Data Protection Statement
SYZYGY AG considers data protection and the security of personal data to be important. That’s why we strictly adhere to the General Data Protection Regulation. Detailed below we provide full information about the scope and purpose of the data collection and processing on our website. If further questions remain unanswered, you are welcome to contact our Data Protection Officer.
Name and Contact Details of the Controller
SYZYGY AG, Horexstraße 28, 61352 Bad Homburg, info@syzygy.de is the Data Controller. The Data Protection Officer can be contacted at the above mentioned address with the addition “z.Hd. Datenschutzbeauftragter“, or by e-mail at datenschutz@syzygy.de for all questions relating to data protection.
Purpose of Data Processing
SYZYGY AG processes and stores your personal data if you provide this to us unsolicited: for example, if you contact us by mail, phone or e-mail, if you request our Annual Report via the corresponding online form, or if you download files.
Legal Basis for Data Processing
If you have given us your consent to the collection, processing or transfer of certain personal data, then that consent constitutes the legal basis for the processing of such data. In certain cases, we process your data in order to safeguard a legitimate interest of ours or of a third party. An example for this is the use of direct marketing activities in order to promote sales. The processing of personal data by SYZYGY AG thus occurs on the basis of Art. 6 para. 1 sentence 1 lit. a) and f) and Art. 7 General Data Protection Regulation (GDPR).
Categories of Personal Data
SYZYGY AG processes and stores personally identifiable data provided by you. This includes, for example, your name, address and e-mail address, and any other personal contact details.
Special Categories of Personal Data
No special categories of personal data are processed by SYZYGY AG.
Origin of Personal Data
All personal data processed is directly provided by you.
Categories of Recipients of Personal Data
In providing your data, you agree to the processing and storage of that data by SYZYGY AG. The transfer of your data to other companies of the SYZYGY group is not planned. A transfer of your data to a country outside the European Union (EU) or the European Economic Area (EEA), where a lower level of data protection might apply, does not take place.
Data Transfer in Third Countries
As described in this data protection statement, we are using service providers in so-called third countries (as the US). These are countries whose data protection level falls short of the level in the European Union. In such cases, and if there exists no adequacy decision of the European Union (Art. 45 GDPR), we have taken precautions in order to guarantee an appropriate data protection level. This includes standard contractual clauses of the European Union or internal regulations. In cases where this is not feasible, we rely on exceptions according to Art. 49 GDPR, especially your explicit consent or the necessity of the data transfer to fulfil a contract.
If a data transfer to a third country is performed and there is no adequacy decision and no appropriate guarantees exist, there is the risk that third country authorities (e.g. intelligence agencies) have access to the transferred data in order to collect and analyse them. Thus, your data subject rights cannot be en-forced. By giving your consent in the cookie banner, you will be informed about this as well.
Duration of Data Retention
SYZYGY AG stores your personal data as long as necessary for the purposes for which it has been collected or otherwise processed under Art. 17 para. 1 lit. a) GDPR. This is particularly necessary for the fulfilment of legal or contractual obligations. If the storage of data is no longer required for the fulfilment of legal or contractual obligations, then your data will be deleted, unless further processing is required for the following reasons:
- Adherance to retention periods with respect to commercial and tax law,
- Retention of evidence within the scope of legal limitation rules.
Rights of Data Subjects
With regard to the personal data concerning him or her, each data subject has rights against SYZYGY AG. In accordance with the legal conditions, these are the right of access under Art. 15 GDPR, the right to correction under Art. 16 GDPR, the right to deletion under Art. 17 GDPR, the right to limitation of processing under Art. 18 GDPR, the right to data transferability under Art. 20 GDPR and the right to objection under Art. 21 GDPR.
The limitations of Sect. 34 and 35 German Federal Data Protection Act (new) apply to the right of access and the right to erasure.
In addition, it is possible to file a complaint to the designated data protection supervisory authority under Art. 77 GDPR in connection with Sect. 19 German Federal Data Protection Act (new). The supervisory authority for SYZYGY AG is Der Hessische Datenschutzbeauftragte, Gustav- Stresemann-Ring 1, 65021 Wiesbaden; e-mail: poststelle@datenschutz.hessen.de .
Consent to the processing of personal data may be revoked at any time, and applies thereafter, unless subsequently changed. This applies also to a consent given before the advent of the GDPR legislation (i.e. before May 25, 2018). The revocation of consent does not affect the lawfulness of the processing of personal data prior to any revocation.
In order to exercise your rights against SYZYGY AG, please contact SYZYGY AG, z.Hd. Datenschutzbeauftragter, Horexstraße 28, 61352 Bad Homburg in writing, or by e-mail to datenschutz@syzygy.de .
