DATA PROTECTION POLICY OF RNT RAUSCH GmbH

We want to provide you below with an overview of the processing of your personal data and your rights under data protection laws. Which data is in fact processed and how it is used mainly depends on the agreements with regard to our deliveries and services.

DATA PROTECTION ADVICE

Who is responsible for the data processing and who can I contact?

The responsible party is:

RNT RAUSCH GmbH
Represented by the managing director
Im Stöck 4a
76275 Ettlingen
Tel: +49 7243 5929-0
Email: contact@rnt.de

Our data protection officer:

The contact information for our external data protection officer is as follows:

Kompetenzteam Thomas
Timothey Thomas
Schulstr. 3
67365 Schwegenheim
Email: datenschutz@rnt.de

Which sources and data do we use?

We process personal data that we receive as part of our business relationship from our clients. If required to provide our services and deliveries, we also process personal data that we obtain with permission from publicly accessible sources (e.g. internet) or from other third parties (e.g. a credit reference agency). Relevant personal data is personal information (name, address and other contact data).

Why do we process your data (purpose of processing) and on which legal basis?

We process personal data in agreement with the provisions of the European General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG):

a) To fulfil contractual obligations (Art. 6 Para. 1 b GDPR)

Data is processed to acquire client orders, handle orders issued for the delivery of the products and services that we sell

b) Within the scope of balancing interests (Art. 6 Para. 1 f GDPR)

If required we process your data beyond the actual fulfilment of the contract to maintain our justified interests or those of third parties. Example: Checking and optimising processes for needs analysis to contact clients directly.

c) On the basis of your consent (Art. 6 Para. 1 a GDPR)

If you have issued consent to process personal data for particular purposes, the legality of this processing is based on your consent. Consent that has been issued can be revoked at any time. This also applies to revoking declarations of consent that were issued before the application of GDPR, i.e. before 25 May 2018. Revoking the consent does not affect the legality of the data processed before the revocation.

Who gets my data?

Within the company the departments who access your data are those that require this to fulfil our contractual and statutory obligations. Service providers and vicarious agents used by us may also receive data for these purposes if these companies have signed a confidentiality agreement and contract on order data processing.

Transfer also occurs if it is required to clarify the illegal use of our services or legal investigation, in particular the implementation of contractual agreements made with you. If there are specific reasons for illegal or abusive behaviour, personal data is also forwarded to the criminal investigation authorities and if necessary to the lawyers representing us. This data is transferred in these cases on the basis of our justified interest in implementing our contractual claims, combating abuse and investigating crimes if on balancing interests we believe that your rights and interests in protecting your personal data do not have priority (Art. 6 Para. 1 lit. f GDPR). We are also obliged by law to issue information on request to public authorities (e.g. criminal investigation authorities and financial authorities). In these cases this data is transferred to fulfil statutory obligations to which we are subject (Art. 6 Para. 1 lit. c GDPR).

In addition, logistics service providers and subcontractors that we use to execute the order receive personal data that they require to fulfil the contract if you are contracting partner or to implement pre-contractual measures that occur at your request (Art. 6 Para. 1 lit. B GDPR).

Is data transferred to a third country or international organisation?

Data is transferred to states outside the European Union (so-called third party states) under Art. 44 GDPR if

  • it is required to implement your orders
  • it is required by law

The company does not transfer personal data to third party states or international organisations beyond this.

For how long is my data stored?

We process and store your personal data for as long as is required to fulfil our contractual and statutory obligations. It should be noted that our business relationship is a long-term relationship that lasts for years. If the data is no longer required to fulfil contractual or statutory obligations, it is deleted regularly according to the statutory deletion regulations.

Which data protection rights do I have?

Your rights

Each person has the right to information (Art .15 GDPR), the right to correction (Art. 16 GDPR), the right to deletion (Art. 17 GDPR), the right to restrict processing (Art. 18 GDPR), the right to objection (Art. 21 GDPR) and the right to transfer the data (Art. 20 GDPR). The restrictions under Section 34 and 35 BDSG apply to the information and deletion right. In addition, there is a complaint right to a responsible data protection supervision authority (Art. 77 GDPR in conjunction with Section 19 BDSG). You can revoke consent issued to the processing of personal data at any time. This also applies to revoking declarations of consent that were issued before the application of the General Data Protection Regulation, i.e. before 25 May 2018. Please note that the revocation only affects the future. Processing that takes place before the revocation is not affected by this.

