Menu
Home
Back to previous page

Privacy Policy

Preamble

SVA places highest priority on the protection of the personal data of their employees, prospective and existing customers, partners, and website visitors. In doing so, SVA strictly observes compliance with the principles of processing personal data, ensuring at all times lawful processing. Data protection is but one building block in our company, forming, amongst further compliance requirements, the ethical guardrails for all activities undertaken in our organization. 

To guarantee our transparency principle, by which we wish to present to you all data protection information in a clear and comprehensible manner, we have subdivided this information into different subject areas. 

For reasons of linguistic simplification, we have decided to use the generic masculine on subsequent pages. We consider this linguistic form to be gender neutral and unbiased.

Contents

1. Privacy Notice: Information and Structure 
2.Contact data for the Data Controller, the Data Protection Officer, and the Data Protection Team   
2.1.Contact Information: Controller  
2.2. Contact Information: Data Protection Officer  
2.3. Contact Information: Data Protection Department 
3. Collection and Storage of Personal Data as well as the Nature and Purpose of Processing
3.1. Visiting this Website 
3.2. Your Newsletter Registration
3.3. Provision of white papers
3.4. Using our contact form
4. Data Transfer Security
5. Cookie usage
6. Tools and Plugins Used on Our Website
6.1. Consent Manager – Obtaining consent for the following tools and plugins
6.2. Analysis of your user behavior / statistics 
6.2.1. Matomo (self-hosted) – Analyzing your browsing behavior  
6.3. Media
6.3.1. YouTube
6.3.2. Spotify
6.3.3. Podigee
6.4. Marketing
6.4.1. Google Tag Manager
7. Your rights
7.1. Right of access 
7.2. Right to rectification
7.3. Right to erasure
7.4. Right to restrict processing
7.5. Right to data portability 
7.6. Right of withdrawal
7.7. Right to lodge a complaint
7.8. Right to object 

1. Privacy Notice: Information and Structure

This data protection declaration serves the purpose of informing you of the kind of personal data we, SVA System Vertrieb Alexander GmbH (hereinafter ‘we’ or ‘us’), collect and process, for which reasons and to what extent.

Therefore, please take sufficient time to read the following information. Your personal rights are of utmost priority for us, and we endeavor, to the best of our knowledge and belief, to protect these rights. We process your personal data in accordance with the European Data Protection Regulations (Regulations (EU) 2016/679; hereinafter: ‘GDPR’) and the German Federal Data Protection Act (hereinafter: ‘BDSG’). Personal data is always adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed. Furthermore, please be advised that in this data protection declaration we clearly outline which personal data is transferred to other parties. All implemented technologies used on this website for the processing of data, such as plugins, tools, etc. are featured in this declaration. 

Our data protection declaration is divided into several chapters with sub-chapters. This facilitates orientation and makes information easier to find. 

By use of the latest technologies and the continuous further development of this website, as well as by changes to our service portfolio, e.g. when introducing new services, changes to this privacy notice may also become necessary. Thus, it is advisable and recommendable to familiarize yourself with the current version of this data protection declaration by regular visits to and whenever accessing our website. 

All terms contained in this Privacy Notice have the meaning as defined in the current version of the GDPR and/or any subsequent regulation. 

  • ‘Personal data’ means any information relating to an identified or identifiable natural person (hereinafter ‘data subject’). (Art. 4(1) GDPR). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. The origin, form or embodiment of the information is irrelevant (photos, video or audio recordings may also contain personal data). (Art. 4(1) GDPR) 
  • ‘Processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. (Art. 4(2) GDPR) 
  • ‘Controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. (Art. 4(7) GDPR) 
  • ‘Third party’ means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and the persons who, under the direct authority of the controller or processor, are authorized to process personal data. (Art. 4(10) GDPR) 
  • ‘Processor’ is a natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller, in particular in accordance with the controller’s instructions (e.g. IT service providers or data hosting providers). In terms of data protection legislation a processor is explicitly not a third party, but rather to be regarded as part of the controller's organization, as there is direct authority to issue instructions regarding the processing of personal data and very strict legal framework conditions must be observed. (Art. 4(8) GDPR) 
  • ‘Consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her. You will not suffer any disadvantages if you withdraw your consent. (Art. 4(11) GDPR) 

