Saint-Gobain Abrasives GmbH Privacy Policy

Last updated: January 2023

The provisions of the EU General Data Protection Regulation (hereinafter referred to as the “GDPR”) have been valid throughout Europe since May 25, 2018. With this document, we would like to inform you about how Saint-Gobain Abrasives GmbH processes personal data in accordance with this new regulation (see Art. 13 GDPR). Please read our Privacy Policy carefully. Should you have any questions or comments about our Privacy Policy, you may contact our data protection officer as indicated in Section 2.


Table of Contents

1. Overview
2. Name and contact information for the data controller and the corporate data protection officer 
3. Purposes of data processing, legal bases and legitimate interests pursued by Saint-Gobain Abrasives GmbH or a third party and categories of recipients
3.1. Accessing our website or application
3.2. Conclusion, performance or termination of a contract
3.3. Data processing for advertising purposes
3.4. Website and website optimization
4. Transmission to recipients outside the EU
5. Your rights
6. Data security


1. Overview

The following data protection notice informs you about the type and scope of personal data processed by Saint-Gobain Abrasives GmbH. Personal data is information that can be used to personally identify you whether directly or indirectly. Data processing performed by Saint-Gobain Abrasives GmbH may essentially be divided into two categories:

  • All data required for the performance of a contract with Saint-Gobain Abrasives GmbH will be processed for the purpose of performing the contract. If external service providers are also involved in performing a contract, e.g. logistics companies or subcontractors, your data will be passed on to them to the extent necessary in each particular case.
  • A variety of information is exchanged between your terminal device and our server when you access the website/application operated by Saint-Gobain Abrasives GmbH. This may also involve personal data. The information collected in this way is used, among other things, to optimize our website or to display advertising in your terminal device’s web browser.

In accordance with the provisions GDPR, you have a variety of rights that you may exercise in your dealings with us. These include, among others, the right to object to specific forms of data processing, in particular data processing for advertising purposes. 

Should you have any questions regarding this data protection notice, please feel free to contact our corporate data protection officer at any time. You will find the relevant contact information below.


2. Name and contact information for the data controller and the corporate data protection officer 

This privacy policy applies to data processing by  (“data controller”),
Saint-Gobain Abrasives GmbH
Birkenstraße 45-49
50389 Wesseling, Germany
E-Mail: sga-de-di [at] (sga-de-di[at]saint-gobain[dot]com)
Phone: +49(0)2236 703 -0

and to the following websites and applications: The Saint-Gobain Abrasives GmbH corporate data protection officer can be contacted at the address listed above. 

ZN Saint-Gobain Germany
Rainer Surberg
Krefelder Str. 195
52070 Aachen
E-Mail: Rainer.Surberg [at] (Rainer[dot]Surberg[at]saint-gobain[dot]com)
Phone: +49 (0) 241 40020603


3. Purposes of data processing, legal bases and legitimate interests pursued by Saint-Gobain Abrasives GmbH or a third party and categories of recipients

3.1.   Accessing our website or application
When you access our website/application, the browser used on your terminal device automatically sends information to the server for our website/application and temporarily saves it in a so-called log file. We have no control over this. The following information will be collected without action on your part and stored until automatic deletion: 

  • The IP address of the requesting Internet-capable device, 
  • The date and time of access, 
  • The name and URL of the retrieved file, 
  • The website/application from which the website was accessed (referrer URL), 
  • The browser you are using and, if applicable, the operating system of your Internet-capable computer as well as the name of the access provider. 

The legal basis for processing the IP address is Article 6 (1 lit. f) GDPR. Our legitimate interest is based on the purposes of data collection described below. The data collected does not enable us to identify you nor do we attempt to do so.

We use the IP address of your terminal device and other data listed above for the following purposes:

  • Ensuring a trouble-free connection,
  • Ensuring convenient use of our website/application, 
  • Evaluating system security and stability. 

