Privacy

reviewed: 10/2019

We process personal data (hereinafter referred to as “data”) of users only to the extent necessary to provide a functional and convenient website, content and services.

“Processing” means the collection, use, transmission and/or storage of data. According to the General Data Protection Regulation (hereinafter referred to as “GDPR”), “personal data” basically means all data which identifies a natural person. The exact definitions of the terms are laid down in Art. 4 GDPR.

The following information will inform you in particular about the type, scope, purpose, duration and legal basis of the processing of personal data. The purposes and means of the processing of such data will be decided by us alone or jointly with others. Also information about the components of third parties which we may use for optimisation and quality of use and which process data on their own responsibility will be provided:

_________________________________________

I. Information about the person responsible
II. Rights of the user
III. Information on data processing
_________________________________________

I. Information about the person responsible

The person responsible (hereinafter referred to as the “Provider”) within the meaning of the GDPR and other national data protection laws of the member states as well as other data protection provisions is:

Ruhrtaler Gesenkschmiede F.W. Wengeler GmbH & Co. KG.
Feldstr. 1
58456 Witten

Phone: +49 2302 7080
Fax: +49 2302 70838
E-mail: info(at)ruhrtaler.de

The data protection officer of the person responsible can be contacted as follows:

Herr WP/StB Dirk Reiser
ReiserSchmidt Westfalen-Treuhand GmbH
datenschutz@reiserschmidt.de

II. Rights of the user

The user has the right with regard to the processing of his personal data as given below by the provider,

1. to request confirmation as to whether the data relating to him will be processed and to obtain precise information about this data as well as further information and copies of the data in accordance with Art. 15 GDPR;

2. to demand the immediate rectification of the incorrect data concerning him or the completion of such data in accordance with Art. 16 GDPR;

3. to demand that the data concerning him to be deleted immediately in accordance with Art. 17 GDPR, alternatively, if, for example, further processing in accordance with Art. 17 para. 3 GDPR is necessary, to demand a restriction of the processing of the data in accordance with Art. 18 GDPR;

4. that he receives the data relating to him and provided by him in accordance with Art. 20 GDPR and to demand that it is transferred to other persons responsible;

5. lodge a complaint to the supervisory authority pursuant to Art. 77 GDPR if the user has the opinion that the processing of his data by the provider violates the GDPR.
_________________________

6. The user may object at any time to future processing of the data relating to him by a data controller on the basis of Art. 6 para. 1 lit. f GDPR in accordance with Art. 21 GDPR. In particular, the objection may be raised against processing for the purposes of direct marketing.
_________________________

7. The provider is also obliged to notify all recipients of personal data to whom the data has been disclosed when any rectification or erasure of the personal data or any restriction on processing it pursuant to Article 16 GDPR, Article 17(1) GDPR and Article 18 GDPR is made. This obligation shall not apply if the communication proves to be impossible or involves a disproportionate effort. The Customer has the right to obtain information regarding these recipients.

III. Information on data processing

As far as no detailed information on the individual data processing is given below, the data of the user processed by the provider will be deleted or blocked as soon as the purpose of storage no longer applies and the deletion does not conflict with any legal storage obligations.

Server data

For reasons of communication and security the following data which the user’s Internet browser transmits to the provider and the webspace provider, is collected during a visit to the website (so-called server log files):

– Browser type and version;
– the operating system used;
– Website from which the user switched to the provider’s website (referrer URL);
– Website visited by the user;
– Date and time of access;
– Internet protocol (IP) address of the user.

The data is also stored temporarily. This data is not stored together with other personal data of the user. The legal basis for the temporary storage is Art. 6 para. 1 lit. f GDPR based on the legitimate interest in improving the stability, functionality and security of the website.

The data will be anonymised after seven days at the latest. Data whose further storage is necessary for evidence purposes shall be excluded from anonymization until the respective incident has been finally clarified.

Cookies

a) “Session”-Cookies/ “Persistent”-Cookies

The provider uses so-called cookies on its website. Cookies are small text files or other storage technologies that the Internet browser of the user stores on the end device. These cookies process certain information of the user to an individual extent, such as browser, location data and IP address values.

The processing enables the provider to make his website more user-friendly, effective and secure.

The “persistent” cookies allow the website to recognize the user via his browser during a prompt repeated visit to the website in order not to display the information already given on cookie-use again.

The processing serves the legitimate interest of the provider in improving the functionality of the website as well as the fulfilment of legal requirements and is based on the legal basis of Art. 6 para. 1 lit. f GDPR.

“Session” cookies are deleted when the user closes his browser. “Persistent” cookies are automatically deleted after a period specified by the provider. This period varies depending on the cookie, but does not exceed one day.

b) Cookies from third parties

Cookies from third parties may also be used on the provider’s website. These third parties are partner companies with whom the provider cooperates for the purpose of advertising, analysis or the functionalities of the website. If this is the case, the purposes and legal bases of the corresponding processing are described in the following.

c) Possibility of disposal

The user can prevent or restrict the installation of cookies by making the appropriate browser settings. Cookies that have already been saved can also be deleted at any time. The settings for this depend on the respective browser. In the case of Flash cookies, processing cannot be prevented using the browser settings, but by setting the Flash Player accordingly.  Should the user prevent or restrict the installation of cookies it may result in missing functions and the website might not be fully functional.

