1. General notes on data protection
“As a globally operating company we bear responsibilities worldwide for our employees, customers, business partners, shareholders and the public.” (SGL Code of Conduct)
The new General Data Privacy Regulation (GDPR) means a more stringent directive for all individuals in handling personal data. Personal data includes all data that can be used to identify you as a person.
We as a company take data protection very seriously. This means that the confidentiality and integrity of your personal data is of utmost importance to us. We need your personal data for the business relationship we share; however, it will not be processed or shared with third parties beyond what is necessary.
The respective SGL national legal entity with whom you have a contract or with whom you are in contact is responsible for processing your personal data. The data controller for your respective national legal entity can be found in the contact list below.
We carry out all processing in compliance with the applicable law of the EU General Data Protection Regulation (GDPR) as well as national implementation laws and execution acts.
For example, we process your data
- when you visit this website
- to establish, execute, and terminate a contractual relationship
- to exchange information with credit agencies and authorities
- for measures related to building and plant safety and to protect domiciliary rights
- to control risk within the company
- to assert legal claims
- to meet legal and statutory requirements
In our privacy notices, we inform you in detail about the sources of data, purposes and legal bases of processing, who receives your data in addition, whether your data is transmitted to a country outside the EU, and how long your data is stored. We also inform you about your data protection rights.
You can find all important information compiled for you here:
Privacy notices for applicants and employees
Privacy notices for customers and other data subjects
If you have questions about data protection or wish to assert your rights, please contact the respective data protection officer for the SGL company responsible at any time.
Please contact one of the e-mail addresses listed below.
Responsible per Legal Entity + Data Protection Officer
Right to data portability
You have the right to receive the data that we process automatically on the basis of your consent or to fulfill a contract and the right to have it transmitted to a third party in a common, machine-readable format. If you require the data to be transmitted directly to another controller, this will only be done if technically feasible.
Access, blocking, erasure
Within the context of the legally applicable provisions, you have the right to free information about your stored personal data, its origin and recipients and the purpose of data processing and, where necessary, the right to rectification, restriction, or erasure of this data. For further information and questions on personal data you can contact us at any time at the address given in the imprint.
Objection to marketing mail
We hereby object to the use of contact data published as part of the obligation to provide a legal notice to send advertising and information materials unless explicitly requested. The operators of the site expressly reserve the right to take legal action if advertising information, such as spam mail, is sent unsolicited.
Data protection officer
If you have questions about the collection, processing, or use of your personal data, for information, rectification, restriction, or erasure of data or revocation of consent or objection to certain data use, please contact the respective data protection officer of the legal entities.
2. Data collection on our website
SSL and TLS encryption
For security reasons and to protect the transmission of confidential content that you send to us as the site operator, this site uses SSL or TLS encryption. An encrypted connection can be recognized by the change from “http://” to “https://” in the URL bar of your browser and by the lock icon in your browser bar.
When SSL or TSL encryption is activated, the data that you transmit to us cannot be read by third parties.
The web pages use so-called “cookies.” These do not damage your computer and do not carry viruses. Cookies are small text files that are stored on your computer and saved by your browser. They serve to make our website more user-friendly, more effective, and more secure.
Most of the cookies we use are “session cookies.” They are automatically erased at the end of your session. Other cookies remain stored on your device until you delete them. These cookies allow us to recognize your browser on your next visit.
Your browser allows you to change your browser settings to notify you when you receive a cookie and only permit it in individual cases, exclude the acceptance of cookies in certain circumstances or generally, and activate the automatic erasure of cookies when the browser is closed.
Important: Deactivating cookies may restrict the functionality of this website.
Cookies that are necessary to run the electronic communication process or to provide certain functions you want to use (such as the download collection) are stored on the basis of art. 6 (1) f of the GDPR. The website operator has a legitimate interest in storing cookies for the purposes of error-free and optimized provision of their services.
The provision of the aforementioned personal data is neither prescribed by law nor required by contract. However, the functionality of our website is not ensured if such data are not stored.
If other cookies (e.g. cookies to analyze your surfing behavior) are stored, they require your voluntary consent.
When you visit our site for the first time, you can already set your cookie preferences. These can be changed at any time afterwards by clicking on "Configure Cookies" in the footer of the page, simply by selecting or deselecting the desired checkboxes and saving the settings. If you delete your browser history, the settings must be made again.
