Data protection

Privacy policy

The data controller responsible for the processing of personal data on this website is:

SOCITAS GmbH & Co. KG
Industriestraße 4
53562 St. Katharinen | Germany
Germany

Phone: +49 (0) 2645 976899-0
Mail: info@socitas.de

If you have any questions regarding data protection, you can contact our Data Protection Officer at any time:

Mail: datenschutz@socitas.de

Alternatively, you can reach the Data Protection Officer by mail at the controller’s address, with the note “Data Protection Officer.”

We process personal data exclusively in accordance with applicable data protection regulations, in particular the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG), and the Telecommunications and Digital Services Data Protection Act (TDDDG).

Personal data refers to any information relating to an identified or identifiable natural person.

We process personal data in particular on the following legal bases:

  • Art. 6(1)(a) GDPR (Consent)
  • Art. 6(1)(b) GDPR (Performance of a contract and pre-contractual measures)
  • Art. 6(1)(c) GDPR (Compliance with legal obligations)
  • Art. 6(1)(f) GDPR (legitimate interests)

If we obtain your consent for certain processing activities, you may revoke it at any time with future effect.

To fulfill our contractual and legal obligations, we engage external service providers and data processors.

Recipients of personal data may include, in particular:

  • Hosting service providers
  • IT service providers
  • Analytics and marketing service providers
  • Providers of security and anti-spam services
  • Companies within the SOCITAS Group

Where necessary, data processing agreements in accordance with Art. 28 GDPR have been concluded with these service providers.

Our website is hosted by IONOS SE .

When you visit our website, the hosting provider automatically processes information in so-called server log files.

This includes, in particular:

  • IP address
  • Date and time of the request
  • Browser type and browser version
  • Operating system used
  • Referrer URL
  • Hostname of the accessing computer

This processing is carried out to ensure the secure, stable, and trouble-free operation of the website.

Legal basis:

Art. 6(1)(f) GDPR

A contract for data processing has been concluded with the hosting provider in accordance with Art. 28 GDPR.

Server log data is regularly deleted unless it is needed to investigate specific security incidents.

Our website uses cookies and similar technologies.

Your consents are managed via the consent management tool Borlabs Cookie provided by Borlabs GmbH, Hamburger Straße 11, 22083 Hamburg.

Borlabs Cookie stores your selected privacy settings in a technically necessary cookie in order to document your consents or revocations.

Legal basis for technically necessary cookies:

  • § 25(2) TDDDG

Legal basis for the processing of personal data:

  • Art. 6(1)(f) GDPR

To the extent that cookies or similar technologies are not technically necessary, their use is based exclusively on your consent in accordance with:

  • Art. 6(1)(a) GDPR
  • § 25(1) TDDDG

You may revoke or modify your consent at any time with future effect. You can adjust your cookie settings at any time via the corresponding link on our website.

Contact form

If you contact us via a contact form, we process the data you provide (e.g., name, email address, phone number, and message) to handle your inquiry.

Legal basis:

  • Art. 6(1)(b) GDPR.
  • Art. 6(1)(f) GDPR

The data will be deleted once your inquiry has been fully processed, provided that no statutory retention requirements prevent this.

Contact via Email or Phone

If you contact us via email or phone, we process the personal data you provide to handle your inquiry.

Legal basis:

  • Art. 6(1)(b) GDPR.
  • Art. 6(1)(f) GDPR

If you apply for a position with us, we process your application documents to conduct the application process.

Legal basis:

  • Art. 6(1)(b) GDPR.
  • § 26 BDSG

If no employment relationship is established, your application documents will generally be deleted no later than six months after the conclusion of the application process, provided that no statutory retention obligations or legitimate interests prevent this.

If you have expressly consented, we may also add your application documents to a candidate pool and consider them for future job openings.

