Thank you for using one of our websites www.r-stahl.com and https://configurator.r-stahl.com/ (collectively hereinafter referred to as „website“). The protection of your privacy and the lawfulness of any collection, processing and use of any of your data is very important to us.
Therefore, with respect to the collection, processing and use of any of your data, we would like to point out to you the following relevant and legally binding information:
1. Controller / Provider of Data Processing Services
1.1 Controller within the meaning of Art. 4, para 7 General Data Protection Regulation (hereinafter "GDPR") and service provider within the meaning of the German Telemedia Act is R. Stahl AG, Am Bahnhof 30, DE-74638 Waldenburg, German, e-mail: [email protected] (hereinafter "us“ or "we“).
1.2. You may contact our data protection officer at [email protected] or at our postal address with the addition "Data Protection Officer".
2. Collection, Processing and Use of Your Data Upon Your Visit to Our Website
2.1. Should you use the website for information purposes only, i.e. you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you want to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security:
the name of your Internet access provider,
the IP-address allocated to you,
the Internet address of the website through which your accessed our website,
the browser you use and possibly the operating system of your computer,
the amount of data transferred in each case,
any pages of our website which you visit as well as,
date and duration of your visit to our website.
2.2. We and our IT service providers, including our host providers (processors within the meaning of Art. 28 of the GDPR) have access to the data. The servers of our host providers are located in the European Union.
2.3. These data are processed by us for the following purposes:
- to ensure a smooth connection to the website,
- to ensure comfortable use of our website,
- to evaluate the system security and stability, as well as
- for further administrative purposes.
2.4. For security reasons, log file information is stored (e.g. to investigate activities of abuse or fraud) for a maximum of 7 days and then erased. Data whose further storage is required for evidential purposes are excluded from erasure, until the respective incident has been finally clarified.
2.5. The legal basis for the data processing is Art. 6 para. 1 sentence 1 lit. f of the GDPR. Our legitimate interest is based on the purposes of data collection as listed above.
3. Collection, Processing and Use of the Data You Provide in the Course of Your Visit to the Website
3.1. Your data is collected when you provide these data to us when you contact us, e.g. by e-mail or via the contact form. The data you provide when you contact us is exclusively processed and used for the purpose of responding to your request and for possible enquiries.
3.2. Data processing for the purpose of contacting each other is carried out in accordance with Art. 6 para. 1 s.1 lit. b of the GDPR.
4. Terminal Box Configurator
4.1. To register in the Terminal Box Configurator, you must enter the information in the fields marked as mandatory fields (e-mail address, password, company, department, title, first and last name, address and telephone number). Registration is unfortunately not possible without provision of the required data.
4.2. We use the data you enter in the Terminal Box Configurator exclusively for contract processing. We will not pass on your data to third parties, unless this is necessary for the purpose of contract processing or billing or you have consented to the transfer. In the course of contract processing, for example the service providers we employ (such as carriers, logistics providers and banks) will receive the data required for order processing. The legal basis for the data processing is Art. 6 para. 1 sentence 1 lit. b of the GDPR.
4.3. Due to our obligations under commercial law and tax law, we need to store your address, payment and order data for a period of ten years. However, after two years we restrict the processing, i.e. your data will only be used to comply with legal obligations.
5.1. When you first visit our website from one of your end devices, you will be informed that when you use the website, so-called cookies may be uploaded to your end device. If you continue to use our website after this information, you hereby declare your consent to our use of permanent cookies.
5.2. Cookies are alphanumeric identifiers that are transferred to your device's hard drive when you visit our website. They make it possible to recognize your browser during a later visit to the website and serve primarily to make the visit to the website more pleasant and individual, e.g. by recognizing the language you use, and to protect the website from hacker attacks.
5.3. This website uses the following types of cookies, the scope and functionality of which are explained below:
- transient cookies (see 5.4)
- persistent cookies (see 5.5).
5.4. Transient cookies are automatically deleted when you close your browser. Transient cookies include in particular the session cookies. These store a so-called session ID, with which different requests of your browser can be assigned to the common session. This means your computer will be recognized when you return to our website. Session cookies are deleted when you log out or close your browser.
5.5. Persistent cookies used by us are automatically deleted after a specified period, which may vary depending on the cookie. You can delete the cookies at any time in the security settings of your browser. The help function in the menu bar of most web browsers explains how to set up your browser in a way that new cookies are never accepted, that cookies are only accepted after notification and by you or that they are always set automatically.
5.6. You can configure your browser settings according to your wishes and, for example, refuse the acceptance of third party cookies or of all cookies. Please note that you may not be able to use all functions of this website.