Additional Definitions of Terms: 

  • GDPR: The General Data Protection Regulation (GDPR) is a European regulation that governs the protection of personal data. It applies to all companies and organizations in the EU, as well as those outside of the EU which process data of European citizens. The GDPR therefore offers uniform protection of the personal data of all EU citizens. 
  • BDSG (new): The Federal Data Protection Act (BDSG) is the German law that supplements the (EU) GDPR and sets out specific regulations for Germany. It determines how data may be processed and includes additional provisions. 
  • TDDDG: The Telecommunications Digital Services Data Act (TDDDG). It contains provisions on telecommunications secrecy as well as regulations regarding the protection of personal data when using telecommunications and digital services. The status of the privacy policy is 10.02.2026.

2. Contact data for the Data Controller, the Data Protection Officer, and the Data Protection Team

Contact Information: Controller

SVA System Vertrieb Alexander GmbH 

Borsigstraße 26, 65205 Wiesbaden, Germany 

Telephone: +49 (0)6122 536-0 

Telefax: +49 (0)6122 536 399 

E-Mail: mail@sva.de 

 2.1 Contact information: controller

Datenschutzbeauftragter 
SVA System Vertrieb Alexander GmbH
Borsigstraße 26, 65205 Wiesbaden
Deutschland
Telephone: +49 06122 536-0
E-Mail: dsb@sva.de

 2.2 Contact Information: Data Protection Officer

Data Protection Officer 
SVA System Vertrieb Alexander GmbH
Borsigstraße 26, 65205 Wiesbaden
Deutschland
Telephone: +49 6122 536-0
E-Mail: dsb@sva.de

 2.3 Contact Information: Data Protection Department

Data Protection Department
SVA System Vertrieb Alexander GmbH
Borsigstraße 26, 65205 Wiesbaden
Deutschland
Telephone: +49 6122 536-0
E-Mail: datenschutz@sva.de

3. Collection and Storage of Personal Data as well as the Nature and Purpose of Processing

3.1 Visiting this Website 

In brief

You may visit this website without providing personal details. During your visit, we will only store access data.

Processing Purpose

We, as website operators, collect this data to properly provide this website, to detect attacks, and to protect us against them.

Personal data processed by SVA is: 
Amongst other: 

  • Browser type und browser version 
  • Operating system used 
  • The website you are visiting us from 
  • This website’s visited subpages 
  • Server request date and time 
  • IP address 

Storage duration for personal data: 
We store your personal data until the purpose for which it was collected no longer applies. This generally is the case for 7 days at the longest. 

Legal basis for processing: When visiting our website, we process your personal data on the following legal basis: 

  • Art. 6 para. 1 point (f) GDPR “... processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data...” 

The pursued (legitimate) interest in the processing of personal access data, derives from the above-mentioned purposes for the technologically secure and proper operation of the website. 

Recipients: 
Your data will not be transferred to any further recipients. 

Transfer to third countries: 
A transfer to a third country does not take place. 

Consequences of non-provision: 
If you do not agree to the processing of your personal data, we unfortunately cannot provide you with access to our website. In this case, we ask that you refrain from using the website and leave it. Without the processing of certain technically and organizationally necessary data, the secure as well as proper operation of the website cannot be guaranteed. Thank you for your understanding. 

Recipients: 
None. 

Transfer to third countries: 
A transfer to a third country does not take place on our part. 

3.2 Your Newsletter Registration

In brief

In order to receive our newsletter, we require a valid e-mail address from you. If you register via our website, your e-mail address will be checked in a ‘double opt-in’ procedure. Without this confirmation, you cannot receive the newsletter. Registration is logged and you will receive a confirmation e-mail to ensure that no unauthorized person uses your e-mail address. This also serves as documentation that you have registered voluntarily and would like to receive the newsletter.

