Data Privacy

Privacy policy for this website

Privacy policy for customers and suppliers of Riedel Communications Gmbh & Co. KG

     VII. Twitter

Functions of the Twitter service have been integrated into our website and app. These functions are offered by Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, IRELAND. By using Twitter and the "Re-Tweet" function, the websites you visit are linked to your Twitter account and made known to other users. In doing so, data will also be transferred to Twitter. We would like to point out that, as the provider of these pages, we have no knowledge of the content of the data transmitted or how it will be used by Twitter. For more information on Twitter's privacy policy, please go to

twitter.com/privacy

Your privacy preferences with Twitter can be modified in your account settings at https://twitter.com/account/settings.

     VIII. Facebook plugins (Like & Share Button)

Our website includes plugins for the social network Facebook, provider Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. The Facebook plugins can be recognised by the Facebook logo or the Like button on our site. For an overview of Facebook plugins, see

developers.facebook.com/docs/plugins/

When you visit our site, a direct connection between your browser and the Facebook server is established via the plugin. This enables Facebook to receive information that you have visited our site from your IP address. If you click on the Facebook "Like button" while you are logged into your Facebook account, you can link the content of our site to your Facebook profile. This allows Facebook to associate visits to our site with your user account. Please note that, as the operator of this site, we have no knowledge of the content of the data transmitted to Facebook or of how Facebook uses these data. For more information, please see Facebook's privacy policy at

de-de.facebook.com/policy.php

If you do not want Facebook to associate your visit to our site with your Facebook account, please log out of your Facebook account.

     IX. Google Tag Manager

We use the service called Google Tag Manager from Google. "Google" is a group of companies and consists of Google Ireland Ltd (provider of the service), Gordon House, Barrow Street, Dublin 4, Ireland and Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and other affiliates of Google LLC.

We have concluded a data processing agreement with Google. Google Tag Manager is an auxiliary service and only processes personal data itself for technically necessary purposes. Google Tag Manager takes care of loading other components, which in turn may collect data. Google Tag Manager does not access this data.

For more information on Google Tag Manager, please see Google's privacy policy.

www.google.de/intl/de/policies/privacy

Please note that American authorities, such as intelligence agencies, could potentially gain access to personal data that is inevitably exchanged with Google due to the Internet Protocol (TCP) when this service is integrated, due to American laws such as the Cloud Act.

The basis for data processing is Art. 6 (1) f) GDPR.

     X. Google reCaptcha

We use the reCAPTCHA function of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google") on this website. This function is primarily used to distinguish whether an entry is made by a natural person or is abused by machine and automated processing. The service involves sending the IP address and other data that may be required by Google for the reCAPTCHA service to Google. This service is carried out due to our legitimate interest in preventing abuse and spam. The legal basis is Article 6 (1) f) GDPR.

The use of Google reCAPTCHA may also result in the transmission of personal data to the servers of Google LLC in the USA.

Further information on Google reCAPTCHA and Google's privacy policy can be found at:

https://www.google.com/intl/de/policies/privacy/

Further information on Google reCAPTCHA and Google's privacy policy can be found at:

www.google.com/intl/de/policies/privacy/

     XI. GoogleAdWords and Conversion Tracking

This website uses Google AdWords. AdWords is an online advertising programme of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Tel: +353 1 543 1000, Fax: +353 1 686 5660, E-mail: support-deutschland(at)google.com . We use conversion tracking within the framework of Google AdWords. When you click on an ad placed by Google, a cookie is set for conversion tracking. Cookies are small text files that the internet browser stores on the user's computer. These cookies lose their validity after 30 days and are not used to personally identify users. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognise that the user has clicked on the ad and been redirected to this page. Each Google AdWords customer receives a different cookie. The cookies cannot be tracked via the websites of AdWords customers. The information collected using the conversion cookie is used to create conversion statistics for AdWords customers who have opted for conversion tracking. Customers learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information with which users can be personally identified. If you do not wish to participate in the tracking, you can object to this use by easily deactivating the Google conversion tracking cookie via your internet browser under user settings. They will then not be included in the conversion tracking statistics. The storage of "conversion cookies" is based on your consent in accordance with Art. 6 (1) a) GDPR. You can revoke this at any time below. You can find more information about Google AdWords and Google Conversion Tracking in Google's privacy policy:

https://www.google.de/policies/privacy/

You can configure your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be limited.