5.7. The data processed by cookies are required for the aforementioned purposes in order to protect our legitimate interests and those of third parties pursuant to Art. 6 para. 1 sentence 1 lit. a or f of the GDPR.
6. Use of Google Analytics
6.1. The website uses Google Analytics, a web analytics service by Google Inc. (“Google“). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookies about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. In case of activation of the IP anonymization on this website, Google will truncate/ anonymise the last octet of the IP address for member states of the European Union as well as for other parties to the Agreement on the European Economic Area. Only in exceptional cases, the full IP address is sent to and shortened by Google servers in the USA. On behalf of the website provider, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to us.
6.2. Google will not associate your IP address with any other data held by Google.
6.3. You can prevent any storage of cookies by selecting the appropriate settings in your browser. However, please note that if you do this, you may not be able to use the full functionality of this website. Furthermore, you can prevent Google’s collection and use of data (cookies and IP address) by downloading and installing the browser plug-in available under http://tools.google.com/dlpage/gaoptout?hl=de
6.4. This website uses Google Analytics with the extension "_anonymizeIp()". As a result, IP addresses are further processed in abbreviated form so that a relation to individual persons can be ruled out. As far as the data collected about you is personal, it will be excluded immediately and the personal data will be deleted immediately.
6.5. We use Google Analytics to be able to analyse the use of our website and improve it regularly. The resulting statistics help us to improve our offerings and make it more interesting for you as the user. With regard to such exceptional cases, in which personal data are transferred to the USA, Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
6.6. The legal basis for the use of Google Analytics is Art. 6 par. 1 s. 1 lit. f of the GDPR.
6.7. Third-party information: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436?1001. Terms of Service: www.google.com/analytics/terms/us.html, overview of data protection privacy, policy and principles: https://policies.google.com/privacy?hl=en.
7. Newsletter by E-mail
7.1. If you sign up for one of our e-mail newsletters (collectively hereinafter referred to as "newsletter“), we will collect your e-mail address, title, first name and surname and, if applicable, any additional data you provide. We will use your data only for sending you the respective newsletter for the purposes indicated when you signed up for it. Registration is carried out using a double-opt-in process so that, in order to complete the registration, you are required to confirm the link contained in a confirmation e-mail and in doing so you consent to sending you this newsletter. You may revoke your permission to send you the newsletter at any time using the following unsubscribe link. In addition, you may also deregister from the newsletter using the respective link contained at the end of each newsletter. The legal basis for sending the newsletter is Art. 6 par. 1 s. 1 lit. a of the GDPR.
7.2. Newsletters are sent via "Maileon", a newsletter sending platform of the German provider XQueue GmbH, Advanced E-Mail-Marketing Technologies, Christian-Pleß-Str. 11-13, 63069 Offenbach am Main. The e-mail addresses of our newsletter recipients, as well as their other data described in this notice, are stored on the servers of XQueue in Germany. XQueue uses this information to send and analyse the newsletter on our behalf. However, XQueue does not use the data of our newsletter recipients to write to them itself or pass them on to third parties. XQueue is obliged to comply with the General Data Protection Regulation of the EU.
7.3. Our newsletters contain so-called tracking pixels. A tracking pixel is a miniature graphic embedded in e-mails that are sent in HTML format to enable log file recording and a log file analysis. This allows a statistical evaluation of the success or failure of online marketing campaigns. On the basis of the embedded tracking pixel, we can recognise if and at what time a person opened an e-mail and which links in the e-mail the person followed.
7.4. Such personal data collected via the tracking pixels contained in the newsletters are stored and analysed by us in order to optimise the newsletter mailing and to adapt the content of future newsletters even better to the interests of the person concerned. This personal data will not be passed on to third parties. The information will be stored for as long as you have subscribed to the newsletter. After a revocation, the personal data will be deleted by us. Unsubscribing from receiving the newsletter constitutes a withdrawal of you consent.
8. Integration of YouTube Videos
8.1. We have integrated YouTube videos into our online offerings, which are stored on www.YouTube.com and can be played directly from our website. They are all integrated in the "extended data protection mode", i.e. no data about you as a user will be transmitted to YouTube, if you do not play the videos. Only if you play the videos, the data referred to in para. 2 will be transmitted. We have no influence on this data transmission.
8.2. By visiting the website, YouTube receives the information that you have accessed the corresponding subpage of our website. This does not dependent on whether YouTube provides a user account through which you are logged in, or whether no user account exists. If you are logged in in Google, your data will be directly associated with your account. If you do not wish to be associated with your profile on YouTube, you must log off before activating the button. YouTube stores your data as user profiles and uses it for the purpose of advertising, market research and/or demand-oriented design of its website. Such an evaluation takes place (even for users who are not logged in) in particular to provide demand-oriented advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, but you must contact YouTube to exercise this right.
