- Legal Notice
- Privacy Policy
- Terms and Conditions
- Contact
We are delighted that you have visited our website and are interested in our company.
The protection of your personal data, such as your date of birth, name, telephone number, address, etc., is of great importance to us.
The purpose of this privacy policy is to inform you about the processing of your personal data that we collect when you visit our website. Our data protection practices comply with the legal provisions of the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). The following privacy policy serves to fulfil the information obligations arising from the GDPR. These can be found, for example, in Articles 13 and 14 et seq. of the GDPR.
The controller within the meaning of Article 4(7) of the GDPR is the person who, alone or jointly with others, determines the purposes and means of the processing of personal data.
With regard to our website, the controller is:
Gebrüder Rückert GmbH & Co. KG
Weiherstr. 58
78559 Gosheim auf dem Heuberg
Germany
Email: mail@gebrueder-rueckert.de
Tel.: 07426 93977 0
Fax: 07426 939 77 50
Every time our website is accessed, our system automatically collects data and information from the device used to access it (e.g. computer, mobile phone, tablet, etc.).
What personal data is collected and to what extent is it processed?
(1) Information about the browser type and version used;
(2) The operating system of the device used to access the site;
(3) Hostname of the accessing computer;
(4) The IP address of the device used to access the site;
(5) Date and time of access;
(6) Websites and resources (images, files, other page content) accessed on our website;
(7) Websites from which the user’s system accessed our website (referrer tracking);
(8) Notification as to whether the access was successful;
(9) Amount of data transferred
This data is stored in our system’s log files. This data is not stored together with the personal data of a specific user, meaning that individual visitors to the site cannot be identified.
Art. 6(1)(f) GDPR (legitimate interest). Our legitimate interest lies in ensuring that the purpose described below is achieved.
The temporary (automated) storage of the data is necessary for the course of a website visit in order to enable the website to be delivered. The storage and processing of personal data also takes place to maintain the compatibility of our website for as many visitors as possible and to combat misuse and rectify faults. To this end, it is necessary to log the technical data of the accessing computer so that we can respond as quickly as possible to display errors, attacks on our IT systems and/or malfunctions of our website. Furthermore, the data helps us to optimise the website and generally ensure the security of our IT systems.
The aforementioned technical data is deleted as soon as it is no longer required to ensure the website’s compatibility for all visitors, but no later than 3 months after accessing our website.
You may object to the processing at any time in accordance with Article 21 of the GDPR and request the erasure of data in accordance with Article 17 of the GDPR. You can find out what rights you have and how to exercise them in the lower section of this privacy policy.
Our website offers various features, the use of which involves us collecting, processing and storing personal data. Below, we explain what happens to this data:
Contact form(s)
What personal data is collected and to what extent is it processed?
The data you have entered into our contact forms, which you have entered into the input fields of the contact form.
Legal basis for the processing of personal data
Art. 6(1)(a) GDPR (consent through a clear affirmative action or conduct)
Purpose of data processing
We will only use the data collected via our contact form(s) to process the specific contact enquiry received via the contact form. Please note that, in order to fulfil your contact enquiry, we may also send emails to the address you have provided. The purpose of this is to enable you to receive confirmation from us that your enquiry has been correctly forwarded to us. However, sending this confirmation email is not mandatory for us and is for your information only.
Duration of storage
Once your enquiry has been processed, the data collected will be deleted immediately, provided there are no statutory retention periods.
Right to withdraw consent and request erasure
The options for withdrawal and erasure are governed by the general provisions on the right of withdrawal and the right to erasure under data protection law, as described below in this privacy policy.
Necessity of providing personal data
The use of the contact forms is voluntary and is not required either by contract or by law. You are not obliged to contact us via the contact form, but may also use the other contact options provided on our website. If you wish to use our contact form, you must complete the fields marked as mandatory. If you do not fill in the required details on the contact form, you will either be unable to submit your enquiry or, unfortunately, we will be unable to process it.