Processing Purpose

We process your e-mail address in order to send you our newsletter.
Personal data processed by SVA:

  • E-mail adresse
  • and any data e.g. name, first name, etc., which you have provided voluntarily.  

Storage duration of personal data: 

Your personal data is only stored until deregistration from our newsletter or revocation of your consent.

Legal basis for processing

When delivering our newsletter, we process your personal data on the following legal basis: :

  • Art. 6 para. 1 point (a) GDPR
    “... the data subject has given consent to the processing of his or her personal data for one or more specific purposes...”

Of course, you have the right to withdraw your consent at any time, pertaining to and prevent future processing. As a result, you deregister from the newsletter. Deregistration (incl. withdrawal of consent) from our newsletter can be performed either by the deregistration link in our newsletter or via an e-mail sent to unsubscribe@sva.de

Recipients: Processors for marketing automation with regard to newsletters. Transfer to third countries: A transfer to a third country does not take place. Consequences of non-provision

Providing your personal data (especially your email address) is required for us to send you our newsletter. If you do not wish to provide this data, we will be unable to deliver the newsletter to you. 
Recipients:
Processors for marketing automation in the area of newsletters.

Transfers to third countries:

A transfer to a third country does not take place on our part.

3.3 Provision of white papers 

In brief

We provide high‑quality white papers on our website. To receive a white paper and the associated newsletter, we require a valid e‑mail address. When you sign up, your e‑mail address is verified via a double‑opt‑in process on our website. Without this confirmation we cannot send you the white paper or the newsletter. The registration is logged, and you will receive a confirmation e‑mail to ensure that no one can use your e‑mail address unlawfully. This serves as proof that you have voluntarily subscribed and wish to receive the white paper/newsletter.

Processing Purpose

We process your personal data so that we can send you our white paper and inform you about relevant content, products, or services offered by our company.

Personal data processes by SVA

  • Salutation
  • First Name
  • Last Name
  • Company
  • Business email address

Storage duration of personal data: 

Your personal data will be stored until you unsubscribe from the newsletter or withdraw your consent.

Legal basis for processing

When providing the white paper, we process your personal data on the following legal basis:

  • Art. 6 para. 1 point (a) GDPR
    “... the data subject has given consent to the processing of his or her personal data for one or more specific purposes...”

Of course, you have the right to withdraw your consent at any time for the future and to unsubscribe from the newsletter. You can unsubscribe (and revoke your consent) from our newsletter either by clicking on the unsubscribe link in the newsletter or by sending an email to unsubscribe@sva.de.

Consequences of non-provision

The provision of your personal data (in particular your email address) is necessary in order for us to send you our white papers. If you do not wish to provide this data, we will not be able to send you the newsletter.

Recipients

Your data will not be transferred.

Transfer to third countries

A transfer to a third country does not take place.

3.4 Using our contact form

In brief

On our website, we offer the possibility of contacting us via our contact form.

Processing purpose

The purpose for processing your personal data is to process and respond to your enquiry.

Personal data processed by SVA

  • First name
  • Last name
  • Company
  • Phone number
  • Business e-mail address
  • Subject matter of enquiry

This personal data is required to identify and respond to your enquiry. The additional fields are optional, i.e. voluntary, and only serve the purpose of providing additional information.

Storage duration of your personal data

Any data entered into our contact form will be deleted as soon as you request deletion, withdraw your voluntarily given consent or the purpose for storage becomes void (e.g. after we have responded to your enquiry). Other regulations and storage periods remain unaffected.

Legal basis for processing: When contacting us via the contact form, we process your data according to the following legal basis: 

Art. 6 para. 1 point (a) GDPR “... the data subject has given consent to the processing of his or her personal data for one or more specific purposes...” 

Of course, you have the right to withdraw your consent at any time, pertaining to and prevent future processing. 

Should an enquiry, at a later point in time, result in a commissioning, this constitutes a change of purpose. The pursued purpose is now based on contract initiation or fulfilment, and on the following legal basis: 

Art. 6 para. 1 point (f) GDPR “... processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data...” 

