Privacy policy

Data protection information

With the following data protection information, we would like to inform you about the processing of your personal data by Sokratel GmbH, Karl-Drais-Str. 3, 86159 Augsburg, Germany (hereinafter referred to as “Sokratel”).

From time to time, it may be necessary to amend this Privacy Notice as a whole and certain parts of it in order to comply with current legal requirements or to cover the introduction of new services. You can find the latest version of our privacy policy at: www.sokratel.de/datenschutz

I. General information on data protection at Sokratel

1. responsible person and data protection officer

Sokratel GmbH is responsible for the processing of your personal data within the meaning of data protection law.

The contact details of the data protection officer of Sokratel GmbH are as follows:

Graf Consultings GmbH

Karwendelstr. 7

86949 Windach

E-mail: datenschutz@sokratel.com

2. your data protection rights

In connection with the processing of personal data by Sokratel GmbH, all data subjects – within the framework of Member State law – have the following rights under Articles 15 to 21 GDPR:

Right to information;
Right to rectification;
Right to erasure;
Right to restriction of processing;
Right to data portability;
Right of objection.

Furthermore, you have the right to withdraw your consent to the processing of your personal data at any time with effect for the future. Such a revocation has no effect for the past, i.e. it has no influence on the effectiveness of the data processing carried out until the revocation.

If you believe that the processing of personal data by Sokratel does not comply with data protection regulations or you are not satisfied with the information provided by us, you have the right to lodge a complaint with the competent supervisory authority (see Art. 77 GDPR).

3. transfers to third countries or international organizations

We ensure that your data is not transferred to recipients in countries without an adequate level of data protection (third countries). In some cases, however, this cannot be completely avoided. Where this is the case, Sokratel has taken and will continue to take appropriate measures to ensure an adequate level of data protection at the recipient at all times. These include, in particular, adequacy decisions of the EU Commission or standard data protection clauses issued by the EU Commission, which are available via the EU Group Data Protection Officer.

4. storage and retention periods

We only process personal data for as long as is necessary to fulfill our contractual obligations. As soon as the data in question is no longer required, it is generally deleted.

However, in order to comply with certain legal requirements, we must store some data beyond the termination of the contractual relationship. This includes commercial and tax documentation, verification and retention obligations. In these cases, we are generally obliged to store the data for three to ten years or, in rare cases, e.g. in the event of legal disputes, for up to 30 years.

II Processing of personal data by Sokratel GmbH for core business purposes

In order to operate our complex international business, it is necessary to process personal data.

1. nature and origin of the personal data processed by Sokratel

We process personal data only to the extent necessary to fulfill our contractual and legal obligations in connection with the business relationship with our customers, suppliers and partners. “Processing” means that we collect, store, delete or transmit personal data, to name just a few examples.

The personal data processed by us includes

Master and contact data of customers and suppliers, such as name, address, telephone number, e-mail address, function, department of our contact person, etc.
Data that we require for invoicing and payment processing, such as bank details, tax number, credit management information, etc., insofar as it concerns data of a natural person;
Information on supplier and customer relationship management, e.g. order history, etc., insofar as it relates to data of a natural person;

We regularly receive the personal data processed by us in the course of our business relationship with our customers, suppliers and partners.

In some cases, we also process personal data that we have obtained by other means in accordance with the applicable data protection laws. This is regularly the case with:

Publicly accessible sources, e.g. trade and company registers, trade fairs, exhibitions, internet sources, newspapers, business directories, etc.
Third parties that are not affiliated with Sokratel, e.g. trade associations, credit agencies, insurance companies, etc.

2. purpose of processing by Sokratel and legal basis

We only process your personal data for permitted purposes and in accordance with the applicable legal provisions of the GDPR and the relevant national data protection laws.

2.1 We process data to fulfill our contractual obligations.

We process personal data to fulfill our contractual obligations to our customers and suppliers or to carry out so-called pre-contractual measures, which are carried out in response to a specific request.

In these cases, the purpose of data processing is determined by the contract that we have concluded with our customer or supplier and the services that must be provided as part of this contract. This also includes, for example, the processing of personal data in the context of sending catalogs, information about our services or the preparation of specific offers.

2.2 We process data to protect legitimate interests

In addition, we process personal data insofar as this is necessary to protect the legitimate interests of Sokratel and our customers (and possibly other third parties). In this case, we only process personal data in consideration of your interests.

