SIS-TA

Privacy Policy

This privacy policy explains how SIS-TA GmbH (i. G.) collects, uses, and protects personal data when you visit this pre-launch website (www.sis-ta.com). It complies with the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and the German Telecommunications-Telemedia Data Protection Act (TTDSG).

Contents
  1. Controller
  2. Data Protection Officer
  3. Scope of this policy
  4. Hosting and server log files
  5. Newsletter / launch notification signup
  6. Email service provider (Salesforce Pardot)
  7. Cookies
  8. Data security
  9. Your rights as a data subject
  10. Right to lodge a complaint
  11. Automated decision-making
  12. Changes to this policy

1. Controller

The controller responsible for the processing of personal data on this website within the meaning of Art. 4(7) GDPR is:

SIS-TA GmbH (i. G.)
Friedenheimer Brücke 16
80639 Munich, Germany
Phone: +49 89 80902-0
Email: contact@sis-ta.com

Represented by Mike Weccardt, Managing Director.

Further details are provided in the Imprint.

2. Data Protection Officer

SIS-TA GmbH is part of the STEMMER IMAGING group of companies and shares its data protection officer:

STEMMER IMAGING AG
Data Protection Officer
Friedenheimer Brücke 16, 80639 Munich, Germany
Email: de.privacy@stemmer-imaging.com

3. Scope of this policy

This policy applies to the SIS-TA pre-launch landing page at www.sis-ta.com. It does not apply to third-party websites that may be linked from this site.

The pre-launch site offers exactly two functions: it displays a countdown to launch and allows visitors to register their email address to be notified once the SIS-TA shop goes live.

4. Hosting and server log files

This website is hosted on Amazon Web Services (AWS) infrastructure in the EU region Ireland (eu-west-1). The hosting provider is:

Amazon Web Services EMEA SARL
38 Avenue John F. Kennedy, L-1855, Luxembourg

A data processing agreement pursuant to Art. 28 GDPR is in place with AWS. AWS is part of a US-headquartered group; standard contractual clauses (Art. 46 GDPR) and supplementary technical and organisational measures apply where personal data may be accessed by group entities outside the EU.

Server log files

When you visit this site, our web server automatically collects and stores information that your browser transmits, in so-called server log files. The following data is processed:

Purposes: ensuring the security and stability of the website, detecting and defending against attacks, and operating the service.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in a secure and reliable service).

Retention: Server log files are deleted automatically after 30 days, unless their retention is required to investigate a specific security incident.

5. Newsletter / launch notification signup

If you enter your email address in the signup form on this page and confirm the consent checkbox, we process your email address solely to send you a one-time notification on the day SIS-TA launches, and at most a small number of related follow-up messages until the launch campaign ends.

Categories of personal data

Double opt-in

We use a double opt-in process: after submitting the form you will receive a confirmation email. Your address is only added to the notification list after you click the confirmation link in that email. If you do not confirm, your unconfirmed entry is deleted within 30 days.

Legal basis

Your consent (Art. 6(1)(a) GDPR and §7(2) Nr. 3 UWG). You can withdraw your consent at any time, with effect for the future, by clicking the unsubscribe link in any email we send you, or by sending a message to contact@sis-ta.com. Withdrawing consent does not affect the lawfulness of processing carried out before the withdrawal.

Retention

Your email address is stored until the launch announcement has been sent and for up to six months thereafter for closely related follow-up communication, or until you withdraw consent — whichever is earlier. After that period it is deleted from the active distribution list. Consent and timestamp records may be retained for a longer period solely to evidence compliance with our legal obligations under Art. 7(1) GDPR.

6. Email service provider (Salesforce Pardot)

To collect, manage, and deliver the launch notification emails we use Salesforce Pardot (Marketing Cloud Account Engagement), provided by Salesforce, Inc., 415 Mission Street, 3rd Floor, San Francisco, CA 94105, USA. The form on this page submits your email address directly to a Salesforce Pardot Form Handler.

Categories of data transferred

Purpose

Storing and managing the notification list, sending the double opt-in confirmation, sending the launch announcement, and processing unsubscribe requests.

Legal basis

Art. 6(1)(a) GDPR (consent) for the email content, in conjunction with Art. 28 GDPR (processing on our behalf). A data processing agreement with Salesforce is in place.

Transfer to a third country

Salesforce processes data on infrastructure that may be located in the European Union and in the United States. Personal data may therefore be transferred to the USA.

Such transfers are based on the EU-U.S. Data Privacy Framework (Salesforce, Inc. is certified under the DPF) and on the Standard Contractual Clauses pursuant to Art. 46 GDPR. Supplementary technical and organisational measures apply.

Further information is available in the Salesforce Privacy Statement and in the Data Privacy Framework.

Tracking

Pardot tracking cookies are not used on this pre-launch site. The form is operated as a stateless Pardot Form Handler without behavioural tracking. No marketing cookies are set by Pardot in this configuration.

7. Cookies

This pre-launch site does not set any cookies and does not use local or session storage to track visitors. No analytics, advertising, or social-media tracking is active. No consent banner is therefore required.

The signup form may, depending on the browser, transiently store a small amount of data in browser memory while the request is in flight; this is discarded once the request has completed.

8. Data security

The website is served exclusively over HTTPS using current TLS encryption. Form submissions to Pardot are also transmitted over HTTPS. Access to processed personal data within SIS-TA and STEMMER IMAGING is restricted to staff who need it for their tasks and is subject to confidentiality obligations and technical access controls.

9. Your rights as a data subject

Subject to the conditions set out in the GDPR, you have the following rights with regard to personal data we process about you:

To exercise any of these rights, please contact contact@sis-ta.com or our data protection officer at de.privacy@stemmer-imaging.com.

10. Right to lodge a complaint

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work, or the place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR (Art. 77 GDPR).

The competent supervisory authority for SIS-TA GmbH is:

Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 18
91522 Ansbach, Germany
www.lda.bayern.de

11. Automated decision-making

We do not use the personal data collected through this site for automated decision-making, including profiling, that produces legal effects concerning you or similarly significantly affects you within the meaning of Art. 22 GDPR.

12. Changes to this policy

We may update this privacy policy to reflect changes in the service, legal requirements, or our processing operations. The version published at the time of your visit applies. Please check this page periodically for the latest version.

Last updated: 18 May 2026 ← Back to start