06401 22968-0 Service/Support

Privacy statement

Information about data acquisition pursuant Art. 12-14 DS-GVO [German General Data Protection Regulation] Information about the controller and the data protection officer The following provides information about our processing of your personal data when you use our website “”. Personal data are the data relating to an identified, or identifiable, natural person (the so-called “data subject”). These data may include, for example, your name, IP address, the software used by you (operating system, browser), or date and time of your accessing the website. Hence, below you will find the relevant contact (controller), the types of data that are processed individually for specific purposes, and the rights of data subjects in regards of the processing of personal data.

  1. Name and contact information of the controller and the company’s data protection officer

The Controller responsible as defined in the EU General Data Protection Regulation (GDPR) is Somack GmbH Gottesrain 11 35325 Mücke, Germany Tel.: +49 6401 22968-0 Fax: +49 6401 22968-100 E-mail: The controller is legally represented by Nadine Koc and Dipl. Ing. Sinan Koc. Data protection officer: We have not appointed a data protection officer and are not obliged to do so, according to the statutory provisions. However, you may direct, at any time, your questions or concerns to the aforementioned contact.

  1. Collection of personal data while visiting our website 

For the purely informational use of the website (, we collect only the personal data transmitted by your browser to our host server. If you intent to view our website, we register these data:

  • IP address
  • Date and time of the enquiry
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of request (actual page)
  • Access status/HTTP status code
  • The data volume transmitted
  • Originating website
  • Browser
  • Operating system and GUI
  • Language and version of browser software

These data are required for technical reasons, in order to display our website and to ensure stability and security of the website. The legal basis is Art. 6 Para. 1 S. 1 lit. f) GDPR. We have a justifiable interest in the technically fault-free representation and optimisation of our website, as well as the protection of our IT systems. Please note that the Internet portal can be used only limitedly or not at all, if you don’t transmit the above data. The data processed in this context are automatically deleted after 30 days, if their retention for the protection of IT systems or other security reasons (e.g., investigation of abusive or fraudulent activities) or evidence is no longer required. In these cases, we will delete the data only after a final resolution of each event. These data are never merged with other sources of data. 

  1. Cookies

In addition to the aforementioned data, we also place cookies on your computer to enable an analysis of your use of the website. Cookies are small text files stored on your hard drive and assigned to the browser you are using, providing specific information for the cookie-placing site. Cookies cannot execute programs on, or transmit viruses to, your computer. They are only used to make your viewing and use of the website to be simpler and more effective. Transient cookies and, in particular, the session cookies are automatically deleted when you close your browser. These cookies save a so-called session ID with which the various queries of your browser can be assigned to the common session. This allows our site to recognise your computer when you visit our website again. Session cookies are deleted when you log out or close your browser. Persistent cookies are deleted automatically after a defined period of time which may differ for each cookie. You can delete the cookies in the relevant security settings of your browser at any time. The legal basis for the use of these technically-necessary cookies is Art. 6 Para. 1 S. 1 lit. f) GDPR. We have a justifiable interest in a visually-appealing design of our website and its functional improvement by the use of technically-necessary cookies. Art. 7 GDPR defines the legal basis for the use of cookies. You may customise your browser settings and, for example, decline the installation of third-party cookies or any cookie. However, be advised, that if you do this, you may not have full access to all of the functions on this website. 

  1. Web analysis services 

For statistical evaluation, we use Google Analytics – a web analytics service from Google Inc., 1600 Amphitheatre, Parkway Mountain View, CA 94043, USA ("Google").  Google is certified pursuant to the ‘Privacy Shield” agreement and has undertaken their compliance with the European Data Protection standard in this respect (see also Google uses cookies. The information generated by the cookie regarding your use of this website is usually transmitted to a Google server in the US and further processed there. On our account, Google will use this information to evaluate your use of our website, compile reports about website activities for us, and provide further services relating to the use of the website and the Internet.  User profiles can be created from the processed information. However, Google is obliged to never associate the data transmitted by your browser (including your IP address) as they are generated with Google Analytics, with other information. To prevent a personalisation of these data, your IP address is usually anonymised by abbreviation within the member states of the European Union or in other states being party to the Agreement on the European Economic Area. Only in exceptional cases, will Google transmit the full IP address to the USA to be anonymised there. The legal basis for use of Google Analytics is Art. 6 Para. 1 lit. f), 7 GDPR and § 15 Para. 3 TMG (German Telemedia Act). The information collected with Google Analytics is automatically deleted by us after 14 months. Deletion is executed once per month. You can block the installation of cookies by making the relevant setting in your browser software. Furthermore, you can generally prevent any collection of information generated by the cookies and the data related to your use of our website (including your IP address) at Google as well as the processing of these data by Google, if you down load and install this browser plug-in: Alternative to the browser add-on or within the browsers of mobile devices, here:

>> Deactivate Google Analytics<<>

, to prevent any future data collection by Google Analytics within this website. An opt-out cookie is then stored on your device. If you delete your cookies, you must again activate this link. Please note, however, that in these cases (that is, if you object to data processing by Google) you may not have full access to all functionality of this website. See the following links for more information about information processing by Google, settings and objection: (for viewing and managing data, activities, security options and data protection settings of your Google account) (for the Google privacy statement and terms of use, as well as information about the technologies used by Google, such as cookies, advertising, site information)

  1. Collecting personal data upon interaction with us 

When you approach us via e-mail or a contact form, the information you provide (your e-mail address, name and, possibly, telephone number, as well as date and time of your approach) will be processed to respond to your request. Any other personal data processed during the send event (your IP address, in particular) are used to prevent an abuse of the contact form and to ensure the security of our IT systems. The legal basis for processing personal data during initial interaction is Art. 6 Para. 1 S. 1 lit. a), lit. b) and lit. f) GDPR. Data processing for communicating and protecting the security of our IT system establish a justifiable interest. Data obtained in this context will be deleted after retaining them for processing your request or the protection of our IT systems is no longer required; where legal obligations for retention apply, we will limit further processing. If data required for processing are not provided, we may not be able to respond to your request.

