Privacy Policy

The protection of your personal data (hereinafter also referred to as “data“) and the protection of your privacy is important to us. We are committed to handling your data responsibly. Personal data is any information that identifies or makes identifiable you as a natural person, such as your surname, first name, address and e-mail address.

Consequently, we consider it a matter of course to comply with the applicable data protection regulations when processing your data, such as the EU General Data Protection Regulation (GDPR) or the Swiss Federal Act on Data Protection (FADP) and the Ordinance on the Federal Data Protection Act (OFADP) (hereinafter “applicable data protection law”). Terminology according to GDPR is used below. In the scope of the FADP, the terms are to be understood according to FADP.

In this Privacy Policy, we inform you about the collection of data on our websites.

We reserve the right to revise the Privacy Policy at any time. The most current version at the time of use always applies.

Table of Contents

Table of Contents

  1. Scope
  2. Contact point
  3. Scope and purpose of the processing of personal data

3.1 Visiting our website

3.2 Contacting

3.3 Online shop

3.4 Online applications

3.5 Use of customer data for marketing measures

  1. Cookies

4.1 Google Analytics and Marketing Services by Google

4.1.1 Google Analytics

4.1.2 Google Tag Manager

4.1.3 reCAPTCHA

4.1.4 Google Marketing Platform

4.1.5 Google AdSense

4.2 Taboola Pixel

4.3 Facebook Pixel and Facebook Conversion API

4.4 CRM system from Help Scout

4.5 AddToAny

  1. Social plug-ins
  2. Vimeo
  3. Google Maps
  4. Disclosure to third parties
  5. Data transmission abroad
  6. Data retention period
  7. Data security
  8. Your rights

1. Scope

This Privacy Policy applies to the following RONAL websites:

  • https://www.ronalgroup.com
  • https://www.ronal-wheels.com
  • https://shop-ch.ronal-wheels.com
  • https://shop-cz.ronal-wheels.com
  • https://shop-de.ronal-com
  • https://shop-es.ronal-wheels.com
  • https://shop-fr.ronal-wheels.com
  • https://shop-pl.ronal-wheels.com
  • https://susreport.ronalgroup.com
  • https://media.ronalgroup.com
  • https://www.speedline-truck.com

2. Contact point

Data controller within the meaning of applicable data protection law is:

RONAL AG
Lerchenbühl 3
CH-4624 Härkingen
Switzerland

We will be happy to answer any further questions you may have regarding data protection and the processing of your personal data, as well as to provide you with any other information you may request.

You can reach us at dataprivacy@ronalgroup.com or also via the contact details given in our website’s legal notice (imprint).

3. Scope and purpose of the processing of personal data

3.1 Visiting our website

When you visit our website, our servers will automatically store the following data temporarily in a log file, the so-called server log file:

  • IP address of the requesting computer
  • Entry page (website from which you arrived at our website)
  • Browser settings
  • Language and version of the browser software
  • Date and time of access/retrieval
  • Name and URL of the retrieved data
  • Your computer’s operating system and the browser you are using
  • Country from which our website is accessed
  • Name of your internet access provider
  • Time zone difference from Greenwich Mean Time (GMT)
  • Content of the request (concrete page)
  • Access Status/HTTP Status Code
  • Data volume transferred in each case
  • Last visited website
  • Activated browser plugins

The purpose of processing this data is to enable the use of our websites (connection establishment), to permanently guarantee system security and stability and to optimise our offers; it is also used for internal statistical purposes. A personal user profile is not created.

The legal basis for the processing of your personal data is our legitimate interest in processing this data.

3.2 Contacting

On our websites, you have the option of contacting us via a contact form and/or by e-mail. To use the contact form and to process your enquiry, it is mandatory to enter your name, first name, country, as well as your e-mail address and your message. The entry of further data such as company, telephone number, gender and customer number is voluntary. For journalistic contact, the language and publication are mandatory.

