I. NAME AND ADDRESS OF THE RESPONSIBLE BODY
The person responsible within the meaning of the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and other provisions of a data protection nature is: Rössle AG
Pater-Hartmann Strasse 23
Phone: +49 (0) 8342 / 70 59 5 -0
The responsible body is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses or similar).
II. DATA PRIVACY OFFICER
A legally required data protection officer for our companies is not mandatory.
III. GENERAL NOTES AND MANDATORY INFORMATION
We are pleased that you visit our website www.roessle.ag
and thank you for your interest in our company. Dealing with our customers and interested parties is a matter of trust. We attach great importance to the trust you place in us and thus to the importance and obligation to handle your data with care and to protect it from misuse.
To ensure that you feel safe and comfortable when visiting our website, we take the protection of your personal data and its confidential treatment very seriously. Therefore, we act in accordance with the applicable legislation on the protection of personal data and data security.
With these notes on data protection in this data protection declaration, we would therefore like to inform you about when we store which data and how we use it, naturally in compliance with the applicable German legislation. Our data protection takes into account the European Data Protection Regulation (DSGVO) and is specifically based on the current Federal Data Protection Act (BDSG neu).
IV. INFORMATION ON THE COLLECTION OF PERSONAL DATA
(1) In the following, we inform you about the collection of personal data when using our website. Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses, user behaviour.
(2) When you contact us by e-mail or via a contact form, the data you provide (your e-mail address, name and telephone number, if applicable) will be stored by us in order to answer your questions.
(3) We delete the data accruing in this context after the storage is no longer necessary or restrict the processing if there are statutory retention obligations. You can find more detailed explanations in section VIII of this data protection declaration.
(4) If we use commissioned service providers for individual functions of our offer or would like to use your data for advertising purposes, we will inform you in detail about the respective processes below. In doing so, we also state the specified criteria for the storage period.
V. YOUR RIGHTS ( DATA SUBJECT RIGHTS )
(1) You have the following rights in relation to personal data relating to you:
- Right pursuant to Art. 7 para. 3 DSGVO. You have the right to withdraw your consent at any time. This has the consequence that we may no longer continue the data processing based on this consent for the future. The legality of the data processing carried out until the revocation remains unaffected by your revocation.
- Right to request information pursuant to Art. 15 DSGVO about your personal data processed by us. In doing so, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been and will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information about its details;
- Right to rectification pursuant to Art. 16 DSGVO. Accordingly, you can immediately request the correction of incorrect or the completion of your personal data stored by us;
- Right to deletion pursuant to Art. 17 DSGVO. In accordance with Art. 17 DSGVO, you have the right to request the deletion of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims;
- Right to restriction of processing pursuant to Art. Art. 18 DSGVO. Thereafter, you may request the restriction of the processing of your personal data insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defence of legal claims or you have objected to the processing pursuant to Art. 21 DSGVO;
- Right to object to processing pursuant to Art. Art. 21 DSGVO;
- Right to transfer data in accordance with. Art. 20 DSGVO. You have the right to receive the personal data you have provided to us in a structured, commonly used and machine-readable format or to request that it be transferred to another controller.
(2) In accordance with Art. 77 DSGVO you also have the right to complain to a data protection supervisory authority about the processing of your personal data by us. The competent supervisory authority is the State Data Protection Commissioner of the federal state in which our company is based. The details of the Bavarian State Data Protection Commissioner can be found here: https://www.datenschutz-bayern.de/
(3) The assertion of all rights mentioned in V. point (1) and (2) is basically free of charge for you.
However, in the case of manifestly unfounded or – especially in the case of frequent repetition – excessive requests, we may, in accordance with Art. 12 para. 5 DSGVO, either charge an appropriate fee taking into account the administrative costs of informing or notifying or implementing the requested measure, or refuse to act on the request.
