Privacy Protection

Publication of the contact details of the data protection officer according to Art. 37  Section 7 GDPR
External data protection officer: Mr. Stefan Fischerkeller - Deutsche Datenschutzkanzlei
Phone. +49 7544 / 904 96 91, email: Datenschutz@rommelag.com

Privacy Policy, as of May 2018

We look forward to your visit to our website and your interest in our company and our products and services. The protection of your personal data is very important to us. The Rommelag group of companies (hereinafter referred to as "Rommelag", "we" or "us") attaches great importance to the security of users' data and compliance with data protection regulations.

The Rommelag websites may contain links to websites of other providers, to which this privacy policy does not extend. The information that the operators of these pages may collect is beyond our knowledge and influence ­ Area. Information is available in the data ­ protection ­ note of the respective page.

Below we inform you in detail about the handling of your data.

Definitions

The privacy policy is based on the terms of the General Data Protection Regulation (DSGVO).

  • "Personal information" is any information that an identified or identifiable natural person (the "data subject") refer (Art. 4 no. 1 DSGVO). Your personal data includes information such as your master data (first and last name, address and date of birth), your contact details (telephone number, e-mail address), your billing information (bank details) and much more.
  • "Processing" means any process performed, with or without the aid of automated procedures, or any such process associated with personal data, such as collecting, collecting, organizing, organizing, storing, adapting or modifying, reading out, and querying Use, disclosure by transmission, dissemination or other form of provision, matching or linking, restriction, erasure or destruction.
  • "Concerned person" means any identified or identifiable natural person whose personal data is processed by the controller.
  • "Responsible person" means the natural or legal person, public authority, body or other body that, alone or in concert with others, decides on the purposes and means of processing personal data. Where the purposes and means of such processing are determined by Union law or the law of the Member States, the controller or the specific criteria for his designation may be provided for under Union or national law.
  • "Processor" means a natural or legal person, public authority, body or body that processes personal data on behalf of the controller.
  • "Recipient" means a natural or legal person, public authority, agency or other entity to whom Personal Data is disclosed, whether or not it is a third party. However, authorities which may receive personal data under Union or national law in connection with a particular mission are not considered as beneficiaries.
  • "Third party" means any natural or legal person, public authority, agency or body other than the data subject, the controller, the processor and the persons who are authorized under the direct authority of the controller or the processor to process the personal data.
  • "Consent" means any expression of will voluntarily and unequivocally made by the data subject in the form of a statement or other unambiguous confirmatory act by the data subject expressing to the person concerned that they are involved in the processing of the personal information concerning them Data agrees.

Collection and processing of personal data

A use of our internet pages is basically possible without any indication of personal data. However, if you wish to use special services of our company through our website, it may be necessary to process your personal data. If the processing of personal data is required and there is no legal basis for such processing, we generally seek the consent of the data subject.

1. Purposes of the survey - category of data - legal basis for the processing

1.1 Anonymous data collection

You can visit our site without actively providing information about yourself. However, we automatically save access data (server log files) such as the name of your Internet service provider, the operating system used, the website from which you visit us, the date and duration of the visit or the name of each visit to the website the requested file, as well as for security reasons, eg. For example, to detect attacks on our websites, the IP address of the computer used for a period of 7 days. These data are evaluated solely for the purpose of improving our offer and do not allow any conclusions to be drawn about you. A merge of this data with other data sources will not be done. The legal basis for processing the data is Article 6 (1) GDPR. We process and use the data for the following purposes: 1. Provision of the Rommelag websites, 2. Improvement of our web pages and 3. Prevention and detection of errors / malfunctions as well as misuse of the web pages. This type of data processing either takes place in order to fulfill the contract for the use of the Rommelag websites or we have a legitimate interest in ensuring the functionality and error-free operation of the Rommelag websites and adapting these websites to users' requirements.

1.2 Use of cookie tracking

In order to make the visit of our website attractive and to enable the use of certain functions, we use so-called cookies on our websites. This is a standard Internet technology used to store and retrieve login and other usage information for all Rommelag website users. Cookies are small text files stored on your device, they allow us to store user preferences, for example, so that our web pages can be displayed in a format tailored to your device. Some of the cookies we use are deleted after the end of the browser session, ie after closing your browser (so-called session cookies). Other cookies remain on your device and allow us or our affiliate to recognize your browser the next time you visit (so-called persistent cookies).