You can find out exactly which cookies we use and for what purpose as well as further information here.
Server log files
The provider of the site automatically collects and stores information in server log files, which your browser automatically transmits to us. These are:
a) Access log
- First line of request
- Required time (in microseconds) to serve the request
- Connection status after response is finished
b) Error log
- Time stamp
- Error type
- Process ID
- Client (only the IP of the upstream load balancer, not the actual IP)
- Error code
- Error description
- Affected resource
The server log files are retained for 90 days. This data will not be conflated with other data sources. The basis for data processing is art. 6 (1) a+f of the GDPR.
The provision of the aforementioned personal data is neither prescribed by law nor required by contract. However, without the IP address and cookie identifier, the service and the functionality of our website is not guaranteed. In addition, individual services may be limited or unavailable. If you do not agree to this, we ask that you leave the site.
The data entered in the contact form is only processed based on your consent (art. 6 (1) a of the GDPR). You can revoke this consent at any time with effect for the future. An informal message by e-mail to us is sufficient. The legality of data processing carried out until the revocation remains unaffected by the revocation.
The data entered by you in the contact form will remain with us until you request its erasure, revoke your consent to processing, or the purpose for data processing no longer exists (e.g. after your request has been processed).
This does not affect mandatory legal provisions – especially periods of retention.
Your personal data is provided on a voluntary basis. However, we can only process your inquiry if you tell us your name, email address and the reason for your inquiry.
Newsletter: Press releases, annual reports, investor relations news
If you would like to use the email services offered on the website (press releases, annual reports, investor relations news), we need your email address as well as information that allows us to verify that you are the owner of the indicated email address and agree to receive the newsletter. For news service applications we store the data in the back end of the website database (hosted by MCON) and send them by email to SGL's defined email post boxes.
No additional data is collected, or if so only on a voluntary basis. We use these data solely to send the requested information, to be able to address you personally, or for positive identification in the event of a cancellation. We do not forward this data to third parties.
The data entered in each application form is processed exclusively on the basis of your consent (Art. 1 (6) letter a of the General Data Protection Regulation (GDPR)). The consent given to store the data and email address and their use for sending the newsletter can be revoked at any time, for example by means of the opt-out process in the newsletter. The legality of the data processing steps already taken is not affected by the cancellation.
The data furnished to us by you for the purpose of receiving the newsletter are stored by us until you unsubscribe from the newsletter and are deleted by us after the newsletter is cancelled.
Your personal data is provided on a voluntary basis and only with your consent. Unfortunately, we cannot provide you with the offered email services without existing consent.
This website uses "zimpel" and "IR Insight" to send the newsletters. The providers are "news aktuell" and "Nasdaq". Zimpel and IR Insight are services with which, among other things, the sending of newsletters can be organized and analyzed. The data entered by you for the purpose of receiving the newsletter are stored on news aktuell and Nasdaq's servers.
Data analysis by zimpel and IR Insight
When we send newsletters using zimpel and IR Insight, we can determine whether a newsletter message has been opened and which links, if any, were clicked. Only a counting mechanism is activated when the message is opened without reference to the contact/recipient and no personal data are processed. If you do not wish to be analyzed by zimpel, you must cancel your subscription to the newsletter. For this purpose, we provide a corresponding link in each newsletter message.
You can find more information in the providers' data protection provisions:
- news aktuell: https://www.newsaktuell.de/datenschutz/
- Nasdaq: https://business.nasdaq.com/privacy-statement/
Conclusion of a processing contract
We concluded a processing contract with news aktuell and Nasdaq under which we obligate them to protect our customers' data and not pass it on to third parties.
Web analysis / Google Analytics
Insofar as you have given your consent, this website uses Google Analytics, a web analysis service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA. In the European area, Google Ireland Ltd, Gordon House, Barrow Street Dublin 4, Ireland is responsible (hereinafter: "Google").
The legal basis for the use of Google Analytics is your consent pursuant to Art. 6 (1) a) DSGVO. The provision is voluntary, as long as you do not provide any pers. related data, you will not suffer any disadvantages.
Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. Google will use this information on behalf of this website’s operator to analyze your use of the website so that reports about website activity can be compiled and other services related to website and internet use can be performed for the website operator. The IP address transmitted from your browser in the context of Google Analytics will not be conflated with other Google data. Automated decision-making, including profiling, does not take place with the collected data.