Automated credit assessment / scoring
If you wish to enter into a contract with us, we reserve the right to process your personal data exclusively by automated means in order to check your creditworthiness. We are also entitled to make such an automated decision in accordance with Article 22(2)(a) of the GDPR. Whether or not the contract can be concluded depends on the result of the automated credit check. During a credit check, statistical probabilities of default are calculated. The credit report may contain probability values (score values) calculated on the basis of scientifically recognised mathematical and statistical methods. In this process, conclusions are drawn about the customer’s future risk of default using a variety of characteristics, such as income, address details, occupation, marital status and previous payment history. The result is expressed as a payment value (known as a score). The information obtained in this way forms the basis of our decision regarding the establishment, execution or termination of a contractual relationship. If you believe that you have been wrongfully excluded from entering into a contract as a result of the credit check, please feel free to explain your position to us by email. We will then review the automated decision in accordance with Article 22(3) of the GDPR in the specific individual case. In order to carry out the credit check, we are permitted to store and process your personal data in accordance with Article 6(1)(b) of the GDPR.
In connection with the pending contract, we will transfer your data to the following provider(s) in the cases listed below:
Creditsafe Deutschland GmbH:
Creditsafe Deutschland GmbH, Schreiberhauer Straße 30, 10317 Berlin, Germany (http://www.creditsafe.com): Our company regularly checks your creditworthiness when contracts are concluded and, in certain cases where there is a legitimate interest, also for existing customers. To this end, we work with Creditsafe Deutschland GmbH, Schreiberhauer Straße 30, 10317 Berlin, Germany, from whom we obtain the necessary data. For this purpose, we transfer your name and contact details to Creditsafe Deutschland GmbH.
Compagnie Française d’Assurance pour le Commerce Extérieur SA (Coface):
Compagnie Française d’Assurance pour le Commerce Extérieur SA (Coface), Isaac-Fulda-Allee 1, 55124 Mainz, Germany (http://www.coface.de): Our company regularly checks your creditworthiness when concluding contracts and, in certain cases where there is a legitimate interest, also for existing customers. To this end, we work with Compagnie Française d’Assurance pour le Commerce Extérieur SA (Coface), Isaac-Fulda-Allee 1, 55124 Mainz, Germany, from whom we obtain the necessary data. For this purpose, we transfer your name and contact details to Compagnie Française d’Assurance pour le Commerce Extérieur SA (Coface).
Creditreform Reutlingen Degner KG:
Our company regularly checks your creditworthiness when concluding contracts and, in certain cases where there is a legitimate interest, also for existing customers. To this end, we work with Creditreform Reutlingen Degner KG, Auwiesenstraße 30, 72770 Reutlingen, Germany (http://www.creditreform-reutlingen.de), from whom we receive the necessary data. On behalf of Creditreform Reutlingen Degner KG, we are providing you with the following information in advance in accordance with Article 14 of the EU GDPR:
Creditreform Reutlingen Degner KG is a consumer credit agency. It operates a database in which creditworthiness information on private individuals is stored.
On this basis, Creditreform Reutlingen Degner KG provides credit reports to its customers. Customers include, for example, credit institutions, leasing companies, insurance companies, telecommunications companies, debt management firms, mail order, wholesale and retail companies, as well as other businesses that supply goods or provide services. In accordance with legal provisions, some of the data held in the credit information database is also used to supply other corporate databases, including for use in address trading.
The database of Creditreform Reutlingen Degner KG stores, in particular, details regarding the name, address, date of birth, email address (where applicable), payment history and shareholdings of individuals. The purpose of processing the stored data is to provide information regarding the creditworthiness of the person in question. The legal basis for the processing is Article 6(1)(f) of the EU GDPR. Information regarding this data may only be provided if a customer credibly demonstrates a legitimate interest in obtaining this information. Where data is transferred to countries outside the EU, this is done on the basis of the so-called ‘standard contractual clauses’, which you can view via the following link:
http://eur-lex.europa.eu/legal-content/DE/TXT/PDF/?uri=CELEX:32001D0497&from=DE
or have them sent to you from there.
