Privacy policy of Rösler Oberflächentechnik GmbH
We welcome you to our website and appreciate your interest in our company. We take the protection of your personal data very seriously. We process your data in accordance with the applicable legal provisions for the protection of personal data, in particular the General Data Protection Regulation (EU GDPR) and the country-specific implementation laws applicable to us. This privacy policy provides you with comprehensive information about the processing of your personal data by Rösler Oberflächentechnik GmbH and the rights to which you are entitled.
Personal data is any information that makes it possible to identify a natural person. This includes, in particular, name, date of birth, address, telephone number, e-mail address, but also your IP address. Anonymous data exists if no personal reference to the user can be established.
Responsible body and data protection officer
Address: Vorstadt 1, 96190 Untermerzbach
Contact information: www.rosler.com, www.solutions-for-am.com, +49 9533 924-0, datenschutz@rosler.com
Contact of the data protection officer: datenschutz@rosler.com
Your rights as a data subject
First of all, we would like to inform you here about your rights as a data subject. These rights are standardized in Art. 15 - 22 EU GDPR. This includes:
- The right of access (Art. 15 GDPR),
- The right to erasure (Art. 17 GDPR),
- The right to rectification (Art. 16 GDPR),
- The right to data portability (Art. 20 GDPR),
- The right to restriction of data processing (Art. 18 GDPR),
- The right to object to data processing (Art. 21 GDPR).
To assert these rights, please contact: datenschutz@rosler.com. The same applies if you have any questions about data processing in our company. You also have the right to lodge a complaint with a data protection supervisory authority.
Rights of objection
In connection with your rights of objection please consider the following: Whenever we are using your personal data for the purpose of direct advertising (e.g. direct mailing) you have the right to object to this type of data handling at any time without having to provide a reason. This also applies to a profiling, if it takes place in connection with direct advertising activities.As soon as you object to the use of your personal data for the purpose of direct advertising, we will no longer do so. Your objection is free-of-charge and can be done entirely at your discretion, preferably addressed to: marketing@rosler.com.
In case we are handling your data for safeguarding legitimate interests, you can object to this data handling for reasons associated with your personal situation at any time; this applies also to profiling based on these interests. We will no longer use your personal data unless we can state compelling reasons, which will overrule your interests, rights and freedoms or, if the use of your data serves to enforce or defend legal claims by our company.
Purposes and legal bases of data processing
Your personal data is processed in full compliance with the requirements of the GDPR and all other applicable regulations pertaining to data protection. Especially Art. 6 GDPR is the legal basis for the handling of data.
We are using your data for initiating business relations, for fulfilling contractual and legal obligations, for executing contractual relationships, for offering products and services and for deepening our customer relations. The latter can also include studies for marketing purposes and direct advertising. Your consent automatically includes our obligation for handling your data in line with data protection regulations. In this connection we inform you about the purpose of using your data and your right to object. If your consent also includes the use of particular categories of your personal data, we will specifically point this out upon your consent.
The use of particular categories of personal data as described in Art. 9, para. 1 GDPR only takes place if and when this is required for legal reasons and if there is no reason to assume that the protection of your data outweighs their use.
Passing of data to third parties
We will only pass your data to third parties in compliance with legal regulations or with your express consent. Otherwise no transfer to third parties takes place, unless we are obligated to do so because of binding legal requirements (providing of data to external authorities like, for example, supervisory offices or for criminal investigations).
Data recipients / recipient categories
Within our company we ensure that only those people who require your personal data for the fulfillment of contractual or legal obligations receive them. Frequently, service providers support our employees in their work. We have concluded the required data protection contracts with all our service providers. For the administration of our website one external service provider has temporary access to personal data from the respective contact forms.
