Data protection at a glance

Thank you for visiting our website. The protection of your personal data is important to us. Below, we inform you about what personal data we process in connection with the use of our website, for what purposes this happens, on what legal basis the processing takes place, and what rights you have.

This privacy policy applies to the website: https://sgh-service.com/

Responsible person

The data controller for this website is:

SGH Service GmbH
Daimlerring 51
31135 Hildesheim
Germany

Managing Director: Gerrit Hoppen

Telephone: +49 5121 76460

E-mail info@sgh-net.de

Data protection officer

You can reach our Data Protection Officer at:

datenschutz@sgh-net.de

General information on the processing of personal data and its legal basis

We only collect and process personal data that you actively submit to us through your inputs. Furthermore, we automatically process personal data based on the provision and use of a functional website. In the following cases, in particular, your personal data may therefore be processed:

  • Visit our website
  • for the processing of your requests
  • for the provision of our services
  • for conducting application procedures
  • for sending newsletters
  • Carrying out advertising measures
  • Analyse of the use of our website or
  • due to your consent being required.

Personal data is any information relating to an identified or identifiable natural person, for example, name, email address, telephone number, IP address, or application documents.

Website visit and server log files

We use cookies and other technologies on our website to store and retrieve information on your device.

When you visit our website, our system automatically collects data (server log files) and information from your end device, and some necessary cookies are processed so that we can technically provide the website, ensure its functionality and guarantee the stability and security of the website.

The following information, in particular, can be captured from your calling terminal device without your intervention and processed until automated deletion:

  • IP address
  • Date and time of access
  • Page or file not found
  • Browser used
  • Operating system used
  • Referrer URL
  • Transferred data volume
  • Status messages

Processing is carried out on the basis of Art. 6(1)(f) GDPR. Our legitimate interest lies in the secure, stable and technically error-free provision of our website.

A contract for processing of data has been concluded with the company commissioned with operating the website, IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany.

Consent management with Borlabs Cookie

To manage your consents, we use Borlabs Cookie. Borlabs Cookie stores your choices about cookies and external services so that we can take your consents or rejections into account. Borlabs Cookie uses a technically necessary cookie for this purpose. Information about your settings will be stored in this cookie.

Some cookies are not essential but help us to make our online offer more user-friendly and to improve it (analysis/statistics) and to operate it economically (marketing/advertising).

Processing is carried out on the basis of Art. 6 (1) (f) GDPR. Our legitimate interest lies in the legally compliant management of consents and the documentation of your cookie choices.

Regarding all other non-essential or technically not required cookies, you can agree by clicking the “Accept” button in our consent management tool, or object by clicking “Reject”.
The additional legal basis for consent is Art. 6(1)(a) GDPR.

If you wish to withdraw or change your consent, simply delete the cookie in your browser. If you re-enter/reload the website, you will be asked for your cookie consent again.

Getting in touch and contact form

On our website, we provide a contact form. If you contact us via this form, we will process the data you enter to handle your enquiry.

The contact form can process the following details in particular:

  • First name
  • Surname
  • Email address
  • Telephone number
  • Concern
  • Please select how we can assist you, e.g., general enquiry, book a demo, support request, request a consultation, request a quote, or other enquiry
  • News article
  • Confirmation of acknowledgment of the privacy policy or declaration on the processing of query data

The legal basis for this is our legitimate interest in responding to your request pursuant to Art. 6(1)(f) of the GDPR.

To the extent that your request concerns the conclusion of a contract or pre-contractual measures, processing is carried out additionally on the basis of Art. 6(1)(b) GDPR.

The submitted data will be deleted once your request has been fully processed and there are no statutory retention obligations or legitimate interests in further storage.

Google reCAPTCHA

To protect our contact form from spam, abuse, and automated entries, we use Google reCAPTCHA. The provider is Google Ireland Limited.

reCAPTCHA is used to check whether an entry in our contact form is made by a human or by an automated program. Various pieces of information can be processed for this purpose, in particular:

• IP address
• Browser and device information
Date and time of access
• Page requested
• Mouse movements, click behaviour, and other interactions with the website
Length of stay
• any cookies or similar technologies set by Google

Processing is carried out to protect our website and forms from misuse, automated entries and spam. The legal basis is Article 6(1)(f) of the GDPR. Our legitimate interest lies in the security of our website, the prevention of abusive form submissions and the protection of our IT systems.

