time, contact any employee of the controller.Right to cancellation (right to be forgotten): Affected persons have the right granted by the Law to require the controller to immediately delete their data, provided that one of the following reasons is satisfied and the processing is not required:
• the personal data has been collected for such purposes or otherwise processed for which they are no longer necessary;
• the data subject withdraws the consent based on which the processing took place, per Article 6 (1) (a) or Article 9 (2) (a) of the GDPR, and lacks any other legal basis for the processing;
• the data subject objects to the processing under Article 21 (1) of the GDPR, and there are no legitimate high-level grounds for the processing, or the data subject submits, under Article 21 (2) of the DS GMO objection to the processing;
• the personal data was processed unlawfully;
• erasing personal data is necessary to fulfill a legal obligation under the Community or the Member States' Law, to which the controller is subject;
• the personal data were collected concerning information society services offered under Article 8 (1) of the GDPR.
If any of the above reasons are correct and a data subject wishes STP Informationstechnologie Schweiz AG to delete their data, they may, at any time, contact any employee of the controller. The employee of STP Informationstechnologie Schweiz AG will arrange that the request is fulfilled promptly. If we (STP Informationstechnologie Schweiz AG ) have published personal data, and if we are responsible for deleting personal data as the controller per Article 17 para 1 GDPR, we will take appropriate measures, subject to the available technology and implementation costs, to inform the data subject that other data controllers that process the published data have deleted all links to such data, as well as any copies, unless the processing is required. The employee of STP Informationstechnologie GmbH will arrange the necessary in individual cases.
Right to restrict the processing: Any person affected by the processing of personal data has the right granted by the European directive and regulatory authority to require the controller to restrict the processing if one of the following conditions applies:• the accuracy of the personal data is contested by the data subject for a period that allows the data controller to verify the accuracy of the personal data;
• the processing is unlawful, the data subject refuses to delete the personal data and instead requests the restriction of the use of personal data;
• the data controller no longer needs the personal data for processing purposes, but the data subject requires them to assert, exercise or defend their rights;
• the affected person has objected to the processing acc. Art. 21 para. 1 GDPR and it is not yet clear whether the legitimate reasons of the person responsible outweigh those of the person concerned. If one of the above conditions are met and an affected person wishes to request the restriction of personal data stored at STP Informationstechnologie Schweiz AG , they may at any time contact any employee of the controller. The employee of STP Informationstechnologie Schweiz AG will initiate the restriction of the processing.
Right to Data portability: Any affected person has the right to receive their data provided to a controller in a structured, standard, and machine-readable format. Likewise, they have the right to request the controller to transfer such data to another person responsible without delay, provided that the processing is based on the consent pursuant to Art. 6 (1) (a) or Art. 9 para 2 (a) GDPR or on the basis of a contract in accordance with Article 6 (1) (b) of the GDPR and the processing is carried out using automated procedures, unless the processing is necessary for the performance of a task in the public interest or the exercise of public authority delegated to the controller. Furthermore, in exercising their right to data portability under Article 20 (1) of the GDPR, the data subject has the right to obtain that the personal data is transmitted directly from one controller to another, where technically feasible and, if so, this does not affect the rights and freedoms of others. The data subject may at any time contact any employee of STP Informationstechnologie Schweiz AG to assert the right to data portability.Right to object: Any affected person has the right in certain particular situations, to object to the processing of their data. If there is an objection, we will no longer process personal data unless we can prove compelling reasons for processing that outweigh the interests, rights, and freedoms of the data subject, or if the processing serves the purpose of asserting, exercising, or defending any legal claims.
If STP Informationstechnologie Schweiz AG processes personal data to send direct mail, data subjects have the right to object at any time to the processing of their data for such advertising. If the data subject objects to the processing of STP Informationstechnologie Schweiz AG for direct marketing purposes, STP Informationstechnologie Schweiz AG will no longer process personal data for these purposes. Additionally, the data subject has the right, in certain situations, to object to the processing of their data for scientific or historical research purposes or statistical purposes, unless such processing is necessary to fulfill a task that is of the public interest.
The data subject can directly contact any employee of STP Informationstechnologie Schweiz AG to exercise the right to object. The data subject is also free, in the context of the use of information society services, notwithstanding Directive 2002/58 / EC, to exercise their right of opposition through automated procedures using technical specifications.
Automated decisions in individual cases, including profiling: Affected persons have the right not to be subjected to a decision based solely on automated processing, including profiling, which has a legal effect, or in a similar manner (1) is materially affected, where the decision (1) is not necessary for the conclusion or performance of a contract between the data subject and the controller, or (2) is permitted by the Union or a Member State legislation to which the controller is subject, and appropriate measures exist for safeguarding the rights, freedom, and the legitimate interests of the data subject; or (3) with the express consent of the data subject.