The information generated by the cookie about your use of this website is generally transmitted to a Google server in the USA and stored there. The data sent by us and linked to cookies, user IDs (e.g. user ID) or advertising IDs are automatically deleted after 14 months. The deletion of data whose retention period has been reached takes place automatically once a month.
a) IP anonymization
We have activated the IP anonymization function on this website. This means your IP address will be truncated by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there.
b) Demographic features on Google Analytics
This website uses the "demographic features" function of Google Analytics. This allows reports to be created that contain information on the age, gender and interests of visitors to the site. This data comes from interest-related advertising by Google and from visitor data from third-party providers. This data cannot be assigned to a specific person. You can disable this feature at any time through the ad preference settings in your Google Account or generally opt-out of Google Analytics collecting your information as described in the "Revocation of consent" section.
c) Order processing
We have signed an order processing agreement with Google and fully implement the strict requirements of the GDPR for the use of Google Analytics.
d) Revocation of consent
You can prevent Google Analytics from collecting your data by clicking on the following link:
This will install an opt-out cookie on your device. This will prevent the collection by Google Analytics for this website and for this browser in the future, as long as the cookie remains installed in your browser.
You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plug-in available under the following link: Browser Add On to disable Google Analytics.
https://www.google.com/analytics/terms/de.html and at
e) Google Analytics Remarketing
Our website uses Google Analytics Remarketing functions in connection with the cross-device functions of Google Ads and Google DoubleClick. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
This function makes it possible to link the advertising target group generated with Google Analytics Remarketing with the cross-device functions of Google Ads and Google Doubleclick. This way, personalized advertisements based on your interests that were tailored to you based on your previous usage and surfing behavior can also be displayed on another one of your devices (e.g. Tablet or PC).
If you have given Google the corresponding consent, Google links your online and app browser history with your Google account for this purpose. This way, the same personalized advertisements can be placed on every device on which you have signed in with your Google account. To support this function, Google Analytics identifies Google-authenticated user IDs that are temporarily linked with our Google Analytics data in order to define and generate target groups for cross-device advertising.
You can permanently opt out of cross-device remarketing/targeting by deactivating personalized advertising in your Google account. To do so, follow this link: https://www.google.com/settings/ads/onweb/
The data collected in your Google account is aggregated exclusively on the basis of your consent, which you can give to Google and also revoke (Art 6 (1) letter a GDPR). For data collection activities that are not consolidated in your Google account (e.g. because you do not have a Google account or object to such consolidation), the data is collected based on Art. 6 (1) letter f GDPR. The legitimate interests are based on the fact that the website operator has an interest in the anonymous analysis of website visitors for the purpose of direct advertising.
You can find further information and the data protection provisions in Google's data protection declaration under: https://www.google.com/policies/technologies/ads/.
f) Google ads, signals, and conversion tracking
This website uses Google Ads. Ads is an online advertising program of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”).
We use conversion tracking in connection with Google Ads. If you click on an advertisement placed by Google, a cookie is set for conversion tracking. Cookies are small text files that are stored on the user's computer by their internet browser. These cookies expire after 30 days and do not serve to personally identify the user.
If the user visits certain pages of this website and the cookie has not yet expired, we and Google can see that the user clicked on the advertisement and was routed to this webpage.
Every Google Ads customer receives another cookie. The cookies cannot be tracked across the websites of Ads customers. The information obtained with the help of the conversion cookies serves to generate anonymous conversion statistics for Ads customers that have decided in favor of conversion tracking. We learn the total number of users that have clicked on our advertisement and were routed to a webpage containing a conversion tracking tag. However, we do not receive any information with which we can personally identify users.
If you do not wish to participate in tracking you can reject this usage by deactivating the Google conversion tracking cookie over your internet browser under user settings. Then you will not be included in the conversion tracking statistics.
Conversion cookies are stored on the basis of Art. 6 (1) letter f GDPR. The website operator has a legitimate interest in the analysis of user behavior in order to optimize both their web offering as well as their advertising.
You can find more information on Google Ads and Google conversion tracking in Google's data protection provisions: https://www.google.de/policies/privacy/.
LinkedIn Insight Tag
This website uses the LinkedIn Insight Tag, an analytics tool provided by LinkedIn Ireland Unlimited Company (https://www.linkedin.com, Wilton Place, Dublin 2, Ireland).