VI. COLLECTION AND STORAGE OF PERSONAL DATA WHEN VISITING OUR WEBSITE AND THE NATURE AND PURPOSE OF ITS USE
(1) In principle, you can visit our website without telling us who you are. Our web servers automatically store information of a general nature. When you access our website, the browser used on your terminal device automatically sends information to our website server. This information is temporarily stored in a so-called log file.
In the case of mere informational use of the website, i.e. if you do not register or otherwise transmit information to us, we only collect the personal data that your browser transmits to our server. The following information is collected without your intervention and stored until automated deletion:
– IP address of the requesting computer
– Date and time of the request
– Name and URL of the retrieved file
– Website from which the request comes (referrer URL)
– Browser used
– Operating system Name of your access provider, if applicable
– Language and version of the browser software.
The above data will be processed by us for the following purposes
– Ensuring a smooth connection of the website
– Ensuring a comfortable use of our website
– Evaluation of system security and stability, and
– for other administrative purposes.
The legal basis for data processing is Art. 6 para. 1 S. 1 lit. f DS-GVO). Our legitimate interest according to Art. 6 para. 1 S. 1 lit. f DS-GVO is based on the data collection purposes listed above. In no case do we use the collected data for the purpose of drawing conclusions about your person.
(2) Our website and web pages sometimes use so-called cookies. Cookies do not cause any damage to your computer and do not contain viruses. You will find more detailed explanations in the following under point VII. of this data protection declaration.
Information is stored in the cookie that arises in each case in connection with the specific end device used. However, this does not mean that we gain direct knowledge of your identity.
In addition, we also use temporary cookies to optimise user-friendliness, which are stored on your end device for a certain fixed period of time. If you visit our site again to use our services, it is automatically recognised that you have already been with us and which entries and settings you have made so that you do not have to enter them again.
The data processed by cookies are necessary for the above-mentioned purposes to protect our legitimate interests as well as those of third parties in accordance with Art. 6 Para. 1 S. 1 lit. f) DSGVO.
Of course, you can also view our website without cookies. Internet browsers are regularly set to accept cookies. Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. However, the complete deactivation of cookies may mean that you cannot use all the functions of our website.
VIII. STORAGE PERIOD AND DATA DELETION
We adhere to the principles of data avoidance and data economy. In particular, your personal data will be deleted as soon as they are no longer necessary for the purposes for which they were collected or otherwise processed. Thereafter, the data shall be erased unless storage is necessary for compliance with a legal obligation to which the processing is subject under Union or Member State law to which the controller is subject. Such a legal obligation is represented by the statutory retention obligations, which amount to e.g. 10 years (for accounting data and payroll accounting) or 6 years (for commercial correspondence). The data is blocked for the duration of the retention obligations, after which it is deleted.
IX. CONTACT AND COMMUNICATION
For questions of any kind, we offer you the possibility to contact us via a form provided on the website. Data processing for the purpose of contacting us is carried out in accordance with Art. 6 para. 1 Satz 1 lit. a DSGVO on the basis of your voluntarily given consent.
On our website, for the purpose of correspondence with us, you can also enter the personal data provided in the input fields provided there.
This data is only processed for this correspondence with you and for the purpose for which you have given us the data in each case as part of this communication, such as to process your enquiries or to contact you at your request. In this case, the processing of the personal data is carried out with your consent and is then permitted pursuant to the German Data Protection Act. Art. 6 para. 1 lit. a DSGVO. We do not pass on this data without your consent. We delete your data in this respect when the purpose for which you provided us with your data has been fulfilled or completed and we are not entitled or obliged to continue storing it for legal reasons. You can revoke your consent at any time. To do so, simply send us an informal message by e-mail at email@example.com
. The lawfulness of the data processing operations pursued until the revocation remains unaffected by the revocation.
