§ 1 Information about the collection of personal data
In the following, we inform you about the collection of personal data when using our website. Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses, user behavior.
The responsible party pursuant to Art. 4 No. 7 of the German Data Protection Regulation (DSGVO) is
SEAL ONE AG
represented by the executive board
Berliner Straße 44
60311 Frankfurt am Main
Telephone: (069)1301468-52
E-Mail: office@seal-one.com
(see also our imprint)
You can reach our data protection officer at PRIVACY ONE GmbH, Lyoner Straße 15, 60528 Frankfurt am Main, at boehm@privacy.one or our postal address with the addition of "the data protection officer".
§ 2 Processing of personal data when visiting our website, legal basis, purpose
1. When you use the website for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure or improve stability and security:
– IP address
– date and time of the request
– time zone difference to Greenwich Mean Time (GMT)
– content of the request (specific page)
– access status/HTTP status code
– amount of data transferred in each case
– web page from which the request comes
– browser
– operating system and its interface
– language and version of the browser software
The legal basis is Art. 6 para. 1 p. 1 lit. f) DSGVO.
2. Payment processing
Payment by credit card via payment service provider (PSP)
If you choose to pay by credit card, payment processing will be handled exclusively by an external payment service provider (PSP) – Deutsche Bank AG – Merchant Solutions. We do not collect, process, or store any credit card data ourselves. Data relating to payment processing is processed exclusively by the PSP on its own responsibility. The PSP will send a transaction confirmation after payment has been processed.
Credit card payments are made exclusively via the 3-D Secure security procedures “Visa Secure” (Visa) and “Mastercard Identity Check” (Mastercard). As part of these procedures, additional authentication of the cardholder is carried out by the respective bank (e.g., approval with biometric verification in the card-issuing bank's app) to ensure secure payment.
Processed data:
– Name of the cardholder
– Address
– Email address
– Transaction amount, currency, transaction ID
– Date and time of payment
– Payment status
– Technical metadata (e.g., browser type, device ID), if necessary for fraud prevention
Legal basis:
Processing is carried out on the basis of Art. 6 (1) (b) GDPR (contract processing). Insofar as additional security or fraud prevention measures are taken by the PSP, this is based on Art. 6 (1) (f) GDPR (legitimate interest in secure payment processing).
Payment via Apple Pay
Apple Pay enables payments via a payment method stored on your Apple device (e.g., credit or debit card), whereby the payment is confirmed via secure authentication (e.g., Face ID, Touch ID, or device passcode).
As part of the payment process, our payment service provider receives the information necessary to complete the payment (e.g., payment amount, transaction ID) from Apple Pay. Our payment service provider only transmits the data necessary for payment processing to Apple Pay.
Apple Pay processes the data independently for payment processing. For Apple Pay users in the European Economic Area, Apple Distribution International Ltd., based in Hollyhill Industrial Estate, Hollyhill, Cork, Republic of Ireland, is responsible. For more information about data processing by Apple Pay, please refer to the privacy policy of Apple or Apple partner companies at https://www.apple.com/de/legal/privacy/de-ww/.
Any data transfers to the US (e.g., to Apple Inc.) are subject to Apple's internal group agreements. If data is transferred to the US in connection with the use of Apple Pay, this is done on the basis of standard contractual clauses of the EU Commission in accordance with Art. 46 (2) (c) GDPR. Apple also participates in the EU-US Data Privacy Framework (DPF).
Payment via Google Pay
If you choose Google Pay as your payment method during the ordering process, payment will be processed by the payment service provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
Google Pay enables payments via a payment method stored in your Google account (e.g., credit or debit card), whereby the payment is confirmed via secure authentication (e.g., fingerprint, PIN, or facial recognition).
Our payment service provider (PSP) only transmits the data necessary for payment processing to Google Pay. As part of the payment process, our payment service provider receives the information necessary to execute the payment (e.g., payment amount, transaction ID) from Google Pay. For more information about data processing by Google Pay, please visit https://policies.google.com/privacy.