Notably, it is important to distinguish if the decision:
• is required for the conclusion or performance of a contract between the data subject and the controller; or
• is made with the express consent of the data subject.
STP Informationstechnologie Schweiz AG shall take reasonable steps to safeguard the rights, freedoms and legitimate interests of the data subject, including at least the right to obtain the intervention of a person by the controller Statement of one's position and heard of the decision being challenged. If the data subject wishes to claim automated decision-making rights, they can contact an employee of the controller at any time.
Right to revoke a data processing consent: The affected person has the right to revoke consent to the processing of personal data at any time. If the data subject wishes to assert their right to withdraw consent, they may, at any time, contact any employee of the controller.
The controller collects and processes the personal data of applicants to process the application process. The processing can also be done electronically, especially if an applicant submits corresponding application documents to the controller by electronic means, for example by email or via a web form available on the website. If the controller concludes an employment agreement with an applicant, the data transmitted will be stored for the employment relationship per the Law. If no employment contract is concluded with the applicant by the controller, For example, the application documents will be automatically deleted two months after the announcement of the rejection decision, unless deletion precludes other legitimate interests of the controller. Other legitimate interests in this sense, for example, have the burden of proof in a procedure under the General Equal Treatment Act (AGG).
The controller has integrated links to Facebook on this website. Facebook is a social network. Using such a link (no plug-in) will redirect you away from the controller's website and to the destination address. A social network is an Internet-based social meeting place, an online community that usually allows users to communicate with each other and interact in virtual space. A social network can serve as a platform for sharing views and experiences or allows the Internet community to provide personal or business information. Facebook allows social network users to create private profiles, upload photos, and socialize via friend requests. The operating company of Facebook is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. The person responsible for the processing of personal data, if an affected person lives outside the US or Canada, is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland.
The controller has integrated the component Google Analytics (with anonymization function) on this website. Google Analytics is a web analytics service. Web analysis is the collection, collection, and analysis of data about the behavior of visitors to websites. Among other things, a web analysis service collects data from which website an affected person has come to a website (so-called referrers), which subpages of the website were accessed or how often and for which length of stay a subpage was viewed. A web analysis is mainly used to optimize a website and cost-benefit analysis of Internet advertising. The operator of the Google Analytics component is Google Inc., 1600 Amphitheater Pkwy, Mountain View, CA 94043-1351, USA. The controller uses the addition "_gat._anonymizeIp" for web analytics via Google Analytics. This addendum will shorten and anonymize the IP address of the data subject of the affected person if Google accesses our website from a Member State of the European Union or another state party to the Agreement on the European Economic Area. The purpose of the Google Analytics component is to analyze visitor flows on our website. Among other things, Google uses the data and information obtained to evaluate the use of our website to compile for us online reports showing the activities on our Internet pages and to provide further services related to the use of our website. Google Analytics uses a cookie on the information technology system of the affected person. We have already explained the concept of internet cookies. By using this cookie, Google is enabled to analyze the usage of our website. Each time our websites are visited, the internet browser of the affected person is automatically pinged by the respective Google Analytics component to submit data to Google for online analysis. As part of this technical process, Google receives information about personal data, such as the IP address of the affected person, which Google uses, among other things, to track the origin of visitors and clicks, and subsequently make commission settlements possible. The cookie stores personally identifiable information, such as access time, the location from which access was made and the frequency of site visits by the data subject. Each time you visit our website, your personal information, including the IP address of the Internet connection used by the data subject, is transferred to Google in the United States of America. Google stores this personal information in the United States of America. Google may transfer this personal data collected through the technical process to third parties. The affected person can prevent cookies, as shown above, at any time through a corresponding setting of their Internet browser, and thus permanently block cookies. Such a setting would also prevent Google from setting a cookie on the information technology system of the affected person. Additionally, a cookie already set by Google Analytics can be deleted at any time via the Internet browser or other software programs. Furthermore, the data subject has the possibility of recording the data generated by Google Analytics, to object to the use of this website related data and the processing of this data by Google and to prevent such. To do this, the person must download and install a browser add-on at tools.google.com/dlpage/gaoptout. This browser add-on informs Google Analytics via JavaScript that no data and information about website visits may be transmitted to Google Analytics. Google considers the installation of the browser add-on as a contradiction. If the data subject's information technology system is later deleted, formatted or reinstalled, the data subject must reinstall the browser add-on to disable Google Analytics. If the browser add-on is uninstalled or disabled by the data subject or any other person within their control, you may reinstall or re-enable the browser add-on. Additional information and Google's privacy policy can be found at www.google.com/intl/en/policies/privacy/ and at www.google.com/analytics/terms/en.php. Google Analytics is explained in more detail under this link www.google.com/intl/de_de/analytics/. DE / intl / DE / policies / privacy / and www.google.com/analytics/terms/en.php.