You can set your browser so that you are informed about the setting of cookies and individually decide on their assumptions or exclude the acceptance of cookies for specific cases or in general. Furthermore, the cookies can be subsequently deleted to remove data that websites have stored on your computer.Instructions for this can be found quickly on the Internet. Disabling cookies may result in some restrictions on the functionality of Rommelag websites.

Disable or remove cookies (opt-out)

Each web browser offers ways to restrict and delete cookies. Further information can be found on the following websites:

    • Internet Explorer:

https://support.microsoft.com/de-de/help/17442

    • Firefox:

https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer?redirectlocale=en-US&redirectslug=Cookies

    • Google Chrome:

https://support.google.com/chrome/answer/95647?hl=en

    • Safari:

https://support.apple.com/de-de/HT201265

​​​​​​​1.3 Use of Google Analytics

This website uses functions of the web analytics service Google Analytics. Providers is the Google Inc., 1600 Amphitheater Parkway Mountain View, CA 94043, USA. Google Analytics uses so-called "cookies", text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookies about your use of this website (including your IP address) is transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators, and providing other services related to website activity and internet usage. Google will also transfer this information to third parties if required by law or if third parties process this data on behalf of Google.

Prevent storage of cookies

You can prevent the storage of cookies by a corresponding setting of your browser software; however, we point out that in this case you may not be able to fully use all functions of this website. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

IP anonymization

We have activated the function IP anonymization on this website. As a result, your IP address will be truncated by Google within member states of the European Union or other parties to the Agreement on the European Economic Area prior to transmission to the United States.

Opposition to data collection

If you do not want Google to receive data from your browser when the pages are viewed, here's the link to the Google Analytics Opt- Out solution: http://tools.google.com/dlpage/gaoptout?hl=en , This plug-in prevents the browser from requesting the Analytics code, so Google will not receive any data when the page is viewed. The plug-in is only available for Microsoft Internet Explorer 11, Google Chrome, Mozilla Firefox, Apple Safari and Opera. According to Google, the browser blocks the Google Analytics script after installation. For more information about Terms of Use and Privacy, please visithttp://www.google.com/analytics/terms/en.html or http://www.google.com/intl/de/analytics/privacyoverview.html .

Please note that on this website Google Analytics has been extended by the code " gat.anonymizeIp " in order to ensure an anonymous collection of IP addresses (so-called IP- Masking ).

Demographics in Google Analytics

This website uses the demographics feature of Google Analytics. As a result, reports can be produced that contain statements on the age, gender and interests of the site visitors. This data comes from interest-based advertising from Google and third-party visitor data. This data can not be assigned to a specific person.You can disable this feature at any time through the ad settings in your Google Account, or generally prohibit the collection of your data by Google Analytics as outlined in the section " Opposition to Data Collection ".

1.4.   Using Google Remarketing

This website uses Google Remarketing technology from Google Inc. (1600 Amphitheater Parkway , Mountain View, CA 94043, USA; " Google" ). This is a retargeting technology that allows us to redirect visitors to our website through targeted advertising on the Google Network websites. The insertion of advertising is done through the use of so-called cookies.

For this purpose, cookies are placed on your computer, with the help of which third-party providers, including Google, record which of our websites were visited with your browser. With the help of this information you can then at a later time on other websites, such. For example, as part of Google Search or on Google Network websites, our ads will be presented. For more information about Google privacy and how remarketing works, visit : https://www.google.com/intl/en/policies/privacy/ . You can also disable the storage of cookies through your browser settings and / or opt out of Google Remarketing collection throughhttps://www.google.com/policies/technologies/ads/ .

