DATA PROTECTION DECLARATION
Zschimmer & Schwarz is committed to the conscientious protection and security of your personal data. Below, we would like to inform you about the processing of personal data when using our website. Personal data is all information that can be related to you personally, e.g. name, address, e-mail addresses, user behavior.
RESPONSIBLE CONTROLLER FOR DATA PROCESSING AND DATA PROTECTION OFFICER
The responsible controller according to Art. 4 para. 7 EU General Data Protection Regulation (GDPR) is:
Zschimmer & Schwarz Chemie GmbH
Max-Schwarz-Strasse 3–5
56112 Lahnstein | DE
T +49 2621 12-0
F +49 2621 12-407
info@zschimmer-schwarz.com
You can also contact us using our contact form on this website.
Data Protection Officer
We have appointed a data protection officer for our company:
pleXtec UG
Rheinstrasse 7
56338 Braubach | DE
T +49 2627 7094-0
You can contact our data protection officer at Datenschutz@zschimmer-schwarz.com or via the above postal address, to the attention of "Data protection officer".
COLLECTION OF PERSONAL DATA WHEN VISITING OUR WEBSITE
Transmission of data via the internet
When using the website for purely informational purposes, i.e., if you do not register or otherwise provide us with information, we only collect such personal data that is transmitted from your browser to your internet provider and from there to our server. If you want to view our website, we collect the following data:
– IP address
– Date, time, time zone difference to Greenwich Mean Time (GMT)
– Information on the subpages of our website that you have accessed: content of the request (specific page)
– Access status / HTTP status code
– Amount of data transferred in each case
– Address of the website from which you came to our website (referrer URL)
– Browser type and version of the browser
– Operating system
We process this data so that you can load our website, for the purpose of checking and, if necessary, restoring system security and stability as well as for statistical purposes (see below). The legal basis for this processing is Art. 6 para. 1 f) GDPR. We have a legitimate interest in ensuring that our website is displayed correctly on your screen and that we can determine and correct the causes in the event of malfunctions.
The abovementioned data will be stored in log files for a maximum of 30 days. Longer storage takes place only if necessary to assert and defend our legal claims, for example after a hacker attack.
The provision of the above data is neither required by law nor by contract and is not required to conclude a contract with us. However, for technical reasons, it would not be possible to visit our website without processing this data.
Hosting
This website is hosted externally. Personal data collected on this website is stored on the servers of the host.
The external hosting serves the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para 1 b) GDPR) and in the interest of secure, fast and efficient provision of our online services by a professional provider (Art. 6 para. 1 f) GDPR). If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6 para 1 a) GDPR and Section 25 para. 1 TDDDG (German Telecommunications, Digital Services, and Data Protection Act). You can revoke your consent at any time. We have concluded a data processing agreement (DPA) for the use of the abovementioned service.
Duration of storage
Personal data will be deleted after the statutory retention period has expired, provided that they are no longer required to fulfill or initiate a contract.
Cookies
We use cookies on our website. Cookies are small files that contain an identification number. Cookies are stored on your computer or mobile device when you visit our website. If you visit our website again, your computer or mobile device can be recognised using this identification number. Cookies serve to make the online service more user-friendly and more effective overall.
The legal basis is Art. 6 para. 1 f) GDPR or, if you have given your consent, Art. 6 para. 1 a) GDPR and Section 25 para. 1 TDDDG. We have an interest in making our website user-friendly for you and in optimizing our website. You can revoke your consent at any time.
This website uses the following types of cookies:
- Transient cookies:
Transient cookies are automatically deleted when you close the browser. This also includes session cookies. These are deleted when you close the browser. Session cookies allow you to avoid having to re-enter date on our website, even if you visit other websites in between. The purpose of these session cookies is therefore to facilitate the use of our website.
- Persistent cookies:
We also use persistent cookies to statistically record and evaluate the use of our website for the purpose of optimizing it. These cookies enable us to better support different languages or end devices. Persistent cookies are deleted after 24 months at the latest.