We process this information on the legal basis of our legitimate interest in corresponding with you or for the purpose of processing and handling your enquiry.

You can object to this data processing at any time. If you object, we will no longer process your personal data for this purpose. Send your objection to the contact point mentioned in section 2.

3.3 Online shop

To place orders in our online shop, you must register once and set a user name and a personal password. On future visits to our website, you can log in with your user name and password and do not have to re-enter your address and payment information each time you place an order. Your password is stored in encrypted form and cannot be viewed by us.

When registering, you must enter the following personal data: Surname, first name, telephone number and e-mail address. The company, street/house number, postcode, town and country must also be specified. All other details are voluntary.

In order for us to store this registration data (as your personal customer account), your consent is required. At the corresponding point on the registration page, we first inform you comprehensively about the purpose and scope of the data processing. You can then give your declaration of consent by activating a checkbox. Your declaration of consent will be recorded and stored by us for the purpose of proof.

The legal basis of data processing to place orders lies in the fulfilment of a (pre-)contract. A further legal basis lies in our legitimate interests in the simplified processing of orders.

We use the personal data collected during registration and ordering exclusively for the proper processing of your order.

You can view and change the information in your customer account, such as your chosen payment method and delivery address, at any time. When you update information, we keep a copy of your original details on file so that we can address any questions arising between you and us.

We will delete all data that we are not required to retain by law (e.g. in accounting) as soon as the order is completed.

You have the option of deleting your customer account at any time as soon as no more orders are open.

3.4 Online applications

When you apply for a job with us, we process the personal data that we receive from you as part of the application process. In addition to your personal details, education, work experience and skills, this includes the usual correspondence data such as postal address, e-mail address and telephone number. Apart from that, we process all documents submitted by you in connection with the application, such as letters of motivation, CV, references, certificates, diplomas and other documents provided by you. Furthermore, you can voluntarily provide us with additional information.

This data will be stored, evaluated, processed or forwarded in the context of your application. Furthermore, we may process your personal data for statistical purposes (e.g. reporting). In this case, however, no conclusions concerning individual persons can be drawn.

When applying on the website www.ronalgroup.com, we use a service provider for the processing of the application, which guarantees a secure and confidential processing of the personal data.

To do so, you must create a user account and enter your e-mail address and a password. If you have not logged into your user account for more than 6 months, we will irrevocably delete it and all the data it contains. However, we reserve the right to use your reduced master data in the user account (surname, first name, date of birth, address, relevant position and time of application) for a total of 2 years for evaluation purposes of internal, anonymised statistics.

Data from online applications remain in the system beyond the application for 6 months for any queries. After that, your content data (but not your user account) is automatically anonymised.

Your applicant data is stored separately from other user data and is not merged with it.

The processing of your applicant data takes place on the legal basis of our (pre-)contractual obligations within the scope of the application procedure. Another legal basis for processing your personal data is our legitimate interest in processing your application.

You can object to this data processing at any time and withdraw your application. Send your objection to the contact point mentioned in section 2.

If we conclude an employment contract with you, the transmitted data will be processed for the purpose of handling the employment relationship in compliance with the statutory provisions.

If you have given us permission to store your details for further application procedures and to contact you again if necessary, this data will be deleted after 3 years. You have the option of subsequently revoking this consent at any time.

The revocation must be sent to the contact point mentioned in section 2 or to the e-mail address stated in the job advertisement.

3.5 Use of customer data for marketing measures

We also use your personal data for the following purposes:

  • to maintain contact with you;
  • to inform you about certain services;
  • to recommend services that may be of interest to you; and
  • for statistical purposes.

You can object to this data processing at any time. If you object, we will no longer process your personal data for these purposes.

Send your objection to the contact point mentioned in section 2.

