1. Overview of data protection
The following information provides a simple overview of what we do with your personal data when you visit this website. Personal data is all data that can be used to personally identify you. Please see our Data Privacy Declaration, provided below this text, for more complete information on data protection.
Data collection on this website
WHO IS RESPONSIBLE FOR DATA COLLECTION ON THIS WEBSITE?
DATA PROCESSING ON THIS WEBSITE IS HANDLED BY THE WEBSITE OPERATOR. PLEASE SEE THE LEGAL NOTICE OF THIS WEBSITE FOR CONTACT INFORMATION.
HOW DO WE COLLECT YOUR DATA?
First of all, we collect your data when you provide it to us. This includes data you enter into a contact form, for instance.
Other data is collected by our IT systems when you visit the website, either automatically or based on your consent. This primarily includes technical data (such as your web browser, operating system or the time at which a page was accessed). This data is collected automatically once you enter the website.
WHAT DO WE USE YOUR DATA FOR?
We collect some of your data to ensure we can provide our website free from errors. Other data may be used to analyze your user behavior.
WHAT RIGHTS DO YOU HAVE IN RELATION TO YOUR DATA?
You have the right to receive information on the origins, recipients, and purpose of your stored personal data at any time and free of charge. Furthermore, you have the right to request the rectification, blockage, or deletion of your data. If you have provided your consent to data processing, you can revoke this consent at any time with future effect. In addition, you have the right to request that processing of your personal data be restricted in certain circumstances. You also have the right to submit a complaint to the responsible supervisory authority.
Please contact us at any time using the address provided in the Legal Notice if you have any questions on this or on other matters related to data protection.
2. Hosting und Content Delivery Networks (CDN)
This website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster’s servers. This may include, for instance, IP addresses, contact inquiries, metadata and communication data, contract data, contact information, names, website access information and other data generated via a website.
The hoster’s services are used for the purpose of fulfilling contracts with our potential and existing customers (Art. 6 para. 1 lit. b GDPR), and in the interest of providing our website in a secure, fast and efficient manner through a professional provider (Art. 6 para. 1 lit. f GDPR).
Our hoster will only process your data insofar as this is necessary to fulfill its service obligations, and will follow our instructions in relation to this data.
CONCLUSION OF A CONTRACT PROCESSING AGREEMENT
To ensure that data is processed in accordance with the law, we have concluded a contract processing agreement with our hoster.
3. General notices and mandatory information
The operator of this website takes the protection of your personal data very seriously. We treat your personal data as confidential, and handle it in accordance with statutory data protection regulations and this Data Privacy Declaration.
We collect a variety of personal data when you use this website. Personal data is data that can be used to personally identify you. This Data Privacy Declaration explains what data we collect, and the purposes for which we use it. It also explains how and for what purpose we do so.
We would like to note that data transmission online (for instance through e-mail communication) may involve gaps in security. It is not possible to provide seamless protection for data against third party access.
RLT Ruhrmann Tieben & Partner mbB
Am Burgacker 37
Am Wehrhahn 36
Phone: +49 201 245 150
Fax: +49 201 245 1550
The data controller is the natural person or legal entity that makes decisions regarding the purposes and means by which personal data are processed (such as names, e-mail addresses, etc.) either alone or jointly with others.
Legally stipulated Data Protection Officer
The company has appointed a Data Protection Officer, who can be contacted via the e-mail address email@example.com. Please submit your phone inquiry to the Data Protection Officer via the telephone number for the controller. Inquiries can be sent to the Data Protection Officer using the address of the controller, with the notice “Data protection personal/confidential”.
Revoking Your Consent to Data Processing
Many data processing procedures can only be carried out with your consent. You can revoke consent you have granted in the past at any time. To do so, simply send a notification to us via e-mail. There are no formal requirements for this notification. The legality of data processing carried out up to the time the revocation was submitted shall remain unaffected by it.
Right to object to data collection in certain cases, and to object to direct advertisement (Art. 21 GDPR)
IF DATA PROCESSING IS CARRIED OUT BASED ON ART. 6 PARA. 1 LIT. E OR F GDPR, THEN YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS RELATED TO YOUR SPECIFIC SITUATION; THIS ALSO APPLIES TO ANY PROFILING BASED ON THESE PROVISIONS. PLEASE SEE THIS DATA PRIVACY DECLARATION FOR THE LEGAL BASES OF PROCESSING. IF YOU SUBMIT AN OBJECTION, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE CAN SHOW MANDATORY AND PROTECTED GROUNDS FOR OUR PROCESSING THAT OUTWEIGH YOUR INTERESTS, RIGHTS, AND FREEDOMS, OR IF PROCESSING SERVES TO ASSERT, EXERCISE, OR DEFEND AGAINST LEGAL CLAIMS (OBJECTION IN ACCORDANCE WITH ART. 21 PARA. 1 GDPR).