Pursued (legitimate) interest in the processing of personal data lies in the provision of relevant information which is important for a potential or existing business relationship. Also, personal data must be processed in order to customize offers, coordinate deliveries, schedule appointments, or to take services or products into operation. 

Consequences of not providing data: Please note that the contact form can only be submitted if you have filled in all the mandatory fields. Optional fields such as title or telephone number can of course be left blank without affecting the processing of your request. If you do not agree to provide the mandatory information, it will unfortunately not be possible to submit the form. In this case, we ask you to use an alternative method of communication to get in touch with us. 

Recipients: Where applicable: Manufacturers, partners, and distributors. 

Transfer to third countries: A transfer to a third country only occurs in the case of business transactions with manufacturers and partners located in third countries, whose products or services form part of our service package. Exceptions to such transfer handling is applicable in the following cases: 

Art. 49 GDPR Exceptions in particular cases para. 1 point (a) “... the data subject has explicitly consented to the proposed transfer, after having been informed of the possible risks of such transfers for the data subject due to the absence of an adequacy decision and appropriate safeguards...” para. 1 point (b) “... the transfer is necessary for the performance of a contract between the data subject and the controller, or the implementation of pre-contractual measures taken at the data subject’s request...” para. 1 point (c) “... the transfer is necessary for the conclusion or performance of a contract concluded in the interest of the data subject between the controller and another natural or legal person...” 

To verify that visitors to our website are human, and to avoid automated spam submissions, we have integrated a CAPTCHA into our contact form. This does not imply the processing of any personal data.

4. Data Transfer Security

Our website and other systems are secured by appropriate technical and organizational measures against loss, destruction, access, as well as modifications or the processing of your personal data by unauthorized people (e.g. by TLS encryption of our website). Our security measures comply with all legal stipulations and are continuously improved according to technological developments in order to guarantee an adequate level of security that is commensurate with the risk. Thus, your personal data is protected as securely as possible during the whole processing procedure (e.g. by firewalls, anti-virus systems, fail-safe power supply etc.). We implement data protection through technical design and data protection-friendly default settings geared to the customary business industry standards such as ISO 27001.

5. Cookie usage

This website uses ‘cookies’. Cookies are small text files consisting of letters and numbers which are sent to your browser and stored in your terminal equipment whenever you visit a website. When visiting our website, and any time thereafter, you can decide whether you wish to generally accept the setting of cookies, or which individual, additional functions to choose from. Changes can be made in your browser settings or via our cookie banner. A cookie typically contains the domain name from which the cookie originates, the ‘lifespan’ of the cookie, and a unique identifier. 

Some cookies serve the purpose of making the website operational for the user’s visit. The type of cookie used is the technically required cookie that, according to § 25 para. 2 no. 2 TDDDG, may be set even without consent. The technical structure of the website requires the implementation of technologies such as these cookies. Without them, the website cannot be displayed correctly, or the support functions cannot be enabled. These cookies cannot be deselected, if you wish to use our website. 

Furthermore, cookies enable a personalization of the website, facilitate the utilization of our website, as well as evaluate the collected usage data for the improvement of our online services. According to § 25 para. 1 TDDDG in conjunction with Art. 6 para. 1 point (a) GDPR, this type of cookie may only be used with effective consent under data protection law. 

Subject to your prior consent, the following types of cookies are implemented on this website: 

  • Session Cookies: So-called session cookies are temporarily set cookies which remain in the browser’s cookie file until the user leaves the website. They contain a so-called session ID. This allows for the bundling of different requests under one shared session, and your computer can be recognized when you return to the website. Session cookies are especially required for the user to operate the website and possibly carry out registrations, logons, or place orders with it. Session cookies are deleted automatically once the browser session has ended. 
  • Persistent Cookies: These remain in the browser’s cookie file for a longer time. The period depends on the lifespan of the specific cookie. It can be of unlimited duration, and thus extends until deletion. Persistent cookies enable the website to remember the user’s selection (e.g. user registration data, his chosen language or region of his location). 
  • Categories of cookies implemented by us: First Party Cookies: These cookies, called first party cookies, are generated by the actively visited website and can be used by us as website operators, for example to personalize content. Third Party Cookies: These cookies originate from third party providers and are activated by using third party services. A transfer to third parties (e.g. to the provider in question) does indeed take place, however, only after your prior consent. 