You can change your settings at any time via the cookie settings below.

     XII. Google Analytics Remarketing

Our websites use the functions of Google Analytics Remarketing in conjunction with the cross-device functions of Google AdWords and Google DoubleClick. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Tel: +353 1 543 1000, Fax: +353 1 686 5660, E-mail: support-deutschland(at)google.com . This function makes it possible to link the advertising target groups created with Google Analytics Remarketing with the cross-device functions of Google AdWords and Google DoubleClick. In this way, interest-based, personalised advertising messages that have been adapted to you on one end device (e.g. mobile phone) depending on your previous usage and surfing behaviour can also be displayed on another of your end devices (e.g. tablet or PC). If you have given your consent, Google will link your web and app browsing history to your Google Account for this purpose. In this way, the same personalised advertising messages can be displayed on every device on which you log in with your Google account. To support this function, Google Analytics collects Google-authenticated IDs of users, which are temporarily linked to our Google Analytics data to define and create target groups for cross-device ad advertising. You can permanently object to cross-device remarketing/targeting by deactivating personalised advertising in your Google account; follow this link:

https://www.google.com/settings/ads/onweb/

The aggregation of the collected data in your Google account is based exclusively on your consent, which you can give or revoke at Google (Art. 6 (1) a) GDPR). In the case of data collection processes that are not merged in your Google account (e.g. because you do not have a Google account or have objected to the merging), the data collection is based on Art. 6 (1) f) GDPR. The legitimate interest results from the fact that the website operator has an interest in the anonymised analysis of website visitors for advertising purposes. Further information and the data protection provisions can be found in Google's privacy policy at:

     XIII. Google Maps

This website uses the map service Google Maps via an API. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Tel: +353 1 543 1000, Fax: +353 1 686 5660, E-mail: support-deutschland(at)google.com.

In order to actively use the functions of Google Maps, it is necessary to store your IP address. This information is generally transmitted to a Google server in the USA, where it is then stored. The provider of this website has no influence on this data transmission.

The legal basis is your consent in accordance with Art. 6 (1) a) GDPR. You can revoke this consent at any time below.

More information on the handling of user data can be found in the Google privacy policy:

https://www.google.de/intl/de/policies/privacy/

     XIV. Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Ireland Ltd ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland, Tel: +353 1 543 1000, Fax: +353 1 686 5660, E-mail: support-deutschland(at)google.com. Google Analytics uses "cookies" – text files that are stored on your computer and enable analysis of your visit to the website. The information obtained by the cookie regarding your use of the website is generally transmitted to a Google server in the USA, where it is then stored. In the event that IP anonymisation is activated on this website, your IP address will first be shortened by Google within the member states of the European Union or in other contractual states of the agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. We would like to point out that Google Analytics has been expanded on this website with the code "anonymizeIp", in order to ensure the anonymised collection of the IP address.

Google uses this information on behalf of the operator of this website in order to analyse your use of the website, to compile reports on website activity and to provide other services relating to website use and Internet use to the website operator. The IP address transmitted by your browser in connection with Google Analytics is not combined with other data held by Google.

The basis for data processing is your consent in accordance with Art. 6 (1) a) GDPR. You can revoke your consent at any time with effect for the future by configuring the appropriate setting in our cookie consent tool below.

Google processes some of your personal data in the USA. There is currently no adequacy decision by the EU Commission for a data transfer. The appropriate level of data protection is therefore ensured through use of the EU standard contractual clauses.