We also use “cookies”, tracking tools and social media plugins for our website/application. The exact procedures involved, and how your data will be used for the respective purposes, are explained in more detail in Section 3.4 below. 

If you have consented to geo-localization in your browser or operating system or other settings on your terminal device, we will use this function to offer you individual services related to your current location (e.g. the location of the nearest branch). We process your location data collected in this way exclusively for this function. This data is deleted upon the conclusion of your use of this function.


3.2. Conclusion, performance or termination of a contract

3.2.1. Data processing upon the conclusion of a contract
The object of Saint-Gobain Abrasives GmbH is Production and distribution of abrasives and abrasive solutions for commercial and industrial use. In this context, we process the data required for the conclusion, performance or termination of a contract with you. This includes:

  • Company, first name, last name
  • Invoicing and shipping address
  • E-mail address, if applicable
  • Invoice and payment information
  • Date of birth, if applicable
  • Telephone number, if applicable

The legal basis for this is Art. 6 (1 lit. b) GDPR, i.e. you provide us data on the basis of the contractual relationship between you and us. Provided we do not use your contact information for advertising purposes (see Section 3.3.), we will store the data collected for the performance of the contract until the expiration of any applicable statutory or contractual warranty and guarantee rights. Upon expiration of this period, we retain information concerning the contractual relationship required by commercial and tax law for the applicable periods specified by law. During this period (regularly ten years from the conclusion of the contract), the data will be subject to reprocessing solely in the event of an audit by the tax authorities.

3.2.2. Identity, credit rating and transmission to credit agencies
Where necessary, we verify your identity using information from service providers. The legal basis for this is Art. 6 (1 lit. b and f) GDPR. The right to do so results from the protection of your identity and the avoidance of fraud attempts at our expense. The circumstances and the result of our inquiry will be added to your customer account for the duration of the contractual relationship. 

If you have already purchased items from us, your data stored by us about you can be supplemented by so-called score values. Scoring is the creation of a forecast of future events based on collected information and past experience. An assignment is made to statistical groups of persons who had similar entries in the past on the basis of personal data stored about you. The underlying method used is a well-founded mathematical-statistical method for predicting risk probabilities that has long been tried and tested in practice. 

In the event of a delay in payment, we will transmit the relevant data to a company commissioned to collect the claim if other applicable legal requirements are met. The legal bases for this are both Article 6 (1 lit. b) and Article 6 (1 lit. f) GDPR. The assertion of a contractual claim is deemed to be a legitimate interest within the meaning of the second provision referred to above. Information about the delay in payment or a possible loss of receivables will also be forwarded to credit agencies cooperating with us if other applicable legal requirements are met. The legal basis for this is Art. 6 (1 lit. f) GDPR. The legitimate interest required here arises from our interest and that of third parties in reducing contractual risks for future contracts.


3.3. Data processing for advertising purposes

The following information relates to the processing of personal data for advertising purposes. The GDPR considers this form of data processing to be permitted in principle on the basis of Art. 6 (1 lit. f) GDPR and to be a legitimate interest. The retention period for data used for advertising purposes is not based on rigid principles and is rather determined on the basis of whether continued retention is necessary for purposes of advertising-related contact. Please see Section 3.3.3. for the process applicable should you object.

3.3.1. Advertising purposes of Saint-Gobain Abrasives GmbH and of third parties
If you have concluded a contract with us, we will list you as an existing customer. In this case, we process your postal contact data without any specific consent in order to send you information about new products and services. We process your e-mail address without any specific consent to send you information about our own similar products.

3.3.2. Interest-based advertising
In order to ensure that you only receive advertising information that is of supposed interest to you, we categorize and supplement your customer profile with the following information. Statistical information as well as information about you (e.g. basic data of your customer profile) is used for this purpose. The aim is to provide you solely with advertising that corresponds to your actual or perceived needs and, accordingly, not to bother you with useless advertising. 