Cookie Banner or Consent Manager: To obtain the consent required according to § 25 para. 1 TDDDG in conjunction with Art. 6 para. 1 sentence 1 point (a) GDPR, we use a so-called consent management tool. As part of our consent management (‘cookie banner’) we offer you, at all times, the opportunity of differentiated choice in terms of website cookie setting preferences; we also offer more detailed information on cookies used. In case you do not wish to accept cookies, you can also reject these without using the consent management tool, by setting up your Internet browser accordingly.

6. Tools and Plugins Used on Our Website

Various technical tools and plugins are used on our website to ensure the functionality, user-friendliness and security of the site. These tools may collect, process or store data from visitors – for example, to analyze user behavior, optimize content or integrate external services. In the following sections, we provide transparent information about which tools we use, for what purposes they are used and what measures we take to protect your personal data.

6.1.     Consent Manager – Obtaining consent for the following tools and plugins 

In brief

Integrated into our website are services by third party providers or analytical services. Thus, we are legally bound to implement a cookie banner. Implementation of a cookie banner is necessary so that we only set the technically necessary cookies automatically and add the integrated external service providers (third party providers) or analytical services after your express consent.

Processing purpose

Obtaining consent and creating transparency when implementing cookies.

Personal data processed by SVA: 

  • Consent data

When visiting our website, the implemented cookie banner establishes contact with the servers. By approving third party cookies, you are giving consent, which is also documented. The cookie banner allows our website users to give consent to specific data processing operations or to withdraw previously given consent. Settings chosen will be stored in your browser until changed by you personally in the cookie banner. This can be done by you at any time by clicking on the icon and changing your preferences.

Storage duration for personal data: 

Collected data is stored until you personally delete the cookie.

Legal basis for processing

When obtaining consent via the cookie banner, we process your data on the following legal basis:

  • Art. 6 para. 1 point (c) GDPR “... processing is necessary for compliance with a legal obligation to which the controller is subject...”
  • § 25 para. 1 TDDDG “... storing information in the end user’s terminal equipment or accessing information already stored in the terminal equipment is only permitted if the end user has consented based on clear and comprehensive information...”

Recipients

Provider of the cookie banner

Transfer of Data to Third Countries: 

A transfer to third countries does not take place.

6.2.     Analysis of your user behavior / statistics

We collect and process data about usage behavior on our website in order to compile statistical analyses and continuously improve functionality and the range of services offered.

6.2.1.    Matomo (self-hosted) – Analyzing your browsing behavior 

In brief

We use the tool Matomo in the ‘cookieless’ variant to collect and analyze information on your user behavior when using our website.

Processing purpose

Analysis helps us to understand which pages on our website are called up most frequently.

Personal data processed by SVA:

  • IP addresses: These are shortened so that exact localization becomes impossible.
  • User data: This includes information such as the time of usage, terminal equipment data (e.g. operation system, browser, resolution) and all pages called up. Storage duration of personal data: No personal data storage takes place. Recipients: SVA is independently responsible for hosting. We do not use any external service providers for this. Transfer to third countries: A transfer to a third country does not take place.

6.3.    Media

In brief

Various media content is offered on our website to give you the opportunity of viewing and listening to interesting content.  

Processing purpose

Providing media content.

6.3.1.    YouTube

In brief

After giving us your consent in our cookie banner, we use Youtube with extended data protection on this website. Youtube’s extended data protection mode, according to Youtube, does not store any website visitor information before the (embedded) video is played. It is possible that further data processing and data transferring activities occur by further third-party providers, as soon as the embedded video is started on this website. Also, Youtube can store various cookies or implement recognition technology on your device (e.g. fingerprinting). We have no influence on this and cannot prevent it. Please query Youtube on their handling of your personal data.

