Privacy Policy

1. scope of application
 

This data protection declaration is intended to inform the user about the type, scope and purpose of the collection and use of personal data on this website by Sutor Bank.

Responsible: Sutor Bank GmbH, Hermannstraße 46 , 20095 Hamburg, phone: 040 - 82223163, fax: 040 - 80801319, e-mail: info@sutorbank.de

The company data protection officer, Mr Reno Dardaillon, can be contacted at the above address, for the attention of Mr Reno Dardaillon, or at datenschutz@sutorbank.de.

The legal basis for data protection can be found in the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) and the Telecommunications Telemedia Data Protection Act (TTDSG).
 

2 Collection and storage of personal data and the nature and purpose of its use
 

a) When visiting the website

When you visit our website www.sutorbank.de, the browser used on your device automatically sends information to the server of our website. This information is automatically stored in a so-called log file. The following information is collected and stored without any action on your part.

  • IP address of the requesting computer,
     
  • Date and time of access,
     
  • Name and URL of the retrieved file,
     
  • Website from which the access was made (referrer URL),
     
  • browser used and, if applicable, the operating system of your computer and the name of your access provider.
     

We process the aforementioned data for the following purposes
 

  • Ensuring a smooth connection to the website,
     
  • Ensuring a comfortable use of our website,
     
  • analysing system security and stability and
     
  • for other administrative purposes.
     

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest follows from the data collection purposes listed above. Under no circumstances do we use the data collected for the purpose of drawing conclusions about your person.
 

We also use cookies and analysis services when you visit our website. You can find more detailed explanations on this in sections 5 and 6 of this privacy policy.
 

b) When registering for our newsletter
 

If you have expressly consented in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, we will use your email address to send you our newsletter on a regular basis. It is sufficient to provide an email address to receive the newsletter.
 

You can unsubscribe at any time, for example via a link at the end of each newsletter. Alternatively, you can also send your unsubscribe request to info@sutorbank.de by email. Once you have cancelled your subscription, the data used to receive the newsletter will be deleted.
 

c) When using our contact form
 

If you have questions of any kind, we offer you the opportunity to contact us using a form provided on the website. At least the information labelled as mandatory fields within the form is required. Further information is optional.
 

Data processing for the purpose of contacting you is carried out in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR on the basis of your voluntarily given consent.
 

The personal data collected by us for the use of the contact form will be automatically deleted after your enquiry has been dealt with.
 

3. transfer of data
 

Your personal data will not be transferred to third parties for purposes other than those listed below.
 

We only pass on your personal data to third parties if:
 

  • you have given your express consent to this in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR,
     
  • the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR is necessary for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,
     
  • in the event that there is a legal obligation for the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. c GDPR, and
     
  • this is legally permissible and necessary for the processing of contractual relationships with you in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR.
     

4. data security
 

Personal data is only collected, used and processed by Sutor Bank if this is permitted by law or if the user expressly consents to the collection of data. In accordance with the requirements of data protection law, the user of our online offer will be informed of any data collection if personal data is affected in accordance with Art. 3 GDPR.
 

The declaration can be made electronically and revoked by the user at any time with effect for the future.
 

Data will only be passed on to third parties with the consent of our customers, unless we are subject to other legal requirements.
 

Personal data is only stored by Sutor Bank for as long as is necessary to fulfil the purpose for which the data was collected. If the user no longer wishes such storage, the personal data of our users will be deleted upon corresponding instruction, provided there are no legal or contractual regulations to the contrary. If the data has become inaccurate, the personal data of our users will be amended in accordance with a corresponding instruction. You can issue corresponding instructions to info@sutorbank.de.
 

By installing comprehensive measures adapted to the latest technical developments, we ensure that unauthorised access to, loss or manipulation of our customers' data is effectively prevented.
 

Every access or attempted access to our customers' data is logged by us.
 

All employees of Sutor Bank have been made aware of the statutory provisions of data protection law and have undertaken in writing to treat personal data to which they have access or of which they become aware confidentially and to process it only in accordance with Sutor Bank's instructions (data secrecy pursuant to Article 5 (1f), Article 28 (3b) and Article 29 and security of processing pursuant to Article 32 (4) GDPR).
 

