RLE Privacy Policy

RLE Privacy Policy

 

 

I.          Name and address of the data controller and scope of application

The data controller in the sense of the General Data Protection Regulation and other national data protection laws of the Member States as well as other legal data protection provisions is:

RLE INTERNATIONAL Produktentwicklungsgesellschaft mit beschränkter Haftung (hereinafter RLE)

Brodhausen 1

51491 Overath

Germany

Phone.: 0221 88860

Email: info@rle.de

Website: www.rle.international

 

This Information Privacy Declaration applies to RLE’s Internet offerings, which may be accessed on the web at the domain www.rle.international as well as the various sub-domains and related domains (hereinafter “RLE web pages” or “this website”).

II.        Contact information for the Information Privacy Representative

RLE International Produktentwicklungsgesellschaft mit beschränkter Haftung

Data Protection Officer

Robert Bosch Strasse 10

50769 Cologne

Germany

 

Email: datenschutz@rle.de

III.      Definitions

The RLE Information Privacy Declaration is based on the terminology that was used by the European issuers of directives and regulations in adopting the General Data Protection Regulation (in German: Datenschutzgrundverordnung -- DSGVO). Our Information Privacy Declaration must be easily readable and understandable both for the public as well as for our customers and business partners. To ensure this, we would like to begin by defining the terminology we use.

In this Information Privacy Declaration, we use the following terms amongst others:

a)       Personal information

Personal information is all information that concerns an identified or identifiable natural person (hereinafter “data subject”). A natural person is identifiable if the person can be directly or indirectly identified, especially through the assignment of an identifier such as a name, identification number, location information, on-line identifier or one or more specific characteristics that express the physical, physiological, genetic, economic, cultural or social identity of this natural person.

b)       Data subject

A data subject is that identified or identifiable natural person whose personal information is processed by the processing controller responsible for the information.

c)       Processing

Processing is any procedure or series of procedures, whether automated or not, associated with personal information, such as collecting, recording, organising, arranging, storing, adapting or changing, separating, retrieving, using, disclosing by transferring, disseminating or any other form of making available the comparison or link, restricting, deleting or erasing.

d)       Restriction of processing

Restriction of processing is the tagging of stored personal information for the purpose of restricting future processing.

e)       Profiling

Profiling is any form of automated processing of personal information that causes this personal information to be used to assess specific individual characteristics concerning a natural person, especially to analyse or predict this natural person’s characteristics regarding work performance, economic situation, health, personal preferences, interests, reliability, behaviour, residence or change of location.

f)         Pseudonymisation

Pseudonymisation is the processing of personal information in a manner in which the personal information can no longer be associated with a specific data subject without consultation of additional information, to the extent that this additional information is separately maintained and subject to technical and organisational measures that ensure that the personal information cannot be associated with an identified or identifiable natural person.

g)       Controller or processing controller

A controller or processing controller is a natural person or legal entity, authority, establishment or other place that makes decisions either solely or together with others regarding the purposes and means of processing personal information. If the purposes and means of this processing are prescribed by European Union law or the law of the Member States, the controller or the specific criteria for designating the controller can be provided in accordance with European Union law or the law of the Member States.

h)       Processor

The processor is a natural person or legal entity, authority, establishment or other place that processes the personal information on behalf of the controller.

i)         Recipient

A recipient is a natural person or legal entity, authority, establishment or other place to which personal information is disclosed, regardless whether this is a third party. Authorities who receive information that may be personal under specific mandates for investigation in accordance with European Union law or the law of the Member States are not, however, considered to be recipients.

j)         Third party

A third party is a natural person or legal entity, authority, establishment or other place other than the data subject, controller, processor and the persons who are directly authorised by the controller or the processor to process personal information.

k)       Consent

Consent is any expression of willingness provided for the specific case in an informed and unmistakeable way in the form of a statement or other clearly confirming action through which the data subject lets it be known that he or she agrees with the processing of the respective personal information.

IV.      General information on information processing

1.       Scope of the processing of personal information

In principle, we process the personal information of our users only to the extent required to make available a functional website and our contents and services. The processing of the personal information of our users routinely takes place only following the user’s granting of consent. An exception applies in cases in which obtaining prior consent is not possible for practical reasons and the processing of the information is permitted by law.

2.         Legal basis for the processing of personal information

If we obtain the data subject’s consent for the processing of personal information, European Union General Data Protection Regulation (DSGVO) Art. 6 Par. 1 letter a serves as the legal basis.

In processing personal information required to fulfil a contract to which the data subject is a contracting party, DSGVO Art. 6 Par. 1 letter b serves as the legal basis. This also applies to processing procedures that are required to carry out pre-contractual measures.

If processing of personal information is required to comply with a legal obligation to which our company is subject, DSGVO Art. 6 Par. 1 letter c serves as the legal basis.

In a case where the vital interests of the data subject or another natural person require processing of personal information, DSGVO Art. 6 Par. 1 letter d serves as the legal basis.

If the processing is required to safeguard a justified interest of our company or a third party and this interest is not outweighed by the interests, basic rights and basic freedoms of the data subject, DSGVO Art. 6 Par. 1 letter f serves as the legal basis.

3.         Deletion of information and duration of storage

The personal information of the data subject will be deleted or blocked as soon as the purpose for which it was stored no longer exists. Storage can also take place if it has been provided for under European or national legislation in European Union legal regulations, laws or other provisions to which the controller is subject. Blockage or deletion of the information can also take place if a storage period stipulated under the designated standards lapses unless there is a requirement for further storage of the information for the conclusion or fulfilment of a contract.

V.        Provision of the website and creation of log files

1.       Description and scope of the processing of information

Each time our website is accessed, our system automatically records data and information from the computer system of the accessing computer.

In this process, the following information is collected:

(1)           Information regarding browser type and the version used

(2)           The user’s IP address

(3)           Date and time of access

(4)           Query method, URL accessed and version of the HTTP protocol

(5)           Resulting value of the query (HTTP status code) and dimension of the request

(6)           Websites from which the user’s system accessed our website,

(7)           Websites that are accessed from the user’s system via our website

The information is also stored in the log files of our system. Not included here are user’s IP addresses or other data that enable the information to be associated with a user. Storage of information together with other personal information pertaining to the user either does not take place or takes place only in an anonymised form.

2.         Legal basis for the processing of information

The legal basis for the temporary storage of the information is DSGVO Art. 6 Par. 1 letter f.

3.         Purpose of the processing of information

The temporary storage of IP addresses by the system is necessary to enable delivery of the website to the user’s computer. To do this, the user’s IP address must be stored for the duration of the session.

Storage in the log files takes place to ensure the functionality of the website. In addition, the information helps us improve the website and ensure the security of our information systems technology. Assessment of the information for marketing purposes does not take place in this context.

For these purposes, our justified interest in the information processing is based on DSGVO Art. 6 Par. 1 letter f.

4.         Duration of storage

The information will be deleted as soon as the fulfilment of the purpose for which it was collected no longer requires this information. In the event that information is captured when the website is made available, this occurs when the respective session comes to an end.

In the event that data is stored in log files, this occurs no later than 60 days after the session. Temporary storage is possible. In this case, the users’ IP addresses are deleted or altered such that it is no longer possible to associate these with the accessing client.