3.3.3. Right to object
You can object to data processing for the above-mentioned purposes at any time free of charge, specifically for the respective communication channel and with effect for the future. All you need to do is send an e-mail or a letter by regular mail using the contact information provided in Section 2.

If you submit an objection, the relevant contact address will be blocked for further data processing for advertising purposes. We would like to point out that in exceptional cases advertising material may still be sent for a short period even after receipt of your objection. This is due to the technically required lead time for advertisements and does not mean that we have not implemented your objection. We apologize for the inconvenience. 

3.3.4. Sending newsletters 
On our website we offer you the possibility to register for our newsletter. To ensure that no mistakes are made when entering the email address, we use the so-called double opt-in procedure: After you have entered your email address in the registration field, we will send you a confirmation link. Only once you have clicked on this confirmation link will your email address be added to our distribution list. You can revoke your consent at any time with effect for the future by sending a short note by email to the email address given in section 2. In addition to this, there is a link that you can click on to revoke you consent in the email containing each newsletter.


3.4.  Online presence and website optimisation

3.4.1. Cookies – general information
When you visit a website, it may retrieve or store information about your browser, usually in the form of cookies. This information might be about you, your settings or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalised web experience. Because we respect your right to privacy, you can choose not to allow certain types of cookies. Click the different category headings to find out more and to change some of our default settings. Please note that blocking some types of cookies may impact your experience on our websites and the services we are able to offer. 
The cookie consent manager, which opens when you access the site, allows you to select which categories of cookies to agree or reject. Essential cookies cannot be rejected as they are necessary to provide you with services (see point Essential cookies
These cookies are necessary for the website to function and cannot be switched off. Typically, these cookies are only set in response to actions you take in terms of service requests, such as setting your privacy preferences, logging in, or completing forms. You can set your browser to block these cookies or to notify you about these cookies, but some areas of the website may not function properly. These cookies do not save any personal data. The legal basis for these cookies is Art. 6 (1) b GDPR or, for third countries, Art. 49 (1) b GDPR. Performance cookies
These cookies enable us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies, we will not know when you visited our site. The legal basis for these cookies is Art. 6 (1) a GDPR or, for third countries, Art. 49 (1) b GDPR. Functional cookies
These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third-party providers whose services we use on our pages. If you do not allow these cookies, some or all of these services may not function properly. The legal basis for these cookies is Art. 6 (1) a GDPR or, for third countries, Art. 49 (1) b GDPR. Marketing cookies
These cookies can be set by our advertising partners via our website. They can also be used by these companies to create a profile of your interests in order to show relevant advertisements on other websites. They do not directly store personal data but are based on the unique identification of your browser and your Internet device. If you do not allow these cookies, your advertising will be less targeted. The legal basis for these cookies is Art. 6 (1) a GDPR or, for third countries, Art. 49 (1) b GDPR.

3.4.2 Mouseflow
This website uses Mouseflow, a web analytics tool from Mouseflow ApS, Flaesketorvet 68, 1711 Copenhagen, Denmark, to record randomly selected individual visits (only with an anonymised IP address). This creates a log of mouse movements and clicks for the sole purpose of randomly replaying individual website visits and deriving potential improvements for the website. As a result of anonymization, the information cannot be traced back to a person and will not be shared with third parties. If you do not want Mouseflow to collect your data, you can disable this on the aforementioned website used by Mouseflow by clicking on the following link:

3.4.3 Piwik advertising analysis service
This website uses the Piwik advertising analysis service. This service uses cookies that allow us to analyze the use of the website. The usage information generated by the cookie (including your shortened IP address) is transmitted to our server and stored for usage analysis for the purpose of optimizing our website. Your IP address is immediately anonymized during this process. As a result, you as a user remain anonymous to us. The information generated by the cookie about the use of the website will not be disclosed to third parties.