Google Ireland Ltd. may transfer personal data to other Google companies in third countries (in particular Google LLC, USA) within its internal group structure. According to Google's own privacy policy, these transfers are based on standard contractual clauses (SCCs) pursuant to Art. 46 (2) (c) GDPR, which Google Ireland Ltd. has concluded with the US companies. Google also participates in the EU-US Data Privacy Framework (DPF).
3. Cookies
We do not use cookies on our website.
4. When you contact us by e-mail, in particular at kundenservice@seal-one.com, the data you provide (for example: subject, title, first name, last name, company, address, country, your e-mail address, your telephone number, inquiry data) will be stored by us in order to answer your questions about existing offers, about existing contracts or to prepare an offer. The legal basis is Art. 6 para. 1 p. 1 lit. b) DSGVO, which permits the processing of data to fulfill a contract or pre-contractual measures.
If you send us a general inquiry, we process your data on the legal basis of Art. 6 para. 1 p. 1 lit. f) DSGVO. Our legitimate interest is to answer your inquiry.
5. You can apply to us via e-mail office@seal-one.com. We process data that you provide to us in connection with your application in order to assess your suitability for the position (or other open positions in our company, if applicable) and to carry out the application process. The following categories of personal data are included: Contact Data (first and last name, address), Communication Data (telephone number, mobile number, fax number, email address, language of communication), Personal Data (date of birth, place of birth, nationality, marital status, gender), Job-related and Personal Data (desired place of work and working hours availability, desired salary, willingness to relocate and travel, work permit), qualification data (school-leaving certificate, training/studies, language skills and professional skills), data on assessment and evaluation in the application process, data on career to date, curriculum vitae, training and work certificates, proof of qualifications), application photo and application history (consent to data storage).
The legal basis is Art. 6 (1) (b) GDPR in conjunction with Art. 88 GDPR and other GDPR standards specified below. According to these provisions, the processing of data required in connection with the decision to establish an employment relationship is permissible.
Personal data is processed in applicant management for the purpose of initiating employment contracts, in particular for the following purposes: comparison of job requirements and skills as well as ideas of the applicant, defense against legal action, communication with the applicant.
We store your data for the above-mentioned purposes. We delete your personal data after 6 months following the conclusion of the application process. In the event that you have agreed to further storage of your personal data, we will delete the data after the agreed period has expired.
Further information: Data protection information on applicant management in accordance with the General Data Protection Regulation (DSGVO).
Please send us documents with personal data ideally in a sealed letter. If you would like to send us documents containing personal data by e-mail, please note that this data could be viewed by third parties in transit.
6. We are subject to various legal obligations, e.g. according to tax laws and the German Commercial Code, which make it necessary to process your data in order to comply with the law. These are data processing due to legal requirements according to Art. 6 para. 1 p. 1 lit. c) DSGVO.
7. If we process data in order to assert legal claims and for defense in legal disputes, the processing is based on Art. 6 para. 1 p. 1 lit. f) DSGVO.
8. If you want to order in our webshop, it is necessary for the conclusion of the contract that you provide your personal data, which we need for the processing of your order: E-mail address, telephone, if applicable, company, first name, last name, street, house number, zip code, city, and for a different billing address, if applicable, company, first name, last name, street, house number, zip code, city, country; furthermore, payment data, payment method. Mandatory data required for the processing of contracts are marked separately, other data are voluntary. We process the data you provide to process your order. For this purpose, we may pass on your payment data to our house bank. We need your e-mail address to send you a confirmation e-mail. This also contains the invoice. In addition, you will receive a shipping confirmation.
Furthermore, you can retrieve your invoice yourself in our webshop. You will need your order number and e-mail address or e-mail address and the serial number of your Seal One device. The legal basis for this is Art. 6 para. 1 p. 1 lit. b) DSGVO.
To prevent unauthorized access by third parties to your personal data, especially financial data, the ordering process is encrypted using TLS technology.
9. With Seal One devices we offer a solution for access and transaction security. Whether banks, telecommunication, retail, customer portals or insurance companies, Seal One devices can be used across all industries. Data is transmitted in a tamper-proof manner. Seal One devices thus offer full security, through complete end-to-end encryption. All risks due to insecure components (network, end devices) are eliminated.