5.         Opportunity for objection and removal

The recording of information when the website is made available and the storage of information in log files are essential to the operation of the website. For this reason, it follows that there is no opportunity for the user to raise an objection.

VI.      Use of cookies

1.       Description and scope of the processing of information

Our website uses cookies. Cookies are text files that are stored in the Internet browser and transferred from the Internet browser to the user’s computer system. When a user accesses a website, a cookie can be stored on the user’s operating system. This cookie contains a characteristic character sequence that enables an explicit identification of the browser when it accesses the website again.

We use cookies to make our website more user-friendly. Some elements of our website require that the accessing browser also be identifiable when moving to another page.

List of the cookies used at our web pages:

Cookie

Purpose

Expiry date

Category *

www.rle.international

 

 

 

  cookie_notice_accepted

This functional cookie stores the information that a user of the web page has agreed to the use of cookies.

30 days

Required by the technology

  _pk_id.7.23ab

Piwik cookie to determine returning user

392 days

Performance

  _pk_ses.7.23ab

Piwik session cookie

Session

Performance

*.rle.international

 

 

 

  __zlcmid

This cookie is provided by ZopIM Betreiber, which makes available the technology behind our live chat system. The cookie permits you to maintain the chat session even if you are visiting different pages of the web page.

365 days

Third-party provider

www.rle-career.international

 

 

 

  PHPSESSID

This functional cookie stores information about the web page’s current PHP session

Session

Required by the technology

  wpml_browser_redirect_test

This functional cookie tests whether 

language settings activate cookies

Session

Required by the technology

  _pk_id.7.71c1

Piwik cookie to determine returning user

392 days

Performance

  _pk_ses.7.71c1

Piwik session cookie

Session

Performance

*.www.rle-career.international

 

 

 

  _icl_visitor_lang_js

This functional cookie stores the current language settings

24 hours

Required by the technology

*.rle-career.international

 

 

 

  __zlcmid

This cookie is provided by ZopIM Betreiber, which makes available the technology behind our live chat system . The cookie permits you to maintain the chat session even if you are visiting different pages of the web page.

365 days

Third-party provider

career.rle.de

 

 

 

  PHPSESSID

This functional cookie stores information about the web page’s current PHP session

Session

Required by the technology

  fe_typo_user

This functional cookie stores information about the web page’s current TYPO3 session

Session

Required by the technology

  uslk_s

The uslk_s cookie stores non-sensitive user profile information and, where applicable, contact data provided by the user in the Userlike live chat.

Session

Third-party provider

  uslk_e

The cookie stores the service life of the uslk_s cookie.

365 days

Third-party provider

  _pk_id.3.b4f3

Piwik cookie to determine returning user

392 days

Performance

  _pk_ses.3.b4f3

Piwik session cookie

Session

Performance

 

The user’s information collected in this manner is pseudonymised through technical means. In this way, the information on the accessing user can no longer be associated with that user. The information is not stored together with other personal information pertaining to the user.

Upon accessing our website, the user is given notice regarding the use of cookies for purposes of analysis and about this Information Privacy Declaration. In this connection, there is also a tip on how to block the storage of cookies in the browser settings.

Switching on the “do not track” function in normal browsers:

Firefox: https://support.mozilla.org/de/kb/wie-verhindere-ich-dass-websites-mich-verfolgen

Internet Explorer: https://support.microsoft.com/de-de/help/17288/windows-internet-explorer-11-use-do-not-track

Chrome: https://support.google.com/chrome/answer/2790761

Edge: https://privacy.microsoft.com/de-de/windows-10-microsoft-edge-and-privacy

Please take care to set your browser in such a way that you will be informed when cookies are placed and can make an individualised decision regarding their acceptance or the acceptance of cookies in certain cases or block them altogether. Each browser is different in the way it manages cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. You will find this for the respective browsers under the following links:

Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen

Internet Explorer: http://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies

Chrome: http://support.google.com/chrome/bin/answer.py?hl=de&hlrm=en&answer=95647

Please be aware that not accepting cookies can limit the functionality of our website.

* Category

a)       Required by the technology

These are absolutely essential cookies that are needed for you to access a website and make use of its features. Without these cookies, some functions cannot be guaranteed.

b)       Performance

Performance cookies collect information about the use patterns of a website -- essentially, which pages a visitor accesses most frequently and whether the user receives error messages from a page. These cookies do not store information that can permit identification of the user. The information they collect is aggregated and thereby assessed anonymously. These cookies are used exclusively to improve the performance of a website and as a result the user experience.

c)       Third-party provider

Third-party cookies are created by embedded plug-ins or add-ons to our website. Examples of these include our live chat system and our Piwik platform analysis.

2.         Legal basis for the processing of information

The legal basis for the processing of personal information by using technically necessary cookies is DSGVO Art. 6 Par. 1 letter f.

The legal basis for the processing of personal information by using cookies for the purpose of analysis is DSGVO Art. 6 Par. 1 letter a in the existence of consent of the user for this purpose.

3.         Purpose of the processing of information

The purpose of using technologically necessary cookies is to simplify the use of the website for the users. Some functions of our website cannot be offered without the use of cookies. These pages require that the browser be recognised after each page change.

We require cookies for the following applications:

(1)           ZOPIM Zendesk Chat

(2)           Matomo (formerly Piwik)

(3)           Agreement with the creation of the cookie

The user information collected by technologically necessary cookies is not used to create user profiles.

The use of analysis cookies takes place for the purpose of improving the quality of our website and its contents. By analysing cookies, we learn how the website is used and in this way, we can constantly improve our offerings.

The only analysis cookies we currently use are the cookies for using the Piwik tools described above.

For these purposes, our justified interest in the processing of personal information is based on DSGVO Art. 6 Par. 1 letter f.

4.         Duration of storage, opportunity for objection and removal

Cookies are stored on the user’s computer and are not transmitted from there to our page. This means that you, the user, also have full control over the use of cookies. By changing the settings in your Internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been stored can be deleted at any time. This can also happen automatically. If cookies are deactivated for our website, it is possible that not all website functions will continue to be fully accessible.

You can obtain the pre-set expiry time for the respective cookies by consulting the list at chapter VI. number 1. 

VII.         Contact form and email contact

1.       Description and scope of the processing of information

There is a contact form at our website that can be used to contact us electronically. When a user takes advantage of this opportunity, the information entered in the input mask is sent to us and stored. This information includes:

(1)     Name (optional)

(2)     Company (optional)

(3)     Location (optional)

(4)     Email address (optional depending on contact selected)

(5)     Telephone number (optional depending on contact selected)

At the moment the information is sent, the following information will also be stored:

(1)     The user’s IP address

(2)     Date and time of access

To process the information in the context of the dispatching process, your consent is obtained and you are referred to this Information Privacy Declaration.

Alternatively, it is possible to establish contact via the provided email address. In this case, the user’s personal information will be stored with the email message you send.

In this context, no information is disclosed to third parties. The information is used exclusively for processing the conversation.

2.         Legal basis for the processing of information

The legal basis for the processing of the information is DSGVO Art. 6 Par. 1 letter a in the existence of consent of the user.