The data sent by us and linked to cookies are automatically deleted after 14 days. The deletion of data whose retention period has been reached takes place automatically once a month.

You may prevent the storage of cookies by configuring your browser software settings accordingly; however, we would like to point out that, in this case, you may not be able to use the full functionality of this website.

https://www.google.com/policies/technologies/ads/

     XV. Microsoft Clarity

We use Microsoft Clarity to better understand the needs of our users and to optimise the offer on this website. With the help of Clarity's technology, we get a better understanding of our users' experiences (e.g. how much time they spend on which pages, which links they click on or what they like and dislike). This helps us to align our offer with the feedback of our users. Microsoft Clarity uses cookies and other technologies to collect information about the behaviour of our users and their end devices (in particular the IP address of the device, this is only collected and stored in anonymised form, screen size, device type, browser, location, language). Clarity stores this information in a pseudonymised user profile. This data is neither used by Microsoft Clarity nor by us to identify individual users nor is it combined with other data about individual users. You can find further information in the Microsoft Clarity privacy policy. If you would like to read more about Microsoft Clarity or how Microsoft might use your data, please visit: https://privacy.microsoft.com/en-us/privacystatement. The legal basis for processing this personal data using cookies is Art. 6 (1) (1) a) GDPR. You can revoke your consent with effect for the future at any time below.

     XVI. Salesforce 

We use Salesforce Sales Cloud to manage customer data. The provider is salesforce.com Germany GmbH, Erika-Mann-Str. 31, 80636 Munich (hereinafter "Salesforce"). 
Salesforce Sales Cloud is a CRM system and enables us, among other things, to manage existing and potential customers as well as customer contacts and to organise sales and communication processes. Use of the CRM system also enables us to analyse our customer-related processes. Customer data is stored on Salesforce's servers. Personal data may also be transferred to salesforce.com Germany GmbH's parent company, salesforce.com inc., Salesforce Tower, 415 Mission Street, San Francisco, CA 94105, USA. 
Details of the Salesforce Sales Cloud functions can be found here: https://www.salesforce.com/de/products/sales-cloud/overview/. 
Use of Salesforce Sales Cloud is based on Art. 6 (1) a) GDPR, the consent can be revoked at any time below. 
Salesforce has Binding Corporate Rules (BCR) that have been approved by the French data protection authority. These are binding internal company regulations that legitimise the internal transfer of data to third countries outside the EU and the EEA. Details can be found here: https://www.salesforce.com/de/blog/2020/07/die-binding-corporate-rules-von-salesforce-erfuellen-hoechste-da.html. 
For details, please refer to Salesforce's privacy policy: https://www.salesforce.com/de/company/privacy/  

     XVII. Cookiebot
Our website uses a cookie consent tool from the company Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (hereinafter: "Cookiebot").
We use this service to store your cookie preferences. This data processing is carried out pursuant to Art. 6 (1) f) GDPR on the basis of our legitimate interest in providing a cookie consent management service for website visitors. In this context, your browser may transmit personal data to Cookiebot.
The data is deleted as soon as the purpose of its collection has been fulfilled.
For more information on handling transmitted data, please refer to the Cookiebot privacy policy:
https://www.cookiebot.com/de/privacy-policy/
You can prevent the collection and processing of your data by Cookiebot by deactivating the execution of script code in your browser or by installing a script blocker in your browser. In this case, you will be asked again for your decision for cookies every time you call up a page or sub-page.
 

     XVIII. Cookies

Cookies are used in our website offer. Cookies are small text files that are saved by your browser and stored on your computer. The use of cookies allows the website offer to be designed in a more user-friendly manner. For instance, it is possible to recognise the user for the duration of the session, without the user being required to constantly re-enter their user name and password. Cookies do not cause any damage to your computer and are deleted after your session is ended. The basis for data processing is Art. 6 (1) f) GDPR.

