Privacy Policy

For technical reasons, your Internet browser automatically transmits information to our web server (so-called log data) every time you visit a website. Some of this information is stored in log files, for example:

• Date of access
• Time of access
• URL of the referring website
• Retrieved file
• Volume of transferred data
• Browser type and version
• Operating system
• IP address

Basically, we only evaluate log data to remedy faults in the operation of our website or to clarify security incidents.

For troubleshooting or to preserve evidence in case of security incidents, it may be necessary for us to collect additional personal data with the log data. In these cases we base the processing of the log data on legal permission.

These processing operations are based on Art. 6 Para. 1 lit. f DSGVO (General Data Protection Regulation); our interest is the technical provision, security and optimisation of the site.

You can contact us using the contact form. The data entered there is sometimes required to enable communication and to deal with your concerns. In this case these are marked as mandatory fields. Other data that you provide us with facilitate addressing you personally or better or faster processing.

These processing operations are based on Art. 6 Para. 1 lit. b DSGVO.

You can subscribe to a newsletter on our website. We use the „double opt-in procedure“ to check whether registration for the newsletter has actually been made by the owner of an e-mail address. The newsletter is only subscribed if the owner of the e-mail address has expressly confirmed activation of the newsletter beforehand by clicking on the link in the confirmation e-mail and thus giving his express and individual consent. We log execution of the individual phases of the double-opt-in procedure as proof.

When you sign up to receive our newsletter and agree to receive it, your data will only be used to send the newsletter to you. You can revoke this consent at any time. Every newsletter contains a link to allow you to do this. We note your cancellation of the newsletter in our database.

These processing operations are based on Art. 6 Para. 1 lit. a GDPR.

We use cookies. Cookies are small text files that we store on your device when you visit our website. Every time you visit our website, these cookies are returned to us. This allows us to recognise you, for example, or to help you navigate using the information in the cookies.

Cookies cannot be used to launch programs or to transfer viruses to a computer. Cookies can only be read by the web server from which they originated.

We do not share the information in the cookies with third parties without your express consent. You can also view our website without cookies. Internet browsers are regularly set to accept cookies. To prevent the use of cookies by your internet browser, you can (1) refuse the use of cookies when you visit our website via the cookie layer (if available) or (2) deactivate the use of cookies via the settings of your Internet browser. The help functions of your Internet browser provides information on how to deactivate and/or delete cookies in your browser. Please note that deactivating/deleting cookies can cause certain features on our site to stop functioning as expected. Cookies that may be required for certain functions of our website are shown below. Moreover, the deactivation/deletion of cookies only affects the Internet browser used in this case. When other Internet browsers are used, the deactivation/deletion of cookies must be repeated accordingly.

Cookies that we use for certain functions without identifying the person:

• Cookies that store certain user preferences (e.g. search or language settings).
• Cookies that store data to ensure trouble-free playback of video or audio content.
• Cookies that temporarily store certain user input (e.g. contents of a shopping cart or an online form).

Cookies that we use for specific functions with identifying the person:

• Cookies used to identify or authenticate our users.

We store the data until the end of the duration of a particular cookie or until the cookies are deleted by you.

These processing operations are based on Art. 6 Para. 1 lit. f GDPR. Our interest is ongoing website optimisation and improving the ease of use.

Cookie Settings: show / edit

List of essential Cookies

Cookie Name	Designated use	Expiration time
websale_ac ws8_sanha_Deutsch_sid	Essential cookie for the functions of the shop	Session / 2 years
websale_useragreement websale_useragreement_optin_analytics websale_useragreement_optin_cookiebasket websale_useragreement_optin_gtag websale_useragreement_optin_live-chat websale_useragreement_optin_welcomecookie	Saves the settings of visitors selected in the cookie box.	10 years

This website uses Google Analytics, a web analytics service provided by Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA; "Google"). Its use includes the operating mode "Universal Analytics". This allows assigning data, sessions and interactions across multiple devices to a pseudonymous user ID, thus analysing the activities of a user across devices.