X. OTHER PROCESSING ON THE BASIS OF A LEGITIMATE INTEREST
Insofar as necessary, we process your data beyond the actual fulfilment of a contract concluded with you or a consent given by you in order to protect the legitimate interests of us or third parties, insofar as a weighing of individual cases does not show that your legitimate fundamental rights and freedoms, which require the protection of personal data, prevail (cf. Art. 6 para. 1 lit. f DSGVO). This may include:
- Advertising, insofar as you have not objected to the use of your data;
- Assertion of legal claims and defence in legal disputes;
- Ensuring IT security and IT operations;
- Prevention and investigation of criminal offences;
- Measures for business management and further development of services and products.
(1) Insofar as you have given us consent to process personal data for specific, further purposes (e.g. receipt of the newsletter), this data processing is based on this consent. We provide details of the contents of the consent when the consent is requested.
(2) Consents are always voluntary. If the processing of personal data is based on your consent, you have the right to revoke this consent at any time. The legal basis for data processing based on consent is Art. 6 para. 1 letter a DSGVO.
(3) Any further processing of your personal data will only take place if you have given us your consent to do so and we are thus entitled to process your personal data in accordance with Art. 6 para. 1 lit. a DSGVO. In some areas of our Internet presence, you have the option of giving such express consent. In each case, we will inform you of the purpose for which the data will be processed in the event of your consent and how long we will store this personal data.
XII. OBJECTION OR REVOCATION AGAINST THE PROCESSING OF YOUR DATA
(1) If you have given your consent to the processing of your data, you can revoke this consent at any time. Such a revocation will affect the permissibility of the processing of your personal data after you have expressed it to us.
(2) Insofar as we base the processing of your personal data on the balance of interests, you may object to the processing. This is the case if the processing is not necessary, in particular, for the performance of a contract with you, which is shown by us in each case in the following description of the functions. When exercising such an objection, we will ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will examine the merits of the case and either discontinue or adapt the data processing or show you our compelling legitimate grounds on the basis of which we will continue the processing.
(3) Of course, you can object to the processing of your personal data for the purposes of advertising and data analysis at any time.
(4) If you wish to make use of your right of revocation or objection, it is sufficient to send an e-mail to the e-mail address firstname.lastname@example.org
XIII. WEB ANALYTICS
Use of Google Analytics / IP anonymisation / browser plugin/ demographic characteristics with Google Analytics/ commissioned data processing with Google
- This website uses Google Analytics, a web analytics service provided by Google, Inc. („Google“). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, in the event that IP anonymisation is activated on this website, your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. IP anonymisation is active on this website. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator.
- The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
- In addition or as an alternative to the browser add-on, you can prevent tracking by Google Analytics on our pages by clicking on this link. This will install an opt-out cookie on your device. This will prevent the collection of Google Analytics for this website and for this browser in the future, as long as the cookie remains installed in your browser (Objection to data collection).
- We use Google Analytics to analyse and regularly improve the use of our website. The statistics obtained enable us to improve our offer and make it more interesting for you as a user. For the exceptional cases in which personal data is transferred to the USA, Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. The legal basis for the use of Google Analytics is Art. 6 para. 1 S. 1 lit. f DSGVO.
- This website uses the demographic features function of Google Analytics. This allows reports to be created that contain statements about the age, gender and interests of the site visitors. This data comes from Google’s interest-based advertising and third-party visitor data. This data cannot be assigned to a specific person. You can deactivate this function at any time through the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as described in section XIII. (4) above (objection to data collection).
- We have concluded an order data processing contract with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
- Information of the third party provider: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. User conditions: http://www.google.com/analytics/terms/de.html, overview of data protection: http://www.google.com/intl/de/analytics/learn/privacy.html, as well as the data protection declaration: http://www.google.de/intl/de/policies/privacy.
XIV. SOCIAL MEDIA PLUG-INS
We use social media plug-ins from Facebook, Instagram and Pinterest on our website on the basis of Art. 6 (1) sentence 1 lit. f DSGVO in order to publicise our company. The underlying promotional purpose is to be regarded as a legitimate interest within the meaning of the DSGVO. The responsibility for data protection-compliant operation is to be ensured by the respective provider. The integration of this plug-in by us takes place by means of the so-called two-click method in order to protect visitors to our website as best as possible. Our buttons in this regard function as external links, so that no information is transmitted to one of these providers without clicking on one of the buttons. If you do not want the aforementioned social networks to collect data about the use of our websites, please do not click on the aforementioned buttons. You can recognise the providers of the plugins by the mark on the box above its initial letter or logo.
