Personal data comprise all facts allowing the identification of individual persons. These include the name, date of birth, address, telephone number, E-Mail address, but also your IP address.
Data are anonymous, if no connection can be made to the user as an individual person.
Responsible department and data protection supervisor
Address: Vorstadt 1, 96190 Untermerzbach
Contact: www.rosler.com, +49 9533 924-0, datenschutzroslercom
Contact information for the data protection supervisor: datenschutzroslercom
Your personal rights
First we want to inform you about your personal rights. These rights are spelled out in articles 15 – 22 EU-DS-GVO. They include:
- The right of access by the data subject (art. 15 EU-DS-GVO),
- The right to erasure (“right to be forgotten”), (art. 17 EU-DS-GVO),
- The right to rectification (art. 16 EU-DS-GVO),
- The right to data portability (art. 20 EU-DS-GVO),
- The right to restriction of processing of personal data (Art. 18 EU-DS-GVO),
- The right to object to the handling of personal data (art. 21 EU-DS-GVO).
To assert your rights and for any questions regarding the handling of data in our company please contact datenschutzroslercom. In addition, you have the right to file a claim with a data protection authority.
Transparency and information requirements
Transparency and information obligations for customers, suppliers and contractual partners of Rösler Oberflächentechnik GmbH in accordance with the EU General Data Protection Regulation.
Right to object
In connection with your right to object please consider the following:
Whenever we are using your personal data for the purpose of direct advertising (e.g. direct mailing) you have the right to object to this type of data handling at any time without having to provide a reason. This also applies to a profiling, if it takes place in connection with direct advertising activities.
As soon as you object to the use of your personal data for the purpose of direct advertising, we will no longer do so. Your objection is free-of-charge and can be done entirely at your discretion, preferably addressed to: marketingroslercom.
In case we are handling your data for safeguarding legitimate interests, you can object to this data handling for reasons associated with your personal situation at any time; this applies also to profiling based on these interests.
We will no longer use your personal data unless we can state compelling reasons, which will overrule your interests, rights and freedoms or, if the use of your data serves to enforce or defend legal claims by our company.
Purpose and legal basis for handling of data
The processing of your personal data is done in full compliance with the requirements of the EU-DS-GVO and all other applicable regulations pertaining to data protection. Especially article 6 EU-DS-GVO is the legal basis for the handling of data.
We are using your data for initiating business relations, for fulfilling contractual and legal obligations, for executing contractual relationships, for offering products and services and for deepening our customer relations. The latter can also include studies for marketing purposes and direct advertising.
Your consent automatically includes our obligation for handling your data in line with data protection regulations. In this connection we inform you about the purpose of using your data and your right to object. If your consent also includes the use of particular categories of your personal data, we will specifically point this out upon your consent per article 88, paragraph 1 EU-DS-GVO.
The use of particular categories of personal data as described in article 9, paragraph 1 EU-DS-GVO only takes place, if and when this is required for legal reasons and if there is no reason to assume that the protection of your data outweighs their use, article 88, paragraph 1 EU-DS-GVO.
Passing of data to third parties
We will only pass your data to third parties in compliance with legal regulations or with your express consent. Otherwise no transfer to third parties takes place, unless we are obligated to do so because of binding legal requirements (providing of data to external authorities like, for example, supervisory offices or for criminal investigations).
Data recipients / recipient categories
Within our company we ensure that only those people who require your personal data for the fulfillment of contractual or legal obligations receive them.
Frequently, service providers support our employees in their work. We have concluded the required data protection contracts with all our service providers. For the administration of our website one external service provider has temporary access to personal data from the respective contact forms.
Transfer of data to countries outside the EU, respectively, the European economic region / Intent to transfer data to such countries
The transfer of data to other countries (outside of the European Union, respectively, the European economic region) only takes place, if it is legally required for settling debts and handling of enquiries or, if you have given your consent to such transfers.
We transmit your personal data to a service provider or to subsidiary companies outside of the European economic region: USA, Switzerland, Russia, Serbia, Brazil, China, India. In addition, we have a global network of representatives, who might also receive personal data. The compliance with data protection regulations is ensured through our corporate privacy rules.