3.4.4 Google Analytics
For the purpose of demand-oriented design and continuous optimization of our pages, we use Google Analytics, a web analytics service provided by Google Inc. (“Google”). For this purpose, pseudonymised user profiles are created and cookies are used. The information generated by cookies about your use of the website, such as: 

  • Browser type/version,
  • Operating system used,
  • Referrer URL (the previously-visited page),
  • The hostname of the accessing computer (IP address), 
  • Time of query on our server,  

shall be transferred to and saved on a Google server in the United States. This will be used for evaluating your use of the website, compiling reports on website activities, and providing other services relating to website and internet usage for market research purposes and for developing this website as needed. This information may also be transferred to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not, under any circumstances, associate the anonymised IP address transmitted by your browser when using Google Analytics with any other data held by Google. IP addresses will be anonymised so that attribution is not possible (IP masking). 

You may refuse the installation of cookies by selecting the appropriate settings for your browser. However, please note that if you do this you may not be able to use the full functionality of this website. You can also block the collection of the data generated by the cookie and relating to your usage of our website (including your IP address) and the processing of such data by Google by downloading and installing a web browser add-on. As an alternative to the web browser add-on, in particular for web browsers installed on mobile end devices, you can also block tracking by Google Analytics by clicking here. This will install an opt-out cookie, which will prevent your data from being collected the next time you visit this website. The opt-out cookie will only work on this browser and for our website and will be stored on your device. If you delete cookies from this browser, you will have to reinstall the opt-out cookie. For further information on data protection with respect to Google Analytics, please refer to Google Analytics Help

3.4.5 Social media plugins
On our website, we use social plugins from the social networks Facebook, Google+, Twitter, Instagram, LinkedIn and Xing [add more if necessary] in order to make our company better known via these sites. The underlying advertising purpose is to be regarded as a legitimate interest within the meaning of the GDPR. The responsibility for data-protection compliant operation is to be ensured by their respective providers. The integration of these plugins by us takes place by way of the so-called two-click method in order to protect visitors to our website as well as possible: by default, we embed deactivated buttons in our website that do not establish contact with the servers of the social networks. The buttons only become active and establish a connection once you activate them, thus granting your consent to communications with Facebook, Google or Twitter etc. You can then transmit your recommendation with a second click. If you are already logged in to the social network of your choice and transmit your recommendation via one of these networks, then this happens without opening another window. On Twitter, a pop-up window appears in which you can continue to edit the text of the Tweet.

3.4.6 Facebook
Our website uses so-called social plugins from Facebook Inc., USA. The plugins are marked with a Facebook logo or have "Like" and/or "Share” buttons. A list of Facebook plugins, showing what they look like, can be found by clicking the following link. When such a plugin is activated (by the first click), your browser will establish a direct connection to Facebook's servers. The content of the plugin will be sent directly to the browser by Facebook and integrated into the page. By means of this integration, Facebook will learn that the browser has accessed the corresponding page on our website, even if you do not have a Facebook profile or are not currently logged in to Facebook. This information (including your IP address) is transmitted directly to a Facebook server in the USA by your browser and stored there. If you are logged in to Facebook, Facebook can directly link your visit to our website to your Facebook profile. If you interact with plugins, for example by pressing the “Like” button, this information is also sent directly to a Facebook server and stored there. The information is also published on your Facebook profile and displayed to your Facebook friends. 

For information about the scope and purpose of this data collection, processing and use by Facebook and related rights and setting options to protect privacy, please see Facebook’s privacy policy. If you do not want Facebook to link the information collected about your visit to our website directly to your Facebook profile, you must log out of Facebook before visiting our website. You can also completely prevent the loading of Facebook plugins with add-ons for your browser, e.g. with the “Facebook Blocker”. 

3.4.7 LinkedIn
Our website uses plugins from the social network LinkedIn, Wilton Place, Dublin 2, Ireland (“LinkedIn”). 

The plugins are configured as a two-tier solution to protect user privacy. Each time you visit one of our pages that contains LinkedIn features, your browser will only establish a direct connection to LinkedIn’s servers when you activate the LinkedIn button by clicking on it. The content of the plugin is transmitted by LinkedIn directly to your browser and integrated into the website. 