Some of the cookies we use are deleted directly after you close your browser ("session cookies").

Other cookies remain on your terminal device and enable your browser to be recognised when you next visit the website ("persistent cookies").

Data processing in connection with cookies, which only serve to facilitate the functionality of our website offer, occurs on the basis of our legitimate interest pursuant to Art. 6 (1) f) GDPR.

In all other cases, we only use cookies with your consent. The legal basis is therefore Art. 6 (1) a) GDPR. You can revoke your consent at any time by changing your cookie settings below.

If you do not wish to use cookies, you can configure your browser to prevent the storage of cookies. However, please note that, in this case, you may not be able to use the full functionality of our websites.

XIX. Hubspot CRM

We use Hubspot CRM on this website. The provider is Hubspot Inc. 25 Street, Cambridge, MA 02141 USA (hereafter Hubspot CRM).

Hubspot CRM enables us, among other things, to manage existing and potential customers and customer contacts, to communicate with you and to plan and execute marketing activities in line with your interests. Hubspot CRM enables us to capture, sort and analyze customer interactions via email, social media, or phone across multiple channels. The personal data collected in this way can be evaluated and used for communication with the potential customer or marketing measures (e.g., newsletter mailings). Hubspot CRM also enables us to collect and analyze the user behavior of our contacts on our website.

The use of Hubspot CRM is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the most efficient customer management and customer communication. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.

For details, please refer to Hubspot’s privacy policy: https://legal.hubspot.com/de/privacy-policy.

Data transmission to the US is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.hubspot.de/data-privacy/privacy-shield.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000TN8pAAG&status=Active

     XX. Your rights

According to Articles 15–21 GDPR, you may exercise the following rights with respect to personal data we store provided the relevant requirements of the GDPR are met.

You can request information pursuant to Art. 15 GDPR about your personal data processed by us.

If inaccurate personal data is processed, you have a right to rectification in accordance with Art. 16 GDPR.

If the legal requirements are met, you can request the deletion or restriction of processing (Art. 17, 18 GDPR).

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent will not affect the legality of the processing carried out on the basis of the consent until revocation.

Right of objection according to Art. 21 GDPR

The data subject has the right at any time to submit an objection to the processing of their personal data, which takes place on the basis of Art. 6 (1) e) or f) GDPR, for reasons arising from their particular situation; this also apples to profiling based on one of these conditions.

     XXI. Statutory deadlines for the erasure of data

Insofar as no statutory retention obligation applies, the data will be deleted or destroyed once it is no longer required for fulfilling the purpose of data processing. Various deadlines apply to the retention of personal data. For instance, data of tax relevance is generally stored for ten years, while other data is typically retained for six years in accordance with provisions under the German Commercial Code (Handelsgesetzbuch). Furthermore, the storage period may also be determined by statutory limitation periods, which may generally amount to three years in the case of Articles 195 et seq. of the German Civil Code (Bürgerliches Gesetzbuch), for example, or in certain cases up to even thirty years.

     XXII. Right to lodge a complaint with a supervisory authority

In accordance with Art. 77 GDPR, each data subject has the right to lodge a complaint with a supervisory authority, if they believe that the processing of their personal data is in violation of the GDPR. The competent supervisory authority in data protection matters is, for example, the state data protection officer of the federal state in which our company has its registered office.

The State Commissioner for Data Protection and Freedom of Information
North Rhine-Westphalia
PO Box 20 04 44
40102 Düsseldorf, Germany

Tel.: +49 (0)211/38424-0
Fax: +49 (0)211/38424-999
E-mail: poststelle@ldi.nrw.de

______________________________________________________________________________________________________

Privacy policy for customers and suppliers

The following data protection information of Riedel Communications GmbH & Co. KG (hereinafter: "Riedel" or "we") is intended to inform you about the processing of your personal data in the context of our business relationships in accordance with Articles 13, 14 and 21 of the European General Data Protection Regulation ("GDPR").