In particular, the following cookies are used for the following purposes:
| Cookieconsent* | Logs whether the user has read and confirmed the cookie notice |
Of course, you can also view our website without any cookies. There is no obligation to use cookies. However, most browsers automatically accept cookies. In order to restrict the setting of cookies, you can configure your browser settings according to your wishes and, for example, reject the acceptance of third-party cookies. You must make the settings separately for each browser and for each end device you use. You can also delete cookies at any time in the security settings of your browser. Please note that if you have deactivated the use of cookies, you will not be able to log into the internal area of the website and may not be able to use all the functions of this website.
Use of Matomo (formerly called Piwik)
This website uses the open-source web analysis service Matomo. Matomo uses technologies that make it possible to recognize the user across multiple pages with the aim of analyzing user patterns. The information recorded by Matomo about the use of this website will be stored on our server. Prior to archiving, the IP address will first be anonymized.
Through Matomo, we are able to collect and analyze data on the use of our website by website visitors. This enables us to find out, for instance, when which page views occurred and from which region they came. In addition, we collect various log files (e.g. IP address, referrer, browser, and operating system used) and can measure whether our website visitors perform certain actions (e.g. clicks, purchases, etc.).
The use of this analysis tool is based on Art. 6 para. 1 f) GDPR. The website operator has a legitimate interest in the analysis of user patterns in order to optimize the operator’s web offerings and advertising.
Hosting
We host Matomo at an external service provider (host). Personal data collected on this website is stored on the servers of the host. Our host will only process your data to the extent necessary to fulfill their performance obligations and to follow our instructions with respect to such data.
Conclusion of a data processing agreement
We have concluded a data processing agreement with these third-party providers, which guarantees that the data collected with Matomo will be processed exclusively according to our instructions and in accordance with the GDPR.
Business relationships
We are allowed to process data on the basis of Art. 6 para.1 b) GDPR if this is necessary for the performance of a contract between you and us or for the implementation of pre-contractual measures that were carried out at your request. In this respect, we process your data in particular for contract management, communication with you, order acceptance, shipping, invoicing, and, if necessary, for collection and for the enforcement and defense of legal claims.
We use your data to the extent permitted to send advertising by post and, if you have provided us with your e-mail address, e-mail advertising for our products and services. The legal basis is Art. 6 para. 1 f) GDPR. We have a legitimate interest in sending direct mail (for your right to object, see "Your data protection rights").
The provision of personal data is neither required by law nor by contract. However, in order to conclude a contract with us, it is necessary to process your name or company name, your e-mail address and your postal address. Without this data, sending e-mails to you, e.g. for sending contractual documents or offers, invoicing and possibly the assertion of justified claims, would not be possible.
Use of our customer portal
If you would like to use our customer portal, you need to register by entering your e-mail address, a password of your choice, your last name and your company name. We use the so-called double opt-in procedure for registration. This means that your registration is only complete when you confirm your registration by clicking on the link contained in a confirmation e-mail sent to you for this purpose.
When you use our customer portal, we process the data you provide, so that you can log in to the customer portal and view product data sheets. The purpose of processing such data is also to facilitate communication with you when carrying out pre-contractual measures, provided that you are interested in our products. You can change all information in the protected customer portal.
If you are our customer or interested in our products, the legal basis is Art. 6 para. 1 b) GDPR, otherwise Art. 6 para. 1 f) GDPR. We have a legitimate interest in making certain information such as product data sheets is only available to registered users of our customer portal in order to protect this information from uncontrolled dissemination on the internet. If the information is voluntary, the legal basis is your consent (Art. 6 para. 1 a) GDPR).
The provision of this data is not mandatory and not necessary for the conclusion of a contract. However, the use of the customer portal requires, that you provide at least an e-mail address, a password, your last name and your company name. If you provide further data, this is done voluntarily.