The legal basis for the processing of information transmitted in the process of the sending of an email message is DSGVO Art. 6 Par. 1 letter f. If the email contact is for the purpose of concluding a contract, the additional legal basis for the processing is DSGVO Art. 6 Par. 1 letter b.

3.         Purpose of the processing of information

The processing of personal information from the input mask only helps us process the contact itself. In the case of a contact via email, there is a closely related justifiable interest in the processing of the information.

The other personal information processed during sending serves to avoid misuse of the contact form and ensure the security of our information system technology.

4.         Duration of storage

The information will be deleted as soon as the fulfilment of the purpose for which it was collected no longer requires this information. For personal information from the contact form’s input mask and that which was sent via email, this occurs when the respective conversation with the user has ended. The conversation is over when the circumstances indicate that the relevant content has been conclusively clarified.

The personal information additionally collected during the sending procedure will be deleted after a period of no longer than seven days.

5.         Opportunity for objection and removal

Users have the opportunity at any time to revoke their consent to the processing of their personal information. Users who contact us by email can object at any time to the storage of their personal information. In such a case, the conversation cannot be continued.

All personal information that had been stored in the course of the contact will be deleted in this case.

VIII.  Information privacy in applications and application procedures

1.       Description and scope of the processing of information

RLE collects and processes personal information of applicants for the purpose of implementing the application process. The processing can take place electronically. This is especially the case if an applicant sends corresponding application documents electronically, such as by email, to the controller. If the controller contracts to hire the applicant, the transferred information is stored for the purpose of executing the employment relationship in conformity with provisions of the law. If the applicant is not hired by the controller, the application documents are automatically deleted six months after the decision not to hire the applicant, provided that the controller has no other justified interest in processing that would prevent the deletion. An example of another justified interest, in this sense, could be a procedural burden of proof in compliance with the General Treatment Act (Allgemeiner Gleichbehandlungsgesetz - AGG).

2.       Registration

This website offers users to create a user account. Within the scope of this registration, mandatory information will be provided based on DSGVO Art. 6 Par. 1 letter b for the purpose of providing the user account itself. Processed information especially includes any login information (name, password as well as email address). Any information provided within the scope of this registration will be used for the purpose of using the user account and its purpose.

Users can be informed by email, about information relevant to the user account, e.g. technical changes. If users have cancelled their user account, data in regards to this user account will be deleted in accordance with the legal provisions for record retention. It rests with the user to back up their data before the contract ends. We are authorized to irretrievably delete all information recorded during the duration of the contract.

Within the scope of using our registration and login functionalities as well as using the user account, IP address and time of access will be saved. The storage takes place based on our legitimate interests, amongst others for protection against misuse and any other unauthorized use. Forwarding this data to third parties will only occur if necessary to pursue our claims or in case of statutory obligations in accordance to DSGVO Art. 6 Par. 1 letter c. IP addresses are anonymized or deleted at latest 7 days after creation.

3.       Terms of use

a)       General obligations of the user

You agree to use the career portal and the online application form in accordance with their proper purpose. Furthermore, you promise not to use our services to distribute illegal contents or to violate the rights of third parties. In particular, it is forbidden to distribute materials that are pornographic, extremist, racist or harmful to minors; it is also forbidden to intentionally send viruses or misuse applications for breaking into another network, host or account.

You give us your permission to send all communication concerning your usage of our services via email unless another path of communication is provided for under mandatory statutory law.

b)       Liability

You will be held liable for all contents you place on the career portal and the online application forms, e.g., texts, photographs, graphics, files, links, etc. You promise not to violate any trademarks, copyrights, personal rights or other third party rights.

The RLE INTERNATIONAL Group is only liable for contents in accordance with the German Teleservices Act and the Interstate Media Services Agreement for foreign content when (1) the RLE INTERNATIONAL Group knows of illicit actions or contents and, in case of damage claims, the RLE INTERNATIONAL Group is familiar with the facts or circumstances under which the illicit actions or contents become manifest or (2) when the RLE INTERNATIONAL Group does not act to remove illicit contents or to block access to them immediately after these have come to its attention. 

c)       Violating terms of use

The RLE INTERNATIONAL Group reserves the right to remove illicit contents (e.g., contents that violate legal or regulatory statutes or offend against good morals) from portal applications without having previously warned the offending user. The RLE INTERNATIONAL Group also reserves the right to temporarily or permanently block users that violate these terms of use. The offending user will be immediately notified if such measures are taken. Blocked users are not entitled to compensation.

IX.           Contact via the “Zendesk Chat” live chat system (formerly “Zopim”)

4.       Description and scope of the processing of information

RLE uses Zendesk Chat, a live chat function of Zendesk Inc., 1019 Market St., San Francisco, CA 94103, USA. It is possible to communicate with us in real time using the live chat function available at the website. We collect, process and use the information you disclose via the live chat function exclusively for the processing of your specific concern. The information you disclose is generally transmitted to a Zendesk server outside the EU and stored there. In addition, Zendesk uses cookies that make the live chat function available and permit analysis of your use of it. Cookies allow us to record your visits as well as anonymised information about website use. Personal information is not stored in this action. The information produced by the cookie regarding your use of this website will generally be transferred to a Zendesk server outside the EU and stored there. You can block the storage of cookies by adjusting the setting of your browser software, but we point out that in this case you may not be able to use the full range of this website’s functions.

Zendesk is certified under the Privacy Shield Agreement, in this way providing an additional assurance of compliance with European law on information privacy (https://www.privacyshield.gov/participant?id=a2zt0000000TOjeAAG&status=Active).

Further information is available under the Zendesk Information Privacy Declaration: https://www.zendesk.de/company/customers-partners/privacy-policy

When a user takes advantage of this opportunity, the information entered in the input mask is sent to us and stored. This information includes:

(1)     Contact details (name, email, address)

(2)     Telephone number (optional)

(3)     Message

At the moment the information is sent, the following information will also be stored:

(1)     The user’s IP address

(2)     Date and time of access

In this context, no information is disclosed to third parties. The information is used exclusively for processing the conversation.

5.         Legal basis for the processing of information

The legal basis for the processing of the information is DSGVO Art. 6 Par. 1 letter a in the existence of consent of the user.

6.         Purpose of the processing of information

The processing of personal information from the input mask only helps us process the contact itself. In the case of a contact via email, there is a closely related justifiable interest in the processing of the information.

The other personal information processed during sending serves to avoid misuse of the contact form and ensure the security of our information system technology.

7.         Duration of storage

The information will be deleted as soon as the fulfilment of the purpose for which it was collected no longer requires this information. For personal information from the contact form’s input mask and that which was sent via email, this occurs when the respective conversation with the user has ended. The conversation is over when the circumstances indicate that the relevant content has been conclusively clarified.

The personal information additionally collected during the sending procedure will be deleted after a period of no longer than seven days.

8.         Opportunity for objection and removal

Users have the opportunity at any time to revoke their consent to the processing of their personal information. Users who contact us by email can object at any time to the storage of their personal information. In such a case, the conversation cannot be continued.

All personal information that had been stored in the course of the contact will be deleted in this case.