1.5.   Using Google AdWords

On our website, we use Google Conversion Tracking, an analysis service provided by Google Inc. (1600 Amphitheater Parkway , Mountain View, CA 94043, USA; " Google "). Google AdWords places a cookie on your computer (" conversion cookie ") if you have reached our website via a Google ad. These cookies lose their validity after 30 days and are not used for personal identification. If you visit certain pages of us and the cookie has not expired, we and Google may recognize that someone clicked on the ad and was redirected to our site. Each advertiser receives a different cookie. Cookies can not be tracked through the websites of advertisers. The information gathered using the conversion cookie is used to generate conversion statistics for AdWords advertisers who have opted for conversion tracking. AdWords advertisers are told the total number of users who clicked on their ad and were redirected to a conversion -tagged page. However, they do not receive information that personally identifies users.

If you do not want to participate in tracking, you can object to this use by preventing the installation of cookies by setting your browser software accordingly (deactivation option). You will not be included in the conversion tracking statistics. For more information about Terms of Use and Privacy, please visit:http://www.google.com/policies/privacy/ .

1.6.   Use of Google Ajax search API

On our site is the java script code of the company Google Inc., 1600 Amphitheater Parkway , Mountain View, CA 94043, USA (hereafter: Google). If you have activated JavaScript in your browser and have not installed a Java Script Blocker, your browser may transfer personal data to Google. We do not know what data Google associates with the data received and why Google uses that information. To prevent the execution of Google's Google Script code altogether, you can install a Java Script Blocker for your browser.

For more information about Terms of Use and Privacy, please visit: http://www.google.com/policies/privacy/ .

1.7.   Using Google Maps

We use Google Maps to display maps and create access maps. Google Maps is operated by Google Inc. 1600 Amphitheater Parkway, Mountain View, CA 94043.

By using this website, you consent to the collection, processing and use by Google, one of its agents, or third parties of the information collected and entered by you.

The Google Maps terms of service can be found at: https://www.google.com/intl/en_uk/help/terms_maps.html .

For details, see the Privacy Center at google.com: Transparency and Choice, and Privacy Policy at https://policies.google.com/privacy?hl=en&gl=en .

1.8.   Using Google Doubleclick

We use Doubleclick by Google. This is a service provided by Google Inc., 1600 Amphitheater Parkway , Mountain View, CA 94043, USA ("Google"). DoubleClick by Google uses cookies to present advertisements relevant to you. Your browser will be assigned a pseudonymous identification number (ID) to check which ads have appeared in your browser and which ads have been viewed. The cookies do not contain any personal information. Using the Doubleclick cookies allows Google and its affiliate websites to serve ads based on previous visits to our or other websites on the Internet. The information generated by the cookies is transmitted by Google for evaluation to a server in the USA and stored there. A transfer of the data by Google to third parties takes place only due to legal regulations or in the context of order data processing. In no case will Google match its data with other data collected by Google.

You can prevent the storage of cookies by a corresponding setting of your browser software; However, we would like to point out that in this case you may not be able to use all the functions of our web pages in full.

For details, see the Privacy Center at google.com: Transparency and Choice, and Privacy Policy at https://policies.google.com/privacy?hl=en&gl=en .

1.9.   Using Google Tag Manager

This website uses Google Tag Manager. This service allows website tags to be managed through a single interface. Google Tool Manager only implements tags. This means: no cookies are used and no personal data is collected. Google Tool Manager triggers other tags, which in turn may collect data. However, Google Tag Manager does not access this data. If deactivated at the domain or cookie level, it will remain in effect for all tracking tags as far as they are implemented with the Google Tag Manager.

For details, see the Privacy Center at google.com: Transparency and Choice, and Privacy Policy at https://policies.google.com/privacy?hl=en&gl=en .

1.10.   Using Google AdSense

We have integrated Google AdSense into our website . Provider of the Google AdSense component is the Alphabet Inc., 1600 Amphitheater Pkwy , Mountain View, CA 94043-1351, United States. Google AdSense is an online service that provides third-party advertising mediation. Google AdSense is based on an algorithm that selects advertisements displayed on third-party websites in accordance with the contents of the respective third-party website. Google AdSense allows interest-based targeting of the Internet user, which is implemented by generating individual user profiles.