Provider

The provider is Google Ireland Limited (‘Google’), Gordon House, Barrow Street, Dublin 4, Ireland.

Legal basis for processing

In the context of media provision, we process your personal data on the following legal basis:

  • Art. 6 para. 1 point (a) GDPR “... the data subject has given consent to the processing of his or her personal data for one or more specific purposes...” § 25 para. 1 TDDDG “... storing information in the end user’s terminal equipment or accessing information already stored in the terminal equipment is only permitted if the end user has consented based on clear and comprehensive information...” Of course, you have the right to withdraw your consent at any time, pertaining to and prevent future processing.

Consequences of non-provision

If you do not consent to data processing by YouTube, the embedded videos on our pages cannot be loaded. This means that you cannot view or play the relevant content. Without your consent, no tracking or analysis data will be transmitted to Google, however, the visual functions of the service will not be available to you. Instead, you will either see a notice that the video is disabled or it will not be displayed at all. To be able to use the videos, you would have to give your consent to data processing.

6.3.2.    Spotify

In brief

We use Spotify on our website. After giving your consent in our cookie banner, Spotify establishes a direct connection between Spotify’s servers and your device. It is possible that further data processing and data transferring activities occur by other third-party providers, as soon as the embedded video is started on this website. Also, Spotify can store various cookies or implement recognition technology on your device (e.g. fingerprinting). We have no influence on this and cannot prevent it. Please query Spotify on their handling of your personal data. Provider. The provider is Spotify AB (‘Spotify’), Birger Jarlsgatan 61, 113 56 Stockholm, Sweden. Legal basis for processing: In the context of media provision, we process your personal data on the following legal basis: Art. 6 para. 1 point (a) GDPR “... the data subject has given consent to the processing of his or her personal data for one or more specific purposes...” § 25 para. 1 TDDDG “... storing information in the end user’s terminal equipment or accessing information already stored in the terminal equipment is only permitted if the end user has consented based on clear and comprehensive information...” Of course, you have the right to withdraw your consent at any time, pertaining to and prevent future processing. Consequences of non-provision: If you do not consent to data processing by Spotify, the embedded audio or music widgets on our pages cannot be loaded. This means that you will not be able to listen to the respective audio content there. Without your consent, no tracking or analysis data will be sent to Spotify, but at the same time, the playback function of the service will not be available to you. In order to use the content, you would have to give your consent to data processing.

6.3.3.    Podigee

In brief: 
After receiving your consent in our cookie banner, we use the podcast player provided by Podigee on this website. The podcast player helps embed the podcasts stored there directly into our website, thus making them available to you. In this way, you have the opportunity to listen to our podcast directly in the web browser on this website without having to leave it. Provider. We use the podcast player provided by ‘Podigee’. The provider of this software solution is Podigee GmbH, Schlesische Straße 20, 10997 Berlin. Legal basis for processing: When providing media content, we process your personal data on the following legal basis: 

  • Art. 6 para. 1 point (a) GDPR “... the data subject has given consent to the processing of his or her personal data for one or more specific purposes...” 
  • § 25 para. 1 TDDDG “... storing information in the end user’s terminal equipment or accessing information already stored in the terminal equipment is only permitted if the end user has consented based on clear and comprehensive information...” 

Of course, you have the right to withdraw your consent at any time, pertaining to and prevent future processing. Consequences of non-provision: If you do not give consent for the Podigee podcast‑player, the embedded player will not be activated on the site. Consequently, you won’t be able to listen to our podcasts directly in the browser. No tracking data will be sent to Podigee, but the podcast content will remain inaccessible on this page.

6.4.    Marketing

As part of our marketing activities, we use various services and measures to present our offers and to get in contact with interested parties and customers. The following sections explain which marketing tools we use and how they are used in detail.