When the user clicks on one of the buttons, he is redirected to the website of the respective provider. The URL of the current page is passed as a parameter. We have no influence on whether or how the providers use this date for evaluation.
In the case of Facebook, according to the respective providers in Germany, the IP address is anonymised immediately after collection. By activating the plug-in, your personal data is transmitted to the respective plug-in provider and stored there (in the case of US providers, in the USA). Since the plug-in provider collects data in particular via cookies, we recommend that you delete all cookies via your browser’s security settings before clicking on the greyed-out box.
We have no influence on the data collected and data processing operations, nor are we aware of the full extent of the data collection, the purposes of the processing, the storage periods. We also have no information on the deletion of the collected data by the plug-in provider.
The plug-in provider stores the data collected about you as a usage profile and uses it for the purposes of advertising, market research and/or designing its website to meet your needs. Such an evaluation is carried out in particular (also for users who are not logged in) for the display of needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact the respective plug-in provider to exercise this right. Via the plug-ins, we offer you the opportunity to interact with the social networks and other users so that we can improve our offer and make it more interesting for you as a user. The legal basis for the use of the plug-ins is Art. 6 para. 1 S. 1 lit. f DS-GVO.
The data transfer takes place regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in to the plug-in provider, the data we collect is directly assigned to your account with the plug-in provider. If you click the activated button and link to the page, for example, the plug-in provider also saves this information in your user account and shares it publicly with your contacts. We recommend that you log out regularly after using a social network, but especially before activating the button, as this will help you to avoid an assignment to your profile with the plug-in provider. (1) Facebook
If you are logged in to Facebook, Facebook can assign your visit to our website directly to your Facebook account. If you interact with the plugins, e.g. confirm the “LIKE” or “SHARE” button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information is also published on Facebook and shown to their Facebook friends.
Facebook may use this information for the purposes of advertising, market research and designing the Facebook pages in line with requirements. For this purpose, Facebook creates usage, interest and relationship profiles, e.g. to evaluate your use of our website with regard to the advertisements displayed to you on Facebook, to inform other Facebook users about your activities on our website and to provide other services associated with the use of Facebook.
If you do not want Facebook to assign the data collected via our website to your Facebook account, you must log out of Facebook before visiting our website. For the purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as your rights in this respect and setting options for protecting your privacy, please see the
Data protection information at (https://www.facebook.com/about/privacy/
) from Facebook. (2) Instagram
. (3) Pinterest
On our website, we use social plugins of the social network Pinterest, which is operated by Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA (“Pinterest”). When you call up a page that contains such a plugin, your browser establishes a direct connection to the Pinterest servers. The plugin transmits log data to the Pinterest server in the USA. This log data may contain your IP address, the address of the websites visited that also contain Pinterest functions, the type and settings of the browser, the date and time of the request, your use of Pinterest and cookies. Translated with www.DeepL.com/Translator (free version)
Further information on the purpose, scope and further processing and use of the data by Pinterest, as well as your rights in this regard and options for protecting your privacy, can be found in the Pinterest data protection information: https://about.pinterest.com/de/privacy-policy
XV. PLUGINS AND TOOLS (1) Embedded Youtube Videos
Our website uses plugins from the YouTube site operated by Google. Provider of the corresponding plugins for displaying these videos is:
901 Cherry Ave.
When you visit the website with YouTube plugin, a connection to YouTube’s servers is established. This tells YouTube which website you are visiting. If you are logged into your YouTube account (Google account), YouTube can assign your surfing behaviour to you personally. You can prevent this by logging out of your YouTube account (Google account) beforehand.