The purpose of the Google AdSense component is to include advertisements on our website. Google AdSense sets a cookie on the information technology system of the data subject. By using this cookie, Alphabet Inc. provides an analysis of the use of our website. Each time one of the pages of this site is accessed by the controller and a Google AdSense component has been integrated into it, the internet browser on the subject's information technology system is automatically triggered by the Google AdSense component To submit data to Alphabet Inc. for purposes of online advertising and commission settlement. As part of this technical process, Alphabet Inc. gains knowledge of personal information, such as the IP address of the data subject, which is used by Alphabet Inc., inter alia, to understand the origin of visitors and clicks and, as a result, to facilitate commission settlement.

The data subject can prevent the setting of cookies by means of a corresponding setting of the Internet browser used and thus permanently contradict the setting of cookies. Such a setting of the Internet browser used would also prevent Alphabet Inc. from setting a cookie on the information technology system of the person concerned. In addition, a cookie already set by Alphabet Inc. can be deleted at any time via the Internet browser or other software programs.

Google AdSense also uses so-called counting pixels. A counting pixel is a miniature graphic that is embedded in web pages to enable log file recording and log file analysis, whereby a statistical evaluation can be performed. Based on the embedded pixel count, Alphabet Inc. can detect if and when an internet page was opened by an affected person and which links the affected person clicked on. Counting pixels are used, among other things, to evaluate the flow of visitors to a website.

Google AdSense will transfer personal information and information, including the IP address required to collect and bill the displayed advertising, to Alphabet Inc. in the United States of America. This personal information is stored and processed in the United States of America. Alphabet Inc. may transfer such personal information collected through the technical process to third parties.

Google AdSense will be explained at https://www.google.com/intl/en/adsense/start/ .

1.11.   Using Bing ads

We use Universal Event Tracking (UET) from Microsoft Bing Ads. This service is provided by Microsoft Corporation (" Microsoft "), One Microsoft Way, Redmond, WA 98052-6399, USA. This allows us to track our users' activities as long as our website is reached via a Microsoft Bing ad. If users reach our website via such an ad, a cookie will be placed on your computer. On our website a Bing UET tag is integrated. This is a code used to store some non-personally identifiable information about the use of the website in connection with the cookie. This includes, among other things, the length of time spent on the website, which areas of the website were accessed, and which advertisements have reached the website. Information about your identity will not be collected. The collected information is transmitted to Microsoft servers in the USA and stored there for a maximum of 180 days. You can prevent the collection of data generated by the cookie and related to your use of the website as well as the processing of this data by deactivating the setting of cookies. This may limit the functionality of the website. For more information about Bing analytics services, visit the Bing Ads Web site at: https://help.bingads.microsoft.com/#apex/3/en/53056/2 .

For more information about privacy at Microsoft and Bing, see the Microsoft Privacy Policy at: https://privacy.microsoft.com/en-us/privacystatement .

1.12.   Use of social media

Social media features can be used on our website.

By retrieving one of these pages, a connection to the respective social media servers can be established. They are informed that you have visited our website with your IP address. If you would like to comment or like something, etc. and you are logged into your respective account, it may be possible for the social media to assign your visit to our website to you and your user account. We point out that we as the provider of the pages have no knowledge of the content of the transmitted data and their use.

These services are provided by the following companies:

  • Facebook Inc. , 1601 S. California Ave, Palo Alto, CA 94304, USA
  • Linkedin Inc. , 2029 Stierlin Court, Mountain View, CA 94043, United States
  • Xing AG , Dammtorstrasse 30, 20354 Hamburg, Germany
  • YouTube LLC , 901 Cherry Ave., San Bruno, CA 94066, USA
  • Kununu GmbH , Wollzeile 1-3 Top 5.1, 1010 Vienna, Austria
  • Vimeo LCC , White Plains, New York State, USA

Purpose and extent of the data collection and the further processing and use of the data by the provider as well as your related rights and settings options for the protection of your personal data, please refer to the privacy policy of the respective provider:

If you do not want the respective social media to be able to allocate the visit on our site to your respective account, then you must log out of the respective service before you visit our website.

1.13.   Use PayPal as payment method

We have integrated on our website rommelagshop.signal-server.de components of PayPal. The European operating company of PayPal, the PayPal (Europe) S.à.rl. & Cie. SCA, 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg. PayPal is an online payment service provider. Payments are made through so-called PayPal accounts, which are virtual private or business accounts. In addition, PayPal has the ability to process virtual payments through credit cards if a user does not have a PayPal account. A PayPal account is managed via an email address, which is why there is no classic account number. PayPal makes it possible to initiate online payments to third parties or to receive payments. PayPal also takes on trustee functions and offers buyer protection services.