The data will be stored for as long as knowledge of it is necessary to fulfil the purpose of storage. Knowledge of the data is generally required for an initial storage period of three years. After this period, a review is carried out to determine whether storage is still necessary; if not, the data is deleted to the day. In the event that a matter is resolved, the data is deleted to the day three years after resolution. Entries in the register of debtors are deleted to the day in accordance with Section 882e of the German Code of Civil Procedure (ZPO) three years after the date of the order for entry.
Legitimate interests within the meaning of Article 6(1)(f) of the EU GDPR may include: credit decisions, business development, shareholdings, claims, credit checks, insurance contracts, and enforcement information. You have a right to request information from Creditreform Reutlingen Degner KG regarding the data stored there about you. If the data stored about you is incorrect, you have the right to have it rectified or erased. If it cannot be immediately determined whether the data is incorrect or correct, you have the right to have the relevant data blocked until the matter is clarified. If your data is incomplete, you may request that it be completed.
If you have given your consent to the processing of the data stored at Creditreform Reutlingen Degner KG, you have the right to withdraw this consent at any time. Withdrawal does not affect the lawfulness of the processing of your data carried out on the basis of your consent up to the point of withdrawal.
Should you have any objections, requests or complaints regarding data protection, you may contact the Data Protection Officer at Creditreform Reutlingen Degner KG at any time. They will assist you promptly and confidentially with all matters relating to data protection. You may also lodge a complaint regarding the processing of your data by Creditreform Reutlingen Degner KG with the State Data Protection Commissioner responsible for your federal state.
The data that Creditreform Reutlingen Degner KG has stored about you comes from publicly available sources, debt collection agencies and their clients.
To assess your creditworthiness, Creditreform Reutlingen Degner KG calculates a score based on your data. This score incorporates data on age and gender, address details and, in some cases, payment history. These data are factored into the score calculation with varying weightings. Creditreform Reutlingen Degner KG’s clients use these scores as a tool when making their own credit decisions.
Right to object:
The processing of data stored by Creditreform Reutlingen Degner KG is carried out for compelling legitimate reasons relating to creditor and credit protection, which generally override your interests, rights and freedoms, or serves to assert, exercise or defend legal claims. You may object to the processing of your data only on grounds arising from a specific situation relating to you, which must be substantiated. If such specific grounds are demonstrably present, the data will no longer be processed. If you object to the processing of your data for advertising and marketing purposes, the data will no longer be processed for these purposes.
The controller within the meaning of Article 4(7) of the EU GDPR is Creditreform Reutlingen Degner KG, Auwiesenstraße 30, 72770 Reutlingen, Germany (http://www.creditreform-reutlingen.de). You can contact Creditreform Reutlingen Degner KG regarding any queries using the following contact details: Tel.: +49 (0) 7121 9509-0, Fax: +49 (0) 7121 9509-30, Email: info@reutlingen.creditreform.de
You can contact the Data Protection Officer using the following contact details: Creditreform Reutlingen Degner KG, Data Protection Officer, Auwiesenstraße 30, 72770 Reutlingen, Germany, http://www.creditreform-reutlingen.de.
When you access this website or individual files on the website, we collect, process and store the following data: IP address, website from which the file was accessed, name of the file, date and time of access, amount of data transferred and notification of the success of the access (so-called web log). We use this access data exclusively in a non-personalised form for the continuous improvement of our website and for statistical purposes. We also use the following web trackers to analyse visits to this website:
What personal data is collected and to what extent is it processed?
On our site, we use the service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: Google Tag Manager). Google Tag Manager provides a technical platform for executing other web services and web tracking programmes using so-called ‘tags’ and for controlling them in a consolidated manner. In this context, Google Tag Manager stores cookies on your computer and, where web tracking tools are executed via Google Tag Manager, analyses your browsing behaviour (so-called “tracking”). The data sent by individual tags integrated into Google Tag Manager is consolidated, stored and processed by Google Tag Manager under a unified user interface. All integrated “tags” are listed separately again in this privacy policy. Further information on data protection for the tools integrated into Google Tag Manager can be found in the relevant section of this privacy policy. When using our website with Google Tag Manager tags enabled, data – in particular your IP address and your user activities – is transmitted to servers operated by Google Ireland Limited and processed and stored outside the European Union, e.g. in the USA. The European Commission has determined that an adequate level of data protection may exist in the USA if the data-processing company has submitted to the US-EU Privacy Shield Agreement and the export of data to the USA has been authorised in this manner. This is the case with Google Ireland Limited. With regard to the web services integrated via Google Tag Manager, the provisions in the relevant section of this privacy policy apply. The tracking tools used in Google Tag Manager ensure, through IP anonymisation of the source code, that the IP address is anonymised by Google Tag Manager prior to transmission. In this context, Google Tag Manager is only permitted to collect IP addresses in an anonymised form (so-called IP masking).
