Privacy Policy of RÄDER-VOGEL RÄDER- UND ROLLENFABRIK GmbH & Co. KG

 In the event of any legal dispute the official German of this Privacy Policy version shall prevail.

Throughout the EU, the provisions of the EU General Data Protection Regulation (GDPR) are applicable. We would like to inform you about how we process personal data in accordance with this regulation (see Article 13 and 14 GDPR). Should you have any questions or remarks regarding this data protection declaration, please write to the email address you will find under point 2, respectively 3.

 

Table of Content:

I. Overview

II. Data Procession in Detail

III. Rights of Persons Affected

IV. Glossary

 

I. Overview

This section of the data protection declaration focuses on information regarding the applicability, the responsible person for data processing, his/her data protection officer and data security.

1. Applicability

The data processing by RÄDER-VOGEL RÄDER- UND ROLLENFABRIK GMBH & CO. KG can basically be divided into two categories: 

 For the objective of contract processing, all data relevant for the execution of a contract with RÄDER-VOGEL RÄDER- UND ROLLENFABRIK GmbH & CO. KG will be processed. Should third parties be involved in the execution of the contract, your data will be passed on to them to the required extent.

 By accessing the website/application of RÄDER-VOGEL RÄDER- UND ROLLENFABRIK GMBH & CO. KG, various information will be exchanged between your device and our server. This means that personal data can be involved. The latter will be used in order to optimise our website or to run advertisements in the browser of your device.

This data protection declaration is applicable to the following offers:

 our online offer can be downloaded under www.raedervogel.de 

 whenever the offering of one of our products (e.g. websites, subdomains, mobile applications, web services or links to third party sites) refers to this data protection declaration, regardless of how you access or use it.

All of these offerings together shall be referred to as “Services“.

2. Responsible Person

The responsible person/entity for the data processing – i.e. the person/entity who determines the purposes and means of the processing of personal data – in connection with the services shall be 

RÄDER-VOGEL RÄDER- UND ROLLENFABRIK GMBH & CO. KG
Sperlsdeicher Weg 19 – 23
21109 Hamburg
Telefon: +49 40 75499-0
E-Mail: rv@raedervogel.de

3. Data Protection Officer

You can contact our data protection officer by using our request form:

Request Form:

www.dsextern.de/anfragen

DS EXTERN GmbH
Dipl.-Kfm. Marc Althaus
Frapanweg 22
D-22589 Hamburg

4. Data Security

In order to develop the measures required by Art. 32 GDPR and thus to achieve protection adequate to the risks concerned, we have established an information security management system in our company.

 

II. The Data Processing in Details

In this section of the data protection declaration we inform you in detail about the processing of personal data within the scope of our services. For improved clarity, we divide this information according to the particular functionalities of our services. The use of the services under normal conditions can lead to the fact that different functionalities and in consequence possibly several processing – one after the other or in parallel – can take effect.

 

1. General Information to the relevant Data Processing

Subject to further notice, the following shall apply to all hereinafter mentioned processing:

a. No Obligation for Provision of Data

There exists neither a contractual nor a legal obligation to provide personal data. You are not obliged to provide any data.

b. Consequences of a Non-Submittal

We do not store your date any longer than we need them for the individual purpose of the processing. If the data are no longer needed for the fulfilment of contractual or legal obligations they will be deleted unless their medium-term storage should be necessary. The reasons could e.g. be the :The non-submittal of any required date (data marked as required fields) leads to the consequence that the relevant service cannot be provided. Apart from that, the non-submittal could lead to the fact that our services cannot be provided in the same way and quality.

c. Consent

In several cases you have the possibility to provide us in connection with the below mentioned processing (respectively for a part of the data) with your consent for further processing. In such cases we will inform you in connection with each provision of a declaration of intent about all modalities and the scope of your consent as well as the purposes we pursue with the processing.

d. Transfer of Personal Data to Third Countries

In case we transfer data to third countries, e.g. countries outside the European Union, such a transfer is solely carried out in compliance with the statutory admissibility requirements.