4. Cookies

We use cookies and similar technologies on our websites (for the sake of simplicity, these are all referred to below as “cookies“). These are small files that are stored on the local computer when visiting websites. This enables the websites to “remember” certain entries and settings (e.g. login, language, font size and other display preferences) over a certain period of time and you do not need to enter them again each time you visit and navigate the portal.

Most of the cookies we use are so-called session cookies. These are automatically deleted when you log out or close the browser. Other cookies remain stored on your computer beyond the respective usage process and enable us or our partner companies (third-party cookies) to recognise your browser on your next visit. Insofar as other cookies (e.g. cookies to analyse your surfing behaviour) are stored, these are treated separately in this Privacy Policy.

Most internet browsers are set by default to accept cookies. If you do not wish this, you can adjust your browser so that it informs you about the setting of cookies and you only allow the acceptance of cookies for certain cases only in individual cases or generally exclude them. You can also activate the automatic deletion of cookies when closing the browser. In addition, you can delete cookies that have already been set at any time via an Internet browser or other software programmes. The procedure for checking and deleting cookies depends on the browser you are using. You can find information on this in the help menu of your browser.

You can find out about this option for the most commonly used browsers via the following links:

4.1 Google Analytics and Marketing Services by Google

We use on our websites the following services of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, or, if you have your habitual residence in the European Economic Area (EEA) or Switzerland, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter “Google”):

  • Google Analytics
  • Google Tag Manager
  • reCAPTCHA
  • Google Marketing Platform (formerly DoubleClick)
  • Google AdSense

Google uses cookies. The cookies used by Google enable us to analyse the use of our websites. The information generated by the cookie about your use of our websites (including your IP address) will be transmitted to and stored by Google on servers in Ireland or the United States.

For more information on terms of use and privacy, see Privacy Policy & Terms of Use – Google.

4.1.1 Google Analytics

For the purpose of demand-oriented design and continuous optimisation of our websites, we use the web analysis service of Google Analytics on the legal basis of your consent. In this context, user profiles are created and cookies are used to evaluate the use of our websites, to compile reports on websites activities and to provide other services related to websites and internet use. This information may also be transmitted to third parties if this is required by law or if third parties process this data on our behalf.

We use the JENTIS server-side solution. With this solution, we apply a de-identification mechanism to a JENTIS Twin Server that automatically truncates IP addresses by the last digit, making it impossible for Google to identify a specific European visitor by IP address alone. All identifiers from analytics providers are deleted. Instead, randomly generated numbers are passed on that do not allow re-identification. The JENTIS server-side solution therefore does not pass on any personal data to third parties and accordingly not to a third country. The anonymous data of the server log files are stored separately from all personal data of the data subject.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however, please note that if you do this you may not be able to use the full functionality of the websites. In addition, you can prevent the collection of the data generated by the cookie and related to your use of the websites (incl. your IP address) as well as the processing of this data by Google by entering the browser plug-in available under the following link Download page for the browser add-on to deactivate Google Analytics.

Further information in connection with Google Analytics can also be found in the Google Analytics Help.

4.1.2 Google Tag Manager

We use Google Tag Manager to embed Google analytics and marketing services into our websites and manage them. Google Tag Manager is a solution that allows us to manage website tags through one interface. The tool itself, which implements the tags, is a cookie-less domain and does not collect any personal data. However, the tool triggers other tags, which in turn may collect data. Google Tag Manager itself, on the other hand, does not access this data.

If a deactivation has been made at domain or cookie level, this remains in place for all tracking tags implemented with Google Tag Manager.

You can object to interest-based advertising by Google. To do this, call up the link Settings for advertising (google) via your browser and make the desired settings there.

For more information on Google Tag Manager, please see: Google Tag Manager Usage Guidelines.

4.1.3 reCAPTCHA

We use on our websites reCAPTCHA on the legal basis of our legitimate interest. reCAPTCHA is the abbreviation for “completely automated public Turing test to tell computers and humans apart”.