9. Links to Other Websites
As part of our website, we may provide links to websites of other providers of web content. If you click and follow any such link, we cannot, unfortunately, influence any more any collection, processing and usage of your data by third parties; insofar, we need to exclude any responsibility for such doing.
10. Disclosure of Data
10.1. Your personal data will not be transmitted to third parties for purposes other than those listed below.
10.2.We will only pass on your personal data to third parties if:
- you have given your express consent pursuant to Art. 6 para. 1 sentence 1 lit. a of the GDPR,
- the disclosure pursuant to Art. 6 para. 1 sentence 1 f of the GDPR is necessary in order to establish, exercise or defend legal claims and there is no reason to assume that you have an overriding interest deserving protection in non disclosure of your data,
- in the event that a legal obligation exists for the transfer pursuant to Art. 6 para. 1 sentence 1 lit. c of the GDPR, and
- this is legally permissible and is necessary for the processing of contractual relationships with you in accordance with Art. 6 para. 1 sentence 1 lit. b of the GDPR.
11. Transfers to Third Countries
11.1. In the event that we process data in a Third Country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or such processing occurs in the context of utilising third-party services or disclosing or transferring data to third parties, this only takes place to the extent that is necessary to fulfil our (pre)contractual obligations pursuant to Art. 6 para. 1 sentence 1 lit. b of the GDPR, on the basis of your consent pursuant to Art. 6 para. 1 sentence 1 lit. a of the GDPR, on the basis of a legal obligation to do so or on the basis of our legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f of the GDPR.
11.2. Subject to legal or contractual permissions, we process or let data be processed in a Third Country only if the requirements of Art. 44 et seq. of the GDPR are fulfilled. Accordingly, the processing is carried out, for example, on the basis of special guarantees, such as the officially recognised confirmation of an EU adequate data protection level (e.g. with regard to the USA, the "Privacy Shield") or compliance with officially recognised special contractual obligations (so-called "Standard- Terms").
12. Rights of Affected Persons
You are entitled:
to request information about your personal data processed by us, in accordance with Art. 15 of the GDPR. In particular, you may request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection to processing, the existence of a right to lodge a complaint, the source of your data, in case it has not been collected by us, and any existence of automated decision-making including profiling and, in such case, meaningful information on its details;
to immediately request the rectification of inaccurate personal data or the completion of personal data stored by us, in accordance with Art. 16 of the GDPR;
to request the erasure of your personal data stored by us, in accordance with Art. 17 of the GDPR, unless the processing is necessary to exercise the right of freedom of expression and information, to comply with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;
in accordance with Art. 18 of the GDPR, to obtain restriction of the processing of your personal data, if you contest the accuracy of the data, if the processing is unlawful, but you oppose to have the data erased, and if we no longer need the data, but you need it to establish, exercise or defend legal claims or if you have objected to processing pursuant to Art. 21 of the GDPR;
in accordance with Art. 20 GDPR, to receive the personal data you have provided to us in a structured, commonly used and machine-readable format or to request its transmission to another controller;
in accordance with Art. 7 para. 3 of the GDPR, to withdraw your consent at any time. As a result, we are no longer allowed to continue processing data based on this consent in the future and
- to lodge a complaint with a supervisory authority, in accordance with Art. 77 of the GDPR. As a general rule, you can contact the supervisory authority of your habitual residence or workplace.
13. IT Security
In order to protect your data from misuse or loss, we take all required organisational and technical measures and, for example, store your data in an operational environment that is not accessible from the public domain. We point out that the privacy of any transferred data cannot be guaranteed in the event you contact us by e-mail or in any other e-mail correspondence without encryption or use of a qualified electronic signature. As a general matter of IT technology, third party access to e-mail content cannot be excluded. If you wish to send us confidential information, we recommend you consider these IT-technical matters with regard to your choice of format and form of correspondence. In particular cases, when transmitting data we use Secure Socket Layer Technology (SSL), an internationally accepted way of data transmission, which uses an encrypted transfer method between your computer system and our server systems, should your browser support SSL.
14. Revocation Right
15. No Automated Decision-Making
We do not take decisions based solely on automated processing.
16. Date of Validity and Amendment of this Data Protection Declaration
This data protection declaration is currently valid, as of May 2018. Due to the further development of our website or due to revised legal or regulatory requirements, it may become necessary to amend this data protection declaration. You can find, and print, the current data protection declaration at any time on the website at https://r-stahl.com/en/global/footermenu/privacy-policy/