X.             Contact via the “Userlike” live chat system

1.       Description and scope of the processing of information

RLE uses Userlike, a live chat software system by the Userlike UG Company (Ltd), Probsteigasse 44-46, 50670 Cologne, GERMANY Userlike uses “cookies”, text files stored on your computer that enable personal conversation in the form of a real-time chat at the website.

It is possible to communicate with us in real time using the live chat function available at the website. We collect, process and use the information you disclose via the live chat function exclusively for the processing of your specific concern. The information you disclose is generally transferred to a Userlike server and stored there.

As soon as you access the live chat, Userlike temporarily collects your IP address to be able to determine the country where you are initiating the live chat. In this way it is possible for us to offer you a customer service experience tailored to your needs. Collection of the IP address is solely for this purpose, and the address is not stored by Userlike.

In addition, Userlike stores the flow of the live chat. This serves the purpose of sparing you extensive explanations regarding the history of your request and providing constant quality control of our live chat service. If this is not something you prefer, you are welcome to contact us using the contact information above. We will then promptly delete stored live chats.

In addition, Userlike uses cookies that make the live chat function available and permit analysis of your use of it. You can block the storage of cookies by adjusting the setting of your browser software, but we point out that in this case you may not be able to use the full range of this website’s functions.

Further information is available under the Userlike Information Privacy Declaration: https://www.userlike.com/de/terms#privacy-policy

When a user takes advantage of this opportunity, the information entered in the input mask is sent to us and stored. This information includes:

(1)     Name

(2)     Address

(3)     Message

At the moment the information is sent, the following information will also be stored:

(1)     The user’s IP address

(2)     Date and time of access

In this context, no information is disclosed to third parties. The information is used exclusively for processing the conversation.

2.         Legal basis for the processing of information

The legal basis for the processing of the information is DSGVO Art. 6 Par. 1 letter a in the existence of consent of the user.

3.         Purpose of the processing of information

The processing of personal information from the input mask only helps us process the contact itself. In the case of a contact via email, there is a closely related justifiable interest in the processing of the information.

The other personal information processed during sending serves to avoid misuse of the contact form and ensure the security of our information system technology.

4.         Duration of storage

The information will be deleted as soon as the fulfilment of the purpose for which it was collected no longer requires this information. For personal information from the contact form’s input mask and that which was sent via email, this is the case when the respective conversation with the user has ended. The conversation is over when the circumstances indicate that the relevant content has been conclusively clarified.

The personal information additionally collected during the sending procedure will be deleted after a period of no longer than one month.

5.         Opportunity for objection and removal

Users have the opportunity at any time to revoke their consent to the processing of their personal information. Users who contact us by email can object at any time to the storage of their personal information. In such a case, the conversation cannot be continued.

All personal information that had been stored in the course of the contact will be deleted in this case.

XI.      Social plug-ins

1.       Description and scope of the processing of information

Our web pages incorporate plug-ins for the following social networks:

·         Facebook

·         Twitter

·         XING

·         Google Plus

·         LinkedIn

·         Pinterest

·         Instagram

·         Flickr

·         Youtube

Further information regarding the social plug-ins listed above may be found at Section XI “Use of additional tools and add-ons at our website”.

When you use these plug-ins, personal information is transferred to the respective social networks and stored. Amongst other things, this information includes:

(1)     IP addresses

(2)     Stored cookies

(3)     User log-ins to the social networks (if the user is actively logged in)

(4)     Web page visited

(5)     Time of visit

To block the automatic processing of information, our web page uses the “Shariff” plug-in, which blocks direct data transfer until you actually click/make use of the page.

Further information on the plug-in (Shariff) or its predecessor, the “double-click variant”, can be found at the manufacturer’s web page: heise.de.

Shariff: https://www.heise.de/ct/ausgabe/2014-26-Social-Media-Buttons-datenschutzkonform-nutzen-2463330.html

DoubleClick Variant: https://www.heise.de/ct/artikel/2-Klicks-fuer-mehr-Datenschutz-1333879.html

In this context, no information is disclosed to third parties. The information is processed exclusively when the social plug-in is actively used.

2.         Legal basis for the processing of information

The legal basis for the use of social plug-ins is DSGVO Art 6 Par. 1 letter f.

The legal basis for the processing of the information is DSGVO Art. 6 Par. 1 letter a in the existence of consent of the user. Voluntary consent is assumed under the double-click variant or the alternative use of the Shariff plug-in.

3.         Purpose of the processing of information

RLE’s justified interest and our purpose in using social plug-ins is to make the wider public more aware of our offerings The social networks are responsible for handling the information of their users in a manner that complies with information privacy.

4.         Duration of storage

The networks themselves are responsible for handling the information in conformity with information privacy.

5.         Opportunity for objection and removal

Users have the opportunity at any time to revoke their consent to the processing of their personal information. In this case, the objection must be directed to the respective social networks.

XII.    Web analysis using Matomo (formerly PIWIK)

1.       Scope of the processing of personal information

At our website we use the open source software tool Matomo (formerly PIWIK) to analyse the web-surfing behaviour of our users. The software places a cookie on the user’s computer (see above concerning cookies). When individual pages of our website are accessed, the following information is stored:

(1)     Two bytes of the IP address of the user of the accessing system

(2)     The website being accessed

(3)     The website from which the user has accessed the website (referrer)

(4)     The sub-pages accessed from the accessed website

(5)     Duration of stay at the website

(6)     Frequency of web page access

In this process, the software runs exclusively on the RLE servers. Storage of the user’s personal information only takes place there. No information is disclosed to third parties.

The software is set in such a way not to store the IP addresses completely but rather to mask 2 bytes of the IP address (example:  192.168.xxx.xxx). In this way, it is no longer possible to associate the abbreviated IP address with the accessing computer.

2.       Legal basis for the processing of personal information

The legal basis for the processing of the user’s personal information is DSGVO Art. 6 Par. 1 letter f.

3.         Purpose of the processing of information

By processing the user’s personal information, we are able to analyse the surfing behaviour of our users. Assessment of the acquired data enables us to compile information regarding the use of the individual components of our web page. This assists us in constantly improving our web page and its user-friendliness. For these purposes, our justified interest in the processing of personal information is based on DSGVO Art. 6 Par. 1 letter f. Anonymisation of the IP address takes the user’s interest in the protection of personal information fully into account.

4.         Duration of storage

The information will be deleted as soon as it is no longer needed for our records.

Exact deletion point: 730 days after recording.

5.         Opportunity for objection and removal

Cookies are stored on the user’s computer and are not transmitted from there to our page. This means that you, the user, also have full control over the use of cookies. By changing the settings in your Internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been stored can be deleted at any time. This can also happen automatically. If cookies are deactivated for our website, it is possible that not all website functions will continue to be fully accessible.

 

XIII.       Use of additional tools and add-ons at our website

1.       Google ReCAPTCHA

At this website, we also use the reCAPTCHA function by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). This function primarily assists in distinguishing whether an entry is made by a natural person or improperly by mechanical and automated processing. The service includes the sending to Google of the IP addresses and possibly other information required by Google for the reCAPTCHA service in accordance with DSGVO Art. 6 Par. 1 letter f.based on our justified interest in the determination of the authenticity of individual Internet transactions and the avoidance of misuse and spam.