Duration of data storage
We keep your data as long as they are required for a specific purpose. Please keep in mind that numerous data storage regulations stipulate the storage of data beyond their specific purpose. This applies mainly to data storage periods prescribed by commercial and tax laws (for example, the German commercial code, tax regulations, etc.). After they have fulfilled their purpose and no other data storage requirements exist any more, the data are routinely deleted.
Please take into consideration that we can keep data, for which we have received your consent or, for legal disputes for which we use the data as evidence within the scope of legal statutes of limitation, which can have a duration of 30 yeas; the normal statute of limitation expires after three years.
Safe transmission of data
To protect the data handled by our company against accidental or deliberate manipulation, loss or access by non-authorized persons, we are utilizing the required technical and organizational protective tools. The level of protection is continuously reviewed with data safety experts and adapted to the latest data safety standards.
The data traffic to and from our website is encoded. The transmission protocol for our Internet presentation is HTTPS utilizing the most current encoding systems (TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384, 256-Bit-key, TLS 1.2). In addition, in case of job applications we offer our users the possibility for encoding contents. These data can only be de-coded by us. Of course, there is always the possibility of alternative communication channels (for example, by mail).
Obligation to make data available
Various personal data are needed to fulfill all contractual and legal obligations arising from the creation, execution and termination of a financial relationship. The same applies to the use of our website and the various functions made available in our website.
Details to this subject have been summarized above. In certain cases legal regulations require the collection of data and making them available to third parties. Please keep in mind that processing of your enquiry or the execution of the financial relationship resulting from this is not possible without making these data available.
Categories, sources and origin of the data
The underlying context determines which data we are using: For example, you may place an online purchase order, send us an enquiry through the contact form, send us an application or file a claim.
Please note that we may pass certain information requiring special processing separately to the responsible department/persons, for example, uploading of job applications or contact forms.
When you visit our website, we collect and process the following data:
- Name of the Internet service provider
- Information about the website, from which you visit us
- Your web browser and operating system
- The IP address assigned by your Internet service provider
- Requested files, transferred data volume, downloads/file export
- Information about the pages/sections in our website you visit with date and time
- For safety reasons (especially to protect against attempted attacks against our web server) these data are stored in line with article 6, paragraph 1 lit. F EU-DS-GVO. Anonymization by shortening the IP address takes place after 30 days at the latest so that no connection to the user is established.
In case of website enquiries we collect and handle the following data:
- Last and first name
- Contact information
- Details about your interests and your specific request
Contact form / Contact by E-mail (art. 6 paragraph 1 lit. a, b EU-DS-GVO)
Our website contains a contact form that can be used electronically. If you contact us with this form we are using the data you provided in the form to reply to your questions and requests.
When you contact us by E-mail, we will use the personal data listed in your E-mail only for processing your enquiry. If you do not use our contact forms, no additional data will be collected.
Newsletter (art. 6 paragraph 1 lit. a EU-DS-GVO)
We provide information about new products and offerings at regular intervals in our newsletter, utilizing newsletter web bugs and link-tracking to monitor its success. The web bug measures the opening of the respective newsletters and the link-tracking counts the number of clicks on the respective links in the newsletter. Thanks to the anonymising, neither method permits conclusions to be drawn with regard to an individual person. The web bug and tracking data processing is implemented with Google Analytics. In addition, we also carry out success evaluations and customer satisfaction surveys after projects have been completed and at regular intervals. This data is collected on the basis of your consent (Art. 6 I lit. a GDPR). You can withdraw this consent at any time, informally via firstname.lastname@example.org. The linking to user IDs will be automatically deleted after a period of 14 months.
Advertising directed at existing customers (art. 6 paragraph 1 lit. f EU-DS-GVO)
The Rösler Oberflächentechnik GmbH is keen to cultivate the relationship with you as our valued customer and to send you information and offers about our products / services in the form of newsletters. For this reason we are using your data to send you the respective information and offers per E-mail.
