Thank you for visiting our website https://certification.sure-system.org/ and your interest in our company. The protection of your personal data is very important to us. Personal data is information about the personal or factual circumstances of a specific or identifiable natural person. This includes e.g. the real name, address, telephone number and date of birth, but also all other data that can be related to an identifiable person.

Since personal data enjoy special legal protection, we only collect them to the extent that this is necessary for the provision of our website and the provision of our services. Below we present what personal information we collect during your visit to our website and how we use it.

Our data protection practice is in accordance with the legal regulations, in particular those of the Federal Data Protection Act (BDSG), the Telemedia Act (TMG) and the General Data Protection Regulation of the EU (GDPR). We will only collect, process and store your personal data, insofar as this is necessary for the functional provision of this website and our content and services, as well as for processing inquiries and, if necessary, for processing orders / contracts, but only if this is necessary legitimate interest in the sense of Art. 6 para. 1 sentence 1 lit. f GDPR or another permit. Only if you have previously given your consent separately will your data be used for other purposes that are precisely defined in the consent, e.g. for sending advertising information via newsletter.

Responsible within the meaning of the GDPR and other national data protection laws of the member states as well as other data protection regulations is:

SUSTAINABLE RESOURCES Verification Scheme GmbH
Schwertberger Str. 16
53177 Bonn

E-Mail: info[at]sure-system.org
Internet: https://sure-system.org/

Phone: +49 (0) 228 35 06 100
Fax: +49 (0) 228 35 06 109

Name: René Fetkenhauer
Address: Alpha Datenschutz UG (haftungsbeschränkt) & Co. KG, Friedrich-Breuer-Str. 34, 53225 Bonn
E-Mail: fetkenhauer[at]alphadatenschutz.de

Each time our website is accessed, our system automatically records data and information from the computer system of the accessing computer. The following data is collected:

Scope of data processing

(1) Information about the browser type and the version used

(2) The operating system of the retrieval device

(3) The IP address of the access device

(4) Date and time of access

(5) Websites and resources (images, files, other page content) that were accessed on our website

(6) Websites from which the user's system came to our website (referrer tracking)

This data is stored in the log files of our system. This data is not stored together with the personal data of a specific user, so that individual page visitors are not identified.

Legal basis for the processing of personal data
Art. 6 Para. 1 lit.f GDPR (legitimate interest). Our legitimate interest is to ensure that the purpose described below is achieved.

Purpose of data processing
The logging is carried out to maintain the compatibility of our website for as many visitors as possible and to combat abuse and troubleshooting. For this it is necessary to log the technical data of the accessing computer in order to be able to react as early as possible to display errors, attacks on our IT systems and / or errors in the functionality of our website. In addition, we use the data to optimize the website and to generally ensure the security of our information technology systems.

Duration of storage
The aforementioned technical data will be deleted as soon as they are no longer required to ensure the compatibility of the website for all visitors, but no later than 3 months after accessing our website.

Opposition and removal options
The possibilities of objection and elimination are based on the general regulations for the right to object and deletion under data protection law described in this data protection declaration.

Our website offers you various functions, the use of which will collect, process and store your personal data. Below we explain what happens to your data:

Contact form (s):

The data you entered in our contact forms.

Art. 6 (1) a GDPR (tacit consent)

We will only use the data recorded via our contact form or via our contact forms to process the specific contact request received through the contact form.

After processing your request, the data collected will be deleted immediately, provided there are no statutory retention periods.

The possibilities of objection and elimination are based on the general regulations for the right to object and deletion under data protection law described below in this data protection declaration.

Login area:

The registration and login data you entered with us.

Art. 6 (1) (a) GDPR (tacit consent)

You have the option of using a separate login area on our website. The usage data arising from the use of the login area is only collected, stored and processed by us to combat misuse and to remedy faults or to maintain functionality. It is not used for other purposes or passed on to third parties.

The data that is collected as part of the 'Forgot your username or password' function will only be used to send you forgotten access data again.

The possibilities of objection and elimination are based on the general regulations for the right to object and deletion under data protection law described below in this data protection declaration.

Registration form:

The data you entered in the form fields.