The reCAPTCHA is a service that attempts to distinguish whether a certain action on the Internet is performed by a human being or by a computer program. Therefore, reCAPTCHA is used as part of the double-opt-in when registering for a newsletter.

4.1.4 Google Marketing Platform

On the legal basis of your consent, we use the Google Marketing Platform on our websites to play out, control and measure digital advertising campaigns for our customers. (hereinafter “GMP“). GMP uses cookies to show you personalised advertising. The cookies do not contain any personal information. In order to obtain detailed information on data protection and all other important aspects with regard to Google’s Floodlight tracking system used in this context, please refer to the following link: Privacy Policy & Terms of Use – Google

The data transmitted by your browser as part of GMP will not be merged with other data from Google.

You can prevent the storage of cookies by setting your browser software accordingly. You can deactivate the display of personalised advertising using a browser plug-in. You can install this here: https://www.google.com/settings/ads/plugin.

4.1.5 Google AdSense

On the legal basis of your consent, we use on our websites Google AdSense. Google AdSense uses cookies. These are files that are stored on your PC and enable Google to analyse the data on your use of our websites. In addition, Google AdSense also uses web beacons, i.e. invisible graphics that enable Google to analyse clicks on the website in question, the traffic on it and similar information.

The information obtained via cookies and web beacons, your IP address and the delivery of advertising formats are transmitted to a Google server located in the USA and stored there. Google may share this collected information with third parties if required to do so by law, or if Google contracts out data processing to third parties. In such a case, Google will link your IP address with the other data stored.

By making the appropriate settings in your internet browser, you can prevent the aforementioned cookies from being stored on your personal computer. However, this may mean that the contents of the websites can no longer be used to the same extent.

4.2 Taboola Pixel

We use the Taboola Pixel of Taboola Inc., 16 Madison Square West, 7th Floor, New York, New York 10010, USA on our websites on the legal basis of your consent for analysis and optimisation purposes and for the economic operation of our online offer. The pixel helps us to determine which offers are used on our websites and which of our websites are visited when users come to our site via content that was entered via Taboola. For this purpose, the pixel sets cookies on our websites.

The cookies allow us to create pseudonymous usage profiles by collecting device-related data as well as log data pseudonyms. Taboola currently stores customer, user and visitor information in its data centres in the USA and Israel. Taboola itself states that Taboola’s data flows between the EEA, the United States, Israel and Hong Kong. In order to ensure that data from the EEA is adequately protected when transferred outside the EEA (e.g. from Taboola Europe Limited to Taboola, Inc.), Taboola states that it primarily uses the conclusion of EU standard contractual clauses with regard to states where an adequate level of data protection does not apply.

We use the collected data to optimise our websites. It is possible to prevent the storage of cookies by setting your browser software accordingly. Tracking (i.e. the collection of data generated by the cookie and related to the use of the websites) can be deactivated at any time. You can find an opt-out option at https://www.taboola.com/policies/privacy-policy#opting-out. Read more information on data protection at Taboola under https://www.taboola.com/privacy-policy.

4.3 Facebook Pixel and Facebook Conversion API

We use on our websites the so-called “Facebook Pixel” and the “Facebook Conversion API” on the basis of your consent. These are services of Facebook Inc., 1601 Willow Road, Menlo Park, CA 94025, USA or, if you are a resident of the EU, Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

With the help of the Facebook Pixel, the behaviour of page visitors can be tracked after they have been redirected to our websites by clicking on a Facebook ad. This allows the effectiveness of the Facebook ads to be evaluated for statistical and market research purposes and future advertising measures to be optimised.

The integration of the Facebook Conversion API makes it possible to record the website visitor’s interactions with our website and pass them on to Facebook in order to improve advertising performance on Facebook.