If you do not want to receive such E-mails you can object to the use of your personal data for these direct advertising activities at any time; this applies also for a profiling in connection with direct advertising. Once you object, we will no longer use your data for this purpose. Your objection is free-of-charge and can be done entirely at your discretion, preferably by E-mail addressed to: email@example.com or by mail to Vorstadt 1, 96190 Untermerzbach.
Portal for job applicants (art. 6 paragraph 1 lit. a, b EU-DS-GVO
We are pleased to learn about your interest in working for the Rösler Oberflächentechnik GmbH. We appreciate the confidentiality of your personal data and are using them only for the purpose of an effective and correct processing of your job application and for contacting you when processing your application. Your data will not be passed on to third parties without your approval.
In the application form you are asked for personal data. In this connection we follow the principle of keeping the data volume at a minimum by only requesting information required to thoroughly examine your application, for example your CV (curriculum vitae), or those data we must collect by law. These mandatory fields are marked with *(asterisk). For technical and legal reasons your IP address will also be registered.
Without these data we, unfortunately, will not be able to process your application. In this case our application processing system will not allow uploading of the application forms. Of course, you have the possibility to voluntarily add data in your application form.
To provide the best possible protection for the safety and confidentiality of your data, we are utilizing special safety software. The transmission of your application documents to us is always encoded.
We store your data solely for the purpose described above, until the application process is completed and respective deadlines have expired – latest six months after a decision has been communicated. However, you may want us to keep your application forms for a longer period so that we can match your profile with other vacant positions in our company.
For this we need your approval, which you can provide by clicking on the respective checkbox when uploading your application. In this case we store your data for twelve months. Of course, you can always withdraw your consent with immediate effect by phone +49 9533 924 456, per E-mail to firstname.lastname@example.org or by mail to Personal, Hausen 1, 96231 Bad Staffelstein.
Automated decisions in single cases
We are not utilizing fully automated processes to make and implement a decision.
Cookies (art. 6 paragraph 1 lit. f EU-DS-GVO / art. 6 Abs. 1 lit a EU-DS-GVO with consent)
Our web pages are using so-called cookies in various places. They serve the purpose to make our presentation more user-friendly, more effective and safer. Cookies are small text files that are stored on your computer, and which your browser stores locally on your hard drive.
With the help of these cookies we can analyze, how users are navigating our website. This allows us to adapt our website content to the requirements of our website visitors. Moreover, the cookies allow us to measure the effectiveness of a specific advertisement and to arrange its placement in line with the interests of our users to a given subject.
Most of the cookies used by us are so-called “session cookies”. They are automatically deleted after your visit. Permanent cookies are automatically deleted on your computer, as soon as they expire (usually after 6 months), or if you delete them prior to their expiration date.
Most web browsers accept cookies automatically. But you can change the settings of your browser, if you do not want your information to be used. In spite of this you can still fully explore the offers from our website (exception: Configurators).
We are using cookies to make our presentation more user-friendly, more effective and safer. Moreover, the cookies help us analyze how the users are navigating through our web pages. This helps adjust our content to the visitor requirements. Last-but-not least, the cookies allow us to measure the effectiveness of a certain advertisement and to arrange its placement in line with the subject interests of our users.
Please be aware: By deactivating the cookies you may not be able to use all functions offered in our website.
User profiles / web tracking methods (legal basis: Art. 6 paragraph 1 lit. f EU-DS-GVO)
1. Google Analytics
This website uses Google Analytics, a web analytical service of Google Inc. ("Google"). Google Analytics uses so-called "cookies", text files that are stored on your computer and that allow an analysis of your visit to our website. The details about your visit to our website created by the cookies are normally transmitted to a Google server in the United States, where they are stored.
On our website we are utilizing a software that makes your IP address anonymous: Within the European Union and other countries in the European economic region abiding by the EU general data protection regulation your IP address is abbreviated, before it is transmitted to Google. Only in exceptional cases will the full IP address be transmitted to a Google server and abbreviated there.