Legal basis for the processing of personal data
The legal basis for data processing is, in accordance with Article 6(1)(a) of the GDPR, your consent as expressed in our information banner regarding the use of cookies and web tracking (consent given through a clear affirmative action or behaviour).
Purpose of data processing
On our behalf, Google will use the information obtained via Google Tag Manager to analyse your visit to this website, compile reports on website activity and provide us with further services related to website and internet usage.
Duration of storage
Google will store the data relevant to the functioning of Google Tag Manager for as long as is necessary to fulfil the contracted web service. Data collection and storage are carried out anonymously. Should any personal references exist, the data will be deleted immediately, provided they are not subject to any statutory retention obligations. In any case, deletion will take place upon expiry of the retention obligation.
Right to object and right to erasure
You can prevent the collection and transmission of personal data to Google (in particular your IP address) as well as the processing of this data by Google by disabling the execution of script code in your browser, installing a script blocker in your browser or activating the ‘Do Not Track’ setting in your browser. You can also prevent the collection of data generated by the Google cookie and relating to your use of the website (including your IP address) by Google, as well as the processing of this data by Google, by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de. Google’s security and privacy policies can be found at https://policies.google.com/privacy.
On our website, we use active content from external providers, known as web services. When you visit our website, these external providers may receive personal information about your visit to our website. This may involve the processing of data outside the EU. You can prevent this by installing a suitable browser plug-in or by disabling the execution of scripts in your browser. This may result in functional limitations on the websites you visit.
We use the following external web services:
website-check.de
A web service provided by Website-Check GmbH, Beethovenstraße 24, 66111 Saarbrücken, Germany (hereinafter: website-check.de) is loaded on our website. We use this data to ensure the full functionality of our website. In this context, your browser may transmit personal data to website-check.de. The legal basis for data processing is Article 6(1)(f) of the GDPR. The legitimate interest lies in ensuring the website functions correctly. The data will be deleted as soon as the purpose for which it was collected has been fulfilled. Further information on the handling of the transmitted data can be found in the privacy policy of website-check.de: https://www.website-check.de/datenschutzerklaerung/
You can prevent the collection and processing of your data by website-check.de by disabling the execution of script code in your browser or by installing a script blocker in your browser.
DoubleClick
A web service provided by Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland (hereinafter: DoubleClick) is loaded on our website. We use this data to ensure the full functionality of our website. In this context, your browser may transmit personal data to DoubleClick. The legal basis for data processing is Article 6(1)(f) of the GDPR. The legitimate interest lies in ensuring the website functions correctly. The data will be deleted as soon as the purpose for which it was collected has been fulfilled. Further information on the handling of the transmitted data can be found in DoubleClick’s privacy policy: https://policies.google.com/privacy
You can prevent the collection and processing of your data by DoubleClick by disabling the execution of script code in your browser or by installing a script blocker in your browser.
A web service provided by Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland (hereinafter: Google) is loaded on our website. We use this data to ensure the full functionality of our website. In this context, your browser may transmit personal data to Google. The legal basis for data processing is Article 6(1)(f) of the GDPR. The legitimate interest lies in ensuring the website functions correctly. The data will be deleted as soon as the purpose for which it was collected has been fulfilled. Further information on the handling of the transmitted data can be found in Google’s privacy policy: https://policies.google.com/privacy
You can prevent the collection and processing of your data by Google by disabling the execution of script code in your browser or by installing a script blocker in your browser.