These include in detail e.g:

The supply of products and the provision of services
Customer service and complaint processing
Ensuring the quality of our services in the form of regular surveys
Direct marketing, provided that you have not objected to the processing of your personal data for these purposes
Surveillance of publicly accessible areas in our branches with optical-electronic devices (video surveillance)
The transfer of personal data within Socratel for internal administrative purposes

2.3 We process data with your consent

We also process your personal data if you have given us your consent. You can withdraw your consent at any time. Please note, however, that data processing remains permissible until the time of revocation.

2.4 We process data to fulfill legal obligations

We are obliged to process certain data in order to comply with legal obligations. Such obligations may arise from certain provisions of national economic, commercial, tax and social law as well as European legislation, e.g. in connection with regulations to prevent the financing of terrorism. This may also result in individual obligations for Sokratel to secure, store, report and collect data, which generally serve the control purposes of the respective authorities.

2.5 Information on changing the intended use

If we process your personal data for a purpose other than that for which we originally collected it, we will only do so to the extent permitted by law and will inform you of this new purpose.

3. recipient of your data

Personal data will only be made available to other Sokratel companies if and insofar as this is necessary to protect our legal and contractual rights and obligations. This may be the case, for example, in the coordination of our contractual services. Typical examples are central supplier and customer management services, or central IT services.

We work with external service providers to fulfill certain contractual obligations. This is the case, for example, in connection with specific supplier and customer management services, as well as the hosting of IT infrastructure, payment processing (direct debit, purchase on account), logistics and delivery, advertising campaigns or the processing of online inquiries. Insofar as we involve external service providers, this is always done in accordance with the statutory provisions and in compliance with the applicable data protection regulations.

We only share personal data with other recipients outside Sokratel if we are legally obliged or authorized to do so. In all other cases, we will only share your data with other third parties if you have given us your consent to do so.

As part of the ongoing development of our business, we may establish or sell subsidiaries or parts of companies or merge our business or parts of it with another company. Such transactions generally involve the transfer of customer information about the sold or divested subsidiary or part of the company to the buyer or the company created by the merger. Even in the unlikely event of a complete sale of Sokratel or significant parts of it, your personal data will be passed on to the buyer.

4. obligation to provide data

In order to be able to provide our services to our customers, we must process certain personal data or are legally obliged to do so. We collect the relevant data from you when a contract is concluded (e.g. address, business contact details and function).

Without this data, we cannot conclude any contracts with our customers.

5. automated decision-making and profiling

We do not use automated decision-making processes for procedures that have legal implications or similar significant effects for you. No decision is made without further human review. Profiling within the meaning of Art. 4 (4) GDPR does not take place at Sokratel. In exceptional cases, we provide a separate privacy policy.

III How we use personal data for the purposes of our websites

Sokratel operates websites to inform you about the companies and their products and services.

1. nature and origin of the personal data processed by Sokratel GmbH

When you visit one of Sokratel’s websites, we collect certain personal data from you. The personal data processed in this context may include your name, address, telephone number or e-mail address.

Personal data that is processed in connection with the operation of our websites is generally provided by you when you use our website, e.g. when you register for offers such as a newsletter.

In some cases, however, the processed personal data may also be provided by third parties not affiliated with Sokratel, such as internet service providers, marketing affiliates or software plugins, mainly for technical reasons. The following data (in particular log information and device data) are automatically processed by Sokratel GmbH:

The name of your Internet Service Provider (ISP)
Your IP address
Your browser type and operating system (OS)
Date, duration and time of your visit
Websites visited
Extracted data & downloaded files
Your country
Your referrer URL
Your search term, if you were referred to our website by a search engine.

2. purpose of processing by Sokratel and legal basis

We only process personal data to the extent necessary in each case.

2.1 We process data to fulfill our contractual obligations.

We process personal data to fulfill our contractual obligations to our customers or to carry out so-called pre-contractual measures that are carried out in response to a specific request. This may be the case if you register for certain services, for online orders or our supplier portal.

2.2 We process data to protect legitimate interests

These include in detail e.g:

Measures to analyze pseudonymized user behavior to further improve our websites,
Measures for the provision of website functionalities such as user account management, shopping carts.

2.3 We process data with your consent

These include in detail, for example

Newsletter registration,
Advertising measures,
Contact requests.

3. recipient of your data

3.1 The companies and service providers of Sokratel

Sokratel shares personal data as described above (see section II. 3).