Google Maps
We use the map service Google Maps which is offered to users in the European Union and Switzerland by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland, and for all other users by Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA („Google“). By using Google Maps, information about the usage of this website (including your IP address) will be transferred to a Google server, which can be located in the US, and stored there. Google receives the information that the contact page has been accessed with the IP address of your device.
The legal basis represents your consent that you have given in the cookie banner for the data processing according to Art. 6 para. 1 sentence 1 lit. a GDPR and for the data transfer according to Art. 49 para. 1 sentence 1 lit. a GDPR. The risks associated with a data transfer in a third country are described in the above section Data Transfer in Third Countries. There will be no connection with the Google servers with-out your consent. You can withdraw your consent or adapt your choices any time.
If you access Google Maps while being signed-in to your Google profile, Google can match this event with your Google profile. If you do not wish this matching to happen, it is necessary to log out before accessing our contact page. Google stores your data and uses them for advertising, market research and a personalised presentation of Google Maps. You can object this data collection with Google.
You will find detailed information for this purpose in the data protection statement of Google (https:// policies.google.com/privacy?hl=en) and the additional terms of service of Google Maps (https://www. google. com/intl/en/help/terms_maps/).
Use of Cookies
In order to improve our website, we use “cookies”. Cookies are text files that are stored on your device when you visit our website. Cookies store information such as your language settings, the duration of your visit to our website or the information you enter there. This avoids the need to re-enter any necessary data every time you visit.
We use both session cookies as well persistent cookies. Session cookies are cookies that expire at the end of the browser session. Persistent cookies remain stored on the device after the end of a browser session, making it possible to remember the preferences or actions of a visitor when revisiting the website. Most browsers automatically accept cookies. If you want to prevent the storage of cookies, you can choose “do not accept cookies” in your browser settings. You can find out how this works in detail by referring to your browser manufacturer’s instructions. Cookies that are already stored on your device can be deleted at any time. However, we would like to point out that our website’s functionality may be limited without cookies.
Our website uses the WordPress plug-in “Borlabs Cookie” to collect and manage consents and with-drawals. If you give your approval to use cookies, a cookie will be set that captures your consent. This cookie is technically necessary and we use it on the basis of Art. 6 Abs. 1 S. 1 lit. f GDPR to document your consent. If you delete your cookies, you will be requested for your consent whenever you call the website again.
You can withdraw your given consent or adapt your cookie choices any time by clicking on the following link: Usage of Cookies (https://www.syzygy.de/datenschutz/#).
Google Tag Manager
Our website uses the Google Tag Manager, a service of Google LLC, 1600 Amphitheatre Parkway, Moun-tain View, CA 94043, USA („Google“). With the help of Google Tag Manager we can manage tools and external services that we have integrated into our website. It allows the usage of so-called tags. A tag is a code element that is stored in the source code of the website in order to control which page and service elements or tools are activated and loaded in which order. This tool can also activate other tags that might collect data (and that are described in this data protection statement). It is possible that these data are processed on a Google server in the US. More information concerning information about Google Tag Manager can be found here: https://support.google.com/tagmanager/answer/6102821?hl=en .
Google Analytics
We use the web analysis service Google Analytics which is offered by Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA („Google“). According to Google, the right contact for all questions concerning data protection is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland. Google Analytics uses cookies and similar technologies to analyse and improve our website depending on your behaviour. These access data will be summarized by Google into pseudonymous usage profiles on our account and transferred to a Google server in the US. Before that, your IP address will be anonymised. Thus, we cannot determine which usage profiles belong to which user. We can neither identify who you are nor how you have used our website with the data collected by Google.
Google will use the information obtained with the help of cookies on our account in order to analyse the usage of our website. Google will generate reports about website activities and provide services that are connected to the usage of the website and the internet.
Retention Period
Google Analytics uses the following cookies for the described purpose with the corresponding retention period: „_ga“ for 2 years, „_gid“ for 24 hours (both for the detection and differentiation of website visitors by a user id), „_gat“ for 1 minute (for the reduction of requests to the Google server) as well as possibly „IDE“ for 13 months (third-party cookie for the detection and differentiation of website visitors by a user id, for the collection of interaction with marketing and within the scope of personalised advertising).
If you didn’t consent to the usage of Google Analytics, we will not collect your data within the scope of Google Analytics. Besides the above-mentioned possibility to withdraw your consent or to adapt your cookie choices, you have the following additional possibilities to prevent a web analysis by Google:
- You can configure your browser in such a way, that cookies from Google Analytics are blocked.