Google Video
A web service provided by Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland (hereinafter: Google Video) is loaded on our website. We use this data to ensure the full functionality of our website. In this context, your browser may transmit personal data to Google Video. The legal basis for data processing is Article 6(1)(f) of the GDPR. The legitimate interest lies in ensuring the website functions correctly. The data will be deleted as soon as the purpose for which it was collected has been fulfilled. Further information on the handling of the transmitted data can be found in Google Video’s privacy policy: https://policies.google.com/privacy
You can prevent the collection and processing of your data by Google Video by disabling the execution of script code in your browser or by installing a script blocker in your browser.
Gstatic
A web service provided by Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland (hereinafter: Gstatic) is loaded on our website. We use this data to ensure the full functionality of our website. In this context, your browser may transmit personal data to Gstatic. The legal basis for data processing is Article 6(1)(f) of the GDPR. The legitimate interest lies in ensuring the website functions correctly. The data will be deleted as soon as the purpose for which it was collected has been fulfilled. Further information on the handling of the transmitted data can be found in Gstatic’s privacy policy: https://policies.google.com/privacy
You can prevent the collection and processing of your data by Gstatic by disabling the execution of script code in your browser or by installing a script blocker in your browser.
YouTube
A web service provided by Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland (hereinafter: YouTube) is loaded on our website. We use this data to ensure the full functionality of our website. In this context, your browser may transmit personal data to YouTube. The legal basis for data processing is Article 6(1)(f) of the GDPR. The legitimate interest lies in ensuring the website functions correctly. The data will be deleted as soon as the purpose for which it was collected has been fulfilled. Further information on the handling of the transferred data can be found in YouTube’s privacy policy: https://policies.google.com/privacy
You can prevent the collection and processing of your data by YouTube by disabling the execution of script code in your browser or by installing a script blocker in your browser.
Scope of processing of personal data
We integrate and use cookies on various pages to enable certain functions of our website and to integrate external web services. These so-called “cookies” are small text files that your browser can store on your device. These text files contain a unique string of characters that uniquely identifies the browser when you return to our website. The process of storing a cookie file is also referred to as “setting a cookie”. Cookies may be set both by the website itself and by external web services.
Legal basis for the processing of personal data
Art. 6(1)(f) GDPR (legitimate interest) or Art. 6(1)(a) or Art. 9(1)(a) GDPR (consent).
The applicable legal basis is set out in the cookie table provided later in this section.
In general, for cookies collected on the basis of a legitimate interest, our legitimate interest lies in ensuring the functionality of our website and the services integrated into it (technically necessary cookies). Furthermore, cookies may enhance user-friendliness and enable a more personalised approach. In this regard, we have weighed up your interests against our own.
We can only identify, analyse and track individual website visitors using cookie technology if the website visitor has consented to the use of cookies in accordance with Article 6(1)(a) of the GDPR.
Purpose of data processing
Cookies are set by our website or external web services to maintain the full functionality of our website, improve user-friendliness or to pursue the purpose specified with your consent. Cookie technology also enables us to recognise individual visitors using pseudonyms, e.g. individual or random IDs, so that we can offer more personalised services. Details are set out in the table below.
Storage duration
The cookies listed below are stored in your browser until they are deleted or, in the case of a session cookie, until the session has expired. Details are listed in the table below:
Cookie name: kontentoSetGoogleTracking
Server: www.gebrueder-rueckert.de
Provider: Website operator
Purpose: This cookie stores data on when the website visitor accessed the website in order to compile statistical data. In addition, further data is collected for statistical purposes based on the page visit.
Legal basis: Consent
Storage period: approx. 12 months
Type: Analytics
Right to object, withdrawal of consent and deletion
You can configure your browser according to your preferences to generally prevent the setting of cookies. You can then decide on a case-by-case basis whether to accept cookies or accept them in principle. Cookies can be used for various purposes, e.g. to recognise that your device is already connected to our website (persistent cookies) or to save recently viewed content (session cookies). If you have expressly given us permission to process your personal data, you may withdraw this consent at any time. Please note that this does not affect the lawfulness of the processing carried out on the basis of your consent prior to its withdrawal.