Upon request by the owner of this website Google is using this information to analyze the usage pattern for this website, prepare reports about the website traffic and provide additional services regarding website usage and Internet traffic for the website owner. The IP address transmitted by your browser to Google Analytics is not merged with other data stored at Google. You can prevent the collection and storage of the cookies with the respective settings in your browser; however we wish to point out that in this case you may not be able to use all functions available in this website. You can also prevent the collection of data and their use by Google (including your IP address) generated by the cookies and initiated by your visit to this website, by downloading and installing a browser-add-on available under the following HTML link and installing on your computer: <a href="https://tools.google.com/dlpage/gaoptout">Google Analytics AddOn</a>
2. Google-Tag-Manager (GTM)
Our website uses the Google Tag Manager offered by Google. This service allows managing website tags with one single interface platform. The Google Tag Manager only implements tags. This means: No cookies are used and no personal data are collected. The Google Tag Manager initiates other tags, which in turn may collect data. However, the Google Tag Manager does not access these data. If a deactivation was initiated on the domain or cookie level, it will be effective for all tracking tags, provided these are implemented with the Google Tag Manager.
3. Double Click
Webinars / video conferencing (Art. 6 para. 1 p. 1 lit. b, f European Union General Data Protection Regulation (EU-GDPR), § 26 Federal Data Protection Act (BDSG))
Rösler Oberflächentechnik GmbH uses video conferencing services to conduct webinars on various topics offered. For this purpose, Rösler Oberflächentechnik GmbH uses the video conferencing tool Zoom. Zoom is a service of Zoom Video Communications, Inc. which is based in the USA. Zoom is used either via your web browser or, alternatively, via the Zoom app installed on your end device.
We would like to point out that further data processing, for example in connection with accessing the Zoom website and/or installing the Zoom app, is not our responsibility.
When using Zoom, your user data stored at Zoom (e.g. name, email address, profile picture, language, etc.) is processed. Additionally, connection data (e.g. IP address) and metadata (e.g. meeting ID, phone numbers, dates, etc.) is collected. Finally, image and sound data from you is processed. For this purpose, Zoom gains access to the camera and microphone of your end device for the duration of the transmission, if you allow this. The image and sound transmission can be suspended by you at any time. In addition, it is possible to make text entries (chat) and to transfer files together with their contents (in the case of file exchange).
The processing of the data is carried out for the implementation of webinars and serves the implementation of pre-contractual measures or the fulfilment of the contract, Art. 6 para. 1 p. 1 lit. b EU-GDPR. Insofar as the video conferences take place within the company between employees on the basis of § 26 (1) BDSG. Furthermore, the data processing is carried out on the basis of our legitimate interest in effective communication design according to Art. 6 para. 1 p. 1 lit. f EU-GDPR.
The data will only be stored for as long as is absolutely necessary to achieve the purpose and for as long as there are no statutory retention obligations that prevent deletion. Please note that the data may have to be stored for verification purposes based on legal retention obligations. In this case, the data will be deleted at the latest after expiry of the respective retention period.
1. Use of social media buttons with "Shariff"
On this website we are using the c't project "Shariff". This replaces the usual share buttons of the social networks and, therefore, protects the surfing patterns. "Shariff" places the share buttons of the social networks only as a graphic that creates a link to the respective social network. By clicking on the respective graphic button you are transferred to the services of the respective social network. The Shariff button navigates the visitor of our website to the social network only after the visitor has clicked the share button. Only then will your data be transmitted to the respective social network. If you do not click the Shariff button, no data exchange takes place between you and the social networks. You can find more information about the c't- project "Shariff" under www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html On our website "Shariff" is including the following social networks: Facebook, LinkedIn, Google+
2. Use of LinkedIn
Our website uses the analytical and conversion tracking technology of the LinkedIn Inc. ("LinkedIn"), 2029 Stierlin Ct. Ste. 200 Mountain View, CA 94043, USA. With this technology you can receive more relevant advertisements reflecting your specific interests. In addition, LinkedIn supplies anonymous summary reports about advertising activities with information as to how you interact with our website. LinkedIn can, however, assign your website visit to your LinkedIn user account. We do not control the type and scope of the data, which LinkedIn collects. Nor do we have knowledge of the data content transmitted to LinkedIn.