Google Analytics uses cookies that allow an analysis of the use of the website. The information generated by the cookie about your use of this website is usually sent to a Google server in the US where it is stored. In case IP anonymisation is activated on this website, your IP address will first be truncated by Google within the area of the Member States of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the US and truncated there. An IP address transmitted from your browser as part of Google Analytics is not associated with other data by Google. At the request of the operator of this site Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to the use of the website and the Internet to the site operator. In these purposes, our legitimate interest lies in data processing.

The legal basis for the use of Google Analytics is Art. 6 Para. 1 lit. f GDPR, our interest is the optimisation of the website. Sessions and campaigns stop after a certain amount of time. By default, sessions will end after 30 minutes of inactivity and campaigns after six months. Campaign timeout cannot be greater than two years. For more information about Terms of Use and Privacy, please visit https://www.google.com/analytics/terms/en.html or https://policies.google.com/?hl=en.

You can prevent the use of cookies by adjusting the settings of your browser software. However, we point out that in this case you will not be able to fully use all the features of this site. You can also prevent the collection of data related to your use of the website and generated by the cookie (including your IP address) by Google and the processing of this data by Google by downloading and installing Browser-Add-on. Opt-out cookies prevent future collection of your data when you visit this website. To prevent Universal Analytics tracking across devices, you must opt out on all the systems that you use. The opt-out cookie will be set when you click here: Disable Google Analytics.

Our website contains simple links to our online presence on different social networks. When you follow the link from our website to a social network or sign up to share our website's content with your social network, your data will be processed by the respective social network provider. Please refer to the privacy information of the respective provider for the purpose and scope of the data collection, the further processing and use of data by the provider of the social network as well as related rights and settings options to protect your privacy.

We operate online presences on and within social networks such as XING, LinkedIn, YouTube and Facebook in order to communicate, interact and inform interested parties and users about us. In addition, certain user behavior data is processed together with Facebook. The legal basis for this processing is Art. 6 Para. 1 lit. f GDPR, our legitimate interest is to conduct effective marketing via a platform used worldwide.

In particular with regard to the Facebook fan page, there is no legal relationship between Facebook and SANHA GmbH & Co. KG has a joint responsibility pursuant to Art. 26 GDPR. You will find the corresponding agreement on joint responsibility under :
www.facebook.com/legal/terms/page_controller_addendum

This is because your personal data is also processed by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 and by US-based Facebook, Inc., 1601 Willow Road, Menlo Park, California 94025 when you use and access our Facebook page. In addition to the processing described above, Facebook also processes your data for analysis and promotional purposes or to play out personalized advertising. Facebook also uses cookies to store your usage behavior (even across different devices).

This enables Facebook to play targeted advertising on its own platform and on third-party pages. Further information can be found in Facebook's privacy policy at www.facebook.com/about/privacy/

Facebook also offers the opportunity to object to certain data processing; you can find relevant information and opt-out options at www.facebook.com/settings?tab=ads=ads.

Please note that in accordance with Facebook's Privacy Policy, user data is also transferred and processed in the United States or other third countries. Facebook will only transfer user data to countries for which the European Commission has issued an adequacy decision pursuant to Art. 45 DSGVO or on the basis of suitable guarantees pursuant to Art. 46 GDPR Facebook Inc. is certified under the EU-US Privacy Shield and thus offers an appropriate level of data protection in accordance with Art. 45 GDPR. Further information can be found at www.privacyshield.gov.

With regard to data processing via our Facebook page, you can also assert the data subject rights described in this privacy statement against Facebook. For more information, please see Facebook's Privacy Policy.

You can order goods on our website as a commercial customer. You have to register for this purpose. You can enter your data in an input mask as part of the registration. Personal data that we absolutely need are marked accordingly. Without this data, we cannot create an individual and functional account, making it impossible to place an order as the provision of this data is contractually necessary. We use this data to process the order initiated by you as desired and in accordance with the contract, in particular to arrange the invoicing, shipping and payment.

These processing operations are based on Art. 6 Para. 1 lit. b or lit. f (if the contracting party is not a natural person, but the data of his employees are processed) GDPR.