- You can adapt your configuration for advertisement by Google (https://support.google.com/ads/ answer/7395996).
- You can install the deactivation plug-in from Google in your Firefox, Internet Explorer or Chrome browser: https://tools.google.com/dlpage/gaoptout?hl=en . (This doesn’t work with mobile devices.)
More information concerning Google Analytics can be found in the data protection statement of Google (https:// policies.google.com/privacy?hl=en) and in the data protection statement of Google Analytics ( https:// support. google.com/analytics/answer/6004245?hl=en).
YouTube
Our website uses YouTube LLC, 901 Cherry Avenue, San Bruno, CA 94066, USA, represented by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA for the embedding of videos. Usually, your IP address will be sent to YouTube and cookies will be installed on your device by accessing a page with an embedded video. However, we have embedded our YouTube videos with an extended data privacy mode. (In this case, YouTube still contacts the Double Klick service of Google, but according to the data protection statement of Google, no personal data are analysed.) Thus, no website visitor information will be stored unless they actually view the video. If you click the video, your IP address will be transferred to YouTube and YouTube knows that you have seen the video. If you have already been logged-in to YouTube, this information will be matched with your user account. If you do not wish this matching to happen, it is necessary to log out before clicking on the video.
We have no knowledge about the collection and processing of your data by YouTube and we have no influence on it. Detailed information can be found in the data protection statement of YouTube (https:// policies.google.com/privacy?hl=en&gl=en). In addition, please see the description concerning the general processing of cookies and the deactivation of them in our data protection statement.
Vimeo
Our website also uses Vimeo, LLC, 555 West 18th Street, New York, NY 10011, USA for the embedding of videos. We integrate videos from third parties in our website with the help of the Vimeo player. Each call of a Vimeo video clip leads to a direct connection between the web browser and the Vimeo server in the US. If you are logged-in at Vimeo, this information will be matched with your personal user account. If you use the plug-in, i.e. if you start a video, this information will also be matched with your user account. If you do not wish this matching to happen, it is necessary to log out before accessing our website and to delete the corresponding Vimeo cookies. More information can be found in the Vimeo data protection statement (https://vimeo.com/privacy).
Integration of Services and Content of Third Parties
We have included on our website third-party content (for example, videos from YouTube, videos from Vimeo, maps from Google Maps). This always assumes that these content providers (subsequently called “third parties”) utilise the IP address of the user. They cannot send content to a user’s browser without IP address. The IP address is therefore required for the presentation of such content. We endeavour to use only content from providers that use the IP address solely for delivering this content. However, we do not have any influence on this if the third parties provide the IP address e.g. save for statistical purposes. As far as we know, we will inform users where this occurs.
Data Privacy Information for Shareholders
SYZYGY AG processes personal data about shareholders (name, address, e-mail address, number of shares, class of shares, the ownership of the shares and the number of an admission ticket) on the basis of the applicable data protection legislation. This allows the shareholders to exercise their rights within the scope of the annual shareholders’ meeting.
The processing of your personal data is mandatory for the participation of the annual shareholders’ meeting. The shareholders’ right to attend the annual shareholders’ meeting is governed by Section 118 of the German Corporation Act. SYZYGY AG is the controller for the processing of the personal data necessary for this purpose. The legal basis for the processing is Art. 6 para. 1 sentence 1 lit. c) GDPR.
The service providers engaged by SYZYGY AG to organise the annual shareholders’ meeting receive only personal data that may be necessary for the performance of the service. They process the data exclusively in accordance with instructions by SYZYGY AG. The service providers are, when necessary, bound and obliged under data protection law by corresponding contracts in accordance with Art. 28 GDPR.
Information on your rights as a data subject can be found in the section Rights of Data Subjects.
Links to External Sites
This website contains links to other external websites. If you use any of these external links, you will be directed to a website which is not covered by our privacy policy.
Obligation to Provide Personal Data
In order to enter into a business relationship, you must provide us with the personal data that is necessary for the performance of the contractual relationship or that we must compulsorily ascertain due to legal requirements. If you do not provide us with this data, then the implementation and processing of the contractual relationship is not possible for us. Apart from that, there is no legal or contractual obligation to provide data.
Automated Decision-Making or Profiling
Automated decision-making / profiling does not take place.
Data Security
SYZYGY AG has implemented comprehensive technical and organisational security measures in order to safeguard your data from accidental or deliberate manipulation, loss, destruction or from unauthorised access. Our security procedures will be reviewed on a regular basis and adapted to technological progress.
January 2022