LinkedIn processes your personal data based on your consent via the pixel "LinkedIn Insight Tag" to
- create campaign reports and
- track conversions, click events as well as targeted advertising outside our websites (retargeting) based on URL, referrer URL, IP address shortened or hashed (for cross-device retargeting), devices and browser properties (user agent) and timestamp.
We do not receive any personal data from you from LinkedIn, only anonymized campaign reports on website audience and ad performance.
LinkedIn storage period: pseudonymization after 7 days, final deletion after 180 days.
For more information, please visit: https://www.linkedin.com/legal/privacy-policy.
This website uses Hotjar, an analysis software program by Hotjar Ltd. ("Hotjar") (https://www.hotjar.com, 3 Lyons Range, 20 Bisazza Street, Sliema SLM 1640, Malta, Europe). With Hotjar it is possible to gauge and evaluate usage behavior (clicks, mouse movements, scroll height, etc.) on our website.
The information that is thereby generated by the tracking code and cookie regarding your visit to our website is sent to the Hotjar server in Ireland, where it is stored. The following information is collected by the tracking code:
a) Device-dependent data: The following information can be recorded by your device in your browser:
- Your device's IP address (collected and stored in an anonymous format)
- Your device's screen size
- Device type and browser information
- Geographic location (only the country)
- The preferred language in which to present our website
- Log data
b) The following data is automatically generated by our server when Hotjar is used:
- Referring domain
- Webpages visited
- Geographic location (only the country)
- The preferred language in which to present our website
- Date and time of access
Hotjar will use this information to evaluate your use of our website and to generate reports on your use as well as to provide other services related to your use of the website and internet analyses of the website.
Hotjar also uses third-party services to provide its service, for example Google Analytics and Optimizely. These third-party entities can store information that your browser sends during your visit to our website, for example cookies or IP inquiries. For more information on how Google Analytics and Optimizely store and use data, please see their corresponding data protection declarations.
Optimizely's data protection declaration can be found under the following link: https://www.optimizely.com/de/privacy/
By continuing to use this website, you agree to the aforementioned processing of the data generated there by Hotjar and its third-party providers as part of their data protection declarations.
The cookies used by Hotjar have different lifespans; some remain valid for up to 365 days, others only during the current visit.
You can prevent Hotjar from recording data by clicking on the following link and following the instructions: https://www.hotjar.com/opt-out.
3. Data collection on social media
Social media platforms
SGL Carbon has a company page on several social media platforms. Through this, we would like to offer further opportunities for information about our company and for exchange. SGL Carbon has company pages on the following social media platforms:
When you visit or interact with a profile on a social media platform, personal data about you may be processed. Information associated with a social media profile used also regularly constitutes personal data. This also covers messages and statements made while using the profile. In addition, during your visit to a social media profile, certain information is often automatically collected about it, which may also constitute personal data.
We maintain a Facebook fan page for our company.
A simple link will take you from our website to our Facebook fan page. This platform is operated by Meta Platforms Ireland Ltd (Ireland/EU - Meta). We maintain this Facebook company page in order to inform users or interested parties as well as customers about our company. We provide information via our Facebook profile and offer users the opportunity to communicate with us.
As soon as you visit our Facebook fan page, follow this page or engage with this page, Meta processes personal data. As a result, Meta provides us with insights and statistics in an anonymous form, after which we are informed about the types of actions visitors take on our site. It is not possible for us to draw conclusions about individual users based on this information. Meta processes data that you have entered in your profile based on your own published information. In addition, Meta processes in particular data about how you interact with our Fanpage company site.
The processing of your personal data is based on your consent pursuant to Art. 6 para. 1 p.1 lit.a DSGVO, which you have given to Meta in the context of your registration.
We cannot exclude that a third country transfer, e.g. to servers located in the USA, takes place when you call up our Fanpage - company presence.
We use the technical platform and services of Twitter, Inc.,1355 Market Street, Suite 900, San Francisco, CA 94103, USA for the short message service offered.
We would like to point out that you use the Twitter short message service offered here and its functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g. sharing, rating). Alternatively, you can also access the information on our website at www.sglcarbon.com.
The data collected about you when using the service is processed by Twitter Inc. and may be transferred to countries outside the European Union. This includes, among other things, your IP address, the application used, information about the terminal device you are using (including device ID and application ID), information about websites called up, your location and your mobile phone provider.