6.4.1.    Google Tag Manager

In brief: 

We use Google Tag Manager to integrate other tools and technologies into our website. Google Tag Manager is solely a service that simplifies the integration of the above-mentioned tags through a separate interface. Processing purpose: Provision of scripts and technologies by Google Tag Manager. Personal data processed by SVA: IP addresses Legal basis for processing: When providing media content, we process your personal data on the following legal basis: 

  • Art. 6 para. 1 point (f) GDPR “... processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data...” 

The pursued (legitimate) interest in the processing of personal data lies in providing you with relevant and useful information. Additionally, it is our goal to ensure that specific technical features, such as scripts and other technologies, can be maintained and managed centrally. By doing this, we can ensure that the information on our website is provided in an organized fashion. This shall ensure that every technology we deploy is configured to prioritize your privacy. 

Consequences of non-provision: If you do not consent to the Google Tag Manager, the tags that enable analytics, personalization and marketing functions will not be loaded on the site. As a result, you will not see personalized content or targeted advertisements, and the website may lack some performance‑optimizing features. No tracking data will be sent to Google, but the site will still function in a basic, non‑personalized mode. 

Recipients: Google Ireland Ltd., Ireland 

Transfer to third countries: A transfer to a third country does not take place on our part.

7. Your rights

The protection of personal data of individuals within the EU is considered the highest priority of the GDPR. The GDPR not only guarantees the protection of this sensitive data but also strengthens the rights of data subjects as a result. Articles 12 et. seq. GDPR list the rights that data subjects have regarding the processing of their data:

7.1.     Right of access

You, as the data subject, have the right to demand confirmation from the controller as to the processing of personal data concerning you. Where that is the case, you may have access to the personal data and the information itemized under Article 15 GDPR.

7.2.     Right to rectification

You have the right to obtain from the controller without undue delay the rectification of inaccurate personal data and to demand the completion of incomplete personal data (Article 16 GDPR).

7.3.     Right to erasure

You have the right to obtain from the controller the erasure of personal data concerning you without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the grounds of Article 17 apply, for example if the personal data is no longer necessary for the specific purpose (Right of Erasure and ‘to be forgotten’).

7.4.     Right to restrict processing

You have the right to obtain from the controller restriction of processing where one of the conditions featured in Article 18 GDPR applies, for example if you have objected to the processing and until it has not yet been determined whether the legitimate interests of the controller outweigh your interests.

7.5.     Right to data portability

According to Article 20 GDPR, you have the right to obtain your personal data in a structured, commonly used and machine-readable format, and you have the right to transmit those data to another controller without hindrance from the controller (right to data portability).

7.6.     Right of withdrawal

Where you have given your consent to the processing of your data in accordance with Article 6(a), 9(2)(a) of the GDPR and Paragraph 25(1) of the TDDDG, you have the right to withdraw said consent at any time. This does not affect the lawfulness of the processing carried out before withdrawal (Art. 7 para. 3 GDPR). You can exercise your right of withdrawal, for example, by sending an email to unsubscribe@sva.de.

7.7.     Right to lodge a complaint 

You have also the right to complain with a supervisory authority without prejudice to any other administrative of judicial remedy, if you have reason to believe that the processing of your personal data violates GDPR (Article 77 GDPR). You can assert your right with a supervisory authority in the member state of your residence, your workplace, or place of the alleged infringement. The competent authority for SVA is:  The Hessian Commissioner for Data Protection and Freedom of Information  P.O. Box 3163, 65021 Wiesbaden  Telephone: +49 (0)611 1408 – 0 E-mail: poststelle@datenschutz.hessen.de

7.8.     Right to object

Insofar as we are processing your personal data on the basis of a legitimate interest in accordance with Article 6 para 1 point (f) GDPR, you have the right, according to Article 21 GDPR, to object to the processing of your personal data, on grounds relating to your particular situation. Subsequently, the controller no longer processes the data, unless the controller can present compelling legitimate reasons for their processing which outweigh your interests, rights and freedoms, or unless the processing serves the purpose of asserting, exercising, or defending legal claims (Article 21 GDPR). Enforcement of your rights: Data subjects can choose freely through which telecommunications channel they submit their request. If the request is made electronically (e.g. via email), the response will also be provided electronically, usually via E-Mail.