Contact

If the user contacts the provider, the personal data of the user entered on this occasion will be used to process the request. The data is necessary to answer the request, without the provision of the data a response is not or only limited possible.

If the contact request serves the fulfilment of a contract or the initiation of a contract, the legal basis is Art. 6 Para. 1 lit. b GDPR.

The user’s data will be deleted if the user’s enquiry has been conclusively answered and there are no legal obligations to retain data, e.g. in the case of subsequent contract processing.

The legal basis may also be the user’s consent pursuant to Art. 6 para. 1 lit. a GDPR.

According to Art. 7 para. 3 GDPR, the user may revoke his consent at any time by notifying the provider.

Google Fonts

To display the font on the website, the provider uses external fonts in form of “Google Fonts”, a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter referred to as “Google”.

Google LLC is certified according to the “EU-US Privacy Shield” and thereby assures compliance with the data protection regulations of the EU when processing data in the USA.

https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

When the provider’s website is accessed, a connection is established to the Google server in the USA in order to enable the font to be displayed or updated.

The legal basis for this is Art. 6 para. 1 lit. f GDPR. The legitimate interest of the provider is in the optimisation and economic operation of the website.

This connection enables Google to identify the website from which an enquiry is sent and the IP address to which the font is sent.

Google offers further information, in particular on the possibilities of preventing the use of data, under the following links:

https://policies.google.com/privacy
https://adssettings.google.com/authenticated

Google reCAPTCHA

In order to ensure interactions on the Website by persons and not by automated processing (e.g. “bots”), the Provider uses the “reCAPTCHA” component of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter “Google”.

Google LLC is certified according to the “EU-US Privacy Shield” and thereby assures compliance with the data protection regulations of the EU when processing data in the USA.

https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

This function enables Google to recognize which website is sending a request and with which IP address. In addition to the IP address, Google may collect other information necessary for the service to function.

The legal basis for this is Art. 6 Para. 1 lit. f GDPR. The legitimate interest of the provider is to ensure that the website can be accessed and to prevent spam.

Google offers further information on the general handling of user data under the following link:

https://policies.google.com/privacy

jsdelivr.net- CDN

The provider uses the jsdeliver.com service, a content delivery network, for the retrieval speed, design and presentation of the content offered on different terminal devices.

In order to deliver the content quickly, the service uses so-called JavaScript libraries (collections of technical instructions) to deliver the content to the user’s browser as quickly as possible. For this purpose, corresponding files are loaded from a third party server. As a result, the server records the IP address of the user. The provider has no influence on whether the IP address is processed by third parties for statistical purposes.

jsdelivr.net- CDN is an open source tool developed by Prospectone Sp. z o.o., ul. Krolweska 65A, 30-081, Krakow, Poland.

The legal basis for the use of this technology is Art. 6 para. 1 lit. f GDPR. The legitimate interest of the Provider is to improve the quality of use and the loading speed of the Website.

Information on the processing of data by Prospectone Sp. z o.o. can be accessed via the following link:

https://www.jsdelivr.com/privacy-policy-jsdelivr-net

In order to prevent jsdeliver.net from executing the Java-Script code, the user can install a JavaScript blocker (e.g. www.noscript.net or www.ghostery.com). If the user prevents or restricts the execution of the Java-Script code, this may result in malfunction of the website.

OpenStreetMap

The provider uses the “OpenStreetMap” component of the OpenStreetMap Foundation, St John’s Innovation Centre, Cowley Road, Cambridge, CB4 0WS, United Kingdom, hereinafter referred to as “OpenStreetMap”, to provide directions to the location.

When the “OpenStreetMap” component is called, OpenStreetMap sets cookies in order to process user settings and data when displaying the page and the associated functions on which the “OpenStreetMap” component is integrated.

The legal basis for this is Art. 6 para. 1 lit. f GDPR. The legitimate interest of the provider is in optimising the functionalities of the website.

Through the connection, OpenStreetMap can recognize from which website an enquiry is sent and to which IP address the travel route shall be transmitted to.

If the user does not agree with this processing, it is possible to prevent the installation of cookies by setting the browser accordingly. For more information, see “Cookies” above.

Further information on data processing by OpenStreetMap can be found under the following link:

https://wiki.osmfoundation.org/wiki/Privacy_Policy

mywebsite-editor.com

The provider uses the web service “mywebsite-editor.com” for the functionality of the website. mywebsite-editor.com” is an offer of 1&1 IONOS SE, Elgendorfer Str. 57, 56410 Montabaur.

By integrating “mywebsite-editor.com”, the user’s browser loads a required Java script code from the “mywebsite-editor.com” server to display the content. As a result, “mywebsite-editor.com” becomes aware that the provider’s website has been accessed via the user’s IP address.

A session cookie is also used here.

The legal basis for data processing is Art. 6 Para. 1 lit. f GDPR. The justified interest consists in a uniform and appealing representation of the web page.

The user can prevent the collection and processing of his data by “mywebsite-editor.com” by deactivating the execution of script code in his browser or by installing a script blocker (e.g. www.noscript.net or www.ghostery.com ).