Data Protection Policy

We are very pleased about your interest in SCHOTT. Data protection is very important to us, which is why we take the protection of your private data seriously and want you to feel secure when you visit our website.

During your visit to our website, personal data may be partially collected.

The processing of personal data is always in accordance with the General Data Protection Regulation and in accordance with the country-specific data protection provisions applicable to SCHOTT. By means of this Data Protection Policy, we would like to inform you about what information we generally collect during your visit to our website and how it is used. If you want to know more about the use of cookies on our websites, please see our Cookie Policy. How we use your data to personalize your customer experience based on your preferences is described here.

The SCHOTT AG is the controller of your personal data. Our company has its own branches in individual countries; these companies can process your personal data in the role of processor or joint controller in accordance with this document.

SCHOTT AG
Hattenbergstraße 10
55122 Mainz
Deutschland

E-Mailinfo@schott.com
Websitewww.schott.com

Board of the SCHOTT AG:
Dr. Frank Heinricht (Chairman)
Dr. Andrea Frenzel
Dr. Heinz Kaiser
Marcus Knöbel

Your personal data can be further processed by our partners only based on a data protection agreement, which guarantees the protection of your privacy. You can find more information in the section VIII. of this document.

Our data protection officer is available to answer your questions about the processing of your personal information conducted by us.

Christoph Dahl
Hattenbergstraße 10
55122 Mainz
Deutschland

E-Mailinfo.datenschutz@SCHOTT.com

1. Description and scope of data processing

With each access by a user on a page from the SCHOTT online content, the access data referring to this procedure will be stored in a log file on our server.

Each record consists of:

  • The page from which the file was requested
  • The name of the file
  • The date and time of the request
  • Access status (file transfer, file not found etc.)
  • A description of the type of web browser used
  • The IP address of the client
     

Your data will also be stored in the log files of our system. There is no storage of your data together with other personal data.

2. Legal basis for data processing

Legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f GDPR.

3. Purpose of data processing

The temporary storage of the IP address by the system is necessary to enable delivery of the website to your computer. To do this, your IP address must remain stored for the duration of the session.

We store log files to ensure the functionality of the website. In addition, your data will help us to optimize our website and to ensure the security of our information technology systems. An evaluation of your data for marketing purposes does not take place in this context. These purposes are basis for our legitimate interest in the processing of data in accordance with Art. 6 para. 1 lit. f GDPR.

4. Duration of storage

Your data will be deleted as soon as it is no longer required for the purpose. This is the case when your session is over. For data stored in log files, your data will be deleted at the latest after 90 days. An additional storage is possible. In this case, your IP addresses will be deleted or alienated so that it can no longer be assigned to a specific individual. 

5. Objection to processing and erasure

The collection of your data for the provision of our website and the storage of your data in log files is essential for the operation of our website. Consequently, there is no possibility to object to this data use or to demand erasure of data files.

1. Description and scope of data processing

Our website includes the possibility to easily contact SCHOTT. If you use this function, the contact data entered in the input mask will be transmitted to us and will be saved. In addition, further data may be collected depending on the nature of the contact. At the time of sending the message, the following data is also stored:

  • The IP address of the user
  • Date and time of registration

In this context, we do not pass any data to third parties. The data is used for processing the conversation.

You have the opportunity to give your consent for receiving information in the field of special glass and glass ceramic from SCHOTT. If you can find this option in a specific form, your data are processed in accordance with respective consent attached to this option. Likewise, you have the option to let us personalize your customer experience. To find out more about this option and the data we use, please see our statement on the SCHOTT Contact Profile.

2. Legal basis for data processing

Legal basis for the processing of the data is your consent according to Art. 6 para. 1 lit. a GDPR.

The legal basis for the processing of the data transmitted in the course of sending an e-mail is Art. 6 para. 1 lit. f GDPR. If the e-mail contact aims to conclude a contract, then additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

3. Purpose of data processing

We use your personal data from the input mask to process your enquiry.

The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

4. Duration of storage

Details and/or summaries of enquiries including additional personal data collected during the sending process may be transferred to SCHOTT’s CRM system, if the enquiry is deemed as a commercial interest in the products or services of SCHOTT. This data will be kept for a minimum of 6 years. 