To process inquiries, applications, or other matters, personal data may be transferred within the SOCITAS Group.
Recipients may include, in particular:

SOCITAS GmbH & Co. KG
Industriestraße 4
53562 St. Katharinen | Germany
Germany


SOCITAS GmbH
Wolfgang-Schmälzl-Gasse 19/8
1020 Vienna | Austria
Austria


The following data may be affected in particular:
  • Contact data
  • Communication data
  • Applicant data
  • Contract data
Data is transferred only to the extent necessary to process your request. Data is transferred exclusively within the European Economic Area (EEA). Legal basis:
  • Art. 6(1)(b) GDPR.
  • Art. 6(1)(f) GDPR

We use Google Tag Manager from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is used exclusively for the technical management and deployment of website tags. The service itself does not create user profiles and generally does not store cookies.

However, other services that process personal data may be integrated via Google Tag Manager.

Provided you have given your consent, we use Google Analytics 4, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the analysis of how our website is used.

In particular, the following data may be processed:

  • pages visited
  • time spent on the site
  • interactions on the website
  • device information
  • source of the visit
  • technical usage data

Processing is based solely on your consent.

Legal basis:

Art. 6(1)(a) GDPR

Google Analytics 4 processes IP addresses solely for the purpose of providing the service and, according to Google, does not use them to create individual user profiles.

The retention period for the collected data is currently 14 months.

Provided you have given your consent, we use Microsoft Clarity from Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland.

Microsoft Clarity is used to analyze and optimize our website.

In particular, the following data may be processed:

  • Mouse movements
  • Click behavior
  • Scroll behavior
  • device information
  • technical usage data
  • Pseudonymized session recordings

Microsoft Clarity also creates heat maps and pseudonymized usage profiles to improve the user-friendliness of our website.

Processing is based solely on your consent.

Legal basis:

Art. 6(1)(a) GDPR

If you have given your consent, we use the service SalesViewer by SalesViewer GmbH, Huestraße 30, 44787 Bochum.

SalesViewer is used to analyze business visits to our website and helps us optimize our offerings and sales activities.

In this context, information regarding corporate visits to our website may be processed.

Processing is based solely on your consent.

Legal basis:

Art. 6(1)(a) GDPR

If you have given your consent, we use the LinkedIn Insight Tag provided by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

The service is used in particular for:

  • Conversion tracking
  • Campaign evaluation
  • Remarketing
  • Target audience analysis

As a result, personal data may be transmitted to LinkedIn.

LinkedIn also processes some of the collected data for its own purposes under its own data protection responsibility.

For more information on data processing by LinkedIn, please refer to LinkedIn’s Privacy Policy.

Legal basis:

Art. 6(1)(a) GDPR

To protect our forms from misuse and automated submissions, we use Google reCAPTCHA by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

In doing so, technical information such as IP address, browser information, operating system, referrer URL, and user interactions may be processed.

Legal basis:

Art. 6(1)(f) GDPR

Our legitimate interest lies in protecting our website and our contact forms from abusive or automated use.

On our website, you will find links to our profiles on:

  • Facebook
  • Instagram
  • LinkedIn
  • XING

Visiting our website does not, in principle, result in any automatic data transfer to these providers.

Only by clicking on the respective link do you leave our website and access the platform of the respective provider.

Some of the services we use are provided by companies based in the United States or other third countries.

This may result in the transfer of personal data to countries outside the European Union or the European Economic Area.

To the extent that providers are certified under the EU-U.S. Data Privacy Framework or appropriate safeguards pursuant to Art. 44 et seq. of the GDPR are in place, the transfer is carried out on this basis.

We store personal data only for as long as is necessary to fulfill the respective purposes or as required by statutory retention obligations.

Once the respective purpose no longer applies, the data will be deleted or anonymized.

You have the right:

  • to access (Art. 15 GDPR)
  • to rectification (Art. 16 GDPR)
  • to erasure (Art. 17 GDPR)
  • to restriction of processing (Art. 18 GDPR)
  • to data portability (Art. 20 GDPR)
  • to withdraw consent (Art. 7(3) GDPR)
  • to object to processing pursuant to Art. 21 GDPR

If personal data is processed on the basis of Article 6(1)(f) of the GDPR, you have the right to object to the processing at any time for reasons arising from your particular situation.

You have the right to file a complaint with a data protection supervisory authority.

The supervisory authority responsible for us is:

The State Commissioner for Data Protection and Freedom of Information Rhineland-Palatinate
P.O. Box 30 40
55020 Mainz
Germany

This website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content.