§ 3 Duration of storage
Your data will be processed for the first time from the time of collection, insofar as they are recorded by the system or you provide them to us. We delete your personal data as soon as the purpose of processing ceases to apply, all mutual claims have been fulfilled and there are no other statutory retention obligations or legal justification grounds for storage. Data records with personal data are sometimes stored for different purposes as named above. Depending on the purpose, different retention periods may apply. Insofar as a purpose ceases to apply, the data may no longer be processed for this purpose. Insofar as this data must be available for a further purpose, the data relating to the purpose that has ceased to apply is no longer used and is blocked. They are then only available for the permitted purpose.
Personal data that is subject to the regulations of the German Commercial Code (§ 257 HGB), such as business letters, will be destroyed or deleted after 6 years.
Personal data subject to the provisions of the German Fiscal Code (§ 147 AO), such as statements of account and accounting records, will be destroyed or deleted after 10 years.
We delete data of interested parties who have requested an offer without a contract being concluded after six months.
§ 4 Social media
We maintain company pages on social networks in order to communicate effectively with you.
We do not use any social plugins (“plugins”) from social networks on our websites. Therefore, no active code from social media providers is executed on our pages. Our website contains links to the following social media profiles listed below. The use of links is based on our legitimate interest pursuant to Art. 6 (1) (f) GDPR in presenting our company and our services via social media.
Please note that the social media providers, on their websites/apps, process your personal data, in addition to personal details and usage data. It may happen that your data is transferred to a non-European third country. In third countries, the level of data protection may not meet European data protection standards.
X (formerly Twitter)
You can find our X page at: https://x.com/SealOne_
Further information about the processing of personal data when visiting our X profile is provided by X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, at the following link: https://twitter.com/de/privacy. For users in the European Economic Area (EEA), X International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland, is responsible.
You can find our LinkedIn page at: https://www.linkedin.com/company/seal-one-ag
LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA. LinkedIn's privacy policy can be found at https://www.linkedin.com/legal/privacy-policy.
We have included a link to our Instagram profile Seal One AG (@so_sealone) Instagram photos and videos. Instagram is an offer of Meta Platforms Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland.
The provider provides information about the processing of personal data when visiting the portal at the following link.
https://help.instagram.com/155833707900388
YouTube
On our website, you will find a preview image for a YouTube video. Clicking on the button will take you to the YouTube page. YouTube is a trademark of Google Inc. (“Google”), which belongs to Google Ireland Limited, Gordon House, Barrow St, Dublin 4, Ireland (“Google”).
Further information on data protection at YouTube can be found in the provider's privacy policy at: https://policies.google.com/privacy.
§ 5 Your rights
If you have any questions or complaints regarding data protection, you can contact our company. You can find the contact details under point 1 of this data protection information.
Provided that the legal requirements are met, you also have the following rights:
- you can request confirmation from us as to whether we are processing personal data about you. If this is the case, you have the right to information about this personal data and the information listed in Art. 15 DSGVO, such as information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it was not collected by us;
- in accordance with Art. 16 DSGVO, to demand without delay the correction of incorrect or completion of your personal data stored by us;
- pursuant to Art. 17 DSGVO, to request the erasure of your personal data stored by us, unless the processing is necessary for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defense of legal claims;
- in accordance with Art. 18 DSGVO, to request the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to the processing in accordance with Art. 21 DSGVO;
- pursuant to Art. 20 DSGVO, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request the transfer to another controller;
- complain to a supervisory authority in accordance with Art. 77 DSGVO. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters for this purpose.
The competent data protection supervisory authority is the corresponding state data protection authority of our federal state of Hesse. You can find all state data protection authorities under the following link:
https://www.bfdi.bund.de/DE/Service/Anschriften/Laender/Laender-node.html
In principle, you have the right to object to the processing of your personal data at any time, provided that we process your personal data for the pursuit of legitimate interests and there are reasons arising from your particular situation. We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing is for the purpose of asserting, exercising or defending legal claims, Art. 21 DSGVO. (see also § 2 of this privacy policy).
This right is regularly exercised in the context of advertising appeals.
For this reason, we expressly point out that we do not send advertising.
§ 6 Changes
We reserve the right to make changes and will adapt this data protection declaration if necessary.
As of November, 2025