Those admissibility requirements are regulated by Art. 44 – 49 GDPR.

e. Hosting Services by External Service Providers

A large extent of our data processing is done through cooperation with so-called hosting service providers who provide us with storage space and processing capacities in their data centres and who also process personal data according to our instructions in our name. Those service providers either process data exclusively within the EU or we can guarantee an adequate level of data protection by means of the EU standard contractual clauses.

f. Transfer to Government Authorities

We would transmit personal data to government authorities (including prosecution authorities) if this was required to fulfil a legal obligation which we are subject to (legal ground Art. 6 para. c) GDPR or if it was required for the enforcement, the execution or the defence of legal claims (legal ground Art. 6 para. f) GDPR.

g. Storage Period

We do not store your date any longer than we need them for the individual purpose of the processing. If the data are no longer needed for the fulfilment of contractual or legal obligations they will be deleted unless their medium-term storage should be necessary. The reasons could e.g. be the :

 The fulfilment of obligations under commercial and tax regulations

 The preserving of evidence for legal disputes within the framework of the legal statutes of limitation

In case you provide us with your express consent we can store your data even longer.

h. Data Categories

Account details: Login-/user recognition and password

Person Master Data: Title, salutation/sex, first name, surname, date of birth

Address details: Street, house number, respectively address additions, ZIP Code, place, country

Contact details: Telephone number(s), telefax number(s), Email address(es)

Login details: Information about the service via which you logged in; the various times and technical information regarding the login; confirmation and logoff; data you provided during the login

Ordering data: Ordered products, prices, information on payment and delivery

Payment details: Account details, credit card details, details regarding other payment services such as PayPal

Access details: Date and time of your visit of our ; the site from which you accessed our site; opened sites while using our services, Session ID; moreover the following information of the accessing computer system: used IP address, browser type and browser version, computer type, operational system and similar technical information

Application details: CV, school reports, verifications, work samples, certificates, pictures

Data pursuant to Art. 9 GDPR: Data that reveal racial and ethnic origin, political opinions, religious and philosophical beliefs or a membership in a trade union, as well as genetic data, biometric data to ensure the unambiguous identification of a natural person, health data or data regarding sex life or the sexual orientation of a natural person.

2. Accessing the Website/Application

This describes how we process your personal data when opening our services page. We would like to emphasise in particular that the transmission of access data to external content providers (see under b.) cannot be evaded on the internet due to the technical functioning of the information transfer.

a. Information on processing

Data Category

Intended Purpose

Legal Ground

Possible legitimate Interest

Time of Storage

Access data

Connection set-up, depiction of the service contents, discovery of attacks on our site by means of suspicious activities, fault diagnosis

Art. 6 para. 1 f) DGPR

Orderly functioning of the services, security of data and business processes, prevention of abuse, prevention of damages caused by interference with information systems

7 days

b. Recipient of personal Data

Recipient Category

Data Concerned

Legal Basis of the Transmission

Possible legitimate Interest

NMMN New Media Markets & Networks IT-Services GmbH

www.nmmn.com

Access Data

Job Processing (Art. 28 GDPR)

Orderly functioning of the services,  (accelerated) depiction of the contents

3. Newsletter

Here we explain what happens with your personal data in connection with a subscription to our newsletter:

 

a. Information regarding the Processing

Data Category

Purpose

Legal Ground

Possible legitimate Interest

Time of Storage

Email Address

Verification of the registration (Double Opt-in-procedure), mailing of the newsletter

Art. 6 para. 1 letter a) GDPR

 

Duration of the newsletter subscription 

Personal Master Data

Newsletter Personalisation

Art. 6 para. 1 letter a) GDPR  

Duration of the newsletter subscription

Login Details

Traceability after the newsletter registration/confirmation/cancellation

Art. 6 para 1 letter a), f) GDPR

Verification after the newsletter registration/confirmation/cancellation

Duration of the newsletter subscription

Usage Profile Data Newsletter

Newsletter design to the interest of our customers

Art. 6 para. 1 letter f) GDPR

Stepping up our service, advertising purposes

Duration of the newsletter subscription

b. Recipient of personal Data

Recipient Category

Data concerned

Legal Ground of the Transmission

Possible legitimate Interest

NMMN New Media Markets & Networks IT-Services GmbH

www.nmmn.com

All data mentioned under a.