Data pertaining to any other enquiries will be deleted when the respective conversation with you is over. The conversation is ended when it can be inferred from the circumstances that the relevant facts have been finally clarified.

5. Objection to processing and erasure

Of course, you always can revoke your consent to the processing of personal data. If you contact us by email, you may object to the storage of your personal data at any time. In such a case, the conversation cannot continue.

1. Description and scope of data processing

Our website includes the possibility to easily contact SCHOTT. If you use this function, the contact data entered in the input mask will be transmitted to us and will be saved. In addition, further data may be collected depending on the nature of the contact. At the time of sending the message, the following data is also stored:

  • The IP address of the user
  • Date and time of registration

In this context, we do not pass any data to third parties. The data is used for processing the conversation.

You have the opportunity to give your consent for receiving information in the field of special glass and glass ceramic from SCHOTT. If you can find this option in a specific form, your data are processed in accordance with respective consent attached to this option. Likewise, you have the option to let us personalize your customer experience. To find out more about this option and the data we use, please see our statement on the SCHOTT Contact Profile.

2. Legal basis for data processing

Legal basis for the processing of the data is your consent according to Art. 6 para. 1 lit. a GDPR.

The legal basis for the processing of the data transmitted in the course of sending an e-mail is Art. 6 para. 1 lit. f GDPR. If the e-mail contact aims to conclude a contract, then additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

3. Purpose of data processing

We use your personal data from the input mask to process your enquiry.

The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

4. Duration of storage

Details and/or summaries of enquiries including additional personal data collected during the sending process may be transferred to SCHOTT’s CRM system, if the enquiry is deemed as a commercial interest in the products or services of SCHOTT. This data will be kept for a minimum of 6 years. 

Data pertaining to any other enquiries will be deleted when the respective conversation with you is over. The conversation is ended when it can be inferred from the circumstances that the relevant facts have been finally clarified.

5. Objection to processing and erasure

Of course, you always can revoke your consent to the processing of personal data. If you contact us by email, you may object to the storage of your personal data at any time. In such a case, the conversation cannot continue.

1. Description and scope of data processing

In order to place an order in our web shop, you must register. In doing so, we need information about your company, but also some personal data. We will not transmit this data with third parties.

We collect the following data for the registration process:

  • Salutation
  • First name
  • Last name
  • Company
  • Address (business)
  • Phone number (business)
  • E-mail address (business)
     

We use this data for processing your inquiry or order. At the time of registration, the following data is also stored:

  • IP address
  • Date and time of registration

2. Legal basis for the data processing

Your registration is necessary for the processing of your order and thus for the fulfilment of a contract or the implementation of pre-contractual measures. Thus, the legal basis for the processing of data is art. 6 para. 1 lit. b GDPR.

3. Purpose of the data processing

Your registration is required to process your order.

4. Duration of storage

We store your personal data only as long as it is necessary for the execution of your business relationship with SCHOTT or as long as we are legally obligated to store such data.

5. Right to object

In principle, you have the possibility to cancel the registration at any time. You can have the data stored about you changed at any time.

If the data is required for the fulfilment of a contract or for the implementation of pre-contractual measures, however, premature deletion of the data is only possible if there are no contractual or legal obligations that prevent deletion.

1. Description and scope of data processing

For this integration, it is necessary that the third-party providers of these contents process your IP address, since they could not send the contents to their browsers without the IP address. The IP address is therefore required for the presentation of these contents or functions. 

 

2. YouTube Videos

We include videos, which are stored at https://www.YouTube.com but can be played directly from our website. YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA (“YouTube”), is the operator of the necessary software for the necessary plugin.

We integrate those videos via the "extended data protection mode". This ensures that YouTube receives no data about you as a user if you do not play the videos. Only when you play the videos, YouTube receives the information that you have accessed the corresponding subpage of our website. This occurs regardless of whether YouTube provides a user account that you are logged in to or whether there is no user account.