Where consent for the use of reCAPTCHA is obtained via our consent management tool, processing is carried out on the basis of Art. 6(1)(a) GDPR. You can withdraw your consent at any time with effect for the future via the cookie settings.

As part of the use of reCAPTCHA, personal data may be processed by Google. Data transmission to third countries, particularly the USA, cannot be ruled out.

Booking appointments with Calendly

If you would like to book a consultation appointment for our services with our employees or attend an event, you can easily book appointments yourself. For this, we use Calendly.

When booking an appointment online, we process the personal data contained in the booking form:

  • Name
  • Email address
  • Telephone number
  • Company or organisation
  • Desired date
  • Details regarding your request
  • Technical data relating to the booking

The legal basis for data processing is our legitimate interest in providing an easy appointment booking system pursuant to Art. 6(1)(f) GDPR, your consent to usage pursuant to Art. 6(1)(a) GDPR and Art. 6(1)(b) GDPR, insofar as the appointment booking serves the performance of pre-contractual measures or a contract.

When using Calendly, it cannot be ruled out that personal data will be transferred to third countries, particularly to the USA.

We have concluded a contract for order processing with Calendly, Inc., 115 E Main St., Ste A1B, Buford, GA 30518, USA, using standard contractual clauses in order to ensure an appropriate level of protection for your data.

Applications and Careers section via Personio

We are always happy to welcome new colleagues!

For our career section and application processing, we use Personio. On our website, job vacancies may be integrated or linked via Personio. If you apply for a vacancy via Personio or submit an unsolicited application to us, we will process the application data you provide for the purpose of conducting the application process and making a decision on the establishment of an employment relationship. This may include, in particular:

  • Name and contact details
  • Curriculum Vitae
  • Cover letter
  • Certificates
  • Qualifications
  • Professional career
  • any other application documents submitted by you

The legal basis is § 26 BDSG and Art. 6(1)(b) GDPR. If further storage is necessary for the assertion, exercise or defence of legal claims, the processing is carried out on the basis of Art. 6(1)(f) GDPR.

Unless we are unable to consider your application, we will generally delete your application data at the latest six months after the conclusion of the application process, provided that there are no statutory retention obligations, no consent for longer storage has been given, or longer storage is not required for the assertion, exercise or defence of legal claims, e.g. under the General Equal Treatment Act (AGG).

When we establish an employment relationship with you, we will inform you separately about the processing of your employee data.

Newsletters and email marketing with Brevo

You can subscribe to our newsletter on our website.

By signing up for our email newsletter, we will process the data you provide for the creation and dispatch of the newsletters, as well as for proof of registration. The legal basis for processing is Art. 6(1)(a) GDPR, based on your consent.

When signing up for the newsletter, we process in particular:

  • Email address
  • Time of registration
  • Time of confirmation
  • IP address on login and confirmation
  • Proof of consent
  • Open and click behaviour in newsletters

Registration is done using a double opt-in procedure. To confirm your newsletter subscription, you must click on the confirmation link in the verification email that we will send to you after you have registered.

By clicking on the provided link in the verification email, we will process the date and time of the click, the content of the email sent to you, and your email address.

The logging and retention of login details (IP address, timestamp) are carried out to fulfil our legal accountability obligations.

The legal basis for sending the newsletter is your consent in accordance with Art. 6 (1) (a) GDPR in conjunction with Art. 7 (1), as we are legally obliged to document and be able to prove the existence of your consent.

We use opening and click tracking to evaluate whether and how our newsletters are read. This is for the optimisation of our content and communication. The legal basis for this is your consent in accordance with Art. 6(1)(a) GDPR.

You can withdraw your consent at any time with effect for the future, for example via the unsubscribe link in every newsletter email.

You can cancel your subscription to our newsletter with future effect at any time. Cancellations are subject to retention periods of 3 years.

For sending out newsletters and email marketing, we use Brevo. If you subscribe to our newsletter, your data will be transferred to Brevo for the purpose of sending emails.

With service provider Brevo GmbH, Köpenicker Str. 126, 10179 Berlin, we have concluded a contract for order processing. Brevo GmbH is a subsidiary of Sendinblue SAS, 17 rue de Salneuve, 75017 Paris, France.

WonderPush

On our website, we use WonderPush, a service provided by WonderPush SAS.