The controller has integrated links (not a plug-in) to LinkedIn on this website. LinkedIn is an Internet-based social network that allows users to connect to existing business contacts and make new business contacts. Over 400 million registered people use LinkedIn in more than 200 countries. LinkedIn is currently the largest platform for business contacts and one of the most visited Internet sites in the world. The company is LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA. Outside of the US, privacy issues are handled by LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn offers the opportunity at www.linkedin.com/psettings/guest-controls to unsubscribe from email messages, text messages and targeted ads, and manage ad settings. LinkedIn also uses partners such as Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua, and Lotame to set cookies. Such cookies may be rejected at www.linkedin.com/legal/cookie-policy. LinkedIn's privacy policy is available at www.linkedin.com/legal/privacy-policy. LinkedIn's cookie policy is available at www.linkedin.com/legal/cookie-policy.
The controller has integrated links (not a plug-in) to Twitter on this website. Twitter is a multilingual, publicly-accessible microblogging service where users can post and distribute tweets, which are limited to a certain number of characters. These short messages are available to anyone, including non-Twitter subscribers. The tweets are also displayed to the so-called followers of the respective user. Followers are other Twitter users who follow a user's tweets. Twitter also allows you to address a broad audience via hashtags, links, or retweets. The operating company of Twitter is Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.
The controller has integrated links (not a plug-in) to Xing on this website. Xing is an Internet-based social network that allows users to connect to existing business contacts and make new business contacts. The individual users can create a personal profile at Xing. Companies can, for example, create company profiles or publish job offers on Xing. The operating company of Xing is XING SE, Dammtorstraße 30, 20354 Hamburg, Germany. Xing's privacy policy, available at www.xing.com/privacy, provides insight into the collection, processing, and use of personal information by Xing. Additionally, Xing has posted privacy notices for the XING Share button at www.xing.com/app/share.
Art. 6 I lit. A DS-GMO serves our company as the legal basis for processing operations in which we obtain consent for a particular processing purpose. If the processing of personal data is necessary to fulfill a contract of which the data subject is a party, as is the case, for example, in processing operations necessary for the provision of a service, the processing is based on Art. 6 I lit. B DS-GMO. The same applies to activities that are necessary to carry out pre-contractual measures, for example, in the case of inquiries about our products or services. If our company subject to a legal obligation that requires the processing of personal data, for example, to fulfill tax obligations, the processing is based on Art. 6 I lit. C DS-GMO. Ultimately, processing operations could be based on Art. 6 I lit. F DS-GMO. Processing operations that are not covered by any of the above legal bases are based on this legal basis if the processing is necessary to safeguard the legitimate interests of our company or a third party, unless the interests, fundamental rights and fundamental freedoms of the person concerned prevail. The European legislator mainly permits such processing operations. In that regard, it is considered that a legitimate interest could be assumed if the data subject is a customer of the controller (recital 47, second sentence, DS-BER).
While processing personal data on the grounds of Article 6, I lit. F DS-GMO, it is in our legitimate interest to conduct business for the benefit of all our employees and shareholders.
The criterion for the duration of the storage of personal information is the respective statutory retention period. After the deadline, the corresponding data will be routinely deleted, if they are no longer required to fulfill or initiate a contract.
We clarify that the Law partly requires the provision of personal data (e.g., tax regulations) or can also result from contractual provisions (e.g., information about the contracting party). Occasionally it may be necessary for a contract to be concluded that an affected person provides us with personal data that must subsequently be processed by us. For example, the data subject is required to provide us with personal information when we enter into an agreement with the data subject. Failure to provide personal data would mean that the contract with the person concerned could not be completed. Before affected persons give any personal data, they must contact one of our employees.
In order to make visiting our website attractive and to enable the use of certain functions, we and certain third parties use cookies. A cookie is stored permanently via the comfort setting in order to reload your preference setting on your next visit and to optimize the user experience conveniently for you through usage behavior (Google Analytics) and certain third parties (social media, videos via YouTube). For this purpose, information is partially passed on to service providers who may be located in a third country and do not have a comparable level of data protection. If you refuse optional cookies, only the cookies necessary to provide the services will be used. Details on cookies can be found in the cookie management and general cookie information in the Privacy Policy. You can change or revoke your selection at any time by clicking on "Manage cookies" at the bottom of the page.