I. Contact details of the responsible body

Riedel Communications GmbH & Co. KG

Uellendahler Straße 353                                                      

42109 Wuppertal

Tel.: +49 (0) 202 – 292 - 90

E-Mail: info@riedel.net

II. Contact details of the data protection officer  

Herr Dr. Arnt Glienke, LL.M 
CLARIUS.LEGAL Rechtsanwaltsaktiengesellschaft 
Rolandsbrücke 4 
20095 Hamburg
Mail: dataprotection@riedel.net

III. Content of data processing, purpose of processing and legal bases

We process your personal data in accordance with the provisions of the GDPR, the German Federal Data Protection Act ("BDSG") and other applicable data protection regulations. In detail:

1. Data processing for the fulfilment of a contract or pre-contractual measures (Art. 6 para. 1 sentence 1 lit. b GDPR)

We process the following personal data, which you provide to us, among other things, in the context of the preparations, the conclusion of the contract or the execution of the contract.

- Contact details (e.g. name, title, address, email address, telephone number/mobile phone number)

- Account data for the processing of payments

- Order or contract data

- (Product) information requested, if applicable

Data processing is carried out for the purpose of establishing, processing/executing and, if necessary, terminating our contracts with you and providing our services.

The legal basis for the processing of this data results from Art. 6 para. 1 sentence 1 lit. b GDPR.

We store your data for the duration of the contractual relationship. This also includes the initiation (pre-contractual legal relationship) and termination of the contract until all claims become time-barred.

2. Registration and organization of events

We use your personal data to plan and carry out events. This includes the registration for, organization and handling of the event.

If you have given us your consent to process personal data in this context, we process your personal data on the basis of Art. 6 para. 1 sentence 1 lit. a, Art. 7 GDPR. You can revoke your consent with effect for the future at any time and without justification in accordance with Art. 7 para. 3 GDPR.

Otherwise, the legal basis for the processing of this data is Art. 6 para. 1 sentence 1 lit. b GDPR.

3. Data processing in the context of surveys

We use your personal data to conduct (customer) surveys. This includes reading and evaluating completed forms / survey forms.

If you have given us your consent to process personal data in this context, we process your personal data on the basis of Art. 6 para. 1 sentence 1 lit. a, Art. 7 GDPR. You can revoke your consent with effect for the future at any time and without justification in accordance with Art. 7 para. 3 GDPR.

Otherwise, the legal basis for the processing of this data is Art. 6 para. 1 sentence 1 lit. b GDPR.

4. Processing for advertising purposes, newsletters (Art. 6 para. 1 sentence 1 lit. a, lit. f GDPR)

We process your name, email address and postal address for advertising purposes, for example to send you our newsletter or other advertising communications. The purpose of this is to permanently improve our customer relationship and make it more customer-friendly for you, to be able to address you in a personalised manner in future and to inform you about products that may be of interest to you. You can unsubscribe from promotional communications at any time by clicking on the link provided in the newsletter and unsubscribing or by contacting us at the above-mentioned contact address.

If you have given us your consent to process personal data in this context, we process your personal data on the basis of Art. 6 para. 1 sentence 1 lit. a, Art. 7 GDPR. You can revoke your consent with effect for the future at any time and without justification in accordance with Art. 7 para. 3 GDPR.

If you have provided us with your contact details in connection with the purchase of goods or services or if we send you personalised advertising, the data processing is carried out to protect our legitimate interests in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR in conjunction with. § Section 7 para. 3 UWG. Our legitimate interest is based on our economic interests in the implementation of advertising measures and target group-orientated advertising.

We store your data for the purpose of contacting you for advertising purposes until you revoke your declaration of consent or object to the use of your data.