You can find more information about the data protection at LinkedIn under the following link: https://www.linkedin.com/legal/privacy-policy#choices-oblig You can object to the analysis of your surfing habits by LinkedIn and the placement of advertisements generated through your surfing habits ("Opt-Out"). To do so click on the field "Reject at LinkedIn" (LinkedIn members) or "Reject" (for other users) under https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Our website contains plugins of the video portal Vimeo by Vimeo, LLC, 555 West 18th Street, New York, New York 10011, USA. With every visit of a page that offers one or several Vimeo-Video clips a direct connection between your browser and a server of Vimeo in the United States is created. This also includes the collection and storage of information about your visit and your IP address by Vimeo. By interaction with the Vimeo plugins (e.g. by clicking on the start button) these data are also transmitted to Vimeo and stored there.
If you have a Vimeo user account and do not want that Vimeo collects your data in this manner and merges them with your membership data stored at Vimeo, you must log out of Vimeo before visiting our website.
You can find the data protection declaration of Vimeo with additional information about data collection and use by Vimeo under: vimeo.com/privacy. In addition, whenever a video is called up through an iFrame, Vimeo also calls up the tracker Google Analytics. This is a tracking function controlled by Vimeo, over which we have no control. You can prevent the tracking through Google Analytics by using the deactivation tools Google offers for some Internet browsers. The users can also prevent the collection of their data (including the IP address) initiated through their website visit and their use by Google by downloading and installing the browser plugin available under the following link: http://tools.google.com/dlpage/gaoptout
Our Internet presentation uses social plugins ("plugins") of the social network facebook.com, operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook"). The plugins are marked with a Facebook logo or the text "Facebook Social Plugin".
If you call up a web page in our Internet presentation containing such a plugin with an activated interface button your browser can create a direct connection with the servers of Facebook. The content of the plugin is transmitted directly by Facebook to your browser, which incorporates it in the website.
We welcome that you may want to recommend and discuss topics from our website on Facebook. For this purpose we are using the button provided by the c't project "Shariff".
Normal social media buttons transmit user data, whenever a website is called up and provide the social media with exact information about your surfing patterns ("User Tracking"). For this to happen you do not have to be logged in or be a member of the social network.
The Shariff-Social-Buttons create the direct connection between social network and visitor only when the visitor clicks on the share button. You can find more information at https://www.heise.de/.
By activation of the plugin Facebook collects information about your visit to the respective page of our Internet presentation. If you are logged in at Facebook, your visit can be immediately assigned to your Facebook account even though you have not clicked the Facebook button a second time. By interacting with the plugins, for example by clicking the "like" button, or by writing a comment, the information is immediately transmitted from your browser to Facebook and stored there.
Even though you may not have a Facebook account, Facebook can collect your data, for example, your IP address. To learn more about the purpose and scope of the data collection and their further handling by Facebook and the respective rights and possible settings for the protection of your privacy please refer to the Facebook data protection statement.
If you do not want Facebook collecting data about your visit to our website you must log out of Facebook. In addition, with certain add-ons you can install blockers on your browser.
Online offers for children
Persons under the age of 16 years are not allowed to transmit data to us or make a consent declaration without the specific approval of their parents. We want to encourage all parents and guardians to share in the online activities of their children.
Links to other companies
Our website contains, clearly visible as such, links to websites of other companies. For any of the websites that can be reached with these links we have no control over the contents of these websites. For this reason we cannot accept any responsibility for the contents of these websites. Responsibility for the contents rests entirely with their owners and operators.
The contents of these linked websites were reviewed with regard to violation of any laws at the time the link was established. At this moment no violation of any laws could be recognized. Without a clear indication of any recognizable legal breach, a continuous review of the website contents would, however, be unreasonable. If a legal breach becomes known to us, we will immediately remove such links from our website.