Google LLC, with headquarters in the United States, is certified for the US-European “Privacy Shield” information privacy agreement that ensures compliance with the level of information privacy applicable in the EU.

Further information regarding Google reCAPTCHA as well as Google’s Information Privacy Declaration can be examined at https://www.google.com/intl/de/policies/privacy/

2.         Facebook

RLE has integrated components of Facebook, Inc. into this website. Facebook is a social network.

A social network is an Internet-driven social meeting place, an on-line community that generally enables users to communicate with one another and to integrate in virtual space. A social network can serve as the platform for the exchange of opinions and experiences or it enables the Internet community to provide personal or business-related information. Amongst other functions, Facebook assists the users of the social network in creating private profiles, uploading photos and networking via friend requests.

Facebook’s operating company is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. The controller for the processing of personal information of data subjects residing outside the United States or Canada is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

For each accession of an individual page of this website operated by the controller and featuring an integrated Facebook component (Facebook plug-in), the Internet browser on the data subject’s information technology system is automatically permitted by the respective Facebook components to download from Facebook a depiction of the corresponding Facebook components. A general overview of all Facebook plug-ins can be requested at developers.facebook.com/docs/plugins/. In the context of this technical process, Facebook learns which specific sub-page of our website are visited by the data subject.

If the data subject is logged into Facebook at this time, each time the data subject accesses our website, and for the duration of the respective session at our website, Facebook detects which specific sub-page of our website is being visited by the data subject. This information is compiled by the Facebook components and associated with the respective data subject’s Facebook account. If the data subject activates one of the Facebook buttons integrated into our website, such as the “like” button, or if the data subject leaves a comment, Facebook associates this information with the data subject’s individual Facebook user account and stores this personal information.

Via the Facebook components, Facebook always receives information that the data subject has visited our website; if the data subject is concurrently logged into Facebook at the time of the accession, this happens whether or not the data subject has clicked the Facebook component. If the data subject does not want this information transferred to Facebook, this transfer can be blocked by logging out of the Facebook account prior to accessing our website.

The data guidelines published by Facebook, accessible at de-de.facebook.com/about/privacy/ , are informative regarding Facebook’s collection, processing and use of personal information. There is , moreover, an explanation of the settings offered by Facebook to protect the data subject’s private sphere. In addition, various applications are available to enable suppression of information transfer to Facebook. Such applications can be used by the data subject to suppress information transfer to Facebook.

3.         Instagram

RLE has integrated components of the Instagram app into this website. Instagram is an app that qualifies as an audio-visual platform; it facilitates user sharing of photos and videos and additionally enables such information to be disseminated further into other social networks.

The company is operated by Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, CA, USA.

For each accession of an individual page of this website operated by the controller and featuring an integrated Instagram component (insta-button), the Internet browser on the data subject’s information technology system is automatically permitted by the respective Instagram components to download from Instagram a depiction of the corresponding Instagram components. In the context of this technical process, Instagram learns which specific sub-page of our website are visited by the data subject.

If the data subject is logged into Instagram at this time, each time the data subject accesses our website, and for the duration of the respective session at our website, Instagram detects which specific sub-page of our website is being visited by the data subject. This information is compiled by the Instagram components and associated with the respective data subject’s Instagram account. If the data subject activates one of the Instagram buttons integrated into our website, the data and information being transmitted are associated with this information with the data subject’s individual Instagram user account and stored and processed by Instagram.

Via the Instagram components, Instagram always receives information that the data subject has visited our website; if the data subject is concurrently logged into Instagram at the time of the accession, this happens whether or not the data subject has clicked the Instagram component. If the data subject does not want this information transferred to Instagram this transfer can be blocked by logging out of the Instagram account prior to accessing our website.

Further information and applicable Instagram information privacy provisions can be accessed at help.instagram.com/155833707900388 and www.instagram.com/about/legal/privacy/.

4.         Google+

RLE has integrated components of the Google+ button into this website. Google+ is known as a social network. A social network is an Internet-driven social meeting place, an on-line community that generally enables users to communicate with one another and to integrate in virtual space. A social network can serve as the platform for the exchange of opinions and experiences or it enables the Internet community to provide personal or business-related information. Amongst other functions, Google+ assists the users of the social network in creating private profiles, uploading photos and networking via friend requests.

Google+ is operated by Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

For each accession of an individual page of this website operated by the controller and featuring an integrated Google+ button, the Internet browser on the data subject’s information technology system is automatically permitted by the respective Google+ button to download from Google a depiction of the corresponding Google+ button. In the context of this technical process, Google learns which specific sub-page of our website are visited by the data subject. More detailed information on Google+ is accessible at developers.google.com/+/..

If the data subject is logged into Google+ at this time, each time the data subject accesses our website, and for the duration of the respective session at our website, Google detects which specific sub-page of our website is being visited by the data subject. This information is compiled by the Google+ button and associated with the respective data subject’s Google+ account.

If the data subject activates one of the Google+ buttons integrated into our website and leaves a Google +1 recommendation, Google+ associates this information with the data subject’s individual Google+ user account and stores this personal information. Google stores the data subject’s Google +1 recommendation and makes it publicly available in accordance with the specific conditions accepted by the data subject. A Google +1 recommendation left by the data subject at this website will subsequently be stored and processed together with other personal information such as the name of the Google +1 account used by the data subject and the photo filed there with other Google services such as the search machine results of the Google search machine, the data subject’s Google account or in other places such as websites or in connection with advertisements. Moreover, Google can link the visit to this website to other personal information stored at Google. Moreover, Google records this personal information for the purpose of improving or optimising the various Google services.

Via the Google+ components, Google+ always receives information that the data subject has visited our website; if the data subject is concurrently logged into Google+ at the time of the accession, this happens whether or not the data subject has clicked the Google+ component.

If the data subject does not want this information transferred to Google+ this transfer can be blocked by logging out of the Google+ account prior to accessing our website.

Further information and applicable Google+ information privacy provisions can be accessed at www.google.de/intl/de/policies/privacy/. Further information on Google and the Google+ button can be accessed at developers.google.com/+/web/buttons-policy.

5.         LinkedIn

RLE has integrated components from the LinkedIn Corporation into this website. LinkedIn is an Internet-based social network that facilitates the user’s connection to existing business contacts and links to new business contacts. Over 400 million registered persons in more than 200 countries use LinkedIn. This makes LinkedIn one of the largest platforms for business contacts and one of the world’s most frequently visited websites.

LinkedIn is operated by the LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA. LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland is responsible for information privacy matters outside the United States..

For each individual access of our website, which features a LinkedIn component (LinkedIn plug-in), this component allows a corresponding depiction of the component from the browser used by the data subject to be downloaded by LinkedIn. Additional information on LinkedIn plug-ins can be obtained at developer.linkedin.com/plugins. In the context of this technical process, LinkedIn learns which specific sub-page of our website are visited by the data subject.

If the data subject is logged into LinkedIn at this time, each time the data subject accesses our website, and for the duration of the respective session at our website, LinkedIn detects which specific sub-page of our website is being visited by the data subject. This information is compiled by the LinkedIn components and associated with the respective data subject’s LinkedIn account. If the data subject activates one of the LinkedIn buttons integrated into our website, LinkedIn associates this information with the data subject’s individual LinkedIn user account and stores this personal information.