IF WE PROCESS YOUR PERSONAL DATA FOR THE PURPOSE OF DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT AGAINST PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSE OF SUCH ADVERTISEMENTS; THIS ALSO APPLIES TO PROFILING, IF IT IS CONNECTED TO SUCH DIRECT ADVERTISING. IF YOU OBJECT, THEN YOUR PERSONAL DATA WILL NO LONGER BE USED FOR THE PURPOSE OF DIRECT ADVERTISING (OBJECTION IN ACCORDANCE WITH ART. 21 PARA. 2 GDPR).
Right to submit complaints to the responsible supervisory authority
If there is a violation of the GDPR, then the data subject is entitled to submit complaints to a supervisory authority, in particular in the member state in which the data subject normally lives, works, or where the alleged violation was committed. The right to submit a complaint exists regardless of any other legal remedies under administrative or other law.
Right to data portability
You have the right to have data we process in an automated manner based on your consent, or to fulfill a contract, delivered to you or to a third party in a commonly used, machine-readable format. If you request data be transmitted directly to another controller, we will only do so if this is technically feasible.
SSL or TLS encryption
For security reasons, and to protect the transmission of confidential content such as orders or inquiries you send to us as the page operator, this page uses SSL or TLS encryption. You can recognize an encrypted connection because the address line in your browser will switch from “http://” to “https://” and you will see a lock symbol in your browser line.
If SSL or TLS encryption is activated, data you transmit to us cannot be accessed by third parties.
Information, deletion and rectification
Under applicable law, you have the right to receive information on your saved personal data at any time, as well as the origin of that data, data recipients, and the purpose of data processing. You also have the right to have this data rectified or deleted. Please contact us at any time using the address provided in the Legal Notice if you have any questions on this or on other matters related to personal data.
Right to restrict processing
You have the right to request that processing of your personal data be restricted. Please contact us at any time using the address provided in the Legal Notice to do so. You have the right to restrict processing in the following cases:
If you dispute the correctness of the personal data we have stored on you, we will generally need time to review this allegation. You have the right to request that processing of your personal data be restricted while we carry out our review.
If your personal data was or is being processed illegally, you can request that data processing be restricted instead of that data being deleted.
If we no longer require your personal data, but you need the data to exercise, defend against or assert legal claims, you have the right to request a restriction in the processing of your personal data instead of that your data be deleted.
If you have submitted an objection in accordance with Art. 21 para. 1 GDPR, then your interests must be balanced against our own. As long as it is unknown which Party’s interests outweigh the others, you have the right to request that processing of your personal data be restricted.
If you have restricted the processing of your personal data, these data may only be processed – apart from storing the data – with your consent or to assert, exercise, or defend against legal claims, or to protect the rights of another legal entity or natural person, or in order to safeguard a significant public interest of the European Union or one of its member states.
Objection to advertising e-mails
We hereby reject the use of contact data published under our legal notification obligations for mailings of advertisements or informational materials which we have not specifically requested. The operator of this website hereby expressly reserves the right to take legal action if they receive unwanted advertisement mailings, for instance as spam e-mails.
4. Data collection on this website
Google Cloud CDN
We utilize the Content Delivery Network Google Cloud CDN on our website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. Google offers a globally distributed Content Delivery Network, which routes the transfer of information between your browser and our website through Google’s network. This enables us to enhance the worldwide accessibility and performance of our website. The use of Google Cloud CDN is based on our legitimate interest in providing our web services as error-free and secure as possible (Art. 6(1)(f) of the GDPR). The transfer of data to the USA is based on the European Commission’s Standard Contractual Clauses. Details can be found here: https://cloud.google.com/terms/eu-model-contract-clause.. For further information about Google Cloud CDN, please visit: https://cloud.google.com/cdn/docs/overview?hl=de.
Data Processing Agreement
We have entered into a Data Processing Agreement (DPA) with the aforementioned provider. This is a legally required contract ensuring that the provider processes the personal data of our website visitors only according to our instructions and in compliance with the GDPR.
If you send us an inquiry using the contact form, we save your information from the inquiry form, including the contact data you provide there, in order to process your inquiry and in case of any follow-up questions. We do not transmit this data to other parties without your consent.
