Data privacy

1. Information for our Customers and Business Partners according to Article 13 GDPR

Dear Customers and Business Partners,

The following information is intended to inform you about why we collect personal data from our customers, interested parties, and business partners, and how we handle this data. This information sheet also highlights your rights as data subjects. Most of this information may already be known to you. We have received details concerning you or your company directly from you. Should you have any further questions on this matter, please contact your contact person at STI or our Data Protection Officer.

Who is responsible for data processing and whom can I contact?

STI Security Training International GmbH
Steinmühlenweg 5
65439 Flörsheim am Main / Wicker
Telephone: +49 (6145) 59991-0
Fax: +49 (6145) 59991-69
Email: info@sti-training.com
Internet: www.sti-training.com

Contact details of the Data Protection Officer:
Email: datenschutz@sti-training.com

What categories of personal data do we process?

We collect the names and contact details of our contact persons, their company affiliation, and their position or role within the company. Depending on the contractual relationship, we also process information regarding the contact person’s area of responsibility or appointment arrangements. Contacts with our customers are recorded in our customer management system. For training purposes, we process the names and contact details of participants, their company affiliation, and the necessary information for the training (type of training, date, time, test results). Depending on the type of training, we may also need to record the date and place of birth. For online training sessions, we collect user data and log system usage by the participants. We do not process special categories of personal data.

User Account

On our website, we offer users the opportunity to register by providing personal data (user account). The data is entered into an input form and transmitted to us and stored. The data will not be passed on to third parties. At the time of registration, the following data is also stored: the user's IP address, date, and time of registration. We use the so-called double opt-in procedure for registration, meaning your registration is only complete once you have confirmed your sign-up via a confirmation email sent to you for this purpose by clicking on the link contained therein. If you do not confirm your registration within 30 days, your registration will be automatically deleted from our database. The provision of the aforementioned data is mandatory; any further information can be provided voluntarily through our portal.

Newsletter

We send newsletters, emails, and other electronic notifications containing promotional information (hereinafter "newsletter") only with the recipient's consent or if there is an existing business relationship. You can unsubscribe from our newsletter at any time, i.e., revoke your consent. A link to unsubscribe from the newsletter can be found at the end of each newsletter. If users have only registered for the newsletter and have cancelled this registration, their personal data will be deleted.

How long are customer data stored?

The data of our customers and contact persons are stored as long as business relationships exist or you express interest in our products. For data related to contractual agreements and invoicing, there are statutory retention periods of 6 or 10 years. Training documents are stored for 5 years, which corresponds to the validity period of the certificates.

For what purposes do we process the data?

We process the data of our customers to respond to inquiries, create offers, perform contractually agreed services, and invoice. Training documents are collected and processed as part of our security training services.

On what legal basis do we process your data?

We collect and store the data of customers and business partners, and the data of training participants, solely based on contractual or pre-contractual relationships (Art. 6 lit. b GDPR).

Who receives the data?

Customer data collected for our own purposes is not passed on to third parties. No data is transferred to countries outside the EU. Depending on the contract, affected parties or the companies that commissioned us have access to training results.

Is there an obligation to provide the data?

If you do not enter into a contractual relationship with us, you are not obliged to provide us with data.

Is there automated decision-making or profiling?

We do not conduct any automated decision-making or profiling based on your personal data that has a legal effect on you or significantly affects you in a similar way (Art. 22 GDPR).

Your rights as a data subject

According to Chapter III of the GDPR, you have the right to access the data stored about you, the right to correct incorrect data, the right to delete your data or restrict processing, the right to object to processing, the right to data portability, and the right to withdraw any consent given, if applicable. You have the right to lodge a complaint with the Hessian or another data protection supervisory authority if you believe that our company is handling your data unlawfully or improperly.

2. Collection and Processing of Data When Visiting Our Website

Our web servers collect and store the usual information required to display the pages you request: IP address, date and time of the request, data volume transferred, message about successful retrieval, web browser, and requesting domain. This information is necessary to display the pages you have requested. It also serves statistical analysis of accesses and the protection of our servers against attacks.

Third-Party Scripts

To build our websites, we use the online library from Cloudflare, for example, to transfer fonts. In doing so, IP addresses are transmitted to Cloudflare. No personal reference is made or established.
You can read Cloudflare’s privacy policy here:
Cloudflare Privacy Policy

Use of Cookies

We use only technically necessary cookies to set page preferences or enable orders. We do not use cookies to create a personal reference. Almost all cookies are so-called session cookies, which lose their function at the end of your visit to our website.

The following cookies are used by us:

https://www.sti-training.com

https://check.sti-training.com