Compliance with data protection regulations is reviewed at regular intervals by the company data protection officer and the Sutor Bank audit department.
 

5 Overview of the stored data
 

5.1 General
 

We store your IP address in a log file for a maximum period of 7 days for the purpose of ensuring the proper operation of our Internet services. This data is not passed on to third parties.
 

5.2 Newsletter
 

We also use personal information to offer you information by newsletter in accordance with your consent. This expressly does not include the use of your data for the purposes of advertising or market and opinion research. You can object to the processing and use of your personal data for the purpose of receiving the newsletter at any time.
 

5.3 Cookies
 

According to § 25 para. 2 TTDSG and in accordance with the opinion of the data protection supervisory authorities, no consent is required for the use of technical cookies. You will therefore not find any cookie banners on our website.
 

We only use technical cookies on our website. These are small files that your browser automatically creates and that are stored on your end device (laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not cause any damage to your end device and do not contain any viruses, Trojans or other malware.
 

Information is stored in the cookie that results in each case in connection with the specific end device used. However, this does not mean that we gain knowledge of your identity.
 

On the one hand, the use of cookies serves to make the use of our website more convenient for you. For example, we use session cookies to recognise that you have already visited individual pages of our website. These are automatically deleted after you leave our site.
 

In addition, we also use temporary cookies to optimise user-friendliness, which are stored on your end device for a specified period of time. If you visit our site again to use our services, it is automatically recognised that you have already visited us and which entries and settings you have made so that you do not have to enter them again.
 

The data processed by these technical cookies are necessary for the purposes mentioned to safeguard our legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.
 

Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. However, completely deactivating cookies may mean that you cannot use all the functions of our website.
 

5.4 Customer portal
 

To log in to our customer portal, we will send you an access number and a password (by separate post). After successfully logging in for the first time, you will be asked to change the password to a personal password. This is only known to you.
 

We store personal and contract-related details of your savings contract for you so that you can view your data at any time via the customer portal.
 

We will set up a personal mailbox for you in the Sutor Bank customer portal. Here you will receive your account and custody account statements, certificates, answers to your enquiries and other documents.
 

Our customer portal offers you the convenience of being able to call up an overview of your custody account holdings and your assets at any time and from anywhere. We store these details for you and keep them at your disposal.
 

To make it easier for you and your needs to be identified, we take the liberty of automatically linking your customer number to the contact form within the customer portal. In this context, we also ask you to provide your name and e-mail address. Further details, such as your postal address or telephone number, are voluntary.
 

If you send us a message via the contact form, we will only store and use your data to provide the services and for correspondence with you. Once you have registered in the customer portal, your data will only be transmitted securely. The data is transmitted directly to us; there is no insecure transmission by e-mail via the Internet.
 

If you send us a message by e-mail or via the contact form without having logged in to the customer portal beforehand, we would like to point out that communication via the Internet is not secure and may therefore be read or falsified by unauthorised third parties.
 

5.5 Intermediary portal
 

We store personal and contract-related details of your savings contract for you. To ensure optimum support, your intermediary can view this data via their access to the intermediary portal after you have given your consent.
 

6. analysis tools
 

The tracking measures listed below and used by us are carried out on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR. With the tracking measures used, we want to ensure a needs-based design and the continuous optimisation of our website. On the other hand, we use the tracking measures to statistically record the use of our website and to evaluate it for the purpose of optimising our offer for you. These interests are to be regarded as legitimate within the meaning of the aforementioned provision.
 

The respective data processing purposes and data categories result from the corresponding tracking tool, which is described as follows:
 

We use Matomo on our website, an open source software for the statistical analysis of visitor access. Matomo enables us to analyse and improve the use of our website without using cookies.
 

With cookie-less tracking, no cookies are stored on your device. Instead, we use Matomo in a configuration that allows us to collect information about the use of our website without collecting or storing personal data.
 

Matomo collects data such as your IP address (in anonymised form), the type of browser used, the operating system, the referrer URL (the previously visited page), the time of the server request [DR1] [JK2] and similar information. This data is used exclusively to analyse the usage behaviour of our website and is not passed on to third parties.
 

Your IP address is immediately anonymised when it is recorded so that no conclusions can be drawn about your person. We respect your privacy and ensure that your data is treated anonymously and confidentially.