  1. Collecting personal data upon submission of job applications

If you provide your job application documents in electronic format or via regular mail, we process your personal data within the framework of the selection process. In addition to your master data (e.g., name, address, contact and date of birth), this includes special categories of personal information (e.g., a photo identifying your ethnic origin, disability, etc.). Please note that your data will be transmitted in encrypted form to our website. More information can be found under: “Data security”. These data are processed for corresponding with you and for completing the selection process. Any data processed by us in respect to a job application, are protected by technical and organisational security measures against manipulation and unauthorised access. Specifically, only employees of our Human Resources department and future supervisors will be able to access these data. Data processing is executed subsequent to your submission of a job application and is required for a correct execution of the application process according to Art. 6 Para. 1 S. 1 lit. a), b), Art. 9 Para. 1 S. 1 lit. a), b), Art. 88 GDPR in conjunction with § 26 BDSG General Data Protection Regulation (GDPR). Upon a rejection of your application, your personal information and application documents will be automatically deleted after 6 months, if you have not permitted extended storage pursuant to Art. 6 Para. 1 S. 1 lit. a) Art. 9 Para. 2 lit. a) GDPR, or if other justified interests oppose deletion and, thus, allow a processing pursuant to Art. 6 Para. 1 S. 1 lit. f), Art. 9 Para. 1 lit. f) GDPR. Such interest applies, in particular, to burden of proof when claims are asserted pursuant to the German Equal Treatment Act (AGG).

  1. Recipients of personal data 

Inasmuch as we have not specifically indicated in the above that your personal data are not transmitted to other persons or companies, your personal data are gathered directly on our host server and, subsequently, processed solely by us. Besides, we transmit your personal data only when:

  • You have provided your explicit authorisation pursuant to Art. 6 Para. 1 S. 1 lit. a) GDPR,
  • A transmission pursuant to Art. 6 Abs. 1 S. 1 lit. f) GDPR is required for asserting, executing or defending legal claims, and if there is no cause to assume that you would have a prevailing interest worthy of protection in the non-disclosure of your data,
  • A legal obligation for transmission pursuant to Art. 6 Para. 1 S. 1 lit. c) GDPR exists, and
  • is legally permissible and, pursuant to Art. 6 Para. 1 S. 1 lit. b) GDPR, required for the processing of contractual relationships with you.

The tasking of third-parties with data processing on the basis of a so-called “data processing contract”is based on Art. 28 GDPR. 

  1. Rights of data subjects 

8.1. General rights You have the following rights versus the controller responsible for the processing of data in respect of your personal data: – Right of disclosure pursuant to Art. 15 GDPR, – Right of correction or deletion pursuant to Art. 16 GDPR and Art. 17 GDPR, – Right of limitation of processing pursuant to Art. 18 GDPR, – Right of objection against processing pursuant to Art. 21 GDPR, – Right of data transferability pursuant to Art. 20 GDPR. 8.1. Right to complain In addition and pursuant to Art. 77 GDPR, you have the right to complain to a privacy protection authority about the processing of your personal data by the controller responsible for the processing of data. Generally, you may contact the supervisory authority covering your permanent residence or workplace, or the head office of the controller responsible for the processing of data (in the state of Hesse: Der Hessische Landesdatenschutzbeauftragte, Gustav-Stresemann-Ring 1, 65189 Wiesbaden, Germany). 8.2. Right to object Inasmuch as your personal data are processed on the basis of justifiable interest as defined in Art. 6 Para. 1 S. 1 lit. f) GDPR you have the right, pursuant to Art. 21 GDPR, to object to the processing of your personal data, if you have reasons arising from your special situation or if the objection is raised against direct advertising. In the latter, you have a general right to object which must be implemented by the controller responsible for the processing of data without the existence of a specific situation. A letter, e-mail or fax message to the above contact information is sufficient if you want to use your right to object or revoke. 8.3. Right to revoke If you have once given your approval for the processing of your personal data, you are entitled to revoke this approval at any time according to Art. 7 GDPR. Simply advise the controller responsible for the processing of data via letter, e-mail or fax. This ensures that the controller responsible for the processing of data on the basis of this approval must no longer continue data processing. However, they retain the right to continue with the processing of personal data if a legal rule permits this. Past processing of personal data is not affected by your revocation. 

  1. Data sources

Processed personal data originate directly from you, if not explicitly mentioned differently in the above, and they are provided by you through the hardware and software you are using.

  1. Data security

During your website visit, we use the standardised SSL procedure (Secure Socket Layer) in conjunction with the highest encryption level that is supported by your browser. This is, usually, a 256 bit encryption. If your browser does not support 256 bit encryption, we will use the 128 bit v3 technology. A specific page of our website that is transmitted with encryption is identified by the closed key or padlock symbol in the lower status bar of your browser. In addition, we use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss or damage, or against an unauthorised access by third parties. Our security activities are continuously improved along technological developments.

  1. Actuality and modifications of this data protection statement

This data protection statement is valid at this point and was issued in March 2020. Due to the continued further development of our website and our offering shown therein, or due to changing statutory or regulatory specifications, it may become necessary to modify this data protection statement. You may open and print the currently-valid data protection statement at any time on our website under


Find out for yourself!