Data Privacy Policy of Reidemeister & Ulrichs GmbH

Date 25.05.2018

The data processing on this website is carried out by the website operator named below. In the following we inform you about the collection of personal data when you use this website. Personal data is all data which can be related to you personally, e.g. name, address, e-mail addresses, user behaviour.

Your data will be collected, processed and used in accordance with the provisions of the German Telemedia Act (Telemediengesetz, TMG) and data protection law, in particular the German Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG) and the General Data Protection Regulation (GDPR).By means of this data protection declaration we inform about the collection of personal data on and via our website from the data subject in accordance with Art. 13 GDPR.

1. Collection of personal data for informational use

(1) If you use the website purely for information purposes, i.e. if you do not log on to, register, or provide us with any other information to use the website, we do not collect any personal data, apart from data which your browser sends to enable you to visit the website. The purpose of this data collection is to enable you to visit the website and to ensure that the website functions properly. In addition, the data serves us to optimize the website and to ensure the security of our information technology systems. This is:

– IP address
– Date and time of the request
– Time zone difference to Greenwich Mean Time (GMT)
– Content of the request (specific page)
– Access status/HTTP status code
– Data volume transmitted
– Website from which the request comes
– Browser
– Operating system and its interface
– Language and version of the browser software.

(2) In addition, when you use the website, cookies will be stored on your computer. Cookies are small text files which are stored on your hard drive, are allocated to the browser used by you and through which certain information is sent to the body which places the cookie (in this case us). A cookie typically contains the name of the domain from which the cookie originates, the “lifetime” of the cookie, and a value, normally a unique randomly-generated number. Cookies cannot execute any programmes or transmit viruses to your computer. The purpose of the use is to make our website more user friendly and more effective. Some elements of our website require that the browser can be identified even after a page change.

This website uses cookies to the following extent:

- Transient cookies (temporary use) are deleted automatically when you close the browser. These include in particular the session cookies. These store a so-called session ID, with which various requests by your browser can be assigned to the shared session. As a result, your computer can be recognized when you return to the website. Session cookies are deleted when you log out or close your browser.

- Persistent cookies (use for a limited time) are automatically deleted after a predetermined time, which can vary depending on the cookie. You can delete these cookies any time in the security settings of your browser.

You can configure your browser settings as you wish and, e.g., refuse the acceptance of third-party or all cookies. Information on the management and deletion of cookies as well as corresponding instructions for common browsers are also available at www.meine-cookies.org. Please note, however, that you then may not be able to use all the functions of this website.

(3) This information is stored separately from any data that may further be stored by us. In particular, the cookie data is not linked to your other data that may be transmitted.

2. Collection of personal data for personalised use

(1) In addition to the use of our website purely for information purposes, we also offer a range of services - some of which are limited in time - which you can use if you are interested. For this purpose, you usually have to provide additional personal data which we use to provide the respective service. When you have the option of providing additional voluntary information, this is identified accordingly. Only the personal data which is necessary for your use of the website and/or the performance of a contract concluded with us or which you provide yourself is collected, processed and used by us. This concerns in particular master data and user data which may possibly be transmitted via forms on our website:

- Company
- Name (consisting of salutation, title, first name, surname and gender)
- Address
- Telephone number
- Fax number
- E-mail address
- Date of birth
- User's registration and login data
- User’s bank details

(2) Inventory data and user data are used by us as necessary in order to establish, provide the content of, amend or terminate a contractual relationship with you, in order to meet our contractual obligations, for login by the user on the website, and in order to contact you if you wish or if this is necessary within the scope of the contractual relationship or permitted by law.

The personal data will, with the exception of the data collected by the third-party providers stated below, be stored and processed within the European Union.

3. Erasure dates

Unless otherwise is stated in this Data Privacy Policy, we will only store your data for as long as is necessary for the purposes for which they were collected or processed, unless longer storage periods are required by law. . Your personal data will therefore be deleted after your request has been processed unless otherwise has been agreed or required by law.

4. Anonymous statistical analysis of the user data

We have the right to create user profiles using a pseudonym for purposes of advertising, market research or to design the website to meet the needs of users, unless you object. In particular, we analyse the user data anonymously for statistical purposes in order to design the website to meet the needs of users. You can object to the use of your personal data by sending us a corresponding notification.

5. E-mail newsletter

(1) If you give us your separate consent, we may send to you by e-mail information about the use of the website and general customer information (e-mail newsletter). The advertised goods and services are named in the declaration of consent. Your consent is logged by storing the IP addresses used and the time of registration and confirmation and you can access the content of the consent and this policy at any time. You can revoke your consent at any time with effect for the future. You can revoke in particular your consent for processing for purposes of direct marketing.

(2) We use the products of Newsletter2Go to send the newsletter and therefore pass on to this provider your data which is required for this purpose.