3.2 Website tracking

We only use so-called tracking pixels on our websites with your express consent.

Through the tracking used on our websites, contacts that you have with advertisements on other websites (visual contacts and clicks on advertising banners) or with our e-mails are related to interactions on our website.

The data collected will be merged and evaluated for the purpose of optimizing and economically operating our online offer, our website, and e-mail communication as well as to determine the effectiveness of marketing campaigns (taking into account whether you are already an existing customer outside of our online offer)

You can revoke your consent to the use of this technology at any time with effect for the future.

We work with the following service provider for technical implementation: IONOS

The provider is IONOS SE, Elgendorfer Str. 57, 56410 Montabaur (hereinafter referred to as IONOS). When you visit our website, IONOS collects various log files including your IP addresses. For details, please refer to the IONOS privacy policy: https://www.ionos.de/terms-gtc/terms-privacy
IONOS is used on the basis of Art. 6 para. 1 lit. f GDPR. We have a
legitimate interest in ensuring that our website is displayed as reliably as possible. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and Section 25 (1) TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s end device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

Order processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract prescribed by data protection law, which ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

3.3 Social media providers

We maintain online presences within social networks and platforms in order to communicate with the customers, interested parties and users active there and to inform them about our services (e.g. LinkedIn, XING, YouTube). When accessing the respective networks and platforms, the terms and conditions and data processing guidelines of their respective operators apply. Unless otherwise stated in our privacy policy, we process users’ data if they communicate with us within social networks and platforms, e.g. write posts on our online presences or send us messages.

On some websites, Sokratel integrates additional content and publications (blogs, posts, news, videos, interviews, etc.) that have already been published on other social media / social networks (e.g., LinkedIn, XING, Youtube). As long as you do not click on such content, no personal data will be transmitted to the respective social media provider.

We work together with social media providers to use so-called re-targeting technology. With this technology, cookies from these partner companies (so-called third-party cookies) are also stored on your hard disk when you visit our site if you have consented to the use of marketing cookies.

The service provider collects and processes your usage behavior on websites operated by us. This data is used to retarget users with targeted advertising based on their usage behavior after they have visited our websites. These advertisements are displayed outside of our websites. Your interactions with these features are governed by the privacy policies of the companies that provide them.

You can revoke your consent to the use of this technology on our website at any time with effect for the future.

Further information on how to prevent further use by the partner company can be found in its privacy policy. We use the following third-party cookies if you have expressly consented to this:

a) This website uses the Insight tag from LinkedIn. The provider of this service is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. The parent company of LinkedIn is headquartered in the USA. With the help of the LinkedIn Insight Tag, we receive information about visitors to our website. If a website visitor is registered with LinkedIn, we can, among other things, analyze the key professional data (e.g. career level, company size, country, location, industry and job title) of our website visitors and thus better tailor our site to the respective target groups. We can also use LinkedIn Insight Tags to measure whether visitors to our websites make a purchase or take another action (conversion measurement). Conversion measurement can also be carried out across devices (e.g. from PC to tablet). LinkedIn Insight Tag also offers a retargeting function that we can use to display targeted advertising to visitors to our website outside the website, whereby, according to LinkedIn, no identification of the advertising addressee takes place. LinkedIn itself also collects log files (URL, referrer URL, IP address, device and browser properties and time of access). The IP addresses are shortened or (if they are used to reach LinkedIn members across devices) hashed (pseudonymized). The direct identifiers of LinkedIn members are deleted by LinkedIn after seven days. The remaining pseudonymized data is then deleted within 180 days. The data collected by LinkedIn cannot be assigned to specific individuals by us as the website operator. LinkedIn will store the personal data collected from website visitors on its servers in the USA and use it for its own advertising purposes. Details can be found in LinkedIn’s privacy policy at https://www.linkedin.com/legal/privacy-policy#choices-oblig.

Object to the analysis of user behavior and targeted advertising by LinkedIn at the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Furthermore, LinkedIn members can control the use of their personal data for advertising purposes in the account settings. To prevent LinkedIn from linking data collected on our website to your LinkedIn account, you must log out of your LinkedIn account before visiting our website.

b) This website integrates videos from the YouTube website. The operator of the website is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

When you visit one of these websites on which YouTube is integrated, a connection to the YouTube servers is established. The YouTube server is informed which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

We use YouTube in extended data protection mode. According to YouTube, videos that are played in extended data protection mode are not used to personalize surfing on YouTube. Ads that are played in extended data protection mode are also not personalized. No cookies are set in extended data protection mode. Instead, so-called local storage elements are stored in the user’s browser, which contain personal data similar to cookies and can be used for recognition. Details on the extended data protection mode can be found here: https://support.google.com/youtube/answer/171780.