When the plugin is activated, LinkedIn receives, among other things, the information that the user has accessed our website. For information about the scope and purpose of this data collection, processing and use by LinkedIn and related rights and setting options to protect user privacy, please see LinkedIn’s privacy policy

We expressly point out that we have no influence on the type, scope and use of the data that LinkedIn collects with the LinkedIn button. 

3.4.8 Instagram
Our website uses features of Instagram, provided by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. If you are logged into your Instagram account, you can link the contents of our pages to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate the visit to our pages with your user account. Please note that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Instagram.

For more information, see the Instagram Privacy Policy

We expressly point out that we have no influence on the type, scope and use of the data that Instagram collects with the Instagram button.

3.4.9 YouTube
Our website uses plugins from YouTube, which is operated by Google. YouTube is operated by YouTube LLC with headquarters at 901 Cherry Avenue, San Bruno, CA 94066, USA. When you visit one of the pages of our website that has a YouTube plugin, a connection is established to the YouTube servers. This informs the YouTube server which of our pages you have visited. If you are logged in to your YouTube account, this enables YouTube to link this information to your user account. You can prevent this by logging out of your YouTube account. We use YouTube to present our online services in an appealing way. This represents a legitimate interest within the meaning of Art. 6 (1) f GDPR.

For more information on how we use user data, please refer to the YouTube privacy policy


4. Data recipients outside the EU

Apart from the processing described in detail in Section 3, we do not pass your data on to recipients based outside the European Union or the European Economic Area. Insofar as the processing operations listed in Section 3 transfer data to recipients located outside the European Union or the European Economic Area, the servers are located in the USA. This data transfer takes place in accordance with the principles of the Privacy Shield and on the basis of the standard contractual clauses of the European Commission.


5. Your rights 

5.1 Overview

In addition to the right to revoke your consent granted to us, you are also entitled to the following additional rights if the respective legal requirements are met:

  • Right of access to your personal data stored by us pursuant to Art. 15 GDPR; in particular, you may request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, and the origin of your data, in case it has not been collected directly from you,
  • Right of rectification of incorrect data or the right to have correct data completed in accordance with Art. 16 GDPR,
  • Right to deletion of your data stored by us in accordance with Art. 17 GDPR, insofar as no legal or contractual retention periods or other legal obligations or rights to further storage are to be observed, 
  • Right to restriction of the processing of your data pursuant to Art. 18 GDPR, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its deletion; the controller no longer requires the data, but you need it for the assertion, exercise or defence of legal claims or you have objected to the processing pursuant to Art. 21 GDPR,
  • Right to data portability pursuant to Art. 20 GDPR, i.e. the right to have selected data about you stored by us transferred in a common, machine-readable format, or to request the transfer to another controller,
  • The right to lodge a complaint with a supervisory authority. As a general rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters for this purpose.

5.2 Right to object

Under the conditions of Art. 21 (1) GDPR, data processing may be objected to for reasons arising from the particular situation of the data subject.

The above general right to object applies to all processing purposes described in this privacy notice, which are processed on the basis of Article 6 (1 lit. f) GDPR. Unlike the specific right to object relating to data processing for advertising purposes, we are only obliged under the GDPR to implement such a general objection if you provide us with reasons of overriding importance for doing so (e.g., a possible risk to life or health). In addition, you have the option of contacting the supervisory authority responsible for Saint-Gobain Abrasives GmbH, in this instance, the data protection commissioner of the Land of Hesse in Wiesbaden.


6. Data security

All data transmitted by you personally, including your payment data, will be transmitted using the generally accepted and secure standard SSL (Secure Socket Layer) protocol. SSL is a secure and proven standard that is also used, for example, in online banking. You can recognise a secure SSL connection, among other things, by the s appended to the http (i.e. https://…) in the address bar of your browser or by the lock icon in the bar at the bottom of your browser.