Your personal data is protected by technical and organisational measures during collection, storage and processing in such a way that it is not accessible to third parties. In the case of unencrypted communication via email, we cannot guarantee complete data security during transmission to our IT systems; therefore, we recommend encrypted communication or postal delivery for information requiring a high level of confidentiality.
Automatic email archiving
Scope of personal data processing
We expressly draw your attention to the fact that our email system employs an automated archiving process. All incoming and outgoing emails are digitally archived in an audit-proof manner.
Legal basis for the processing of personal data
Art. 6(1)(c) GDPR (legal obligation). The legal obligation consists of compliance with tax and commercial law requirements (e.g. Sections 146, 147 of the German Fiscal Code (AO), Sections 238, 257 of the German Commercial Code (HGB)).
Purpose of data processing
The purpose of archiving is to comply with tax law (e.g. Sections 146, 147 of the German Fiscal Code (AO) – obligation to retain emails of tax relevance) and commercial law requirements (e.g. Sections 238, 257 of the German Commercial Code (HGB) – obligation to archive business correspondence).
Duration of storage
Our email correspondence is stored until the expiry of tax and commercial law retention obligations. The retention period may be up to 10 years.
Right to object and request erasure
You may object to the processing at any time in accordance with Article 21 of the GDPR and request the erasure of data in accordance with Article 17 of the GDPR. You can find out what rights you are entitled to and how to exercise them in the lower section of this privacy policy.
Handling of application documents
We would also like to point out that we only accept application documents in PDF format. Compressed files (WinZip, WinRAR, 7Zip, etc.) are filtered out by our security systems and will not be delivered. We do not accept applications in Word format or other file formats and will delete them unread. Please note that application documents sent via unencrypted email may be opened by third parties before they reach our IT systems. We assume that we may also reply to unencrypted application emails in an unencrypted manner. If you do not wish this, please let us know in your application email.
Right to access
You have the right to request confirmation as to whether we are processing your personal data. If this is the case, you have the right to access the information specified in Article 15(1) of the GDPR, provided that this does not infringe upon the rights and freedoms of others (see Article 15(4) of the GDPR). We will also be happy to provide you with a copy of the data.
Right to rectification
In accordance with Article 16 of the GDPR, you have the right to have any personal data held by us that is incorrect (such as your address, name, etc.) corrected at any time. You may also request at any time that the data stored by us be completed. Any necessary amendments will be made without delay.
Right to erasure
In accordance with Article 17(1) of the GDPR, you have the right to request that we erase the personal data collected about you if
This right does not apply pursuant to Article 17(3) of the GDPR if
Right to restriction of processing
Pursuant to Article 18(1) of the GDPR, you have the right in certain cases to request the restriction of the processing of your personal data.
This applies where
Right to withdraw consent
If you have given us your explicit consent to the processing of your personal data (Article 6(1)(a) GDPR or Article 9(2)(a) GDPR), you may withdraw this consent at any time. Please note that this does not affect the lawfulness of the processing carried out on the basis of your consent prior to its withdrawal.
Right to object
Pursuant to Art. 21 GDPR, you have the right to object at any time to the processing of your personal data collected on the basis of Art. 6(1)(f) (in the context of a legitimate interest). You are only entitled to this right if there are specific circumstances that militate against the storage and processing of your data.
How can you exercise your rights?
You may exercise your rights at any time by contacting us using the details below:
Gebrüder Rückert GmbH & Co. KG
Weiherstr. 58
78559 Gosheim
Germany
Email: mail@gebrueder-rueckert.de
Tel.: 07426 93977 0
Fax: 07426 939 77 50
Right to data portability
In accordance with Article 20 of the GDPR, you have the right to receive the personal data concerning you. We will provide the data in a structured, commonly used and machine-readable format. The data may be sent either to you or to a controller designated by you.
Upon request, we will provide you with the following data in accordance with Article 20(1) of the GDPR:
We will transfer the personal data directly to a controller of your choice, provided this is technically feasible. Please note that we are not permitted to transfer data that infringes upon the freedoms and rights of other individuals in accordance with Article 20(4) of the GDPR.
