Data protection

Introduction
We, Storz am Mark GmbH (hereinafter “we” or “us”), take the protection of your personal data seriously. We handle your data confidentially and in accordance with the GDPR as well as this policy.

1 Controller

Storz am Mark GmbH
Emminger Straße 39
78576 Emmingen-Liptingen
Germany
Tel.: +4974659260-70
Email: sam(at)stoma.de
Website: www.stoma.de

2 Data Protection Officer

Storz am Mark GmbH
Emminger Straße 39
78576 Emmingen-Liptingen
Germany
Tel.: +4974659260-28
Email: datenschutz(at)stoma.de
Website: www.stoma.de

3 Definitions (Art. 4 GDPR – summary)

Personal data: All information that identifies you directly or indirectly.
Processing: Any operation related to data (collection, storage, use, etc.).
Controller: Entity that determines purposes and means.
Processor: External service provider acting on behalf of the controller.

4 Collection and storage when visiting the website

When visiting our website, our server automatically collects log data:

IP address
Access date/time
URL of the requested file
Referrer URL
Browser and operating system type

Purpose: Functional security, performance measurement, attack detection
Legal basis: Art. 6(1)(f) GDPR (legitimate interest)
Storage period: 30 days, then anonymization

5 Google Fonts

We embed web fonts locally, thus avoiding data transfers to Google Ireland Limited. Until completed:

Data recipient: Google Ireland Limited
Legal basis: Art. 6(1)(f) GDPR (legitimate interest)

6 Cookies & Tracking

We use cookies only with your consent via our consent tool.

Session cookies: Functional security
Preference cookies: settings
Statistics cookies: Google Analytics (IP anonymization)
Marketing cookies: Google Ads, Meta Pixel

Withdrawal: anytime via cookie banner or browser settings

7 Google Analytics, Google Ads, Meta Pixel

Google Analytics (anonymized) – opt-out via browser add-on
Google Ads (conversion tracking) – consent required
Meta Pixel – used after consent, opt-out in Facebook account

8 Contact inquiries

When contacting us via form, email, or phone, we store your data (name, email, content) for processing.

Data transfer: not without your consent
Storage duration: 3 years

9 Newsletter (Double Opt-In)

Registration via form
Confirmation email with link
Storage of email, registration and confirmation date, IPs
Withdrawal via unsubscribe link or email to newsletter@stoma.eu
Legal basis: Art. 6(1)(a) GDPR (consent)

10 Routine deletion & blocking

Data is deleted once the purpose ceases or retention periods end. Automated and manual checks take place regularly.

11 Data protection in applications

We process application documents (cover letter, CV, certificates) for recruitment.

Legal basis: Art. 6(1)(b) GDPR
Storage: 2 months after rejection unless legitimate interests apply.

12 Google Maps

Interactive maps with consent.

Data recipient: Google LLC (USA)
Data transferred: IP address, entered address data
Legal basis: Art. 6(1)(f) GDPR
Deactivation: disable JavaScript

13 Processors

We work with service providers (e.g., hosting, email delivery) under Art. 28 GDPR contracts. We maintain an internal list.

14 Data transfers to third countries

Transfers outside EU/EEA only with adequacy decisions or Standard Contractual Clauses (SCC).

15 Social media & links

Our pages contain links to third-party providers. Their privacy policies apply upon access. We have no control over their content.

16 Your rights

Access (Art. 15 GDPR)
Rectification (Art. 16)
Erasure (Art. 17)
Restriction (Art. 18)
Data portability (Art. 20)
Objection (Art. 21)
Withdrawal of consent
Complaint to supervisory authority

Requests: datenschutz(at)stoma.de

17 Updates & changes

Last updated: 09.09.2025. We reserve the right to amend this policy and will publish the update date here.