The German version of the data protection declaration is legally binding.
Information on data protection for users of our website
§ 1 Information on the collection of personal data
(1) In the following, we inform you about the processing of personal data in connection with the use of this website. Personal data are all data that relate to you personally. This includes, for example, name, address, email address, user behaviour.
(2) The person responsible in accordance with Art. 4 No. 7 of EU General Data Protection Regulation ( GDPR ) is SIGMA Gesellschaft für Systementwicklung u. Datenverarbeitung mbH, Am Erlenwald 13, 09128 Chemnitz, email: firstname.lastname@example.org. The person jointly responsible with the responsible person is SIGMA Software und Consulting GmbH, Am Erlenwald 13, 09128 Chemnitz, email: datenschutz(at)sigmagmbh.de. Both Data Processors jointly decide on the purposes and means of all processing of personal data. You can contact our data protection officer at datenschutz(at)preusse-co-ag.de or at our postal address: Preusse & Co. Aktiengesellschaft, An der Markthalle 3, 09111 Chemnitz with the addition "External Data Protection Officer".
(3) If you contact us by email, data you provide - name, email address, message text - will be stored by us for the purpose of individual communication with you. We will delete your data that is collected in this context once it is no longer necessary to store the data. If there are legal obligations to retain data, we will restrict the processing.
(4) If we make use of commissioned service providers for individual functions of our offer, we will inform you in detail about the respective processes below. In doing so, we will also state the specified criteria for the storage period.
§ 2 Your rights
(1) With regard to your personal data, you have the following rights towards us:
- Right to information
- Right of correction or deletion
- Right to restrict processing
- Right to object to processing
- Right to data transferability.
(2) With regard to your personal data, you also have the right to complain to a data protection supervisory authority about processing by us.
(3) In order to exercise your rights, please use the contact details of SIGMA Gesellschaft für Systementwicklung und Datenverarbeitung mbH from § 1 para. 2.
§ 3 Collection of personal data for informative use
(1) If you use the website for informational purposes only, i.e. if you do not send us any other information, we only collect personal data that your browser sends to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website and to ensure its stability and security ( the legal basis results from Art. 6 Para. 1 S. 1 lit. f GDPR ):
- IP address
- Date and time of request
- Time zone difference to Greenwich Mean Time ( GMT )
- Content of request ( concrete page )
- Access status/http status code
- Amount of data transmitted in each case
- Website from which request comes
- Operating system and its interface
- Language and version of the browser software.
(2) Furthermore, cookies are stored on your computer when you use the website. Cookies are small text files that are stored on your hard drive in accordance with the browser you are using and through which certain information is sent to the party that sets the cookie ( in this case, we ). Cookies cannot execute programs or transfer viruses to your computer. They are used to make the website as a whole more user-friendly and effective.
a) This website uses the following types of cookies, the scope and function of which are explained below:
- Transient cookies ( session cookies )
- Persistent cookies
Session cookies store a so-called session ID, with which various requests from your browser can be assigned to the shared session. This allows your computer to be recognised when you return to our website. The session cookies are deleted when you log out or close the browser.
Persistent cookies ( temporary use ) are automatically deleted after a specified period of time, which may vary depending on the cookie. You can delete the cookies in the security settings of your browser at any time.
c) Below, you will find detailed information on the technically necessary cookies. ( The legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR ):
fe_typo_user ( session cookie ):
This is a standard cookie of the Content Management System used. It is used to identify a user during his or her visit to the website. The cookie is deleted when the session ends ( closing all browser windows ). The cookie is absolutely necessary for us.
be_typo_user ( session cookie ):
This is a standard cookie of the Content Management System used. It is required for logging into the content management system. The cookie is deleted when the session is finished (closing all browser windows). The cookie is absolutely necessary for us.
be_lastLoginProvider (Persistent Cookie):
This is a standard cookie of the content management system used. It is required to log in to the content management system. The cookie is deleted after 90 days. The cookie is absolutely necessary for us.
cookie_consent ( persistent cookie ):
This cookie stores the fact that the user has seen the cookie Consent and made his settings. The cookie is deleted after 30 days. The cookie is absolutely necessary for us.
cookie_essential ( persistent cookie ):
This cookie stores the user settings for essential cookies. The cookie is deleted after 30 days. The cookie is absolutely necessary for us.
d) Below you will find detailed information on cookies for the compilation of statistics and for marketing purposes. (Once you have given your consent, the legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR):
cookie_tracking (Persistent cookie):
This cookie stores the user settings for tracking cookies. The cookie is deleted after 30 days.