WonderPush can be used to display notifications to users in their browser, enable interactions with our website (e.g. notifications), provide corresponding communication and marketing functions, as well as for analysis and optimisation. The following data may be processed:

• IP address
• Browser and device information
• Time of access
• Interactions with notifications or website features
• technical identifiers or push tokens
Consent Status
• where applicable, information on which notifications were delivered, opened or clicked

WonderPush is only used if you have previously given your consent. The legal basis for processing is Art. 6(1)(a) GDPR. You can withdraw your consent at any time with effect for the future via the cookie settings or disable the permissions for push notifications in your browser or device settings.

We have concluded a contract for the processing of personal data with WonderPush, 19 avenue d'Italie, 75013 Paris, France, in accordance with Article 28 of the GDPR, which ensures the protection of our website visitors' data and prohibits unauthorised disclosure to third parties.

Google Tag Manager

We use the Google Tag Manager, to efficiently manage various tags and scripts on our website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The Google Tag Manager serves to centrally manage website tags and trigger them in accordance with your consent. As far as we understand, Google Tag Manager itself does not create its own user profiles, does not transmit personal data, and does not store its own analysis cookies. However, it can forward to other downstream services (e.g., Google Analytics, advertising networks) which, in turn, process personal data.

The Google Tag Manager is configured to activate opt-in services only after the respective cookie category has been selected.

The legal basis is our legitimate interest according to Art. 6 para. 1 lit. f) GDPR for purely functional tags. No consent is required for the use of these tags. For tracking/marketing tags, processing fundamentally only takes place after consent has been given (Art. 6 para. 1 lit. a GDPR).

For further information, please see Google's Privacy Policy: https://policies.google.com/privacy

Google Analytics 4

We use on our website Google Analytics 4, a web analytics service of Google Ireland Limited.

Google Analytics helps us to understand how visitors use our website. This enables us to improve our website, content, and offerings.

Google Analytics will only be activated on our website after you have given your consent in the cookie category. „Statistics“ activated. The legal basis is Article 6(1)(a) of the GDPR. You can withdraw your consent at any time with effect for the future via the cookie settings.

Google Analytics can be used to process the following data in particular:

  • Pages called
  • Dwell time
  • Click behaviour
  • Origin page
  • approximate location data
  • Technical information on browser and end device
  • Interactions with the website
  • Information on cookies, user identifiers or advertising identifiers used

Google Analytics uses IP addresses to derive approximate location information, among other things. According to Google, IP addresses are not logged or stored in Google Analytics 4.

Personal data may be processed by Google within the scope of using Google Analytics. In this context, a transfer to third countries, particularly to the USA, cannot be ruled out.

The cookies set by Google Analytics can be stored on your end device for up to two years.

The storage of user and event data processed in Google Analytics is determined by the settings in our Google Analytics account. With the current configuration, the retention period for event data is 2 months and for user data is 14 months. Upon renewed activity by a user, the retention period for user data can be reset.

We have concluded a contract for order processing with Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

You can find the wording of our contract with Google here https://business.safety.google/adsprocessorterms retrieve. Google uses the here for this https://business.safety.google/adssubprocessors/ named sub-processor.

The privacy policy published by Google, which also applies to Google Analytics, can be found here https://policies.google.com/privacy.

Leadfeeder / Dealfront

We use the web analytics service Leadfeeder on our website to evaluate the usage of our website by B2B visitors and to optimise our content and marketing measures.

Leadfeeder is used to identify company visits to our website by matching anonymised IP addresses with publicly available company data. In doing so, technical access data, particularly IP addresses, may be processed and matched with publicly available company data. The aim is to gain a better understanding of which companies are interested in our services and to optimise our website and our B2B communication. No personal data of individual visitors is stored.

The legal basis for data processing is our legitimate interest in accordance with Art. 6(1)(f) GDPR.

Our interest in using Leadfeeder lies in evaluating our website usage by B2B visitors and optimising our website and business communication.

Leadfeeder is only activated with your consent. The legal basis for the activation and use of the service is Art. 6 para. 1 lit. a) GDPR. You can withdraw your consent at any time with future effect via the cookie settings.

We have concluded a contract for order processing with Dealfront Finland Oy, Kalevankatu 6 E, 00100 Helsinki, Finland.

Further information can be found in Leadfeeder's privacy policy: https://www.leadfeeder.com/privacy/.

YouTube

On our website, videos from YouTube to be embedded. Provider is Google Ireland Limited.

YouTube videos are only loaded on our website after you have given your consent. Before you give your consent, no connection to YouTube is established, as far as this is technically implemented accordingly.