Right to lodge a complaint with the supervisory authority pursuant to Article 77(1) of the GDPR
If you suspect that your data is being processed unlawfully on our site, you may, of course, seek a judicial resolution of the matter at any time. Furthermore, all other legal avenues are open to you. Irrespective of this, you have the option, in accordance with Article 77(1) of the GDPR, to contact a supervisory authority. You are entitled to the right to lodge a complaint pursuant to Article 77 of the GDPR in the EU Member State of your residence, your place of work and/or the place of the alleged infringement; that is to say, you may choose the supervisory authority to which you wish to turn from the locations mentioned above. The supervisory authority to which the complaint was submitted will then inform you of the status and outcome of your submission, including the possibility of a judicial remedy under Article 78 of the GDPR.
Prepared by:
© IT Law Firm DURY – www.dury.de
© Website-Check GmbH – www.website-check.de
We use an external service provider to provide our online service: Perspective Software GmbH, PO Box 659770, D-96035 Bamberg (hereinafter “Perspective”). Perspective itself stores your data exclusively on European servers. However, there is a possibility that your data may be accessible to entities in the United States of America, as Perspective uses sub-processors based in the USA. As the European Commission has determined that the data protection laws of the United States do not ensure an adequate level of protection for personal data collected from data subjects in the European Union, Perspective provides additional measures and safeguards for data transfers to the United States in accordance with the requirements of the GDPR to ensure an adequate level of protection. For example, by entering into standard contractual clauses between Perspective and the sub-processors.
Perspective processes your data on our behalf so that we can provide you with our online services. For this purpose, your IP address is automatically transmitted to Perspective in order to deliver the content and functions of our online services to your browser or device. The following data may be collected:
Perspective stores the data mentioned in I. in so-called log files. This is done to ensure
The temporary storage of the IP address by the system is also necessary to enable the website to be delivered to your computer. For this purpose, your computer’s IP address must remain stored for the duration of the session. These purposes also constitute our legitimate interest in data processing. The legal basis for data processing is therefore Article 6(1)(f) of the GDPR.
The personal data processed by Perspective is deleted as soon as it is no longer required to fulfil the purpose for which it was collected:
You have the right at any time to obtain information free of charge regarding the origin, recipients and purpose of your stored personal data. You also have the right to request the rectification, restriction or erasure of this data. For this and any further questions regarding data protection, you may contact us at any time at the address provided in the legal notice. Furthermore, in the event of breaches of the GDPR, you have the right to lodge a complaint with the competent supervisory authority. As data processing is carried out on the basis of Article 6(1)(f) of the GDPR, you have the right at any time to object to the processing of your personal data on grounds relating to your particular situation. If you object, we will no longer process your personal data in question, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to establish, exercise or defend legal claims (objection under Article 21(1) of the GDPR). As the collection of data for the provision of the website and the storage of data in log files is strictly necessary for the operation of our website, you will generally not have the option to object. Furthermore, you have the right, under certain circumstances, to request the restriction of the processing of your personal data. The right to restriction of processing applies in the following cases:
If you have restricted the processing of your personal data, such data – apart from its storage – may only be processed with your consent or for the purpose of asserting, exercising or defending legal claims, or to protect the rights of another natural or legal person, or for reasons of an important public interest of the European Union or a Member State.
We use an external service provider to provide contact, enquiry or application forms: Perspective Software GmbH, PO Box 659770, D-96035 Bamberg (hereinafter “Perspective”). Perspective itself stores your data exclusively on European servers. However, there is a possibility that your data may be accessible to entities in the United States of America, as Perspective uses sub-processors based in the USA. As the European Commission has determined that the data protection laws of the United States do not ensure an adequate level of protection for personal data collected from data subjects in the European Union, Perspective provides additional measures and safeguards for data transfers to the United States in accordance with the requirements of the GDPR to ensure an adequate level of protection. For example, by entering into standard contractual clauses between Perspective and the sub-processors.