​​​​​​​5. Other data processing based on a legitimate interest of us or third parties (Art. 6 para. 1 sentence 1 lit. f GDPR)

Beyond the actual fulfillment of the (pre-)contract, we may process your data if this is necessary to protect our legitimate interests or the legitimate interests of third parties, unless your interests or fundamental rights and freedoms conflict with this. We process this data on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR. Legitimate interests may include our economic interests, our legal interests, our interest in maintaining and ensuring compliance or IT security. Legitimate interests exist, for example, in the following cases

- Obtaining information to check creditworthiness;

- Measures for business management and further development of services and products

- Collection of receivables;

- Risk management within the company;

- Assertion of legal claims and defense in legal disputes;

- Measures for building and plant security (e.g. access controls, video surveillance) and to ensure domiciliary rights;

- Prevention and investigation of criminal offenses;

- Goodwill procedures;

- Planning and implementation of company sales or mergers.

- Event registration and accreditation (using Smartsheet)

​​​​​​​6. Processing for the fulfilment of legal requirements (Art. 6 para. 1 sentence 1 lit. c GDPR)

Like everyone involved in business, we are also subject to a large number of legal obligations. These are primarily legal requirements (such as, but not limited to, commercial and tax laws), but may also include regulatory or other official requirements. The purposes of processing may include the fulfilment of control and reporting obligations under tax law and the archiving of data for the purposes of data protection and data security as well as audits by tax and other authorities. In addition, the disclosure of personal data may become necessary in the context of official/judicial measures for the purposes of gathering evidence, criminal prosecution or the enforcement of civil law claims.

Where relevant, your personal data will be processed to fulfil our legal obligations on the basis of Art. 6 para. 1 sentence 1 lit. c GDPR and, if applicable, relevant special statutory provisions.

​​​​​​​​​​​​​​IV. Data recipients

Initially, only our employees receive knowledge of your personal data. Your data will only be passed on to third parties if this is necessary for the performance of our business relationship, if it is permitted or prescribed by law or if you have given your consent. We also share your data to the extent necessary with the service providers we use in order to provide our services. We limit the transfer of data to what is necessary to provide our services to you. Our service providers receive your data as contract processors and are then strictly bound by our instructions when handling your data.

Below we list the categories of recipients of your data:

- Affiliated companies within the group of companies (in accordance with the Riedel Group Data Transfer Agreement), insofar as they act as processors for us and provide IT services, for example, insofar as this is necessary for the provision of our services or insofar as this is necessary to answer your enquiry,

- Processors for the purpose of acquisition and contract management;

- official authorised dealers, insofar as this is necessary for the provision of our services or to respond to your enquiry,

- Payment service providers and banks to collect outstanding payments from accounts or to pay out refunds;

- Agencies, printers and lettershops that support us in the realisation of advertising measures;

- IT service providers who store data, assist with the administration and maintenance of systems, and file archivists and shredders;

- Logistics service providers to deliver documents etc;

Credit agencies when retrieving a credit report;

- Debt collection agencies and legal advisors in the assertion of our claims or defence against claims;

- Acquirers in the context of company sales or mergers;

- Auditors and similar bodies in the context of audits, etc;

- public bodies and institutions, insofar as we are legally obliged to do so.

​​​​​​​V. Third country transfer

Data is only transferred to countries outside the EU or the EEA (so-called third countries) if this is necessary in the context of processing our contractual relationships with you or is required by law (e.g. reporting obligations under tax law), if you have given us your consent or in the context of order processing.

If service providers are used in a third country, they are obliged to comply with the level of data protection in Europe in addition to written instructions by agreeing the EU standard contractual clauses. Alternatively, we transfer the data on the basis of the Binding Corporate Rules or an adequacy decision of the European Commission. Otherwise, we do not transfer your personal data to countries outside the EU or the EEA or to international organisations. You can obtain further information from our data protection officer.

​​​​​​​VI. Duration of data storage

We initially store your personal data for the duration of our business relationship and subsequent warranty and limitation periods. This also includes the initiation of a contract (pre-contractual legal relationship) and the fulfilment of a contract. If you have given your consent, we will store your personal data until you withdraw your consent or - if we use your data for advertising purposes - until you object.