In particular, the time of the call, the website called up, your IP address and your user agent as well as any other specific data (e.g. products purchased, value of the shopping cart and currency) are recorded. You can find a complete overview of the data that can be collected here: https://developers.facebook.com/docs/marketing-api/conversions-api/parameters

The data collected in this way is anonymous for us, so it does not allow us to draw any conclusions about your identity. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes in accordance with the Facebook data policy [Facebook]. This enables Facebook to display advertisements on Facebook pages as well as outside of Facebook. We cannot influence this use of the data.

Through the use of cookies, i.e. text files that are stored on your terminal device, Facebook can subsequently recognise you in the Facebook member area and optimise the efficiency of advertisements, e.g. offer advertisements targeted to specific groups, in accordance with Facebook’s data usage policy.

You can object to the collection by Facebook Pixel and/or the Facebook Conversion API to the use of your data to display Facebook ads. To do so, you can visit the page set up by Facebook and follow the instructions there on the settings for usage-based advertising. To do this, you must be logged in to Facebook. If you do not have a Facebook account, you can object to the use of cookies used for reach measurement and advertising purposes via the Network Advertising Initiative deactivation page (http://optout.networkadvertising.org/) or alternatively via the US website (http://www.aboutads.info/choices) or the European website available under (http://www.youronlinechoices.com/uk/your-ad-choices/).

General information on the use of data by Facebook and on your rights in this regard and options for protecting your privacy can be found in Facebook’s data policy at https://en-gb.facebook.com/privacy/policy/. Specific information and details about the Facebook Pixel and how it works can be found in Facebook’s help section.

4.4 CRM system from Help Scout

We use on our websites the CRM system of the provider Help Scout Inc, 177 Huntington Ave, Ste 1703, PMB 78505, Boston, MA 02115-3153, USA, on the legal basis of our legitimate interest in order to process user enquiries more quickly and efficiently.

Help Scout only uses the users’ data for the technical processing of the requests and does not pass them on to third parties. To use Help Scout, at least a correct e-mail address is required. Pseudonymous use is also possible. In the course of processing service requests, it may be necessary to collect further data (name, address).

If you do not agree to data collection via and data storage in Help Scout’s external system, we offer alternative contact options for submitting service requests by e-mail, telephone, fax or post.

For more information, please see Help Scout’s Privacy Policy:

https://www.helpscout.net/company/legal/privacy/

4.5 AddToAny

We use on some of our websites the sharing tool AddToAny on the legal basis of your consent. The use of social media buttons via AddToAny serves to increase user-friendliness. This gives you the opportunity to share the displayed content with people from your environment. You can use the share function of AddToAny for this purpose. Even while you are visiting our pages, a direct connection is established between your browser and the AddToAny server via the plug-in. AddToAny thereby receives the information that you have visited our site with your IP address. AddToAny anonymises the IP addresses. Cookies are used when AddToAny is used. The data generated in the process (such as time of use or browser language) are transmitted to AddToAny and processed there. Via the cookies, AddToAny can track which other pages with AddToAny plug-in and which social media services you visit. However, we do not obtain any knowledge of the content of the data collected by AddToAny or of its actual use by AddToAny. We also have no access to this data.

For more information on the processing of data by AddToAny, click here:

https://www.addtoany.com/terms

AddToAny stores server log data for 30 days or less and only stores aggregate usage data.

You have the right to revoke your declaration of consent under data protection law at any time. The revocation does not affect the lawfulness of the data processing carried out on the basis of the consent until the revocation.

You can prevent the collection and processing of your data by AddToAny by using the DoNotTrack function of a supporting browser, deactivating the execution of script code in your browser or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser. You can find more information on data processing by AddToAny under https://www.addtoany.com/terms and https://www.addtoany.com/privacy.

5. Social plug-ins

Our websites use functions of various social networks (“Social plug-ins“).

Social plug-ins are buttons on our websites (share button). When you visit our websites, these buttons do not send any data to the respective social networks. Only when you actually click on a button, a direct connection is established to the server of the respective social network, whereupon the latter can collect data and set cookies. You can find more information on cookies in our cookie instructions.

