1. Data protection at a glance
General
The following paragraphs give a simple overview of what happens with your personal data when you visit our website. Personal data is any data that identifies you as an individual. More detailed information about data protection is given below in our privacy policy.
Data collection on our website
Who is responsible for data collection on this website?
Data processing is carried out by the website operator, whose contact details can be found in the “Details of the data controller” section of the privacy policy.
How we collect your data
Firstly, we collect data that you share with us. This includes data you enter in our contact form, for example.
Other data is collected by our IT systems when you visit our website, either automatically or with your consent. This mainly concerns technical data (e.g. about your internet browser, operating system or the time you visit a particular page). This data is collected automatically as soon as you open our website.
How we use your data
Some of the data we collect is required in order for the website to work correctly. In other cases, we use the data to analyse your browsing behaviour.
Your rights regarding your personal data
You have, at any time and without cost, the right to access the personal data we hold about you, including information about its source and recipients and the purpose for which we process it. You also have the right to request that we rectify or erase this data. If you have consented to the processing of your personal data, you can withdraw this consent at any time with effect for the future.
In certain situations you also have the right to restrict the processing of your personal data. Finally, you have the right to lodge a complaint with a supervisory authority. You can contact us at any time regarding your rights or other matters relating to data protection.
2. Hosting and Content Delivery Networks (CDN)
External hosting
This website is hosted by an external service provider (hosting provider). All personal data collected on this website is stored on the servers of the hosting provider. This includes IP addresses, enquiries made via our contact form, metadata and communication data, contract data, contact details, names, website visits and other data generated when you browse our website.
We use a web hosting provider to fulfil contracts with existing and potential customers (Article 6(1)(b) GDPR) and to allow us to offer our services and products online securely, quickly and efficiently via a professional service provider (Article 6(1)(f) GDPR).
The hosting provider will only process your personal data insofar as this is necessary for the fulfilment of its obligations as a service provider and in accordance with our instructions regarding this data.
We use the following web hosting provider:
Mittwald CM Service GmbH & Co. KG
Königsberger Strasse 4-6
32339 Espelkamp
Germany
Signature of a data processing agreement
To comply with data processing legislation, we have signed a data processing agreement with our hosting provider.
3. General notes and mandatory information
Data protection
As the operator of this website, we take the protection of personal data very seriously. We treat all personal data confidentially and process it in accordance with applicable legislation and this privacy policy.
When you use our website, several types of personal data are collected. Personal data is any data that identifies you as an individual. This privacy policy explains what personal data we collect and how we use it. It also tells you why we need this data.
We would also like to remind you that when data is transferred online (e.g. by email), there are always some security risks. It is therefore impossible to fully protect data from third-party access.
Details of the data controller
The data controller for this website is:
R. Rieker GmbH
Daimlerstrasse 55
74211 Leingarten bei Heilbronn
Germany
Telephone: 0049 7131 9092-0
E-Mail: datenschutz@haerterei-rieker.de
The data controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data (name, email address and so on).
Duration of storage
Unless a specific storage period is defined elsewhere in this privacy policy, we will store your personal data until we no longer need it for the stated purpose. If you make a valid request for us to delete your data or withdraw your consent to data processing, we will delete your data unless we are legally permitted or required to store it on other grounds (e.g. due to statutory retention periods under tax or commercial law). In the latter case, we will delete your data when these grounds no longer apply.
Data protection officer
As required by law, we have appointed a data protection officer for our company:
DSS-connect GmbH
Salinenstrasse 23/1
74177 Bad Friedrichshall
Germany
Telephone: 0049 7136 9657-599
E-Mail: dsb@dss-connect.de
Data transfer to the USA and other third countries
Our website uses tools provided by companies who have their headquarters in the USA or other third countries that are considered unsecure in terms of data protection. If these tools are enabled, your personal data may be transferred to these third countries and processed there. In these countries the level of data protection is not necessarily the same as in the EU. For example, companies in the USA are legally obliged to disclose personal data to security authorities without the person concerned being able to take legal action against this. Consequently, we cannot guarantee that personal data stored on US servers will not be processed, analysed and permanently stored by US authorities (e.g. security services) for surveillance purposes. We have no control over these processing activities.
Withdrawing your consent to data processing
In many instances, we can only process your personal data with your express consent. You can withdraw this consent at any time. An informal message to us by email is sufficient for this. The legality of the data processing performed prior to withdrawal of consent shall remain unaffected.
Right to object to the collection of data in special cases; right to object to direct advertising (Article 21 GDPR)
Where your personal data is processed on the basis of Article 6(1)(e) or Article 6(1)(f) GDPR, including profiling based on those provisions, you have the right to object to this processing at any time on grounds relating to your particular situation. The legal basis by which each type of personal data is processed is specified in this privacy policy. If you withdraw your consent, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or if the processing is necessary for the establishment, exercise or defence of legal claims (objection pursuant to Article 21(1) GDPR).
Where your personal data is processed for the purposes of direct marketing, including profiling insofar as it is related to such direct marketing, you have the right to object to this processing at any time. If you object to processing for the purposes of direct marketing, your personal data will no longer be processed for such purposes (objection pursuant to Article 21(2) GDPR).
Right to lodge a complaint with a supervisory authority
In the event of infringement of the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, without prejudice to any other administrative or judicial remedy.