Furthermore, special statutory provisions may require a longer retention period, in particular from the German Commercial Code (HGB) and the German Fiscal Code (AO). The retention and documentation periods specified there are up to ten years after the end of the business relationship or the pre-contractual legal relationship.

If the data is no longer required for the fulfilment of contractual or statutory obligations and rights and statutory retention obligations have expired, the data will be irrevocably deleted.

​​​​​​​VII. Your rights

You are entitled to the following rights as a data subject under the legal requirements, which you can assert against us:

• Right of access: You are entitled to request confirmation from us at any time under Art. 15 GDPR as to whether we are processing personal data concerning you; if this is the case, you are also entitled under Art. 15 GDPR to receive information about this personal data and certain other information (including processing purposes, categories of personal data, categories of recipients, planned storage period, your rights, the origin of the data, the use of automated decision-making and, in the case of third-country transfers, the appropriate guarantees) and a copy of your data.
• Right to rectification: In accordance with Art. 16 GDPR, you are entitled to request that we rectify the personal data stored about you if it is inaccurate or incorrect.
• Right to erasure: You are entitled, under the conditions of Art. 17 GDPR, to demand that we erase personal data concerning you without undue delay. The right to erasure does not exist, among other things, if the processing of personal data is necessary for (i) the exercise of the right to freedom of expression and information, (ii) to fulfil a legal obligation to which we are subject (e.g. statutory retention obligations) or (iii) for the assertion, exercise or defence of legal claims.
• Right to restriction of processing: You are entitled, under the conditions of Art. 18 GDPR, to demand that we restrict the processing of your personal data.
• Right to data portability: You are entitled, under the conditions of Art. 20 GDPR, to request that we provide you with the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format.
• Right to object: If we process the data on the basis of a legitimate interest, you are entitled under the conditions of Art. 21 GDPR to object to the processing of your personal data, so that we must stop processing your personal data. The right to object exists only within the limits provided for in Art. 21 GDPR. In addition, our interests may conflict with the termination of processing, so that we are authorised to process your personal data despite your objection.
• Revocation of consent: In accordance with Art. 7 para. 3 GDPR, you have the right to revoke your consent given to us at any time with effect for the future. In this case, we may inform the recipient of the data accordingly and refrain from processing the data for the purposes covered by the consent in the future. We store information about your cancellation for documentation purposes.

Please contact our data protection officer in all of the above matters using the contact details given above.

Right to lodge a complaint with the supervisory authority:

In addition to the rights listed above, you have the right to lodge a complaint with the supervisory authority in accordance with Art. 77 GDPR if you believe that your personal data is being processed unlawfully. The address of the supervisory authority responsible for our company is

State Commissioner for Data Protection and Freedom of Information NRW,

Kavalleriestraße 2-4 , 40213 Düsseldorf

Email: poststelle@ldi.nrw.de

Central telephone number: +49 (0)211/38424 - 0

However, we recommend that you always address a complaint to our data protection officer first.

​​​​​​​VIII. Obligation to provide data

 In principle, you are not legally obliged to provide us with your data. However, you must provide the data that is required for the establishment and execution of a business relationship or for a pre-contractual relationship with us or that we are legally obliged to collect. Without this data, we will generally not be able to conclude or fulfil the contract. This may also relate to data required later in the course of the business relationship. If we request additional data from you, you will be informed separately about the voluntary nature of the information.

​​​​​​​IX. Automated decision-making / profiling

We do not use any purely automated decision-making processes in accordance with Art. 22 GDPR (profiling). Due to legal requirements, we are obliged to combat money laundering and fraud. Data analyses (for payment transactions, among other things) are also carried out. These measures also serve to protect you. Should we use further procedures in individual cases in the future, we will inform you of this separately.

​​​​​​​X. Consent / cancellation rights