Right to information

You have the right at any time to receive information on the processing of your personal data. For this you can make a request by post or email to the address stated above.

Right to correct incorrect data

If the personal data that we have recorded is incorrect you have the right to request the correction of this data. For this you can make a request by post or email to the address stated above.

Right to deletion

Under the requirements described in Art. 17 GDPR, you have the right to request the deletion of your personal data. This applies in particular if the purposes for which the data was collected or processed are no longer necessary or the data was incorrectly collected or processed. For this you can make a request by post or email to the address stated above.

Right to restriction on processing

You have the right to request a restriction on the processing of your personal data. This right exists in particular if the correctness of the personal data is disputed or if instead of deletion, you request restricted processing (e.g. because you require the data to assert, exercise or defend legal claims). For this you can make a request by post or email to the address stated above.

Right of objection

You have the right for reasons that arise from your special situation to object to the processing of your personal data. In this case we will stop processing your personal data if we have no binding reasons that require protection for the processing. These reasons must outweigh your interests, rights and freedoms or originate in the assertion, exercise or defence of legal claims.

Right to data transfer

You can request the issue of your personal data in a valid, machine-readable format. For this you can make a request by post or email to the address stated above.

Complaint right

You have the right to complain to the responsible supervisory authority. The supervisory authority responsible for us is:

State officer for data protection and freedom of information in Baden-Württemberg
Königstrasse 10 a
70173 Stuttgart
poststelle@lfdi.bwl.de

Cookies

We use so-called cookies to make our website more user-friendly, effective and safer. Cookies are small text files that are stored on your hard drive and saved by your browser. These cookies may remain stored on your computer in part also beyond the usage term of our offer, for example to enable the page to be assembled more quickly when you next visit.

Specifically we use the following cookies:

We need session cookies to enable internal functions. They are deleted automatically when your visit ends.
We do not use permanent cookies and cookies that are not deleted automatically at the end of your visit (with the exception of the cookies described below to display the cookie notification).
When visiting our website you will be informed that we use cookies. If you confirm this notification with “OK” we store this information in a cookie so that the notification is no longer shown in the future
You can set your browser so that you are informed about when cookies are used and only permit their use in particular situations, refuse cookies for particular cases or generally exclude them as well as activate the automatic deletion of cookies when closing the browser. Deactivating cookies may restrict the functionality of this website.

None of our cookies can identify you as a person. We use the cookies on the basis of our justified interest in the needs-led design whereby we have come to the conclusion in the balance of interests that your rights and interests in protecting your personal data do not outweigh this (Art. 6 Para. 1 lit. f GDPR).

Contact forms/callback service

If you send us enquiries using the contact form, your information from the contact form including the contact data stated there is used to process the enquiry and is stored and processed by us in the event of subsequent questions. Your data is only used for the specific purpose of answering and processing your question. We process the data for the purposes of making contact pursuant to Art. 6 Para. 1 S. 1 lit. a GDPR based on your voluntary consent. You can object to this at any time (revocation right).

Each affected person has the right to information under Art.15 GDPR, the right to correction under Art. 16 GDPR, the right to deletion under Art. 17 GDPR, the right to restrict processing under Art. 18 GDPR, the right to object under Art. 21 GDPR and the right to

transfer the data Art. 20 GDPR. The restrictions under Section 34 and 35 BDSG apply to the information and deletion right. In addition, there is a complaint right to a responsible data protection supervision authority (Art. 77 GDPR in conjunction with Section 19 BDSG).

Do I have to provide my data?

As part of our business relationship you have to provide the personal data that is required to start and implement a business relationship and fulfil the associated contractual obligations or that we must collect for legal reasons.

To which extent does automated decision-making take place?