_ga ( persistent cookie ):
This cookie is used to identify the user. It contains a randomly generated user ID. This ID enables Google Analytics to recognise returning users on this website and to merge data from previous visits. The provider is Google. The cookie is deleted after two years.
_gid ( persistent cookie ):
This cookie is used to identify the user. It contains a randomly generated user ID. This ID enables Google Analytics to recognise returning users on this website and to merge data from previous visits. The provider is Google. The cookie is deleted after 24 hours.
_gat_gtag_UA_XXX (persistent cookie ):
This cookie is used to throttle the transfer rate to Google Analytics. As long as it is set, certain data transfers are prevented. XXX stands for the account number of the website operator. The provider is Google. The cookie is deleted after one minute.
e) You can configure your browser settings according to your wishes. However, we would like to point out that you may not be able to use all the functions of this website.
§ 4 Contact form
When you contact us via our contact form, the data you provide - email address as mandatory field, name, telephone number, message text - will be stored by us for the purpose of individual communication with you. We will delete your data that is collected in this context once it is no longer necessary to store the data. If there are legal obligations to retain data, we will restrict the processing.
§ 5 Newsletter
(1) With your consent, you can subscribe to our newsletter, with which we inform you about our current interesting offers. The advertised goods and services are named in the declaration of consent.
(2) We use the so-called double-opt-in procedure to register for our newsletter. This means that after your registration, we will send you an email to the email address you have provided, in which we ask you to confirm that you wish to receive the newsletter. If you do not confirm your registration within 24 hours, your information will be blocked and then automatically deleted. In addition, we store your IP address and the time of registration and confirmation. The purpose of this procedure is to be able to prove your registration and, if necessary, to clarify any possible misuse of your personal data.
(3) Your email address is the only mandatory information for sending the newsletter. The provision of further, separately marked data is voluntary and is used to be able to address you personally. After your confirmation we will save your email address for the purpose of sending the newsletter. The legal basis is Art. 6 Paragraph 1 S. 1 lit.a GDPR.
(4) You can revoke your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can revoke your consent by clicking on the link provided in each newsletter email, by sending an email to email@example.com or by sending a message to the contact details given in the imprint.
(5) We would like to point out that we evaluate your user behaviour when sending the newsletter. For this evaluation, the emails sent contain so-called web beacons or tracking pixels, which represent one-pixel image files stored on our website. For the evaluation we link the data mentioned in § 3 and the web beacons with your email address and an individual ID. By assigning an individual ID, we protect ( pseudonymise ) your data. You can object to this tracking at any time by clicking on the separate link provided in each email or by informing us via another contact channel. The data will then be stored anonymously.
§ 6 Use of Mouseflow
(1) This website uses Mouseflow, a web analysis service of Mouseflow Ltd, Flaesketorvet 68, 1711 Copenhagen V, Denmark (Europe) ("Mouseflow"). Mouseflow records randomly selected individual visits. This allows a log to be created of the mouse movements and clicks of visitors. These logs can be used to randomly replay individual visits to our website in order to derive possible improvements to the user experience of our website. The information recorded by Mouseflow is not personal. In particular, IP addresses are only processed anonymously. The information recorded by Mouseflow is not passed on. We use Mouseflow for the purpose of analyzing the use of our website and continuously improving individual functions and offers as well as the user experience. By statistically evaluating user behavior, we can improve our offer and make it more interesting for you as a user. This is also our legitimate interest in the processing of data by Mouseflow. The legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR.
(2) You can prevent the collection of the aforementioned information by Mouseflow by setting an opt-out cookie on the following linked website: www.mouseflow.de/opt-out/
Note: If cookies are deleted, an incognito mode is used or the browser is changed, the visitor may still or again be recorded and must again expressly object to recording by Mouseflow.
§ 7 Use of chatbot
(1) This website uses a chatbot that was specially developed by us. The chatbot is a software-based dialog system that enables a text or voice-based communicative exchange with a technical system.
The chatbot is based on the RAG (Retrieval Augmented Generation) approach, which retrieves data from a database to answer questions as best as possible. This data, together with the question, is sent to the language models of OpenAI, Inc. without passing on any personal information of the user. The models try to answer the question in the best possible way using the data provided and return this answer.
The data originates from one of our internal databases and consists of text documents with marketing information on products and services of our SIGMA Group.
(2) The following data is processed: Session ID for the user's requests, time of the request, the request itself and the chatbot's response, topic, language.