Art. 6 para. 1 lit.b GDPR (implementation of pre-contractual measures)

The pre-contractual information exchange is necessary for a possible later conclusion of a contract.

The data will be deleted as soon as they are no longer needed to process the booking and there are no longer any statutory retention requirements.

The possibilities of objection and elimination are based on the general regulations for the right to object and deletion under data protection law described below in this data protection declaration.

We use cookies on various pages to enable the use of certain functions on our website. The so-called 'cookies' are small text files that your browser can store on your computer. These text files contain a characteristic string that enables the browser to be clearly identified when you visit our website again. The process of storing a cookie file is also called 'setting a cookie'.

Art. 6 para. 1 lit. f GDPR (legitimate interest). Our legitimate interest is to maintain the full functionality of our website, increase usability and enable a more individual approach to customers. We can only identify individual site visitors with the help of cookie technology if the site visitor has given us the relevant personal data beforehand on the basis of separate consent.

The cookies are set by our website in order to maintain the full functionality of our website and to improve its usability. In addition, cookie technology enables us to use individual pseudonyms, e.g. recognize an individual, arbitrary ID, so that we are able to offer more individual services.

Our cookies are stored in your browser until they are deleted or, if it is a session cookie, until the session has expired.

You can set your browser yourself so that you generally prevent the setting of cookies, are only informed about it, decide on the acceptance of cookies on a case-by-case basis, or generally accept cookies. Cookies can be used for different purposes, e.g. to recognize that your PC has already connected to our website (permanent cookies) or to save recently viewed offers (session cookies). We use cookies to offer you increased user comfort. In order to use our convenience functions, we recommend that you accept cookies for our website.

The options for objection and elimination are otherwise based on the general regulations for the right to object and deletion under data protection law described below in this data protection declaration.

Your personal data are protected by technical and organizational measures during the collection, storage and processing so that they are not accessible to third parties. With unencrypted communication by email, complete data security can be ensured on the transmission path to our IT systems are not guaranteed by us, so we recommend encrypted communication or the postal service for information with a high level of confidentiality.

We expressly point out that our mail system has an automated archiving process. All incoming and outgoing emails are digitally archived in a revision-proof manner.

Art. 6 para. 1 lit.f GDPR (legitimate interest). Our legitimate interest is to comply with tax and commercial law requirements (e.g. sections 146, 147 AO).

The purpose of archiving is to comply with tax and commercial law requirements (e.g. §§ 146, 147 AO).

Our mail communication is stored until tax and commercial law retention requirements expire. The retention period can be up to 10 years.

Emails addressed to bewerbung[at]sure-system.org ​​are excluded from archiving. If you have any questions regarding our mail archiving system, please contact our data protection officer. In addition, we point out that we only consider application documents in PDF file form. Zipped (WinZip, WinRAR, 7Zip, etc.) Files are filtered out by our security systems and are not delivered. We do not consider applications in Word file format and other file formats and delete them unread. Please note that application documents sent by e-mail in unencrypted form may be opened by third parties before they arrive in our IT systems. We assume that we can also answer unencrypted application emails unencrypted. If you do not want this, please give us a note in your application email.

Once a year you have the right to free information about your stored data and a right to correction at any time, blocking or deleting your data. Your data will be deleted by us on first request, unless this is contrary to legal regulations. You can give us permission to use your personal data, i.e. to revoke it at any time. You can send requests for information, deletion and correction to your data and any suggestions you may have at any time to the following address:

SUSTAINABLE RESOURCES Verification Scheme GmbH
Schwertberger Str. 16
53177 Bonn

E-Mail: info[at]sure-system.org

Fax: +49 (0) 228 35 06 109

If you suspect that your data is being processed illegally on our site, you can of course seek legal clarification of the problem at any time. Regardless of this, you have the option of signing up for one supervisory authority. You have the right to lodge a complaint in the EU member state of your residence, your workplace and / or the place of the alleged violation, i.e. you can the supervisory authority, to which you should contact in the places mentioned above. The supervisory authority to which the complaint was submitted will then inform you of the status and results of your submission, including the possibility of a judicial remedy in accordance with Art. 78 GDPR.