(3) We would like to point out that we evaluate your user behaviour when sending the newsletter. For this analysis, the e-mails sent contain so-called web beacons or tracking pixels, which represent single-pixel image files stored on our website. For the evaluations we link the data mentioned in paragraph 1 and the web beacons with your e-mail address and an individual ID. With the data obtained in this way, we create a user profile to tailor the newsletter to your individual interests. We record when you read our newsletters, which links you click on in them and deduce your personal interests. We link this data to actions taken by you on our website. You can object to this tracking at any time by clicking on the separate link provided in each e-mail or by informing us of another contact method. The information is stored for as long as you have subscribed to the newsletter. After a cancellation we store the data purely statistically and anonymously.

6. Subcontractors and Recipients of personal data

(1) In the course of processing personal data we use subcontractors and conclude contracts with these contract data processors in accordance with the requirements of Art. 28 GDPR.

The subcontractor which is used to host the website is Agentur Jung GmbH.

7. Protection of personal data

We take technical and organisational measures in accordance with the requirements of Art. 32 GDPR to protect the user's personal data. All of our employees who are involved in the processing of personal data are under obligation to maintain data secrecy. The user’s personal data will be encrypted by HTTPS when it is transmitted to the website.

8. Legal basis

In accordance with Art. 13 GDPR, we inform you of the legal basis of our data processing.

• Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a GDPR serves as the legal basis.
• In the processing of personal data required for the performance of a contract to which the data subject is a party, Article 6(1)(b) GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.
• Insofar as the processing of personal data is required to fulfil a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis.
• The legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f GDPR.
• The legal basis for the processing of personal data using technically necessary cookies is Art. 6 para. 1 lit. f GDPR. The legal basis for the processing of personal data using cookies for analytical purposes is Art. 6 para. 1 lit. f GDPR GDPR.
• After your registration for our newsletter we save your e-mail address for the purpose of sending you the newsletter. The legal basis is Art. 6 para. 1 sentence 1 lit. a GDPR.
• If processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 para. 1 letter f GDPR serves as the legal basis for processing.

If the processing of personal data is based on Article 6 I lit. f GDPR, it is in our legitimate interest to conduct our business for the well-being of all our employees and our shareholders.

9. No Automated individual decision-making / no profiling

We do not make automated decision making or profiling.

10. Rights of data subjects

The user and other data subjects may demand from us the following rights in respect of their personal data:

• Right of access by the data subject (Article 15 GDPR)
• Right to rectification (Article 16 GDPR)
• Right to erasure ('right to be forgotten') (Article 17 GDPR)
• Right to restriction of processing (Article 18 GDPR)
• Right to data portability (Article 20 GDPR)
• Right to object (Article 21 GDPR)
• Right to revoke consent given at any time without affecting the legality of the processing carried out on the basis of the consent until revocation, if the data processing is based on consent pursuant to Art. 6 para. 1 lit. a or Article 9 para. 2 lit. a GDPR.

You also have the right to complain to a data protection supervisory authority about our processing of your personal data (Art. 77 GDPR).

 

11. Reference to the right to object under Art. 21 GDPR

A. Right to object on grounds relating to your particular situation

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on lit. e (puplic interest) or lit. f (legitimate interests) of Article 6 para. 1, including profiling based on those provisions. We no longer process the personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

B. Rigth to object relating to direct marketing

Where personal data are processed for direct marketing purposes, you have the right to object at any time to processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing. If you object to processing for direct marketing purposes, the personal data is no longer be processed for such purposes.

C.Exercise of the right of objection

The right of objection can be exercised informally, e.g. by post or by e-mail to the addresses indicated under “controller”.

 

12. Service provider / controller / contact details / objection / revocation of consent

The service provider in accordance with § 13 of the German Tele Media Act (Telemediengesetz, TMG), and controller in accordance with Art. 4 No. 7 GDPR other data protection laws and other provisions of a data protection nature in force in the Member States of the European Union is:

Reidemeister & Ulrichs GmbH

Konsul-Smidt-Str. 8j
28217 Bremen
office@egfra.de

All requests for information, corrections and deletions, objections or revocations of consent, the assertion of the right to limit the processing or the right to data portability, as well as comments or questions by the user relating to data protection are to be sent to this address.

13. Data Protection Officer

Our external Data Protection Officer is Stephan Schmidt, Lawyer, of Mainz. You can reach him at datenschutz@egfra.de or at our postal address with the addition "the data protection officer".


14. Data protection supervisory authority and right to complain

The data protection supervisory authority responsible for us, to which any complaint about a breach of data protection law can be sent, is:

Die Landesbeauftragte für Datenschutz und Informationsfreiheit
Arndtstraße 1, 27570 Bremerhaven

Tel.: +49 421 3612010 oder +49 471 5962010
Fax: +49 421 49618495
E-Mail: office@datenschutz.bremen.de


15. Updating of this Data Privacy Policy

From time to time the content of this Data Privacy Policy will need to be updated. We therefore reserve the right to amend this policy at any time. We will send the amended version of the Data Privacy Policy to registered users by e-mail before it enters into force and publish it in the same place as this Data Privacy Policy.