Transfer of data to countries outside the EU / intent to transfer data to such countries
Data transmission in third countries (outside the European Union or the European Economic Zone) takes place only if it is required for the execution of contractual obligation and for handling of queries, if it is legally prescribed or if you have granted us your consent for it. We transmit your personal data to a service provider or to Group companies outside the European Economic Zone: USA, Switzerland, Russia, Serbia, Brazil, China, India, Turkey. Beyond that, we have worldwide representatives to whom personal data is also transmitted where appropriate. The compliance with data protection regulations is ensured through our corporate privacy rules and EU standard contractual clauses.
Duration of data storage
We keep your data as long as they are required for a specific purpose. Please keep in mind that numerous data storage regulations stipulate the storage of data beyond their specific purpose. This applies mainly to data storage periods prescribed by commercial and tax laws (for example, the German commercial code, tax regulations, etc.). After they have fulfilled their purpose and no other data storage requirements exist anymore, the data is routinely deleted.
Please take into consideration that we can keep data, for which we have received your consent or, for legal disputes for which we use the data as evidence within the scope of legal statutes of limitation, which can have a duration of 30 yeas; the normal statute of limitation expires after three years.
Secure transmission of your data
We use appropriate technical and organizational security measures to protect the data stored by us against accidental or intentional manipulation, loss, destruction or access by unauthorized persons. The security levels are continuously reviewed in cooperation with security experts and adapted to new security standards.
The exchange of data to and from our website is always encrypted. We offer HTTPS as the transmission protocol for our website, using the latest encryption protocols in each case. (TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384, 256-bit key, TLS 1.2). It is also possible to use alternative communication channels (e.g. by post).
Obligations for Provision of Data
Diverse personal data is necessary to establish, execute and terminate contractual obligation and to fulfil the contractual and legal duties associated with it. The same applies for the use of our website and the various functions that it provides. We have summarised its details for you in the above mentioned point. In certain cases, data must also be collected or provided owing to legal provisions. Please note that processing of your query or the execution of the underlying contractual obligation without provision of this data is not feasible.
Categories, sources and origin of the data
The underlying context determines which data we are using: For example, you may place an online purchase order, send us an enquiry through the contact form, send us an application or file a claim. Please note that we may pass certain information requiring special processing separately to the responsible department/persons, for example, uploading of job applications or contact forms.
When you visit our website, we collect and process the following data:
- Name of the Internet service provider
- Information about the website, from which you visit us
- Your web browser and operating system and language settings
- The IP address assigned by your Internet service provider
- Requested files, transferred data volume, downloads/file export
- Information about the pages/sections in our website you visit with date and time
- For safety reasons (especially to protect against attempted attacks against our web server) is data is stored in line with Art. 6, para. 1 lit. F EU-GDPR. Anonymization by shortening the IP address takes place after 30 days at the latest so that no connection to the user is established.
As part of a contact request, we collect and process the following data:
- Personal information
- Title, first name, last name, phone number, e-mail address
- Company information
- Name of the company
- Industry
- Department
- Address
- Information about wishes and interests
As part of newsletter registration, we collect and process the following data:
- Personal information
- Title, first name, last name, phone number, e-mail address
As part of Rösler Academy seminar registration, we collect and process the following data:
- Personal information
- Title, first name, last name, phone number, e-mail address
- Company information
- Company / invoice address
- Participant data
- Title, first name, last name, e-mail address
Contact form / contact by e-mail (Art. 6 para. 1 lit. a, b EU-GDPR)
There is a contact form on our website that can be used for electronic contact. If you contact us with this form we are using the data you provided in the form to reply to your questions and requests. In doing so, the principle of data economy and data avoidance is observed, as you only have to provide the data that we absolutely need to contact you. These are your title, first name, last name, e-mail address and telephone number (for queries) of the further company information (company, address, sector and department) as well as the message field itself. For technical and legal reasons your IP address will also be registered. All other data are voluntary fields and can be provided optionally (e.g. to answer your questions on a more individual basis). When you contact us by e-mail, we will use the personal data listed in your e-mail only for processing your enquiry. If you do not use our contact forms, no additional data will be collected.