If the data subject selects "PayPal" as a payment option during the order process in our online shop, data of the data subject will be automatically transmitted to PayPal. By selecting this payment option, the data subject consents to the transfer of personal data required for payment processing.

The personal data sent to PayPal are usually first name, last name, address, email address, IP address, telephone number, mobile phone number or other data required for payment processing. For the execution of the purchase contract, also such personal data are necessary, which are in connection with the respective order.

The purpose of the transmission of the data is payment processing and fraud prevention. The controller will provide PayPal with personally identifiable information, in particular if there is a legitimate interest in the transfer. The personal data exchanged between PayPal and the controller may be transferred by PayPal to credit reporting agencies. This transmission aims at the identity and credit check.

PayPal may disclose personal information to affiliates and service providers or subcontractors, to the extent necessary to fulfill its contractual obligations or to process the data on behalf of.

The data subject has the option to revoke the consent to the handling of personal data against PayPal at any time. A revocation has no effect on personal data which must be processed, used or transmitted for (contractual) payment processing.

PayPal's applicable privacy policy is available at www.paypal.com/webapps/mpp/ua/privacy-full.

1.14.   Contact / Request

On our site you have the possibility to send us inquiries via contact form. Your details from the contact form (content of your request, subject of your request and date) including the contact details provided by you (name, company and email) will be stored in order to process the request and in case of follow-up questions.The legal basis for the collection and processing of data is Article 6 (1) GDPR.

The data entered by you in the contact form will remain with us until you ask us to delete it, revoke your consent to the storage or the purpose for the data storage is omitted (eg after completion of your request). Mandatory statutory provisions - especially retention periods - remain unaffected.

1.15.   E-mail contact

If you send us inquiries or information by e-mail, your details (e-mail address, content of your e-mail, subject of your e-mail and date) will include your contact details (name, surname, Telephone number, address) for the purpose of processing the request and in case of follow-up questions. We will not share this information without your consent. The legal basis for the collection and processing of data is Article 6 (1) GDPR.

The user is cautioned that e-mails can be read or changed unauthorized and unnoticed during transmission. Rommelag uses a software for filtering unwanted emails (spam filters). The spam filter can reject e-mails if they have been identified as spam by certain features.

The data you enter will remain with us until you ask us to delete it, revoke your consent to the storage or the purpose for the data storage is omitted (eg after completion of your request). Mandatory statutory provisions - especially retention periods - remain unaffected.

1.16.   Career area / Online application

On our site you have the opportunity to use the career area and / or submit applications by e-mail. The personal data (master data, contact data, attachments such as cover letter, CV, certificates, etc.) of applicants are collected and processed for the purpose of processing the application process. The processing can also be done electronically. This is particularly the case if an applicant submits the relevant application documents, for example by e-mail or via a web form located on the website, to the controller. If the controller concludes a contract of employment with an applicant, the data transmitted will be stored for the purposes of the employment relationship in accordance with the law. If no contract of employment with the candidate is concluded by the controller, the application documents will be automatically deleted six months after the rejection decision has been announced, provided that deletion does not prejudice any other legitimate interests of the controller. Other legitimate interest in this sense is, for example, a burden of proof in a procedure under the General Equal Treatment Act (AGG). The legal basis for the collection and processing of data is Article 6 (1) GDPR.

1.17. applicant pool

When applying online, you have the opportunity to expressly agree that we may save and use your data beyond the current application procedure. With this consent, we can then inform you about new vacancies or vacancies that interest you.