Right to data portability
You have the right to demand that any data we automatically process on the basis of your consent or in order to fulfil a contract be handed over to you or a third party in a commonly used, machine-readable format. If you ask us to transfer the data directly to another controller, this will be done only if it is technically feasible.
SSL and/or TLS encryption
This website uses SSL and/or TLS encryption for security reasons and to prevent the transfer of confidential content, such as orders or enquiries you submit to us as the operators of the website. An encrypted link can be identified by the fact that the address in your browser changes from “http://” to “https://” and the padlock symbol appears in the address bar. When SSL and/or TLS encryption is enabled, the data you transfer to us cannot be read by third parties.
Access, erasure and rectification
In accordance with the applicable legislation, you have, at any time and without cost, the right to access the personal data we hold about you, including information about its source and recipients and the purpose for which we process it. You also have the right to request that we rectify or erase this data. You can contact us regarding this or any other questions concerning personal data at any time.
Right to restrict processing
You have the right to restrict the processing of your personal data. To do so, you may contact us at any time. The right to restrict processing applies in the following cases:
- If you contest the accuracy of the personal data we hold about you and we need time to investigate your claim, during the investigation you have the right to demand that we restrict the processing of your personal data.
- If your personal data is being, or has been, processed unlawfully, you can request that we restrict the processing of your data instead of deleting it.
- If we no longer need your personal data, but you require it for the establishment, exercise or defence of legal claims, you can request that we restrict the processing of your data instead of deleting it.
- If you have made an objection pursuant to Article 21(1) GDPR and a decision needs to made as to whose interests prevail, until the decision is made, you have the right to demand that we restrict the processing of your personal data.
If you have restricted the processing of your personal data, this data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
4. Data collection on our website
Cookies
Our website uses cookies. Cookies are small text files and will not cause any damage to your computer or device. They are stored on your computer or device either temporarily (“session cookies”) or permanently (“permanent cookies”). Session cookies are automatically deleted after your visit. Permanent cookies are stored on your computer or device until you delete them manually or until they are automatically deleted by your web browser.
In some instances, cookies from third-party companies (“third-party cookies”) may also be stored on your computer or device when you visit our website. The purpose of these cookies is to allow you and/or us to use services provided by the third-party company (e.g. cookies required for payment processing services).
Cookies serve different purposes. Many of them are required for technical reasons, as certain website functions would not work without them (e.g. the shopping cart or video player). Other cookies are used to analyse visitors’ browsing behaviour or to display adverts.
Cookies used to enable electronic communication (“essential cookies”), provide a shopping cart or other functions visitors can choose to use (“functional cookies”), or optimise the website (e.g. cookies that measure website traffic) are stored on the basis of Article 6(1)(f) GDPR unless another legal basis is specified. It is within the legitimate interests of the website operator to store cookies that keep its services running in an optimum manner. If you are asked to consent to the storage of cookies, these cookies will be stored exclusively on the basis of your consent (Article 6(1)(a) GDPR), and you may withdraw your consent at any time.
You can configure your browser to inform you about the use of cookies, to only allow cookies in specific cases, to block storage of some or all cookies, and/or to automatically delete cookies when you close the browser. If you block cookies, this may restrict the functionality of our website. If cookies are used by third-party companies or for analysis purposes, we will inform you of this separately in this privacy policy and ask for your consent where necessary.
Server log files
The website provider automatically collects and stores information in server log files, which your browser automatically sends to us. These indicate:
- Browser type and browser version
- Operating system used
- Referrer URL
- Hostname of the computer accessing the website
- Time of the server request
- IP address
This data will not be merged with other data sources.
This data is collected on the basis of Article 6(1)(f) GDPR. It is within the legitimate interests of the website operator to keep its website running in an optimum manner, and this is why server log files are collected.
Contact form
If you send us an enquiry using the contact form, the data you enter, including contact details, will be stored by us for the purposes of processing your enquiry and in case of follow-up questions. This data will not be disclosed without your consent.
This data will be processed on the basis of Article 6(1)(b) GDPR, insofar as your enquiry is related to the performance of a contract or is necessary in order to take steps prior to entering into a contract. In all other cases, processing is carried out on the basis of our legitimate interest regarding the effective handling of enquiries (Article 6(1)(f) GDPR) or on the basis of your consent (Article 6(1)(a) GDPR) where this has been requested.
We will continue to hold the data that you enter in the contact form until you ask us to erase it, withdraw your consent to the storage of the data, or until the purpose for the data storage no longer applies (e.g. the processing of your enquiry has been completed). This is without prejudice to any mandatory statutory regulations – in particular retention periods.
Enquiries by email, phone or fax
If you contact us by email, phone or fax, we will store and process your enquiry, including all associated personal data (name, enquiry), for the purposes of dealing with your request. This data will not be disclosed without your consent.
This data will be processed on the basis of Article 6(1)(b) GDPR, insofar as your enquiry is related to the performance of a contract or is necessary in order to take steps prior to entering into a contract. In all other cases, processing is carried out on the basis of our legitimate interest regarding the effective handling of enquiries (Article 6(1)(f) GDPR) or on the basis of your consent (Article 6(1)(a) GDPR) where this has been requested.
We will continue to hold the data relating to your enquiry until you ask us to erase it, withdraw your consent to the storage of the data, or until the purpose for the data storage no longer applies (e.g. the processing of your enquiry has been completed). This is without prejudice to any mandatory statutory regulations – in particular statutory retention periods.