If you are logged into a social network, it can assign your visit to our websites to your user account. A social network cannot assign a visit to other RONAL websites until you have also clicked the corresponding button there.

For further information on the purpose and scope of data collection and the further processing and use of your personal data, please refer to the data protection notices of the respective networks. There you will also find further information on your rights in this regard and setting options for protecting your privacy as well as your right to object to the creation of user profiles.

We use social plug-ins from the following social networks:

  • LinkedIn Inc. (linkedin.com, LinkedIn Headquarters, 1000 W Maude Ave, Sunnyvale, CA 94085, USA);
  • YouTube Inc. (youtube.com, YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA);
  • Xing AG (xing.com, Am Strandkai 1, 20457 Hamburg, Germany);
  • Meta Platforms Inc (facebook.com, 1601 Willow Road, Menlo Park, CA 94025, USA);
  • X Corp. (formerly Twitter) (twitter.com, Headquarters, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA);
  • Instagram Inc. (instagram.com, 1 Hacker Way Building 14, First Floor Menlo Park, California, USA).

If you are a member of a social network but do not want the provider to collect data relating to you via our websites and, if applicable, link it to other stored data, please always log out of the respective network completely before visiting another websites and possibly also delete the corresponding cookies.

Our websites only integrates social plug-ins as an external link (share button). Your personal data is therefore only processed when you click on the integrated plug-ins. You will then be redirected to the page of the respective provider. We have no influence on the type and scope of the data that is then collected by the social networks. If you do not want these providers to receive your data, please do not click on the plug-ins.

If you select the function “Block third-party cookies” in your browser settings, your browser will not send any cookies to the respective server of the social network. However, with this setting, in addition to the plug-ins, other cross-page functions of other providers may no longer work.

For further information on the purpose and scope of data collection and the further processing and use of your personal data, please refer to the data protection notices of the respective networks. There you will also find further information on your rights in this regard and setting options for protecting your privacy as well as your right to object to the creation of user profiles.

6. Vimeo

For the analysis, optimisation and economic operation of our online offer, we have integrated plug-ins of the video portal Vimeo of Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA, on our websites on the legal basis of our legitimate interest.

When you call up one of our websites that contains such a plug-in, your browser establishes a direct connection to the Vimeo servers. The content of the plug-in is transmitted by Vimeo directly to your browser and integrated into the web pages. This provides Vimeo with the information that your browser has accessed the corresponding page of our websites, even if you do not have a Vimeo account or are not currently logged in to Vimeo. This information (including your IP address) is transmitted by your browser directly to a Vimeo server in the USA and stored there.

If you are logged in to Vimeo, Vimeo can directly assign your visit to our websites to your Vimeo account. If you interact with the plug-ins (such as pressing the start button of a video), this information is also transmitted directly to a Vimeo server and stored there. If you do not want Vimeo to directly assign the data collected via our websites to your Vimeo account, you must log out of Vimeo before visiting our websites.

For further information on the purpose and scope of the data collection and the further processing and use of the data by Vimeo, as well as your rights in this respect and setting options for protecting your privacy, please refer to Vimeo’s Privacy Policy.

7. Google Maps

We integrate Google Maps on our websites. This allows us to show you interactive maps directly on the websites and enables you to use the map function conveniently.

By using Google Maps, information about your use of our websites (including your IP address) may be transmitted to a Google server in the USA and stored there. Google may store this data as usage profiles for the purpose of tailoring its services, advertising and market research. If you are logged in to Google, your data will be directly assigned to your account. If you do not wish this, you must log out beforehand. If you do not agree to the processing of your data, you have the option of deactivating the Google Maps service and thus preventing the transmission of data to Google. To do this, you must deactivate the JavaScript function in your browser. However, we would like to point out that in this case you will not be able to use Google Maps or only to a limited extent.

The processing of your personal data is based on our legitimate interest (i.e. interest in the analysis, optimisation and economic operation of our offer).