1.18. E-Shop

On our page http://rommelagshop.signal-server.de/ you, as an employee of the Rommelag Group, have the opportunity to use our e-shop. You have to register here. For this purpose, we collect master data and contact information from you. Mandatory information necessary for the execution of the contracts is marked separately, further details are voluntary. We process your data for the following purposes:

    • To process your order and possibly return the orders
    • We also process your data to create and manage your personal account
    • Contact in case of problems with the delivery of your products
    • Answering your questions and notifications about new or changed services

If necessary, we must pass on this data to third parties such as processors , parcel services, banks, tax authorities, etc. in order to fulfill our contractual obligations . The legal basis for the collection and processing of the data is Article 6 (1) GDPR. The data entered by you remain with us until the ordering process is completed, if necessary, the order processes are saved for you to the overview. Your consent to the storage revoke or the purpose for the data storage is omitted. Mandatory legal provisions - in particular retention periods according to commercial and tax law - remain unaffected.

customer account

You can voluntarily create a customer account, through which we can save your data for later purchases. If you create an account under "My Account", the data you provide will be revocably stored. All other data, including your user account, you can always delete in the customer area.

2. Transmission of the data

2.1.   Transmission internally, within Rommelag

We transfer your data internally to the administration, sales or human resources department to fulfill our contractual or legal obligations. A data transfer or disclosure of your data is only to the extent necessary for this purpose in compliance with the relevant data protection regulations.

2.2.   Transmission across the Group / groupwide

Rommelag is a globally operating group of companies based in Germany. The data you submit to us will be stored in our centralized customer database in Germany and shared within the group for administration purposes. Should the data be exchanged within the group of companies , this will be done to fulfill a contract or as a condition of use for the websites. There may also be an interest in sharing this information for internal, administrative purposes. If the processing of your data takes place outside of Europe, for example in China, Switzerland or the USA, this transmission takes place in compliance with all valid data protection laws and especially gem. Art. 44 f. DSGVO instead.

2.3.   Transmission to third parties

We transmit your data to certain third parties in order to be able to provide corresponding applications and services (so-called " order processors ") that provide external services for us. For example, newsletter services, IT providers, etc. These process the data only according to our instructions, and they are prohibited from using this data for their own commercial purposes, which do not meet the agreed purposes.

A transfer to other third parties may take place in order to fulfill our duties (authorities, banks, social security institutions, etc.).

We need to disclose personal information if we are required to do so within the framework of ongoing legal proceedings, due to a decree law, or under applicable law (Art. 6 para. 1 lit . F DSGVO).

We will only share your personal information if:

  • Your Art. 6 para. 1 sentence 1 lit . a DSGVO have given express consent to this
  • disclosure pursuant to Art. 6 para. 1 sentence 1 lit . f DSGVO is required to assert, exercise or defend legal claims and there is no reason to assume that you have a predominantly legitimate interest in not disclosing your data,
  • in the event that the disclosure pursuant to Art. 6 para. 1 sentence 1 lit . c DSGVO is a legal obligation, as well
  • permitted by law and in accordance with Art. 6 para. 1 sentence 1 lit . b DSGVO is required for the settlement of contractual relationships with you.

If the processing of your data takes place outside Europe, this transmission takes place in compliance with all applicable data protection laws and especially gem. Art. 44 f. DSGVO instead.

2.4.   Transmission to a third country or international organization

We may transfer your data to countries outside the EU or the EEA (so-called third countries) for the above-mentioned purposes (transmission across the Group (number 4.2) and transmission to third parties (number 4.3)). The transmission takes place only to the execution of our contractual and legal obligations or by your consent. This transmission takes place in compliance with all applicable data protection laws and especially gem. Art. 44 f. DSGVO instead. In particular, either on the basis of adopted adequacy decisions by the European Commission or on the basis of certain guarantees (eg standard data protection clauses, etc.).

3. Further notification obligations

3.1.   Existence of automated decision making including profiling

As a responsible company we refrain from automatic decision-making or profiling .

3.2.   Duration of storage

In principle, we store your data for as long as is necessary for the provision of our services or if this has been provided for by the European directives and regulations or any other legislator in laws or regulations which the controller is subject to . In all other cases, we will delete your personal information after it has been completed, except for any information we may need to retain in order to comply with legal obligations (for example, we are required by tax and commercial retention requirements, such as contracts and to keep invoices for a certain period of time).

4. Final part of the privacy policy

4.1.   Technical security

Rommelag uses technical and organizational security measures to protect the data we manage against accidental or intentional manipulation, loss, destruction or access by unauthorized persons. Our security measures are continuously improved in line with technological developments.