YouTube is used in the interest of an appealing presentation of our offers. Dies stellt ein berechtigtes Interesse im Sinne von Art. 6 Abs. 1 lit. f DSGVO.
This site uses so-called web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.
For this purpose, the browser you use must connect to Google’s servers. This enables Google to know that our website has been accessed via your IP address. Google Web Fonts are used in the interest of a uniform and appealing presentation of our online offers. Dies stellt ein berechtigtes Interesse im Sinne von Art. 6 Abs. 1 lit. f DSGVO.
If your browser does not support web fonts, a standard font is used by your computer.
Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq
. (3) Google Maps
This site uses the map service Google Maps via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To use the functions of Google Maps, it is necessary to save your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission.
Google Maps is used in the interest of an attractive presentation of our online offers and to make it easy to find the places we indicate on the website. Dies stellt ein berechtigtes Interesse im Sinne von Art. 6 Abs. 1 lit. f DSGVO.
XVI. DATA SECURITY – SSL ENCRYPTION
We use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments. Our servers are secured by firewalls and virus protection.
We also use SSL or TLS encryption (SSL = Secure Sockets Layer; TLS = Transport Layer Security; SSL is the previous name of TLS) within your website visit. You can tell whether an individual page of our website is transmitted in encrypted form by the fact that the address line of the browser changes from “http://” to “https://”, and also by the lock symbol in your browser line. If SSL or TLS encryption is activated, data that you transmit to us cannot be read by third parties.
XVII. WHEN REGISTERING FOR OUR NEWSLETTER
(1) If you have expressly consented in accordance with Art. 6 para. 1 p. 1lit.a DSGVO, you can subscribe to our newsletter, with which we inform you about our current interesting offers. The advertised goods and services are named in the declaration of consent.
(2) We use the so-called double-opt-in procedure to register for our newsletter. This means that after your registration, we will send you an e-mail to the e-mail address you provided, in which we ask you to confirm that you wish to receive the newsletter. If you do not confirm your registration within 24 hours, your information will be blocked and automatically deleted after one month. In addition, we store your IP addresses and the times of registration and confirmation. The purpose of the procedure is to be able to prove your registration and, if necessary, to clarify a possible misuse of your personal data.
(3) The only mandatory information for sending the newsletter is your e-mail address. The provision of further, separately marked data is voluntary and will be used to address you personally. After your confirmation, we store your e-mail address for the purpose of sending you the newsletter. The legal basis is Art. 6 para. 1 S. 1 lit. a DS-GVO.
(4) You can revoke your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can declare your revocation by sending an e-mail to email@example.com
or by sending a message to the contact details given in the imprint. You can also unsubscribe from the newsletter at any time via the “unsubscribe” link.
(5) Your data will only be forwarded to third parties if this is permitted by law or if you have consented to the forwarding. This is the case, for example, if the forwarding of the data serves the fulfilment of contractual obligations towards the user and the postal address is handed over to a forwarding company after a shop order. Or if the data is requested by competent bodies such as law enforcement agencies.
Your personal data will in no way be sold or forwarded to third parties for advertising purposes or for the purpose of creating user profiles.
XVIII. YOUTH PROTECTION
Children and adolescents with limited legal capacity may not transmit any personal data to our websites without the consent of their parents or guardians. Rössle AG will never knowingly collect personal data from children or young people with restricted legal capacity or use it in any way or disclose it to third parties without authorisation.
XIX. LINKS TO OTHER WEBSITES
XX. UPDATE OF THIS PRIVACY NOTICE
From time to time, it may be necessary to update this data protection information, for example due to new legal or official requirements or new offers on our website. We will then inform you here. In general, we recommend that you check this privacy notice regularly to see if there have been any changes. You can tell whether changes have been made, among other things, by the fact that the status indicated at the very bottom of this document has been updated.
XXI. PRINT AND SAVE THIS PRIVACY NOTICE
You can print out and save this data protection notice immediately, for example using the print or save function in your browser.
As of: May 2023