After activating a YouTube video, further data processing operations may be triggered over which we have no influence.

The use of YouTube is in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR represent. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and Section 25 (1) TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s end device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

You can find more information about data protection at YouTube in their privacy policy at: https://policies.google.com/privacy?hl=de.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.

c) This site uses the map service Google Maps. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. With the help of this service, we can integrate map material on our website.

To use the functions of Google Maps, it is necessary to save your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer. If Google Maps is activated, Google may use Google Fonts for the purpose of uniform display of fonts. When you call up Google Maps, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.

The use of Google Maps is in the interest of an appealing presentation of our online offers and to make it easy to find the places we indicate on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR represent. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and Section 25 (1) TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s end device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

You can find more information on the handling of user data in Google’s privacy policy: https://policies.google.com/privacy?hl=de.

By clicking on social media wall content, your IP address is transmitted to the respective social media provider and stored, processed and used there in accordance with its privacy policy. An information banner on the social media wall informs you that by clicking on a certain content you consent to such a transfer of your personal data.

3.4. Analysis tools and advertising

This website uses the analysis tool WP Statistics to statistically evaluate visitor access. The provider is Veronalabs, Tatari 64, 10134, Tallinn, Estonia(https://veronalabs.com).

With WP Statistics we can analyze the use of our website. Among other things, WP Statistics records log files (IP address, referrer, browser used, origin of the user, search engine used) and actions that website visitors have taken on the page (e.g. clicks and views).

The data collected with WP Statistics is stored exclusively on our own server.

The use of this analysis tool is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in the anonymized analysis of user behaviour in order to optimize both our website and our advertising. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and Section 25 (1) TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s end device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

We use WP Statistics with anonymized IP. Your IP address is shortened so that it can no longer be directly assigned to you.

4. cookies

Our Internet pages use so-called “cookies”. Cookies are small data packets and do not cause any damage to your end device. They are stored on your device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or they are automatically deleted by your web browser.

Cookies may originate from us (first-party cookies) or from third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services from third-party companies within websites (e.g. cookies for processing payment services).

Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies can be used to evaluate user behavior or for advertising purposes.

Cookies that are required to carry out the electronic communication process, to provide certain functions that you have requested (e.g. for the shopping cart function) or to optimize the website (e.g. cookies to measure the web audience) (necessary cookies) are stored on the basis of Art. 6 para. 1 lit. a GDPR. 1 lit. f GDPR, unless another legal basis is specified.

The website operator has a legitimate interest in the storage of necessary cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies and comparable recognition technologies has been requested, the processing is carried out exclusively on the basis of this consent (Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG); the consent can be revoked at any time.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.

You can find out which cookies and services are used on this website in this privacy policy.

5. links

Our websites contain links to other websites that are subject to separate data protection notices of the respective operators.

6. inquiries by e-mail, telephone and fax

If you contact us by e-mail, telephone or fax, we will store and process your inquiry, including all personal data (name, inquiry), for the purpose of processing your request. We will not pass on this data without your consent.

This data is processed on the basis of Art. 6 para. 1 lit. b GDPR, if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the inquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested; consent can be revoked at any time.

The data you send to us via contact requests will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.

IMPORTANT NOTE

Information on your right to object

1. objection in special situations

You have the right to object at any time to certain types of processing of your data on grounds relating to your particular situation. This right applies to data processing in the public interest and to data processing to protect legitimate interests. This right also applies to profiling insofar as it is based on these two provisions.

In the event of an objection, we will cease processing your personal data. However, this does not apply if we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves the establishment, exercise or defense of legal claims.

2. objection to processing for direct marketing purposes

In individual cases, we process your personal data for direct marketing purposes. This is the case, for example, if we send you information about special offers or discount promotions.

You have the right to object to the processing of your personal data for these purposes. This right also applies to profiling insofar as it is associated with direct marketing.

In the event of an objection to direct marketing, we will no longer process your personal data for these purposes.

Your objection does not require any special form and can be sent to us by e-mail: datenschutz@sokratel.com

Augsburg, October 2025