This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your inquiry is associated with the fulfillment of a contract, or if it is necessary to carry out pre-contractual measures. In all other cases, the processing is based on our legitimate interest in effectively processing the inquiries sent to us (Art. 6 para. 1 lit. f GDPR), or on your consent (Art. 6 para. 1 lit. a GDPR and § 25(1) of the TTDSG, to the extent that the consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) within the meaning of the TTDSG, if such consent has been obtained. The consent can be revoked at any time..
We will retain the data you have entered into the contact form until you request that we delete it, until you revoke your consent to data storage, or until the purpose for which data is stored no longer applies (for instance after we have finished processing your inquiry). Mandatory legal provisions – in particular retention periods – shall remain unaffected.
Inquiries via e-mail, phone, or fax
If you contact us via e-mail, phone, or fax, your inquiry and all resulting personal data (name, inquiry) will be stored and processed for the purpose of handling your inquiry to us. We do not transmit this data to other parties without your consent.
This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your inquiry is associated with the fulfillment of a contract, or if it is necessary to carry out pre-contractual measures. In all other cases, the processing is based on our legitimate interest in effectively processing the inquiries sent to us (Art. 6 para. 1 lit. f GDPR), or on your consent (Art. 6 para. 1 lit. a GDPR) and § 25(1) of the TTDSG, to the extent that the consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) within the meaning of the TTDSG, if such consent has been obtained. The consent can be revoked at any time.
We will retain the data you have sent to us via the contact form until you request that we delete it, until you revoke your consent to data storage, or until the purpose for which data is stored no longer applies (for instance after we have finished processing your inquiry). Mandatory legal provisions – in particular statutory retention periods – shall remain unaffected.
5. Social networks
We maintain publicly accessible profiles on social networks. Please see the following section for the individual social networks we use. Social networks such as Xing, LinkedIn, etc. can generally conduct a comprehensive analysis of your user behavior if you visit their websites or a website with integrated social media content (such as Like buttons or advertising banners). When you visit our social media pages, a large number of processing procedures relevant under data protection law are initiated.
If you are logged into your social media account and visit one of our social media pages, the operator of the social media portal can link this visit with your user account. In some cases, your personal data may be recorded even if you are not logged in, or if you do not have an account on that social media portal. In this case, the data is recorded for instance using cookies that are stored on your device, or by collecting your IP address.
The data recorded in this manner can be used by the operators of social media portals to create user profiles where your preferences and interests are stored. This allows interest-based advertisements to be displayed to you both on and outside of social media sites. If you have an account on a specific social network, the interest-based advertisement can be displayed on all devices on which you are or have been logged in.
Our social media pages are intended to ensure our online presence. This is part of our legitimate interest according to Art. 6 para. 1 lit. f GDPR. The analytic processes initiated by the social networks may be based on other legal bases, to be indicated by the operators of the social networks (such as consent in the sense of Art. 6 para. 1 lit. a GDPR) and § 25(1) of the TTDSG, to the extent that the consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) within the meaning of the TTDSG, if such consent has been obtained. The consent can be revoked at any time.
Controller and assertion of rights
When you visit one of our social media pages (such as on Xing), we are jointly responsible, along with the operator of the social media platform, for the data processing procedures triggered during this visit. Generally, you can assert your rights (information, rectification, deletion, restriction of processing, data portability and complaints) against either us or the operator of the specific social media portal (for instance against Xing).
Please note that, despite our joint responsibility with the social media portal operators, we are not able to fully influence the data processing procedures carried out by these social media portals. The options available to us are based primarily on the company policies of the individual provider.
Data collected directly by us via our social media pages are deleted by our systems once the purpose for which it was stored no longer applies, if you request that we delete the data, or if you revoke your consent to store the data. Saved cookies remain stored on your device until you delete them. Mandatory legal provisions – in particular retention periods – shall remain unaffected.
We have no influence over the length of time for which your data is stored by the operators of social media networks for their own purposes. Please request further information from the operators of the social networks directly (for instance in their Data Privacy Declarations, see below).
Individual social networks
We have a profile on XING. The provider is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. Please see the XING Data Privacy Declaration for further information on how the company handles personal data: https://privacy.xing.com/de/datenschutzerklaerung.
We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn is certified under the EN-US Privacy Shield. LinkedIn uses advertising cookies.
If you would like to deactivate LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out. Please see the LinkedIn Data Privacy Declaration for further information on how the company handles personal data: https://www.linkedin.com/legal/privacy-policy.
We have a profile on Facebook. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook, the collected data is also transferred to the USA and other third countries.
You can exercise your rights as a data subject regarding Facebook Ireland by referring to Facebook Ireland’s Data Policy at [insert URL for Facebook Ireland Data Policy]. You can adjust your advertising settings independently in your user account. To do so, click on the following link and log in: https://www.facebook.com/settings?tab=ads.