If you are logged in to Google, your data will be assigned directly to your account. If you do not wish your profile to be associated with YouTube, you must log out before activating the button. YouTube stores your data as user profiles and uses them for advertising, market research and/or the design of its website to meet your needs. Such evaluation is carried out in particular (even for users who are not logged in) to provide demand-oriented advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right.

Further information on the purpose and scope of data collection and processing by YouTube can be found in the Privacy Policy. There you will also find further information on your rights and setting options to protect your privacy at https://www.google.de/intl/de/policies/privacy.

 

3. Use of Chatbots

We use the chatbot of our service provider LoyJoy GmbH, Kapuzinerstr. 20, 48149 Münster, Germany, to improve our offer and to carry out marketing campaigns.

The following data is processed by the chatbot:

  • Browser used
  • Interaction of the logged-in user such as entered messages
  • E-mail address, if a question cannot be answered by the chatbot and you would like a personal answer from our customer service.

 

The aforementioned data is required for the interaction between you and the chatbot. In addition, the data is aggregated and anonymized for statistical evaluations, in order to carry out success measurements, and to enable the optimized delivery of messages, provided that you have consented to the use of corresponding cookies.

The chatbot provides you with information about simple questions and uses artificial intelligence to answer them. In this respect, false information may occur. Answers are therefore not legally binding and there is no guarantee or liability for the accuracy, completeness or timeliness of the information provided.

The data will be stored for a period of 30 days and then deleted. The legal basis for the processing is your consent in accordance with Art. 6 para. 1 a) GDPR by using of the chatbot.

As part of the use of the chatbot, services from "Cloudflare" (provider: Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA) are used.

Cloudflare provides web application firewall protection. The data transfer between the browser and the chatbot's server flows through Cloudflare's infrastructure, where it is analyzed to fend off attacks. The use of Cloudflare is in the interest of secure use of the chatbot and defense against harmful attacks from outside. The legal basis for processing via Cloudflare is therefore our overriding legitimate interest within the meaning of Article 6 (1) (f) GDPR.

There is no adequacy decision by the EU Commission for data transfers to the USA. Cloudflare ensures an adequate level of data protection by concluding the EU standard contractual clauses. We will provide you with a copy of the contractual clauses upon request using our contact details above.

SCHOTT is a corporation operating on a global scale, which has cross-border legally independent companies, business processes, management structures, and technical systems.

The data collected on these websites is always collected and processed by SCHOTT AG. If necessary for business processes, your data will be shared with affiliates.

As part of the provision of our services, your information may under certain circumstances also be transferred to third parties who we have included in order processing, e.g. IT service providers. When transferring personal information to these third parties, we restrict ourselves to the information, which is necessary for the provision of the service in question and we ensure that this transfer is carried out in compliance with required data security measures. SCHOTT will only transfer your personal information to third parties which have committed themselves to data protection and to the processing of your information in compliance with the applicable laws.

In addition, SCHOTT may be forced by a court or an official order to reveal your data and associated information. Likewise, we reserve the right to use your information for the assertion of or defense against legal claims. In the event of a takeover or merger with another company, it may be necessary to disclose or transfer your information to actual or potential buyers. In this case, SCHOTT will endeavor to achieve the highest possible level of data protection and will comply with the legal stipulations.

1. Right to information

You always have it in your own hands which of your personal data you provide us. Of course, beyond that, you may also make use of your right under Art. 15 GDPR and by written request with proof of your identity by SCHOTT demand confirmation as to whether and which personal data concerning you are processed by us.

2. Right to rectification

You have a right to rectification and / or completion to SCHOTT, if your personal data processed is incorrect or incomplete. We have to correct this immediately.

3. Right to erasure

Of course, you can request the deletion of your personal data from us at any time.

4. Right to revoke the data protection declaration of consent

You may also revoke your consent to the processing of your personal data at any time. The revocation of consent does not affect the lawfulness of the processing, which is carried out based on the consent until the revocation.

5. Right to restriction of processing

Likewise, under the conditions of Art. 18 GDPR you have the right to demand a restriction of the processing of your personal data.

6. Right to complain to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you shall have the right to complain to a supervisory authority, in particular in the Member State of its residence, place of work or place of alleged infringement, if you believe that the processing of the personal data concerning you violates the GDPR.