Newsletter (Art. 6, para. 1 lit. a EU-GDPR)
It is possible to subscribe to a free newsletter on our website. The e-mail address provided during newsletter registration and your name will be used for sending the partially personalized newsletter. In doing so, the principle of data minimization and data avoidance is observed; first name, last name, company name and e-mail address are marked as mandatory fields. For reasons of technical necessity as well as for legal protection, your IP address is also processed when ordering the newsletter. We use the “double opt-in” procedure for sending newsletters by e-mail. This means that you will only receive advertising by e-mail if you have previously expressly confirmed that you want us to activate the newsletter service. We do this by sending you a notification e-mail and asking you to confirm that you would like to receive our newsletter at this e-mail address by clicking on a link contained in this e-mail. Of course, you can unsubscribe at any time using the unsubscribe option provided in the newsletter, thus revoking your consent. Furthermore, it is also possible to unsubscribe from the newsletter at any time directly via our website. We provide information about new products and offers at regular intervals in our newsletter and also use newsletter web bugs and link-tracking to monitor its success. The web bug measures the opening of the respective newsletter and the link-tracking counts the clicks on the respective links in the newsletter. Thanks to the anonymising, neither method permits conclusions to be drawn with regard to an individual person. The web bug and tracking data processing is implemented with Google Analytics. In addition, we also carry out success evaluations and customer satisfaction surveys after projects have been completed and at regular intervals. This data is collected on the basis of your consent (Art. 6 I lit. a GDPR). You can revoke this consent informally at any time at marketing@rosler.com. The linking to user IDs will be automatically deleted after a period of 23 months.
etracker
The provider of this website uses the services of etracker GmbH, Hamburg, Germany (www.etracker.com) to analyse usage data. We do not use cookies for web analysis by default. If we use analysis and optimisation cookies, we will obtain your explicit consent separately in advance. If this is the case and you agree, cookies are used to enable a statistical range analysis of this website, a measurement of the success of our online marketing measures and test procedures, e.g. to test and optimise different versions of our online offer or its components. Cookies are small text files that are stored by the Internet browser on the user's device. etracker cookies do not contain any information that could identify a user.
The data generated by etracker on behalf of the provider of this website is processed and stored by etracker solely in Germany by commission of the provider of this website and is thus subject to the strict German and European data protection laws and standards. In this regard, etracker was independently checked, certified and awarded with the ePrivacyseal data protection seal of approval.
The data processing is based on Art. 6 Section 1 lit f (legitimate interest) of the General Data Protection Regulation (GDPR). Our legitimate interest is the optimisation of our online offer and our website. As the privacy of our visitors is very important to us, the data that may possibly allow a reference to an individual person, such as IP address, registration or device IDs, will be anonymised or pseudonymised as soon as possible. etracker does not use the data for any other purpose, combine it with other data or pass it on to third parties.
You can object to the outlined data processing at any time by clicking on the slider. The objection has no disadvantageous consequences. If no slider is displayed, the data collection is already prevented by other blocking means.
Further information on data protection with etracker can be found here.
Videolyser
We use Videolyser, a service of Christian Eckardt, Kirchtal 5, 37431 Bad Lauterberg, Germany, for the integration of videos within the framework of our legitimate interest in a technically flawless online offer and its economically efficient design and optimization pursuant to Art.6 para. 1 lit.f DSGVO. This is a particularly data-saving service for embedding videos, as your data is only collected pseudonymously. Your IP address is already shortened by the last digits before it is stored in the server log files and replaced by a randomly generated number https://www.videolyser.de/artikel/dsgvo-videolyser, so that no personal data of yours is stored by Videolyser when you watch a video on our website.
You can find more information in Videolyser's privacy policy at https://www.videolyser.de/datenschutz.php.