This site uses Secure Socket Layer (SSL) encryption in conjunction with the highest level of encryption available from your browser for security and to protect the transmission of sensitive content, such as requests you send to us as a site operator is supported. This is usually 256-bit encryption. If your browser does not support 256-bit encryption, we'll use 128-bit v3 technology instead. Whether a single page of our website is transmitted in encrypted form can be recognized by the fact that the address line of the browser changes from "http: //" to "https: //" and to the lock symbol in your browser line.

If SSL encryption is enabled, the data you submit to us can not be read by third parties.

We point out that data transmission over the Internet (eg in the case of communication via e-mail) can have security gaps. A complete protection of the data from access by third parties is not possible.

4.2.   Legal basis of processing

Art. 6 I lit . A GDPR serves our company as the legal basis for processing operations in which we obtain consent for a particular processing purpose.

If the processing of personal data is necessary to fulfill a contract of which the data subject is a party, as is the case, for example, in processing operations necessary for the supply of goods or the provision of any other service or consideration, processing shall be based on Art. 6 I lit . b DSGVO. The same applies to processing operations that are necessary to carry out pre-contractual measures, for example in cases of inquiries regarding our products or services.

Our company is subject to a legal obligation by which a processing of personal data is required, such as for the fulfillment of tax obligations, the processing is based on Art. 6 I lit . c DSGVO.

In rare cases, the processing of personal data may be required to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor to our premises were injured and his or her name, age, health insurance or other vital information would have to be passed on to a doctor, hospital or other third party. Then, the processing of Art. 6 I'd lit . d DSGVO are based.

Ultimately could processing operations on Art. 6 I lit . f DSGVO are based. On this legal basis, processing operations that are not covered by any of the above legal bases are required if processing is necessary to safeguard the legitimate interests of our company or a third party, unless the interests, fundamental rights and fundamental freedoms of the person concerned prevail. Based processing of personal data Article 6 I lit . f DSGVO is our legitimate interest in conducting our business for the benefit of all of our employees and our customers.

4.3.   Legal or contractual provisions for the provision of personal data; Necessity for the conclusion of the contract; Obligation of the data subject to provide the personal data; possible consequences of non-provision

We clarify that the provision of personal data is partly required by law (eg tax regulations) or can also result from contractual provisions (eg information about the contracting party). Occasionally it may be necessary for a contract to be concluded that an affected person provides us with personal data that must subsequently be processed by us. For example, the data subject is required to provide us with personal information when our company enters into a contract with her. Failure to provide the personal data would mean that the contract with the person concerned could not be closed. Prior to any personal data being provided by the person concerned, the person concerned must contact one of our employees.Our employee will inform the individual on a case-by-case basis whether the provision of the personal data is required by law or contract or is required for the conclusion of the contract, whether there is an obligation to provide the personal data and the consequences of the non-provision of the personal data.

4.4.   Minor hint

This online offer is not intended for children under the age of 16. Persons under the age of 16 may not submit personal data to Rommelag without the consent of their legal guardians.

4.5.   Rights of the persons concerned

You have the right to information about the data stored by us, duration of the data, purpose and legal basis of storage as well as origin and recipient of transfers. Incorrect data should be corrected, data deleted inadmissible or no longer required should be deleted. In addition, the data subject has a right to object, a right to restriction of processing and the right to data portability.

This information will be generated at your request. This information is free of charge.

You also have the right to file a complaint directly with a regulator.

4.6.   Revocation of your consent to data processing

Some data processing operations are only possible with your express consent. You have the possibility to revoke an already given consent at any time. An informal message to datenschutz@ rommelag.com by email to us is enough. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

4.7.   Responsible body and contact details of the external data protection officer

Responsible body:

rommelag

Plastic Machines Vertriebsgesellschaft mbH

Mayenner Str. 18-20

71332 Waiblingen

Tel .: 07151 958 11 0

E-Mail: datenschutz@rommelag.com

Contact details of the external data protection officer:

Stefan Fischerkeller

German data protection law firm

Tel .: 07544 904 96 91

E-Mail: fischerkeller@ddsk.de