For more information on data processing and privacy notices by Google Maps, please see Additional Terms of Use for Google Maps/Earth – Google.

8. Disclosure to third parties

As a matter of principle, we treat your personal data confidentially and only pass it on if you have expressly consented to the passing on of the data, if we are legally obliged to do so or if this is necessary to enforce our rights, in particular to enforce claims arising from the contractual relationship.

In addition, we pass on your personal data to third parties insofar as we are entitled to do so and insofar as this is necessary or expedient within the framework of the use of the websites or for the possible provision of the services.

We disclose your personal data to the following categories of recipients:

  • IT service provider, web hoster, shop operator
  • Third parties to whom we have outsourced support services such as translation work, newsletter offers or document checks and payroll accounting on a situational basis;
  • Financial service providers and trustees;
  • Third parties involved in the implementation or organisation of events and seminars;
  • Authorities and courts, if applicable.

When transferring personal data to third parties, we comply with the legal regulations on the transfer of personal data to third parties. Where we use processors to provide our services, we take appropriate legal precautions and corresponding technical and organisational measures to ensure the protection of your personal data in accordance with the relevant legal regulations.

9. Data transmission abroad

If we also transfer your personal data to third parties abroad (i.e. outside Switzerland or the European Economic Area (EEA)), third parties are obliged to comply with data protection to the same extent as we are by ourselves. If data protection in the country concerned does not have an adequate level, but there is no suitable alternative for us, we will ensure that the protection of your personal data has such a level.

We ensure this in particular by concluding so-called standard data protection clauses of the EU Commission with the companies concerned and/or by the existence of other guarantees that comply with the applicable law. Where this is not possible, we base the transfer of data on the necessity of the transfer for the fulfilment of the contract.

10. Data retention period

We process and store your personal data only for the period of time required to achieve the stated purpose or if this is provided for under laws or regulations to which we are subject. If the purpose of storage no longer applies or if a prescribed retention period expires, your data will be routinely blocked, deleted or anonymised in accordance with the statutory provisions.

In addition, we will delete your data if you request us to do so and we have no legal or other obligation to retain or safeguard this personal data.

11. Data security

We take technical and organisational security precautions to protect your personal data against manipulation, loss, destruction or access by unauthorised persons and to ensure the protection of your rights and compliance with applicable data protection laws.

The measures taken are designed to ensure the confidentiality and integrity of your data and to ensure the availability and resilience of our systems and services in processing your data on an ongoing basis. They are also intended to ensure the rapid restoration of the availability of your data and access to it in the event of an incident.

Our security measures also include the encryption of your data. When your data is transmitted to us, it is encrypted using Transport Layer Security (TLS). All information that you enter online is transmitted via an encrypted transmission path. This means that this information cannot be viewed by unauthorised third parties at any time.

Our data processing and security measures are continuously adapted in line with technological developments.

We also take our own internal data protection very seriously. Our employees and the service providers commissioned by us are obliged to maintain confidentiality and to comply with the provisions of data protection law. Furthermore, they are only granted access to personal data to the extent necessary or appropriate.

12. Your rights

You have the following rights in relation to your personal data:

  • Right of access: You have the right to know what personal data we process, what happens to it and how long it is kept.
  • Right to demand blocking and correction: You have the right to amend, correct, delete or block your personal data at any time.
  • Right to erasure: You have the right to request the erasure of your personal data at any time.
  • Right to obtain and transfer your data: You have the right to request all your personal data from the controller and to have it transferred in full to another controller.
  • Right to object: You can object to the processing of your data. We will comply unless there are legitimate grounds for processing.
  • Right to withdraw consent: If you give us your consent to process your personal data, you have the right to withdraw this consent and have your personal data deleted.

You can reach out to the contact point mentioned in section 2 regarding your rights.

You can also lodge a complaint with a supervisory body if you believe that the processing of your personal data violates data protection law.

Privacy Policy