Via the LinkedIn components, LinkedIn always receives information that the data subject has visited our website; if the data subject is concurrently logged into LinkedIn at the time of the accession, this happens whether or not the data subject has clicked the LinkedIn component. If the data subject does not want this information transferred to LinkedIn this transfer can be blocked by logging out of the LinkedIn  account prior to accessing our website.

LinkedIn provides the opportunity to administer email messages, text messages and targeted advertisements along with advertisement settings at www.linkedin.com/psettings/guest-controls. In addition, LinkedIn uses partners like Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua and Lotame, who can place cookies. Such cookes can be blocked at www.linkedin.com/legal/cookie-policy. LinkedIn’s relevant information privacy provisions are accessible at www.linkedin.com/legal/privacy-policy. LinkedIn’s cookie guidelines are accessible at www.linkedin.com/legal/cookie-policy.

6.         Pinterest

RLE has integrated components from Pinterest Inc. into this website. Pinterest is known as a social network. A social network is an Internet-driven social meeting place, an on-line community that generally enables users to communicate with one another and to integrate in virtual space. A social network can serve as the platform for the exchange of opinions and experiences or it enables the Internet community to provide personal or business-related information. For social network users, among other features, Pinterest facilitates the dissemination of image collections and individual images as well as descriptions on virtual pin walls (in a process known as pinning) that in turn can be shared (re-pinned) or discussed by other users.

Pinterest ’s operating company is Pinterest Inc., 808 Brannan Street, San Francisco, CA 94103, USA.

For each accession of an individual page of this website operated by the controller and featuring an integrated Pinterest component (Pinterest plug-in), the Internet browser on the data subject’s information technology system is automatically permitted by the respective Pinterest components to download from Pinterest a depiction of the corresponding Pinterest components. More detailed information on Pinterest is accessible at pinterest.com/.. In the context of this technical process, Pinterest learns which specific sub-page of our website are visited by the data subject.

If the data subject is logged into Pinterest at this time, each time the data subject accesses our website, and for the duration of the respective session at our website, Pinterest detects which specific sub-page of our website is being visited by the data subject. This information is compiled by the Pinterest components and associated with the respective data subject’s Pinterest account. If the data subject activates one of the Pinterest buttons integrated into our website, Pinterest associates this information with the data subject’s individual Pinterest user account and stores this personal information.

Via the Pinterest components, Pinterest always receives information that the data subject has visited our website; if the data subject is concurrently logged into Pinterest at the time of the accession, this happens whether or not the data subject has clicked the Pinterest component. If the data subject does not want this information transferred to Pinterest this transfer can be blocked by logging out of the Pinterest  account prior to accessing our website.

The data guidelines published by Pinterest, about.pinterest.com/privacy-policy, are informative regarding Pinterest ’s collection, processing and use of personal information.

7.         (2) Matomo (formerly PIWIK)

RLE has integrated Matomo components into this website. Matomo is an open-source software tool for web analysis. Web analysis is the collection, compilation and assessment of data on the behaviour of website visitors. Among other things, a web analysis tool captures information regarding websites from which a data subject is coming (so-called referrers), which sub-pages of the website are accessed or how often and for what length of time a sub-page is viewed. Web analysis is primarily used to improve a website and to provide a cost-benefit assessment of internet advertising.

The software is operated on the server of the controller responsible for the processing, and most sensitive log files from the legal perspective of information privacy are stored on this server.

The purpose of the Matomo components is to analyse the flow of visitors to our website. The controller uses the data and information obtained for, among other purposes, assessing the usage of this website to compile on-line reports that indicate our website’s activities.

Matomo places a cookie on the data subject’s information technology system. Cookies have already been described above. When cookies are placed, we are able to analyse the use of our website. For each accession of an individual page of this website, the Internet browser on the data subject’s information technology system is automatically permitted by the Matomo components to transmit data to our server for the purpose of on-line analysis. In the context of this technical process, we become aware of personal information such as the data subject’s IP address, which helps us comprehend the origins of visitors and clicks, among other purposes.

Cookies assist us in storing personal information at our website, including time of access, origin location of an accession and the frequency of visits to our website. With every visit to our website, this personal information, including the IP address of the Internet connection used by the data subject, are transferred to our server. We store this personal information. We do not disclose this personal information to third parties.

At any time, the data subject can block the placement of cookies by our website, as described above, by using the corresponding setting of the Internet browser; this will be considered a permanent objection to the placement of cookies. Such an Internet browser setting would also block Matomo from placing a cookie into the data subject’s technological information system. In addition, cookies already placed by Matomo can be deleted via an Internet browser or other software program.

Moreover, the data subject has the opportunity to lodge an objection to the collection of information created by Matomo related to a use of the website and to block this from occurring. To do this, the data subject must set the browser to “do not track”.

Inherent in the placement of opt-out cookies, however, is the possibility that the controller’s website will no longer be fully functional for the data subject.

Further information and applicable Matomo information privacy provisions can be accessed at matomo.org/privacy/.

8.         Shariff

RLE has integrated Shariff components into this website. The Shariff components make available privacy-compliant social media buttons. Shariff was developed for the German computer magazine c’t and is published by GitHub, Inc.

The developer of the components is GitHub, Inc. 88 Colin P. Kelly Junior Street, San Francisco, CA 94107, USA.

Usually the button solutions provided by the social networks transmit personal information to the respective social network as soon as a user visits a website in which a social media button has been integrated. In the use of Shariff components, personal information is only transmitted to social networks if the visitor has activated one of the social media buttons. Further information regarding Shariff components may be obtained from the computer magazine c’t at www.heise.de/newsticker/meldung/Datenschutz-und-Social-Media-Der-c-t-Shariff-ist-im-Einsatz-2470103.html. The use of Shariff components is for the purpose of protecting the personal information of visitors to our website whilst concurrently enabling us to integrate a button solution for social networks into this website.

Further information and applicable GitHub information privacy provisions can be accessed at help.github.com/articles/github-privacy-policy/.

9.         Twitter

RLE has integrated Twitter components into this website. Twitter is a multilingual publicly accessible micro-logging service through which the user can send and disseminate “tweets”: short messages limited to 280 characters. These short messages may be accessed by anyone, not just individuals registered at Twitter. However, the tweets are also displayed to the “followers” of the respective user. Followers are other Twitter users who follow the tweets of a specific user. Moreover, Twitter makes possible discourse with a wide-ranging public via hash-tags, links or re-tweets.

Twitter ’s operating company is Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.

For each accession of an individual page of this website operated by the controller and featuring an integrated Twitter component (Twitter button), the Internet browser on the data subject’s information technology system is automatically permitted by the respective Twitter components to download from Twitter a depiction of the corresponding Twitter components. Further information regarding Twitter buttons are accessible at about.twitter.com/de/resources/buttons. In the context of this technical process, Twitter learns which specific sub-page of our website are visited by the data subject. The purpose of integrating Twitter components is to enable our users to disseminate the contents of this website, make the website known to the digital world and increase our visitor count.