Recipient

Unless otherwise described in this privacy statement, we work with various service providers and partners who may receive personally identifiable information when implementing and operating our website and services:

• Service provider for hosting services
• ITK and IT service providers
• Service provider for programming services
• Service provider for the management of the webshop
• Service provider for the processing of payments/invoicing
• Service provider for sales and marketing and analysis services
• Service provider for the shipping of products
• Authorities and institutions when legally required

We will only transmit your data to these recipients if this is necessary to fulfil a contract with you or if there is a legitimate interest in the disclosure of your data or if we have your consent to provide the data.

Transmission of data to recipients outside the EEA

Unless otherwise stated, we do not disclose your personal data to recipients who are located outside the EEA.

If data is transmitted, we shall ensure, through contractual or organisational measures, that the recipient either has an adequate level of data protection (e.g. based on a decision of adequacy by the EU Commission on the appropriate country or the so-called EU standard contractual clauses with the recipient) or if we have your consent to transmit the data.

Please contact our data protection officer for more information, especially regarding the measures taken.

Obligation to provide information

If personal information is required to establish and conduct the business relationship and the associated contractual or legal obligations, you have to provide such information to enable us to meet our performance obligations or legal obligations. Without provision of the data, we may not be able to perform the service properly, fully or any longer. The provision of other data is neither contractually nor legally necessary. We will inform you in the appropriate places whether the provision is necessary when you use the website.

Storage period

We will only store your personal information, if necessary, for a limited period of time and no longer than necessary. Basically, we will delete your data if it is no longer necessary for the purpose for which it was collected or if there are other legal reasons that require deletion.

If we are subject to statutory record retention requirements that require a longer storage period, we store the data for this period, in particular for the fulfilment of commercial and tax retention periods, which are between 2 and 10 years.

Other legal grounds for retention may include the provision of evidence for the duration of the applicable statute of limitations. These periods are usually between 2 and 30 years.

Your rights with respect to your personal data

You have the following legal rights regarding your personal data. You can contact our data protection officer, also when you want to know more about what these rights entail in detail. As the legal details are quite complicated, we provide you with the most important information about the rights below. Please let us know how you want to receive the information. If you do not specify a preference, we usually reply to your query in the same form as the request. You will receive feedback within one month. In the request is manifestly unfounded or excessive, we are entitled to demand a reasonable fee or to refuse your request.

Access to your data, Art. 15 GDPR

You have the right to request information about whether we process personal information about you or not. When we process your personal data, you will receive information about the specific data plus additional information.

Rectification of your data, Art. 16 GDPR

You have the right to ask us to correct your data if it is incorrect, inaccurate and/or incomplete; the right to rectification includes the right to completion by supplementary statements or notifications.

Deletion of your data, Art. 17 GDPR

You have the right to ask us to delete your personal data if there is no reason to store it.

Restriction of the processing of your data by us. Art. 18 GDPR

You have the right to restrict the processing of your personal data in certain circumstances.

Data portability, Art. 20 GDPR

You have the right in certain circumstances to demand that your data be provided in a common electronic machine-readable data format. The right to transfer data includes the right to transfer the data to another controller; on request, we will - where technically feasible - transfer data directly to a person designated or to be designated by you. The right to transfer data exists only for data provided by you, and requires processing to be performed on the basis of consent or performance of a contract, using automated means.

Objection to our processing of your data, Art. 21 GDPR

If personal data is processed for the exercise of public interest tasks (Article 6 Para. 1 lit. e GDPR) or for the exercise of legitimate interests (Article 6 Para. 1 lit. f GDPR), you can refuse the processing of personal data related to you at any time with effect for the future if there is no reason for further processing.

(Please note that you are not entitled to the right to object if the processing is based on consent that was given. However, as you always have the right to revoke your consent with effect for the future when data are processed with your consent, by revoking your consent, you will achieve a result comparable to the objection.)

Revocation of consent

If you have given us consent to process your personal data, you can revoke this consent at any time and without stating reasons with future effect. Please contact the contact point where you gave your consent or contact the data protection officer directly.

Complaints

You have the right to lodge a complaint with the competent supervisory authority when it concerns processing of your personal data, Art. 77 GDPR.