We do not use any fully automated decision-making to establish and implement the business relationship as defined in Art. 22 GDPR. If we use this process in individual cases, you are informed about this separately if this is required by law.

Does profiling take place?

We do not process data automatically with the aim of assessing particular personal aspects.

How is personal data processed on our website?

This website does not use any analysis tools.

Use of Facebook

For the information service offered here the Facebook page “https://www.facebook.com/rnt.rausch/” accesses the technical platform and services of Facebook Ireland Ltd., 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland. We inform you that you use this Facebook page and its functions under your own responsibility. This applies in particular to the use of the interactive functions (e.g. commenting, sharing, liking and grading). When visiting our Facebook page, Facebook records such information as your IP address and other information that is available on your PC in the form of cookies. This information is used to provide us as the operator of the Facebook pages with statistical information on the use of the Facebook page. You can find more information from Facebook under the following link: https://www.facebook.com/help/pages/insights
The data collected about you in this regard is processed by Facebook Ltd. and may be transferred to countries outside the European Union. Facebook describes in general form the information it receives and how it is used in its data usage guidelines. You can also find information on options for contacting Facebook and for stopping adverts there. The data usage guidelines are available on the following link: https://www.facebook.com/about/privacy You can find the full Facebook data guidelines here: https://de-de.facebook.com/full_data_use_policy
How Facebook uses the data from the visit to its pages for its own purposes, the scope in which activities on the Facebook page can be assigned to individual users, for how long Facebook saves this data and whether data from a visit to the Facebook page is passed on to third parties, is not stated finally and clearly by Facebook and is not known to us. When accessing a Facebook page the IP address assigned to your device is transferred to Facebook. According to Facebook, this IP address is anonymised (for “German” IP addresses) and deleted after 90 days. Facebook also saves information on the devices of its users (e.g. as part of the “login notification” function); it may be possible for Facebook to assign IP addresses to individual users. If you are currently logged into Facebook as a user, your device has a cookie on it with a Facebook code. This enables Facebook to track that you have visited this page and how you used it. This also applies to all other Facebook pages. Facebook buttons integrated into websites enable Facebook to record your visit to these websites and assign them to your Facebook profile. Using the data content or advertising can be customised to you. If you want to avoid this, you should log out of Facebook or deactivate the “stay logged in” function, delete the cookies on your device, close your browser and restart it. This is how to delete the Facebook information that can directly identify you. You can then use our Facebook page without your Facebook code becoming known. If you access interactive functions on the page (like, comment, share, message etc.) a Facebook login mask is shown. If you log in, you can again be recognised by Facebook as a particular user. You can find information on how to manage or delete the available information on the following Facebook support page: https://de-de.facebook.com/about/privacy#
We as the provider of the information service do not collect or process any other data from your use of our service. This data protection policy is found in the applicable version under the “Data guidelines” option in the “Info” tab on our Facebook page.

Information on your objection right under Article 21 General Data Protection Regulation (GDPR)

  1. Specific objection right

You have the right for reasons arising from your specific situation to object at any time to the processing of your personal data that takes place on the basis of Article 6 Paragraph 1 Letter e GDPR (data processing in the public interest) and Article 6 Paragraph 1 Letter f GDPR (data processing based on balancing interests); this also applies to any future profiling based on this provision as defined by Article 4 No. 4 GDPR. If you object, we will no longer process your personal

data unless we can prove binding reasons requiring protection for the processing that outweigh your interests, rights and freedoms, or processing the data serves to assert, exercise or defend legal claims.

  1. Objection right to the processing of data for the purposes of direct advertising

In individual cases we process your personal data according to your consent in order to present direct advertising. You have the right to object to the processing of your personal data for such advertising purposes at any time; this also applies to profiling if it is in connection with direct advertising.

If you object to the processing for the purposes of direct advertising, your personal data is no longer processed for these purposes. The objection can be provided without any specific form and should if possible be directed to:

RNT RAUSCH GmbH
Im Stöck 4a
76275 Ettlingen

Tel.: +49 (0)7243 5929-0
Email: datenschutz@rnt.de