If the data subject is logged into Twitter at this time, each time the data subject accesses our website, and for the duration of the respective session at our website, Twitter detects which specific sub-page of our website is being visited by the data subject. This information is compiled by the Twitter components and associated with the respective data subject’s Twitter account. If the data subject activates one of the Twitter buttons integrated into our website, the data and information being transmitted are associated with this information with the data subject’s individual Twitter user account and stored and processed by Twitter .

Via the Twitter components, Twitter always receives information that the data subject has visited our website; if the data subject is concurrently logged into Twitter at the time of the accession, this happens whether or not the data subject has clicked the Twitter  component. If the data subject does not want this information transferred to Twitter this transfer can be blocked by logging out of the Twitter account prior to accessing our website.

LinkedIn’s relevant information privacy provisions are accessible at www.linkedin.com/legal/privacy-policy.

10.     XING

RLE has integrated Xing components into this website. Xing is an Internet-based social network that facilitates the user’s connection to existing business contacts and links to new business contacts. Individual users can create a personal profile of themselves. Companies can, for example, create a company profile or publish a job posting at Xing.

Xing is operated by XING SE, Dammtorstraße 30, 20354 Hamburg, Deutschland.

For each accession of an individual page of this website operated by the controller and featuring an integrated Xing component (Xing plug-in), the Internet browser on the data subject’s information technology system is automatically permitted by the respective Xing components to download from Xing a depiction of the corresponding Xing components. Additional information on Xing plug-ins can be obtained at dev.xing.com/plugins. In the context of this technical process, Xing learns which specific sub-page of our website are visited by the data subject.

If the data subject is logged into Xing at this time, each time the data subject accesses our web page, and for the duration of the respective session at our website, Xing detects which specific sub-page of our website is being visited by the data subject. This information is compiled by the Xing components and associated with the respective data subject’s Xing account. If the data subject activates one of the Xing buttons integrated into our website, such as the “share” button, Xing associates this information with the data subject’s individual Xing user account and stores this personal information.

Via the Xing components, Xing always receives information that the data subject has visited our website; if the data subject is concurrently logged into Xing at the time of the accession, this happens whether or not the data subject has clicked the Xing component. If the data subject does not want this information transferred to Xing this transfer can be blocked by logging out of the Xing account prior to accessing our website.

The data guidelines published by Xing at about.pinterest.com/privacy-policy, are informative regarding Xing’s collection, processing and use of personal information. In addition, Xing has published information privacy tips for the XING share button at www.xing.com/app/share.

11.     YouTube

RLE has integrated components of YouTube into this website. YouTube is an Internet video portal that enables video publishers to upload video clips at no cost and other users to view, evaluate and comment on these, similarly without charge. YouTube permits the publication of all types of videos, with the Internet portal providing access to complete films and television programs but also music videos, trailers or videos created by the users themselves.

YouTube’s operating company is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

Through its certification under the EU-US Privacy Shield, Google and its YouTube subsidiary guarantee that the EU information privacy provisions will be observed even when information is processed in the United States (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

We use YouTube in connection with the “Expanded Information Privacy Mode” to be able to display videos for you. The legal basis is DSGVO Art. 6 Par. 1 letter f). Our justified interest lies in improving the quality of our Internet presence. According to information from YouTube, the “Expanded Information Privacy Mode” has the effect of only transmitting subsequent or detailed data from YouTube to your server if you actually play a video.

Without this “Expanded Information Privacy”, a connection to the YouTube server in the United States is established as soon as you access one of our web pages on which a YouTube video is embedded.

This connection is required in order to be able to play the respective video on our website via your Internet browser. As a result, YouTube minimally collects and processes your IP address, the date and time and the website you visit. A link is also established to Google’s “DoubleClick” advertising network.

If you are concurrently logged into YouTube, it associates the connection with your YouTube account. If you wish to block this, you must either log out from YouTube prior to visiting our web presence or program the corresponding settings in your YouTube user account.

To promote functionality and analyse user behaviour, YouTube constantly places cookies at your terminal via your Internet browser. If you are not in agreement with this processing, you have the opportunity to block the placement of cookies via a setting in your Internet browser. Detailed information on this is found in the “cookies” section above.

For more information regarding the collection and use of information as well as your rights and privacy options in this regard, Google provides accessibility to information privacy advice at https://policies.google.com/privacy..

XIV. Hosting and subcontracting

In the operation of the www.rle.international and www.rle-career.international websites, RLE employs the services of the advertising agency “LAWRENZ – Die Qualitäter“, Grossdresbach 5, 51491 Overath (hereinafter LAWRENZ).

This company, in operating the sites, currently subcontracts the web hosting provider Host Europe GmbH, Hansestrasse 111, 51149 Cologne.

A web hosting provider makes available technical infrastructure that includes servers, databases, web space, FTP access and other elements essential to the operation of a website. This means that personal information as described above, collected directly by RLE, is stored in databases through infrastructure provided by Host Europe.

The Host Europe GmbH Information Privacy Declaration is accessible at https://www.hosteurope.de/AGB/Datenschutzerklaerung/

In addition, RLE has concluded a contract with LAWRENZ for processing services. This contract regulates the scope, nature and purpose of LAWRENZ’s processing.

XV.   Rights of the data subject

The following list covers all rights of the data subject under the DSGVO. Rights that have no relevance for the specific website are not required to be listed. To this extent, the list can be shortened.

If your personal information is processed, you are a data subject in the sense of the DSGVO and you enjoy the following rights vis-a-vis the controller:

1.       Right of information

You can demand a confirmation from the controller whether personal information concerning you are being processed by us.

If such processing is taking place, you can demand that the controller disclose the following information:

(1)           the purposes for which the personal information is being processed;

(2)           the categories of personal information that are being processed;

(3)           the recipients and/or the categories of recipients to which the respective personal information was disclosed or is still being disclosed;

(4)           the expected duration of storage of the personal information concerning you or, if specific information is not available on this point, criteria for determining the duration of storage;

(5)           the existence of a right to rectify or delete the personal information concerning you, to restrict the processing by the controller, or to object to this processing;

(6)           the right of appeal to a supervisory authority;

(7)           all available information regarding the source of the information if the personal information was not collected by the data subject;

(8)           the existence of automatic decision-making including profiling in accordance with DSGVO Art. 22 Pars. 1 and 4 and -- at least in these cases – compelling information on the logic and scope involved and the envisioned effects of such processing on the data subject.

You are entitled to demand a disclosure of whether the personal information concerning you will be transmitted to a third country or to an international organisation. In this context, you can demand to be informed regarding the appropriate guarantees under DSGVO Art. 46 in connection with the transmission.

2.         Right to rectification

You have the right to correction and/or completion vis-a-vis the controller regarding the processed personal information that concerns you, whether incorrect or incomplete. The controller must promptly carry out the rectification.

3.         Right to restrict processing

Under the following conditions, you can demand the restriction of the processing of personal information concerning you.