This data is assigned to the data of your Twitter account or your Twitter profile. We have no influence on the type and scope of the data processed by Twitter, the way it is processed and used, or the transfer of this data to third parties. You can find information about which data is processed by Twitter and for what purposes in Twitter's data protection declaration (https://twitter.com/privacy?lang=en) and about the possibility of viewing your own data on Twitter (https://help.twitter.com/en/managing-your-account/accessing-your-twitter-data).
Furthermore, you have the option of requesting information via the Twitter data protection form or the archive requirements:
We, as the provider of the information service, do not collect or process any data beyond this from your use of our short message service.
You have options to restrict the processing of your data in the general settings of your Twitter account and under the item "Privacy and security". In addition, you can restrict Twitter's access to contact and calendar data, photos, location data, etc. on mobile devices (smartphones, tablet computers) in the settings options there. However, this depends on the operating system used. Further information on these points is available on the following Twitter support pages: https://support.twitter.com/articles/105576#.
LinkedIn Ireland Unlimited Company (Ireland/EU - "LinkedIn") is the sole responsible party for the processing of personal data when you visit our LinkedIn page. For more information about the processing of personal data by LinkedIn, please visit https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy.
When you visit, follow or engage with our LinkedIn company page, LinkedIn processes personal data to provide us with anonymized statistics and insights. This provides us with insights into the types of actions that people take on our site (so-called page insights). For this purpose, LinkedIn processes in particular such data that you have already provided to LinkedIn via the information in your profile, such as data on function, country, industry, seniority, company size and employment status. In addition, LinkedIn will process information about how you interact with our LinkedIn company page, such as whether you are a follower of our LinkedIn company page. With the page insights, LinkedIn does not provide us with any personal data about you. We only have access to the aggregated Page Insights. It is also not possible for us to draw conclusions about individual members via the information in the Page Insights. This processing of personal data in the context of the Page Insights is carried out by LinkedIn and us as joint controllers. The processing serves our legitimate interest to evaluate the types of actions taken on our LinkedIn company page and to improve our company page based on these insights. The legal basis for this processing is Article 6 (1) (f) GDPR. We have entered into a joint controller agreement with LinkedIn, which sets out the distribution of data protection obligations between us and LinkedIn. The agreement is available at: https://legal.linkedin.com/pages-joint-controller-addendum. Thereafter, the following applies:
- LinkedIn and we have agreed that the Irish Data Protection Commission is the lead supervisory authority overseeing processing for Page Insights. You always have the right to lodge a complaint with the Irish Data Protection Commission (see at www.dataprotection.ie) or any other supervisory authority.
We maintain a company profile on XING.
A simple link will take you from our website to our presence on XING. This platform is operated by New Work SE, Am Strandkai 1, 20457 Hamburg, Germany. We maintain this XING company page in order to inform users or interested parties as well as customers about our company. We provide information via our XING profile and offer users the opportunity to communicate with us.
As soon as you visit our XING company profile, connect to this site or engage with this site, XING processes personal data. As a result, XING provides us with insight and statistics in anonymized form, after which we are informed about the types of actions visitors take on our site. It is not possible for us to use this information to draw conclusions about individual members.
On the one hand, XING processes data that you have stored in your profile on the basis of your own published details. In addition, XING processes data in particular about how you interact with our XING company site.
The processing of your personal data is based on your consent pursuant to Art. 6 (1) sentence 1 lit.a DSGVO, which you have given to XING as part of your registration.
Processing of data you provide to us via our social media pages
We also process information that you have provided to us via our company page on the respective social media platform. Such information may be the username used, contact details or a message to us. We regularly process this personal data only if we have previously expressly requested you to provide us with this data. These processing operations by us are carried out as the sole responsible party. We process this data on the basis of our legitimate interest in contacting inquiring persons. The legal basis for the data processing is Article 6 (1) (f) GDPR.
In addition, we may process such data for evaluation and marketing purposes. This processing is carried out on the legal basis of Art. 6 (1) (f) GDPR and serves our interest in further developing our offer and informing you specifically about SGL Carbon's offers. Further data processing may take place if you have consented (Art. 6 para. 1 letter a) GDPR) or if this serves the fulfillment of a legal obligation (Art. 6 para. 1 letter c) GDPR).