Webinars / video telephony (Art. 6 para. 1 sentence 1 lit. b, f EU-GDPR)
Rösler Oberflächentechnik GmbH uses video conferencing services to conduct webinars on various topics offered. For this purpose, Rösler Oberflächentechnik GmbH uses the video
conferencing tool Microsoft Teams. Microsoft Teams is a service of the Microsoft Corporation. Zoom can be used either via your web browser or via the app installed on your end device.
Please note that this data protection notice only informs you about the processing of your personal data by us if you conduct online meetings with us. If you access the “Microsoft Teams” website, the provider of “Microsoft Teams” is responsible for data processing.
Various personal data is processed when you use Teams. What these are also depends on the information you provide when you participate in our online meeting. The following data may be processed
- IP address
- User details: e.g. display name, email address if applicable, profile picture (optional), preferred language
- Meeting metadata: e.g. date, time, meeting ID, telephone numbers, location
- Text, audio and video data: e.g. if you use the chat function or enable the display of video or audio. Teams receives, if you allow it, access to your camera and microphone for the duration of the transmission.
This data is processed for the purpose of conducting webinars and serves the implementation of pre-contractual measures or the fulfillment of the contract, Art. 6 para. 1 lit. b GDPR. Insofar as the video conferences take place within the company between employees on the basis of Section 26 (1) BDSG.
Otherwise, data processing is based on our legitimate interest in effective communication in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.
The data will only be stored for as long as is absolutely necessary to achieve the purpose and no statutory retention obligations prevent deletion. Please note that the data may have to be stored for verification purposes on the basis of statutory retention obligations. In this case, the data will be deleted at the latest after expiry of the respective retention obligation.
Microsoft processes and stores your data in the USA and is obliged by corresponding contractual regulations to comply with the data protection standards of the EU and to guarantee the European level of data protection. Microsoft is also certified in accordance with the EU-U.S. Data Privacy Framework.
Further information on data processing by Microsoft can be found at: https://www.microsoft.com/de-de/privacy/privacystatement
Social media links
On our website you will find links to the social media services of Meta / Facebook, YouTube, Xing, Instagram and LinkedIn. You can recognize links to the websites of social media services by the respective company logo. If you follow these links, you will reach the corporate presence of Rösler Oberflächentechnik GmbH on the respective social media service. When you click on a link to a social media service, a connection to the servers of the social media service is established. This tells the social media service's servers that you have visited our website. In addition, further data is transmitted to the provider of the social media service. These are, for example
- Address of the website on which the activated link is located
- Date and time of accessing the website or activating the link
- Information about the browser and operating system used
- IP address
If you are already logged in to the corresponding social media service at the time the link is activated, the provider of the social media service may be able to determine your user name and possibly even your real name from the transmitted data and assign this information to your personal user account with the social media service. You can exclude this possibility of assignment to your personal user account if you log out of your user account beforehand.
The servers of the social media services are located in the USA and other countries outside the European Union. The data may therefore also be processed by the provider of the social media service in countries outside the European Union. Please note that companies in these countries are subject to data protection laws that do not generally protect personal data to the same extent as is the case in the member states of the European Union.
Please note that we have no influence on the scope, type and purpose of data processing by the provider of the social media service. For more information on the use of your data by the social media services integrated on our website, please refer to the privacy policy of the respective social media service.
Online offers and children
Persons under the age of 16 years are not allowed to transmit data to us or make a consent declaration without the specific approval of their parents. We want to encourage all parents and guardians to share in the online activities of their children.
Links to other providers
Our website also contains links - clearly indicated by this symbol - to the websites of other companies. Insofar as links to websites of other providers are present, we have no influence on their contents. Therefore, no guarantee or liability can be assumed for these contents. The respective provider or operator of the pages is always responsible for the content of these pages.
The linked pages were checked for possible legal violations and recognizable infringements at the time of linking. Illegal contents were not recognizable at the time of linking. However, a permanent control of the contents of the linked pages is not reasonable without concrete evidence of a violation of the law. If we become aware of any infringements, such links will be removed immediately.