1. Data Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of the EU Member States as well as other data protection provisions is:

SUSMATA Holding AG

Mörfelder Landstraße 277 B
60598 Frankfurt am Main
Germany

Represented by: Erdem Dogan
Registered in the Commercial Register of the District Court of Stuttgart, HRB 264176

Email: info@susmata.com

2. Data Protection Officer

Our internal Data Protection Officer can be reached at:

Erdem Dogan

SUSMATA Holding AG
Mörfelder Landstraße 277 B
60598 Frankfurt am Main
Germany

Email: info@susmata.com

3. General Information on Data Processing & Legal Bases

We process personal data of our users only to the extent necessary to provide a functional website and our content and services. Processing is generally carried out only after obtaining the user's consent or where another legal basis applies.

Legal bases

  • Art. 6(1)(a) GDPR – consent (e.g., newsletter, non-essential cookies).
  • Art. 6(1)(b) GDPR – performance of a contract or pre-contractual measures.
  • Art. 6(1)(c) GDPR – compliance with a legal obligation.
  • Art. 6(1)(f) GDPR – legitimate interests (e.g., secure operation of the website, handling enquiries).

Retention and erasure

Personal data will be erased as soon as the purpose of processing ceases to apply and no statutory retention obligations require further storage.

Transfers to third countries

Personal data will only be transferred to countries outside the EU/EEA if the requirements of Art. 44 et seq. GDPR are met (e.g., adequacy decision, standard contractual clauses, explicit consent).

4. Your Rights as a Data Subject

You have the following rights with regard to personal data relating to you:

  • right of access (Art. 15 GDPR),
  • right to rectification (Art. 16 GDPR),
  • right to erasure (Art. 17 GDPR),
  • right to restriction of processing (Art. 18 GDPR),
  • right to data portability (Art. 20 GDPR),
  • right to object to processing (Art. 21 GDPR),
  • right to withdraw any consent given, with effect for the future (Art. 7(3) GDPR).

To exercise your rights, an informal message to the contact addresses listed under sections 1 or 2 is sufficient.

Right to lodge a complaint

You have the right to lodge a complaint with a data protection supervisory authority regarding our processing of your personal data (Art. 77 GDPR). The competent authority for us is:

State Commissioner for Data Protection and Freedom of Information Baden-Württemberg
Königstraße 10a, 70173 Stuttgart, Germany
www.baden-wuerttemberg.datenschutz.de

5. Hosting & Server Log Files

This website is hosted on servers operated by Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany. A data processing agreement pursuant to Art. 28 GDPR is in place. Processing takes place exclusively within the European Union.

Each time the website is accessed, technically necessary data is automatically recorded by our hosting provider in so-called server log files:

  • anonymised IP address of the requesting device,
  • date and time of access,
  • name and URL of the file retrieved,
  • amount of data transferred and HTTP status code,
  • referrer URL (previously visited page),
  • browser and operating system used.

Purpose: ensuring a smooth connection, comfortable use, evaluation of system security and stability, and defence against attacks.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in the secure and stable operation of the website).

Retention: log files are stored for a maximum of 14 days and then deleted. The data is not combined with other data sources.

6. Contact Form

We offer you the option of contacting us via a contact form on our website. The following data is collected:

  • First name (required),
  • Last name (required),
  • Company (optional),
  • Role / position (optional),
  • Email address (required),
  • Your message (required),
  • Confirmation of the privacy policy (required, consent).

The data is transmitted exclusively by email to info@susmata.com; it is not stored on the web server.

Purpose: handling your enquiry and any related follow-up communication.

Legal basis: Art. 6(1)(b) GDPR (pre-contractual measures), to the extent your enquiry aims at concluding a contract; otherwise Art. 6(1)(f) GDPR (legitimate interest in responding effectively to enquiries) as well as Art. 6(1)(a) GDPR (consent).

Retention: the transmitted data is stored until your enquiry has been finally processed and is then deleted, unless statutory retention obligations require further storage.

7. Data Security

We use the widely used SSL/TLS encryption procedure during your visit to our website, in conjunction with the highest level of encryption supported by your browser. In addition, we use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction or unauthorised access by third parties.

8. Updates to this Privacy Policy

This privacy policy is currently valid and was last updated in May 2026. Due to the further development of our website and offers, or because of changing legal or regulatory requirements, it may become necessary to amend this privacy policy. The current version can be accessed on this page at any time.