When using Perspective’s contact, enquiry or application forms, the following data is transmitted to Perspective’s servers:
The purpose of this data processing is to facilitate the communication you have initiated. The processing of your data from contact, enquiry or application forms is therefore initially based on your consent. The legal basis is Article 6(1)(a) of the GDPR. If a contract is initiated via an enquiry form, the legal basis is also Article 6(1)(b) of the GDPR. The legal basis for processing data in an application form may be Article 6(1)(f) of the GDPR or Article 88 of the GDPR in conjunction with Section 26 of the Federal Data Protection Act (BDSG).
Your personal data will be retained for as long as is necessary to fulfil the purpose of processing, or until you withdraw your consent. Excluded from this principle are data which Perspective is required to retain due to legal obligations. These include, for example, retention obligations under commercial and tax law. These retention periods currently amount to up to ten years
You have the right at any time to obtain information, free of charge, regarding the origin, recipients and purpose of your stored personal data. You also have the right to request the rectification, restriction or erasure of this data. You may contact us at any time at the address provided in the legal notice regarding this matter and any further questions on data protection. Furthermore, in the event of breaches of the GDPR, you have the right to lodge a complaint with the competent supervisory authority. You may withdraw your consent to data processing at any time by sending us an informal notification (e.g. by email). Withdrawal does not affect the lawfulness of processing carried out on the basis of consent prior to withdrawal. Furthermore, you have the right, under certain circumstances, to request the restriction of the processing of your personal data. The right to restriction of processing applies in the following cases:
If you have restricted the processing of your personal data, such data – apart from its storage – may only be processed with your consent or for the purpose of asserting, exercising or defending legal claims, or to protect the rights of another natural or legal person, or for reasons of an important public interest of the European Union or a Member State.
This website uses Facebook’s visitor action pixels for conversion tracking. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the data collected is also transferred to the USA and other third countries. This allows the behaviour of website visitors to be tracked after they have been redirected to the provider’s website by clicking on a Facebook advertisement. This enables the effectiveness of Facebook advertisements to be evaluated for statistical and market research purposes and future advertising measures to be optimised. The data collected is anonymous to us as the operator of this website; we cannot draw any conclusions regarding the identity of users. However, the data is stored and processed by Facebook, enabling a link to the respective user profile and allowing Facebook to use the data for its own advertising purposes in accordance with the Facebook Data Use Policy. This enables Facebook to display advertisements on Facebook pages as well as outside of Facebook. We, as the website operator, have no influence over this use of the data. The use of Facebook Pixel is based on Article 6(1)(f) of the GDPR. The website operator has a legitimate interest in effective advertising measures, including on social media. Where consent has been sought, processing takes place exclusively on the basis of Article 6(1)(a) of the GDPR and Section 25(1) of the TTDSG, insofar as the consent covers the storage of cookies or access to information on the user’s device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent may be withdrawn at any time. Data transfers to the USA are based on the EU Commission’s Standard Contractual Clauses. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381. Insofar as personal data is collected on our website using the tool described here and forwarded to Facebook, we and Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, are jointly responsible for this data processing (Art. 26 GDPR). This joint responsibility is limited exclusively to the collection of the data and its transfer to Facebook. The processing carried out by Facebook following the transfer is not part of the joint responsibility. The obligations incumbent upon us jointly have been set out in a joint processing agreement. The text of the agreement can be found at: https://www.facebook.com/legal/controller_addendum. Under this agreement, we are responsible for providing data protection information when using the Facebook tool and for ensuring the tool is implemented on our website in a manner that complies with data protection law. Facebook is responsible for the data security of Facebook products. You can exercise your data subject rights (e.g. requests for information) regarding the data processed by Facebook directly with Facebook. If you exercise your data subject rights with us, we are obliged to forward these to Facebook. You can find further information on the protection of your privacy in Facebook’s privacy policy: https://de-de.facebook.com/about/privacy/. You can also deactivate the ‘Custom Audiences’ remarketing function in the ad settings section at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this, you must be logged in to Facebook. If you do not have a Facebook account, you can disable usage-based advertising from Facebook on the European Interactive Digital Advertising Alliance website: http://www.youronlinechoices.com/de/praferenzmanagement/."