If you consent to an advertisement in a YouTube video, a connection can be established to Google or YouTube servers. In particular, your IP address, technical information about your browser and device, and information about the page accessed may be processed. If you are logged into your Google account, Google can associate your visit to our website with your account. To the extent that no corresponding YouTube content is embedded on our website or activated by you, no data will be transmitted to YouTube in this regard.

The legal basis for processing is our legitimate interest in accordance with Art. 6 (1) (f) GDPR, as well as your consent in accordance with Art. 6 (1) (a) GDPR. You can revoke your consent at any time with future effect via the cookie settings.

When using YouTube, it cannot be ruled out that personal data will be transferred to the USA.

We have entered into a contract with YouTube/Google, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland for a data processing agreement with EU Standard Contractual Clauses.

You can find Google's privacy policy here https://policies.google.com/privacy.

Vimeo

On our website, videos from Vimeo embedded. Provider is Vimeo.com, Inc.

Vimeo videos are only loaded on our website after your consent. Before your consent, no connection is made to Vimeo, as far as this is technically implemented accordingly.

If you consent to the display of a Vimeo video, a connection may be established with Vimeo's servers. In particular, your IP address, technical information about your browser and device, and information about the page viewed may be processed. If you are logged into your Vimeo account, Vimeo may associate your visit to our website with your account.

Unless corresponding Vimeo content is embedded or activated by you on our website, no data will be transmitted to Vimeo in this regard.

The legal basis for processing is our legitimate interest pursuant to Art. 6(1)(f) GDPR, as well as your consent pursuant to Art. 6(1)(a) GDPR. You can revoke your consent at any time with effect for the future via the cookie settings.

Within the scope of using Vimeo, the transfer of personal data to third countries, particularly to the USA, cannot be ruled out.

We have concluded a data processing agreement with Vimeo, Inc., 555 West 18th Street, New York, New York 10011, USA under EU Standard Contractual Clauses.

Further information on Vimeo's data protection can be found in Vimeo's privacy policy, https://vimeo.com/privacy.

Customer portal login and download area

On our website, we link to a customer portal. When you access the customer portal with your customer login, you may leave the publicly accessible area of our website and enter a protected login or customer area.

When using the customer portal, personal data may be processed which are necessary for registration, authentication and the provision of the customer area. This may include, in particular:

  • Name
  • Email address
  • User ID
  • Password or authentication data
  • Company affiliation
  • Access rights
  • Login times
  • technical log data
  • Content or functions retrieved in the customer area

The legal basis for the processing is our legitimate interest in the secure provision of a protected customer area in accordance with Art. 6(1)(f) GDPR. If the processing is related to a contractual relationship or pre-contractual measures for the provision of the customer portal and the services offered there, Art. 6(1)(b) GDPR applies.

The data will be deleted as soon as it is no longer required for the aforementioned purposes and no legal retention obligations prevent it.

Your Rights

You have the following rights within the scope of the legal requirements:

  • Right to information about the processed data and to a copy according to Art. 15 GDPR
  • Right to rectification, if we process incorrect data about you, in accordance with Article 16 GDPR
  • Right to erasure, unless exceptions apply as to why we still store the data, for example, retention obligations or limitation periods according to Art. 17 GDPR
  • Right to restriction of processing pursuant to Art. 18 GDPR
  • Right to data portability under Article 20 GDPR
  • Right to object in accordance with Article 21 GDPR
  • Right to withdraw consent for data processing with future effect

If you wish to exercise any of your rights, you can contact us at any time.

Revocation of consent

If processing is based on your consent, you can revoke this consent at any time with effect for the future. The lawfulness of the processing until the revocation remains unaffected.

You can change or revoke consents for cookies and external services via the cookie settings on our website.

Right of objection

If we process personal data on the basis of Article 6(1)(f) of the GDPR, you have the right to object to the processing at any time on grounds relating to your particular situation.

If we process personal data for the purpose of direct marketing, you have the right to object to this processing at any time.

Right of complaint to the supervisory authority

Under Article 77 of the GDPR, you have the right to lodge a complaint with a supervisory authority for data protection. This right is available in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement, if you consider that the processing of your personal data infringes data protection law.

Our responsible supervisory authority is:

The State Commissioner for Data Protection of Lower Saxony
Website www.lfd.niedersachsen.de
E-mail info@lfd.niedersachsen.de

Status of this privacy notice

As of May 2026

We reserve the right to adapt this privacy notice if our website, implemented services or legal requirements change.