(1)           if you dispute the accuracy of the personal information concerning you for a length of time that allows the controller to review the accuracy of the personal information;

(2)           if the processing is unlawful and you decline the deletion of personal information and instead demand the restriction of the use of the personal information;

(3)           if the controller no longer needs the personal information for the purposes of processing but you need it to assert, exercise or defend against legal claims, or

(4)           if you have lodged an objection against the processing in accordance with DSGVO Art. 21 Par. 1 and it remains uncertain whether the controller’s justified reasons outweigh your own reasons.

If the processing of the personal information concerning you was restricted, this information -- apart from its storage -- may only be processed with your consent or to assert, exercise or defend against legal claims or to protect the rights of another natural person or legal entity or due to a significant public interest of the European Union or one of its Member States.

If the restriction of the processing was carried out in accordance with the above-mentioned requirements, you will be informed by the controller prior to the lifting of the restriction.

4.         Right to deletion

d)       Duty of deletion

You can demand that the controller promptly delete the personal information that concerns you, and the controller is obligated to delete this information promptly, provided one of the following reasons applies:

(1)           The personal information affecting you is no longer required for the purposes for which was collected or processed in any other way.

(2)           You revoke your consent on which the processing is based in accordance with DSGVO Art. 6 Par. 1 letter a or Art. 9 Par. 2 letter a and there is no other legal basis for the processing.

(3)           You lodge an objection in accordance with DSGVO Art. 21 Par. 1 against the processing and there are no overriding justified reasons for the processing, or you lodge an objection in accordance with DSGVO Art. 21 Par. 2 against the processing.

(4)           The personal information concerning you was unlawfully processed.

(5)           The deletion of the personal information concerning you is for the fulfilment of a legal obligation under the law of the European Union or the law of one of its Member States to which the controller is subject.

(6)           The personal information affecting you was collected in relation to services provided by the information company in accordance with DSGBO Art. 8 Par. 1.

e)       Information for third parties

If the controller has disclosed the personal information affecting you and the controller is obligated under DSGVO Art. 17 Par. 1 to delete it, he or she shall take reasonable steps, including of a technical nature and in consideration of available technology and the costs of implementation, to inform controllers responsible for information processing and the processing of the personal information concerning you that as a data subject you have demanded that they delete all links to this personal information or copies of this personal information.

f)         Exceptions

The right to deletion does not exist if the processing is required

(1)           to exercise the right of free expression and information;

(2)           to comply with a legal obligation that requires the processing in accordance with the law of the European Union or one of its Member States to which the controller is subject or to carry out a task that lies in the public interest or occurs in the exercise of official authority that was granted to the controller;

(3)           for reasons of public interest in the area of public health in accordance with DSGVO Art. 9 Par. 2 letters h and i and Art. 9 Par. 3;

(4)           for archival purposes or purposes of scientific or historical research or statistical purposes lying in the public interest in accordance with DSGVO Art. 89 Par. 1 to the extent that the right referred to in section a) is expected to rule out or significantly affect the realisation of the goals of this processing, or

(5)           to assert, exercise or defend against legal claims.

5.         Right to be informed

If you have asserted the right to rectification, deletion or restriction of the processing vis-a-vis the controller, he or she is obligated to communicate this rectification or deletion of the information or the restriction of the processing to all recipients to which the personal information concerning you was disclosed unless this proves to be impossible or involves unreasonable expense.

You have the right vis-a-vis the controller to be informed concerning these recipients.

6.         Right to data portability

You have the right to receive in a structured, common and machine-readable format the personal information concerning you that you have made available to the controller. You also have the right to transmit this information to another controller without obstruction by the controller to which the personal information was made available, to the extent that

(1)           the processing is based on consent in accordance with DSGVO Art. 6 Par. 1 letter a or Art. 9 Par. 2 or on a contract in accordance with DSGVO Art. 6 Par. 1 letter b and

(2)           the processing takes place by means of automatic procedures.

In exercise of this right, moreover, you have the right to have the personal information concerning you transferred directly from one controller to another controller to the extent that this is technically feasible. The freedoms and rights of other persons may not be affected by this action.

The right to data portability does not apply to the processing of personal information that is required to carry out a task that lies in the public interest or takes place in the exercise of official authority which has been granted to the controller.

7.         Right of objection

For reasons pertaining to your specific situation, you have the right at any time to lodge an objection to the processing of the personal information concerning you based on DSGVO Art. 6 Par. 1 letter e or f, which also applies to profiling based on these provisions. 

The controller will no longer process the personal information concerning you unless he or she can present compelling, protection-worthy reasons for the processing that outweigh your interests, rights and freedoms or the processing serves the purpose of asserting, exercising or defending against legal claims.

If the personal information concerning you is processed in the operation of direct advertising, you have the right at any time to lodge an objection against the processing of the personal information concerning you for the purpose of such advertising; this also applies to profiling to the extent that it is tied to such direct advertising.

If you object to the processing for purposes of direct advertising, the personal information concerning you will no longer be used for these purposes.

In connection with the use of information company services you have the opportunity -- notwithstanding Guideline 2002/58/EC -- to exercise your right of objection through automated procedures that use technical specifications.

8.         Right to revoke the information privacy legal declaration of consent

You have the right at any time to revoke your information privacy legal declaration of consent. Through the revocation of consent, the lawfulness of the consent to processing up to the point of revocation is not affected.

9.         Automated decision on a case-by-case basis including profiling

You have the right not to be subjected to a decision based exclusively on automated processing -- including profiling -- that has a legal effect on you or that significantly affects you in a similar manner. This does not apply if the decision

(1)           is required for the conclusion or fulfilment of a contract between you and the controller,

(2)           is allowable based on legislation of the European Union or one of its Member States to which the controller is subject and this legislation contains reasonable measures to safeguard your rights and freedoms as well as your justified interests or

(3)           takes place with your express consent.

At any rate, these decisions may not be based on particular categories of personal information in accordance with DSGVO Art. 9 Par. 1 unless DSGVO Art. 9 Par. 2 letter a or g applies and reasonable measures have been found to protect your rights and freedoms as well as your justified interests.

With respect to the cases referenced in (1) and (3), the controller shall take reasonable steps to safeguard your rights and freedoms as well as your justified interests, minimally including the controller’s right to obtain the intervention of a person, to explain his or her own point of view and to challenge the decision.

As a company conscious of its responsibility, we renounce automatic decision-making and profiling.

10.     Right to appeal to a supervisory authority

Notwithstanding further administrative or judicial remedies under the law, you have the right to appeal to a supervisory authority, especially in the Member State of your residence, workplace or the location of the presumed violation, if you are of the opinion that the processing of the personal information concerning you constitutes a breach of the DSGVO.

The supervisory authority to which the appeal is submitted shall inform the complainant regarding the status and outcome of the appeal including the possibility of a legal remedy in accordance with DSGVO Art. 78.

XVI. Miscellaneous

Parts of this Information Privacy Declaration were prepared by the Information Privacy Declaration Generator of the German Information Privacy Society (Deutsche Gesellschaft für Datenschutz - DGD), which acts as an external information privacy representative in Munich, in cooperation with the attorney for information privacy law, Christian Solmecke.

You may choose not to have a unique web analytics cookie identification number assigned to your computer to avoid the aggregation and analysis of data collected on this website.
To make that choice, please click below to receive an opt-out cookie.

Oops, an error occurred! Code: 20190618191405b6d21511