You can recognize an encrypted connection by the fact that the address bar of your browser begins with “https://” and a padlock icon is displayed.

We reserve the right to amend this Privacy Policy to adapt it to changes in legal requirements or changes to our website and the services we use.

The version published at the time of your visit applies.

Privacy Notice for our Social Media Presence

pursuant to articles 13, 14, and 21 of the GDPR

as of July 2026

Privacy Notice for our Social Media Presence

We appreciate your interest in our company and our social media presence.

Below, we provide information on how personal data is processed when you visit our social media profiles or communicate with us via these platforms.

The data controller responsible for data processing in connection with our social media profiles is:

 

SOCITAS GmbH & Co. KG
Industriestraße 4
53562 St. Katharinen | Germany

Phone: +49 (0) 2645 976899-0

Mail: info@socitas.de

 

If you have any questions regarding data protection, you can contact our Data Protection Officer at:

datenschutz@socitas.de

Alternatively, you can reach the Data Protection Officer by mail at the controller’s address, with the note “Data Protection Officer.”

We maintain company profiles on the following platforms:

  • Facebook
  • Instagram
  • LinkedIn
  • XING

Our social media presence serves in particular

  • to provide information about our company,
  • to communicate with prospective clients, customers, and business partners,
  • to recruit new employees,
  • to publish current company information, and
  • to showcase our services.

When you visit our social media presences, personal data is processed both by us and by the respective platform operator.

This applies in particular to

  • IP address,
  • device information,
  • browser information,
  • usage behavior,
  • interactions (likes, comments, messages),
  • profile information (if available),
  • and statistical analyses.

The platform operators regularly use cookies and similar technologies and, in some cases, create user profiles.

We do not have complete control over all data processing activities carried out by the respective platform operators.

In operating our company websites, joint control pursuant to Article 26 of the GDPR may exist between us and the respective platform operator with regard to certain processing operations.

This applies in particular to the provision of so-called site statistics (“Insights”).

The key provisions of the respective joint control agreements can be viewed on the respective platform operators’ websites.

Irrespective of this, data subjects may exercise their rights both with us and directly with the respective platform operator.

However, since only the platform operators have full access to all personal data, we recommend directing such requests directly to the respective provider whenever possible.

The processing of personal data is based on

Art. 6(1)(f) GDPR

Our legitimate interest consists of

  • presenting our company to the public,
  • communicating with customers and prospective customers,
  • providing information,
  • reaching out to job applicants, and
  • increasing our company’s reach and visibility.

If you contact us directly via our social media channels, the processing may additionally be based on

Art. 6(1)(b) GDPR.

beruhen.

We store personal data that we receive directly through our social media channels (e.g., messages) only for as long as necessary to process your inquiry or as required by statutory retention obligations.

We have no influence over the retention period of the data with the respective platform operators.

When using social networks, it cannot be ruled out that personal data may also be processed in countries outside the European Union.

To the extent that providers are certified under the EU-U.S. Data Privacy Framework or appropriate safeguards pursuant to Art. 44 et seq. of the GDPR exist (e.g., standard contractual clauses), data transfer takes place on this basis.

Further information on this can be found in the respective privacy policies of the platform operators.

In particular, you have the following rights:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Restriction of processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Objection (Art. 21 GDPR)
  • Withdrawal of consent (Art. 7(3) GDPR)

In addition, you have the right to lodge a complaint with a data protection supervisory authority.

Further information on the processing of personal data can be found in the privacy policies of the respective providers:

 

Facebook and Instagram

Provider:

Meta Platforms Ireland Limited

Privacy Policy:
https://www.facebook.com/privacy/policy/

Information on Page Insights:
https://www.facebook.com/legal/terms/page_controller_addendum

 

LinkedIn

Provider:

LinkedIn Ireland Unlimited Company

Privacy Policy:
https://www.linkedin.com/legal/privacy-policy

Information on Cookies:
https://www.linkedin.com/legal/cookie-policy

 

XING

Provider:

New Work SE

Privacy Policy:
https://privacy.xing.com/de/datenschutzerklaerung

We reserve the right to amend this Privacy Policy if required due to changes in the law or changes to our social media presence.

The version published at the time of your visit applies.