(3) We process the data for the purpose of analyzing the productivity of our chatbot and making continuous improvements. This includes the following aspects:
Chatbot performance optimization: we record and analyze interactions with the chatbot to evaluate its efficiency and performance. This includes, for example, questions that the chatbot was unable to answer, repeated requests on certain topics and similar.
Improving the user experience: We use data to improve the user experience. This includes analyzing user feedback to make adjustments and enhancements to the chatbot to better meet your needs.
Error detection and correction: The data enables us to detect errors and problems in real time to ensure that the chatbot is corrected and updated more quickly.
Statistical evaluations: We create aggregated, anonymized statistical reports on the use of the chatbot. These reports do not contain any personal information and are used to analyze trends and patterns.
The legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR.
§ 8 Use of Google Analytics
(1) This website uses Google Analytics, a web analysis service of Google Inc. ("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. However, in the event that IP anonymisation is activated on this website, your IP address will be shortened by Google within member states of the European Union or in other states which are party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on the website activities and to provide further services to the website operator in connection with the use of the website and the internet.
(2) The IP address transmitted by your browser within the framework of Google Analytics is not combined with other data from Google.
(4) We use Google Analytics to analyse and regularly improve the use of our website. We can use the statistics obtained to improve our offer and make it more interesting for you as a user. Google is certified in accordance with the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active The legal basis for the use of Google Analytics is Art. 6 para. 1 sentence 1 lit. f GDPR.
(5) Information of the third party provider: Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001.
Data protection overview: http://www.google.com/intl/de/analytics/learn/privacy.html
§ 9 Use of social media plug-ins
(1) We currently use the following social media plug-ins: Google+, Twitter. We use the so-called two-click solution. This means that when you visit our site, no personal data is initially passed on to the providers of the plug-ins. You can recognise the provider of the plug-ins by their logo. We give you the opportunity to communicate directly with the provider of the plug-in via the button. Only if you click on the marked field and thereby activate it, the plug-in provider will receive the information that you have called up the corresponding website of our online offer. In addition, the data mentioned under § 3 of this declaration is transmitted. By activating the plug-in, therefore, personal data about you is transmitted to the respective plug-in provider and stored there (in the case of US providers in the USA). Since the plug-in provider collects data in particular via cookies, we recommend that you delete all cookies before clicking on them via the security settings of your browser.
(2) We have no influence on the collected data and data processing procedures, nor are we aware of the full scope of data collection, the purposes of processing, the storage periods. We also have no information about the deletion of the collected data by the plug-in provider.
(3) The plug-in provider stores the data collected about you as user profiles and uses these for purposes of advertising, market research and/or design of its website in line with requirements. Such an evaluation is carried out in particular (also for users who are not logged in) for the purpose of presenting need-based advertising and to inform other users of the social network about your activities on our website. You have a right of objection to creation of these user profiles, whereby you must contact the respective plug-in provider in order to exercise this right. Via plug-ins, we offer you the possibility to interact with social networks and other users, so that we can improve our offer and make it more interesting for you as a user. The legal basis for the use of the plug-ins is Art. 6 para. 1 sentence 1 lit. f GDPR.
(4) Data transfer takes place regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in with the plug-in provider, data collected by us will be directly assigned to your account with the plug-in provider. If you confirm the activated button and, for example, link the page, the plug-in provider will also save this information in your user account and publicly communicate it to your contacts. We recommend that you log out regularly after using a social network, but especially before activating the button, as this will allow you to avoid being assigned to your profile with the plug-in provider.
(5) Further information on the purpose and scope of data collection and its processing by the plug-in provider can be found in the following data protection declarations of these providers. There you will also find further information on your rights in this regard and setting options for protecting your privacy.
(6) Addresses of the respective plug-in providers and URL with their data protection information:
a) Google Inc, 1600 Amphitheater Parkway, Mountainview, California 94043, USA; https://www.google.com/policies/privacy/partners/?hl=de. Google is certified in accordance with the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active
b) Twitter Inc, 1355 Market St, Suite 900, San Francisco, California 94103, USA; www.twitter.com/privacy. Twitter has submitted to the EU-US privacy shield, https://www.privacyshield.gov/EU-US-Framework.
§ 10 Integration of YouTube videos
(1) We have included YouTube videos in our online offer, which are stored at YouTube.com and can be played directly from our website. These are all integrated in "extended data protection mode", i.e. no data about you as a user is transferred to YouTube if you do not play the videos. Only when you play the videos will data mentioned in paragraph 2 be transmitted. We have no influence on this data transfer.
(2) By visiting the website, YouTube receives the information that you have called up the corresponding subpage of our website. In addition, data mentioned under § 3 of this declaration is transmitted. This is done regardless of whether YouTube provides a user account through which you are logged in or whether no user account exists. If you are logged in at Google, your data will be assigned directly to your account. If you do not want your profile to be assigned to YouTube, you must log out before activating the button. YouTube stores your data as user profiles and uses them for advertising purposes, market research and/or the design of its website to meet demand. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have a right of objection to the creation of these user profiles, whereby you must contact YouTube in order to exercise this right.
The entity responsible for processing your data is:
SIGMA Gesellschaft für Systementwicklung u. Datenverarb. mbH
Am Erlenwald 13
+49 371 2371-0
- Types of Data Collected
Our chatbot may collect the following data, including:
• Session ID for user queries
• Timestamp of the query
• The query itself and the chatbot's response
- Purpose of Data Collection
We collect and process your data for the following purposes:
• Responding to your inquiries and providing support
• Improving our services
• Statistical analysis of chatbot usage
• Marketing and advertising, if you have consented to it
- Legal Basis for Data Processing
The processing of your data is based on your consent (Article 6, Paragraph 1a of the General Data Protection Regulation, GDPR) or for the performance of a contract (Article 6, Paragraph 1b of the GDPR) when processing is necessary to provide our services.
- Data Retention
We will store your data only for as long as necessary for the purposes mentioned above or as required by laws and regulations.
Purpose of data storage: Evaluation and analysis of chatbot productivity and improvement
We store and process certain user data for the purpose of analyzing the productivity of our chatbot and making continuous improvements. This includes the following aspects:
• Chatbot performance optimization: We collect and analyze interactions with the chatbot to assess its efficiency and performance. This includes, for example, questions that the chatbot could not answer, repeated inquiries on specific topics, and similar interactions.
• Enhancing user experience: We use data to improve the user experience. This includes analyzing user feedback to make adjustments and expansions to the chatbot to better meet your needs.
• Error detection and resolution: The data enables us to detect errors and issues in real-time, ensuring faster resolution and updates to the chatbot.
• Statistical analysis: We create aggregated, anonymized statistical reports on chatbot usage. These reports do not contain any personally identifiable information and are used to analyze trends and patterns.
- Consent and Data Protection
The collection and storage of data for these purposes are carried out in accordance with applicable data protection laws and only with your explicit consent. You have the right to withdraw your consent at any time. We assure you that all data collected will be protected and processed in accordance with applicable data protection laws.
- Data Disclosure
We would like to inform you that your personal data will not be disclosed to third parties unless you have expressly consented to it or we are legally obligated to do so. Your privacy and data security are of great concern to us, and we take all necessary measures to ensure the protection of your data.
8. Your Rights
Under data protection laws, you have certain rights regarding your personal data, including:
• Right to information
• Right to correction or deletion
• Right to restriction of processing
• Right to object to processing
• Right to data portability
To exercise your rights, please contact the SIGMA Gesellschaft für Systementwicklung und Datenverarbeitung mbH using the contact options in Section 1, Paragraph 2.
§12 SSL or TLS encryption
(1) For security reasons and to protect the transmission of confidential content, such as requests that you send to us as the site operator, this website uses SSL or TLS encryption. You can recognise an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser display.
(2) If SSL or TLS encryption is activated, data you transmit to us cannot be read by third parties.
§ 13 Revocation of a data protection consent
(1) If you have given your consent to the processing of your data, you can revoke this consent at any time. Such revocation will affect the permissibility of processing your personal data after you have given it to us.
(2) In order to exercise the right to revoke your consent, you may contact SIGMA Gesellschaft für Systementwicklung und Datenverarbeitung mbH directly using the contact details provided in § 1 (2).
§ 14 Objection to the processing of your data
(1) Insofar as we base the processing of your personal data on a weighing of interests, you may object to the processing. This is the case if the processing is in particular not necessary for the fulfilment of a contract with you. If you do so, please explain why we should not process your personal data as we have done. In the event of your justified objection, we will examine the situation and will either stop or adapt the data processing or show you our compelling reasons for continuing the processing which are worthy of protection.
(2) To exercise your right of objection, you can contact SIGMA Gesellschaft für Systementwicklung und Datenverarbeitung mbH directly using the contact details set out in § 1 (2).
§ 15 Updating this data protection declaration
We reserve the right to update this data protection declaration regularly. We therefore ask you to check our data protection declaration from time to time.