Use of our contact form or other contact
When you contact us by e-mail or by using our contact form, the data you provide (your e-mail address, possibly your name and telephone number) will be processed by us in order to answer your questions.
We process your e-mail address and your message, which you enter in our contact form or send us by e-mail, in accordance with Art. 6 para. 1 f) GDPR. We have a legitimate interest in processing your inquiries. We process other data based on your consent (Art. 6 para. 1 a) GDPR), provided that you have consented to this processing by clicking the "Send" button. If you enter sensitive information that contains special categories of data in the "Message" field, you also consent to the processing of this data. If you are our customer at the same time, Art. 6 para. 1 b) GDPR will be the legal basis for such processing.
The provision of this data is not mandatory and not necessary for the conclusion of a contract. However, in order to use the contact form, you must provide an e-mail address; otherwise, we will not be able to respond to you. If you provide further data, this is done voluntarily.
Sending newsletters
If you have subscribed to a newsletter, we will process the data you entered when you registered for the newsletter.
We process your e-mail address or postal address for the purpose of sending our newsletters on a regular basis. After ordering the e-mail newsletter, you will receive an e-mail from us with a link to verify your e-mail address. The legal basis is your consent, which you gave us when you subscribed to the newsletter (Art. 6 para. 1 a) GDPR).
If you no longer wish to receive the newsletter in the future, you can revoke your consent to receiving the newsletter at any time and without giving reasons by sending an e-mail to info@zschimmer-schwarz.com (for more information on the right of withdrawal see "Your data protection rights"). Alternatively, you can unsubscribe from the newsletter by clicking on "Unsubscribe".
The data you provided when you subscribed to the newsletter will be deleted as soon as you have withdrawn your consent or unsubscribed from the newsletter.
Our newsletter is a voluntary offer. However, you must provide your e-mail address to send the e-mail newsletter or your address to send the postal newsletter. Further information is not required for sending the newsletter.
Brevo and other providers
If you would like to subscribe to the newsletter offered on this website, we require your e-mail address as well as, if requested, your first and last name and the name of the company you work for. This information allows us to verify that you are the owner of the provided e-mail address and that you consent to receiving the newsletter. No further data is collected, or only on a voluntary basis. We use newsletter service providers, described below, to manage the newsletter.
This website uses Brevo to send newsletters. The provider is Sendinblue GmbH, Koepenicker Strasse 126, 10179 Berlin, Germany.
Brevo is a service that can be used, among other things, to organize and analyze the sending of newsletters. The data you enter for the purpose of subscribing to the newsletter is stored on the servers of Sendinblue GmbH in Germany.
Data analysis by Brevo
With the help of Brevo, we are able to analyze our newsletter campaigns. For example, we can see whether a newsletter message was opened and which links, if any, were clicked. This allows us to determine, among other things, which links were clicked particularly often.
We can also see whether certain predefined actions were taken after the newsletter was opened or a link was clicked (conversion rate). For example, we can see whether you made a purchase after clicking a link in the newsletter.
Brevo also allows us to divide newsletter recipients into different categories (“cluster” them). For example, newsletter recipients can be clustered by age, gender, or location. This enables us to better tailor the newsletters to the respective target groups.
If you do not want Brevo to analyze your data, you must unsubscribe from the newsletter. We provide a link for this purpose in every issue of the newsletter.
For detailed information on Brevo’s features, please visit the following link: www.brevo.com/de/newsletter-software/.
Legal basis
Data processing is based on your consent (Art. 6 para 1 a) GDPR). You may withdraw this consent at any time. The lawfulness of any data processing that has already taken place remains unaffected by the withdrawal.
Retention period
The data you have provided to us for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter, at which point it will be deleted from the newsletter distribution list. Data stored by us for other purposes remains unaffected by this.
After you unsubscribe from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider on a blacklist, if this is necessary to prevent future mailings. The data from the blacklist is used solely for this purpose and is not combined with other data. This serves both your interest and our interest in complying with legal requirements regarding the sending of newsletters (legitimate interest in accordance with Art. 6 para. 1 f) GDPR). Storage on the blacklist is not subject to a time limit. Provided that your interests outweigh our legitimate interest, you may object to the storage of your data.