Job Processing (Art. 28 GDPR)

 

4. Job Application

During an ongoing application procedure we process your personal data as follows:

a. Information regarding Processing

Data Category

Purpose

Legal Ground

Possible legitimate Interest

Duration of the Storage

Address details, contact details

Identification, first contact, communication to the conclusion of a contract

Art. 6 para. 1 b) GDPR

 

6 months

Personal Master Data

Identification, first contact, age verification

Art. 6 para. 1 b) GDPR

 

6 months

Application Details

Applicant Selection

Art. 6 para. 1 b) GDPR

 

6 months

b. Recipient of personal Data

Recipient Category

Data concerned

Legal Ground for the Transmission

Possible legitimate Interest

BITBOX GmbH & Co. KG
www.bitbox.de

All data mentioned under a.

Job Processing (Art. 28 GDPR)

 

5. Customer Support

Here we explain how we process your personal data in the event you contact our customer services:

a. Information regarding Processing

Data Category

Purpose

Legal Ground

Possible legitimate Interest

Duration of the Storage

Personal Master Data, contact details, content of your inquiry/complaints

Processing of customer inquiries and user complaints

Art. 6 para. 1 b), f)

Customer loyalty, enhancement of our services

Processing of inquiries

b. Recipient of personal Data

Recipient Category

Data Concerned

Legal Ground for the Transmission

Possible legitimate Interest

In-House ERP-/CRM-System 

All data mentioned under a.

 

 

6. Tracking

In the following, we describe how your personal data will be processed by using tracking technologies for analysis and optimisation of our services and for advertising purposes.

The description of the tracking procedure also contains information on how you can either prevent data processing or object to any data processing. Please note that the so-called “Opt-out“, i.e. the objection to the processing is generally stored by means of cookies. If you use our services via a new device or if you would like to use it in a different browser or should you have deleted the cookies set by your browser you have to repeat your statement of rejection.

The described tracking procedure only processes personal data in a pseudonymous form. A conjunction with a specific, identified national person, i.e. an aggregation of the data carrying information about the anonymous profile does not take place.

a. Tracking for the Analysis and Optimisation of our Services and their Use as well as to measure the Success of Advertising Campaigns and Enhancement of the Display of Advertisements

(1) Purpose of Processing

The analysis of user behaviour by means of tracking helps us to examine the efficiency of our services, to improve them and to tailor them to suit the needs of the users – and to remove possible defects. It also helps us to receive values over the use of our services (range, use intensity, surfing habits of your users). These values are statistically determined – on the basis of uniform standard processes – and they deliver market-wide comparative figures.

Tracking to measure the success of advertising campaigns serves to optimise our advertisements for the future and to enable marketers and advertisers to take appropriate measures to optimise their advertisements as well. Tracking to optimise the display of advertisements serves to show users advertisements tailor-made to their interests and to enhance the success of their advertising and by doing so to increase their advertising revenues.

(2) Legal Ground of Processing

For services that keep track of the surfing behaviour of persons concerned and for the compilation of user profiles, an informed consent within the meaning of the GDPR is required.

(3) The tracking procedures applied in detail:

Name of the Service           

Functionality

Possibility to prevent the Processing (Opt-out)

Data Transfer to Third Countries?

Possible Transfers on the Basis of an adequate Decision (Art. 45 GDPR)

Possible Transfers subject to appropriate Safeguards (Art. 46 GDPR)

PIWIK

Advertising Analysis

No Storage of personal Data (e.g. IP addresses).

No

 

 

Should you decide against interest based advertising, you can visit this website (only in German), click on “Preference Management“ and follow the instructions in order to prevent the use of the data for interest based advertising by the service providers listed there. You will nevertheless continue to receive advertisements but it will not be interest based.

III. Data Protection Rights

1. Right of Objection

If we process your personal data in order to conduct direct advertising, you have the right – at any time and with effect for the future – to lodge an appeal against the processing of your personal data for the purpose of such advertising; as far as it is associated with such direct advertising.