7. social media
 

7.1 Use
 

We link from our website to the social networks Facebook and X in order to publicise our company. Responsibility for data protection-compliant operation must be guaranteed by the respective provider.
 

7.2 Facebook
 

We refer to the social network facebook.com (Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland). The link is marked with a stylised ‘f’. This link enables the user to share a contribution from our online offer on Facebook or to follow our offer on Facebook.
 

Information about the processing and use of data by Facebook as well as the purpose and scope of data collection can be found in Facebook's privacy policy. There you will also find information about your rights and setting options to protect your privacy: https://de-de.facebook.com/policy.php/.
 

7.3 X
 

We refer to the X service (X International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 IRELAND). The link is recognisable by a stylised ‘X’. This link enables the user to share a contribution from our online offering on X or to follow our offering on X.
 

Further information can be found in X's privacy policy at x.com/de/privacy.
 

8. information, data modification, cancellation, corrections and updates
 

The user has the right, upon request and free of charge, to receive information about the personal data stored by Sutor Bank.
 

Furthermore, the user has the right to correct incorrect data and to delete or block his/her personal data, provided that they are not subject to a statutory retention obligation.
 

Sutor Bank will be happy to provide the customer and other users of the website with further information on request about which data is stored and how it is used. If the data stored by Sutor Bank is incorrect, Sutor Bank will correct it. To do so, the customer can write to Sutor Bank at info@sutorbank.de or at the address given in the legal notice of this website.

If you would like further information about the data stored at Sutor Bank or have any questions regarding the processing of personal data at Sutor Bank, please contact our Data Protection Officer, Mr Reno Dardaillon.
 

These data subject rights under the GDPR are regulated in detail as follows
 

9. rights of data subjects
 

You have the right:
 

  • to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if it was not collected by us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information on its details;
     
  • in accordance with Art. 16 GDPR, to immediately request the correction of incorrect or incomplete personal data stored by us
     
  • in accordance with Art. 17 GDPR, to request the erasure of your personal data stored by us, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims
     
  • in accordance with Art. 18 GDPR, to demand the restriction of the processing of your personal data if the accuracy of the data is disputed by you, the processing is unlawful, but you refuse to delete it and we no longer need the data, but you need it for the assertion, exercise or defence of legal claims or you have lodged an objection to the processing in accordance with Art. 21 GDPR;
     
  • in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transmitted to another controller
     
  • in accordance with Art. 7 para. 3 GDPR, to revoke your consent given to us at any time. The consequence of this is that we may no longer continue the data processing that was based on this consent in the future and
     
  • to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters.
     

If you would like further information about the data stored at Sutor Bank or if you have any questions regarding the processing of personal data at Sutor Bank, please contact our Data Protection Officer, Mr Reno Dardaillon.
 

10. right to object
 

If your personal data is processed on the basis of legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, provided that there are reasons for this arising from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right to object, which will be implemented by us without specifying a particular situation.
 

If you wish to exercise your right of cancellation or objection, simply send an email to info@sutorbank.de.
 

11. data security
 

We use the widespread SSL (Secure Socket Layer) method in conjunction with the highest level of encryption supported by your browser when you visit our website. As a rule, this is 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can recognise whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.
 

We also use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.
 

12. e-mail clause
 

The purpose of sending and receiving e-mails is to speed up communication and prepare business transactions or to accompany and support customer care. On their way from sender to recipient, e-mails can be read, falsified or not delivered or delivered late. For these reasons, contracts cannot be effectively concluded or submitted to Sutor Bank by e-mail.
 

13. data protection information in accordance with the General Data Protection Regulation
 

In addition to this specific data protection declaration for our website, you can download further data protection notices here .
 

14. questions
 

Our data protection officer, Mr Reno Dardaillon, will be happy to answer any questions you may have on the subject of data protection:
 

Sutor Bank GmbH
Data Protection Officer
Hermannstrasse 46
20095 Hamburg
Phone: 040 82223163
Fax: 040 80801319
E-mail: datenschutz@sutorbank.de
 

15. topicality and amendment of this privacy policy
 

This privacy policy is currently valid and is dated September 2024
 

Hamburg, September 2024
 

(updated September 2024)