For more information, please refer to Brevo’s privacy policy at: www.brevo.com/de/datenschutz-uebersicht/ and www.brevo.com/de/legal/privacypolicy/.
Data processing
For the use of the aforementioned service, we have entered into data processing agreement (DPA). This is a contract required by data protection law which ensures that the service provider processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.
Job applications
If you apply for a job in our organisation, your data will be processed for the purpose of deciding whether to establish an employment relationship. The legal basis for processing your data is Art. 88 GDPR in conjunction with Section 26 para. 1 sentence 1 FDPA (German Federal Data Protection Act). For the purpose of carrying out the application process, we will store the data for a maximum of 6 months after receipt of the application and will then delete it. Processing beyond this period is permitted for the purpose of establishing and carrying out an employment relationship in accordance with the legal basis mentioned above, provided that you start employment with us after completing the application process. The provision of your data is neither contractually nor legally required.
In addition, the "Softgarden" applicant platform of the provider softgarden e-recruiting GmbH (hereinafter "Softgarden"), Tauentzienstrasse 14, 10789 Berlin, is integrated on our website. As soon as you click on the "Apply now" button on our website, you will be forwarded to Softgarden's servers via your browser. You can find more information on the handling of your personal data in Softgarden's privacy policy: https://softgarden.com/de/datenschutz-webseite/. In addition, we have concluded a data processing agreement with Softgarden in accordance with Art. 28 DSGVO.
SOURCES OF DATA
We usually receive your data directly from you. In some cases, the following data may come from other sources, provided we are authorized to collect the data in this way:
- Public trade and association registers (company name, addresses)
- Address investigators, credit agencies (names, addresses), if we cannot reach you at your address
RECIPIENTS OF YOUR DATA
We partially transmit the above data to these processors for the following purposes:
- DSCHOY GmbH, Augustusburger Strasse 95, 09126 Chemnitz, Germany (website programming)
- JK-Computer GmbH, Trinkbornstrasse 24, 56281 Doerth, Germany (hosting)
- if necessary, further processors from the areas of web hosting, IT services, printing and data carrier destruction
Processors process data only on our instructions and not for their own purposes. In order to ensure processing compliant with data protection, we have concluded a data processing agreement with our website hoster.
In certain cases, some of your data may be passed on to other recipients if you have given your consent (Art. 6 para. 1 a) GDPR), if we are legally obliged to do so (Art. 6 para. 1 c) GDPR) or if it is necessary for the protection of legitimate interests (Art. 6 para. 1 f) GDPR):
- Post, shipping and telecommunications companies to ship items and communicate with you
- Law enforcement agencies, courts to enforce or defend legal claims
- Auditors, lawyers or tax advisors
- Insurance companies to handle claim
- LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (company-own fan site of Zschimmer & Schwarz GmbH & Co KG Chemische Fabriken)
SOCIAL MEDIA
Data processing by social networks
We maintain publicly available profiles in social networks. If you are logged in to your social media account and visit our social media pages, the operator of the social media portal can assign this visit to your user account. Under certain circumstances, your personal data may also be recorded if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies stored on your device or by recording your IP address. Please also note that we cannot retrace all processing operations on social media portals.
If you visit one of our social media sites, we, together with the operator of the social media platform, are responsible for the data processing operations triggered during this visit. You can in principle protect your rights (information, correction, deletion, limitation of processing, data portability and complaint) vis-à-vis us as well as vis-à-vis the operator of the respective social media portal.
Using the data collected in this way, social media platform operators can create user profiles that store your preferences and interests. This allows them to display interest-based ads to you both on and off the respective social media platform. If you have an account with the respective social network, these interest-based ads may appear on all devices on which you are currently logged in or have been logged in in the past.
Please also note that we are unable to track all data processing activities on social media platforms. Depending on the provider, additional processing operations may therefore be carried out by the operators of these platforms. For more details, please refer to the terms of use and privacy policies of the respective social media platforms.
Legal basis
Our social media presence is intended to ensure the broadest possible online presence. This constitutes a legitimate interest within the meaning of Article 6 para. 1 f) of the GDPR. The analysis processes initiated by the social networks may be based on different legal grounds, which must be specified by the operators of the social networks (e.g., consent within the meaning of Article 6 para. 1 a) of the GDPR).
Data controller and exercising your rights
When you visit one of our social media pages (e.g., Facebook), we are jointly responsible with the operator of the social media platform for the data processing activities triggered by your visit. You may generally exercise your rights (right of access, rectification, erasure, restriction of processing, data portability, and the right to lodge a complaint) both against us and against the operator of the respective social media portal (e.g., against Facebook).
Please note that, despite our shared responsibility with the social media platform operators, we do not have full control over the data processing activities of these platforms. Our options are largely determined by the corporate policies of the respective provider.
Retention period
Data collected directly by us through our social media presence will be deleted from our systems as soon as you request its deletion, revoke your consent to its storage, or the purpose for storing the data no longer applies. Stored cookies remain on your device until you delete them. Mandatory legal provisions – in particular retention periods – remain unaffected.
We have no control over how long your data is stored by social media platform operators for their own purposes. For more details, please contact the social media platform operators directly (e.g., by reviewing their privacy policies, see below).
Your rights
You have the right at any time to obtain, free of charge, information about the source, recipients, and purpose of your stored personal data. You also have the right to object, the right to data portability, and the right to file a complaint with the competent supervisory authority. Furthermore, you may request the correction, blocking, erasure, and, under certain circumstances, the restriction of the processing of your personal data.
Social networks in detail
We have a XING profile. The provider is New Work SE, Am Strandkai 1, 20457 Hamburg, Germany. For details on how XING handles your personal data, please refer to XING’s privacy policy: https://privacy.xing.com/en/privacy-policy.
We have a LinkedIn profile. The provider is the LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.
If you want to disable LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs.
For details on how they handle your personal information, please refer to LinkedIn's privacy policy: https://www.linkedin.com/legal/privacy-policy.
The company is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the United States designed to ensure compliance with European data protection standards when processing data in the United States. Every company certified under the DPF commits to adhering to these data protection standards. For more information, please visit the provider’s website at the following link: https://www.dataprivacyframework.gov/participant/5448
YouTube
We have a profile on YouTube. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Details on how they handle your personal data can be found in the YouTube privacy policy: https://policies.google.com/privacy?hl=en.
The company is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the United States designed to ensure compliance with European data protection standards when processing data in the United States. Every company certified under the DPF commits to adhering to these data protection standards. For more information, please visit the provider’s website at the following link: https://www.dataprivacyframework.gov/participant/5780
AUDIO AND VIDEO CONFERENCING
Data processing
Amongst others, we use online conference tools to communicate with our customers. The tools we use are listed below. If you communicate with us via video or audio conference via the internet, your personal data will be recorded and processed by us and the provider of the respective conference tool.
The conference tools collect all data that you provide / use to use the tools (e-mail address and / or your telephone number). The conference tools also process the duration of the conference, start and end (time) of participation in the conference, number of participants and other “contextual information” in connection with the communication process (metadata).
Furthermore, the provider of the tool processes all technical data that are required to handle online communication. This includes in particular IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or loudspeaker as well as the type of connection.
If content is exchanged, uploaded or made available in any other way within the tool, it is also stored on the server of the tool provider. Such content includes in particular cloud recordings, chat / instant messages, voicemails, uploaded photos and videos, files, whiteboards and other information that is shared while using the service.
Please note that we do not have full influence on the data processing operations of the tools used. Our options are largely based on the company policy of the respective providers. Further information on data processing by the conference tools can be found in the data protection declarations of the tools used, which we have listed below.
Purpose and legal basis
The conference tools are used to communicate with prospective or existing contractual partners or to offer specific services to our customers (Art. 6 para 1 b) GDPR). Furthermore, the use of these tools serves to generally simplify and expedite communication with us or our company (legitimate interest within the meaning of Art. 6 para. 1 f) GDPR). To the extent that consent has been requested, the use of the relevant tools is based on this consent; consent may be revoked at any time with future effect.
Storage period
The data collected directly by us via video and conference tools will be deleted from our systems as soon as you ask us to delete them, revoke your consent to storage or the purpose for data storage no longer applies. Saved cookies remain on your device until you delete them. Mandatory statutory retention periods remain unaffected. We have no influence on the storage period of your data which is stored by the operators of the conference tools for their own purposes. For details, please contact the operators of the conference tools directly.
Conference tools used
We use the following conference tools:
Zoom
We use Zoom. The provider of this service is Zoom Communications Inc., San Jose, 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA. Details on data processing can be found in Zoom's privacy policy: https://zoom.us/privacy
The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://zoom.us/privacy
Skype for Business
We use Skype for Business. Provider is Skype Communications SARL, 23-29 Rives de Clausen, 2165 Luxembourg. Details on data processing can be found in Skype's privacy policy: https://privacy.microsoft.com/en-us/privacystatement
Microsoft Teams
We use Microsoft Teams. Provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. For details on data processing, see the Microsoft Teams privacy policy: https://privacy.microsoft.com/en-us/privacystatement
VIDEO SURVEILLANCE AT THE LAHNSTEIN SITE
We use video surveillance measures at our site in Lahnstein, Germany to exercise domiciliary rights and to protect the lives of our employees and visitors as well as our property. If necessary, this measure is also used for clarification and criminal prosecution. The legal basis of such video surveillance Art. 6 para. 1 d) and f) GDPR together with Paragraph 4 FDPA (German Federal Protection Act). The storage period for the video recordings is 30 days. A transfer of the recordings to third parties is not planned.
YOUR DATA PROTECTION RIGHTS
Under the conditions of Art. 15 GDPR, you can request information from us about whether and which data we process from you. You can request the correction and, under certain circumstances, the completion of your data in accordance with Art. 16 GDPR. You have the right to have us delete your data under the conditions of Art. 17 GDPR or lock them under the conditions of Art. 18 GDPR. According to Art. 20 GDPR, you have the right to receive your data transmitted to us based on consent or a contract, provided that the processing is automated. If you wish and if this is possible on a technical level, we will transfer this data to a third party. According to Art. 21 GDPR, you have the right to object at any time to the processing of personal data relating to you based on Art. 6 para. 1 e) or f) GDPR for reasons that arise from your particular situation. Under certain conditions, your rights may be restricted or excluded by law.
If you have consented to data processing for a specific purpose, you have the right to revoke your consent at any time. The revocation does not affect the legality of the processing until the revocation. The revocation can be declared via e-mail to info@zschimmer-schwarz.com. After revocation, we will no longer process your data unless we are legally entitled or obliged to do so. You have the right to submit data protection complaints to a data protection authority, in particular to the State Commissioner for Data Protection and Freedom of Information Rhineland-Palatinate, P.O. Box 30 40, 55020 Mainz, Germany.
If we process data exclusively in accordance with Art. 6 para. 1 f) GDPR to safeguard our interests, you have the right to object to the processing of your data for reasons that arise from your particular situation. If you object, we will no longer process this data unless we can prove compelling legitimate reasons for the processing that outweigh your interests, rights and freedoms, or the processing serves to enforce legal claims. Objections can for example be declared via e-mail to info@zschimmer-schwarz.com.
Change of our data protection regulations
We reserve the right to change our security and data protection measures insofar as this becomes necessary due to technical developments. In these cases, we will also adapt our information on data protection accordingly. Therefore, please note the current version of our data protection declaration.
Last updated: 03/2026