 

Furthermore, you have the right to lodge an appeal – for reasons resulting from your particular situation – against the processing of your personal data pursuant to Art. 6 para. 1 letter e) or f) GDPR at any time and with effect for the future. 

You can freely exercise the right of appeal.

You can contact us using our contact details under 1.2.

2. Right to Information

You are entitled to be informed whether any of your personal data are being processed by us, which personal data this applies to and you are entitled to more information pursuant to Art. 15 GDPR.

3. Right to Rectification

You shall have the right to obtain from us without undue delay the rectification of inaccurate personal data (Art. 16 GDPR). Taking into account the purposes of the processing, you shall have the right to have incomplete data completed, including by means of providing a supplementary statement.

4. Right to Erasure (“Right to be forgotten“)

You have the right to obtain from us the erasure of personal data concerning him or her without undue delay and we shall have the obligation to erase personal data – should one of the grounds in Art. 17 para. 1 GDPR apply and the processing is not necessary for a purpose defined in Art. 17 para. 3 GDPR.

5. Right to Restriction of Processing

You shall be entitled to obtain from us a restriction of processing where one of the conditions applies pursuant to Art. 18 para. 1 letter a) GDPR.

6. Right to Data Portability

You shall have the right to receive the personal data which you provided, in a structured, commonly used and machine-readable format. You shall furthermore have the right to transmit those data to another controller without hindrance from us, as far as this is technically possible. This shall apply in case the basis of data processing is a consent or a contract and the data is processed automatically. This does not apply to data in paper form.

7. Right to Revocation of a Consent

Insofar as the processing is done with your consent you shall have the right to revoke your consent at any time. Thus, the legitimacy of the processing (based on your consent until its revocation) remains untouched. 

8. Right to Complain

You shall be entitled to a right to file a complaint with a competent supervision authority.

 

IV. Glossary

Processor: A natural or legal entity, an authority, body or similar office that processes personal data on behalf of the controller.

Browser: Computer programme to present websites (e.g. Chrome, Firefox, Safari)

Cookies: The term “Cookie“ comes from the English vocabulary and the original meaning is “Biscuit“. In www-computing, a cookie is a short packet of data that is locally saved on the user’s computer when visiting a website. This file saves data about the behaviour of the user. If a browser is opened and if the website in question is visited more often, the cookie goes into action and thanks to its stored data it provides the web server with information about the surf behaviour of the user.

In computing, cookies are no biscuits but information that a website saves locally on the computer of a website visitor in a small text file. Those can be settings made by the user but it can also be information that the website independently collected from the user. Later, those locally saved text files can be read by the same web server that created them. Most browsers accept cookies automatically. They can manage cookies with the browser function (usually under “Options“ or “Settings“). This way, the storage of cookies can be disabled, in individual cases be subject to your consent or otherwise be restricted. You can delete cookies at any time.

Third Countries: A country which is not bound to the legal requirements of the EU Directive on Personal Data Privacy (a country outside the EEA).

Personal Data: All information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as name, an identification number, location data, an online identifier or to one or more factors specific to a physical, physiological, genetic, mental, economic, cultural or social identity of that national person.

Pixel: Pixel are also referred to as tracking pixels, web beacons or web bugs. They are small, invisible graphics in HTML emails or on websites. If a document is opened, this small picture is downloaded from a server on the internet whereby that download is registered there. This way, the operator of the server can see whether and when an email was opened or a website was visited. Mostly, this function is implemented when an applet is being started (Javascript). By doing so, certain types of information can be identified on your computer system and be passed on, e.g. the content of cookies, time and date of a page view as well as a description of the page on which the tracking pixel is located.

Profiling: Any form of automated processing of personal data characterised by the fact that those personal data are used in order to evaluate those personal data, in particular to analyse or predict aspects regarding work performance, economic situation, health, personal preferences, interests, reliability, behaviour, place of residence or change of location of this natural person.

Services: Our offerings for which this data protection declaration applies (see ”Applicability“, I.1).

Tracking: The collection of data and their analysis regarding the behaviour of visitors to our services.

Tracking Technologies: Tracking can be done via activity profiles saved on our web servers (log files) and also by collected data on your device via pixel, cookies and similar tracking technologies.

Processing: