logo Member of Congineer Group

Privacy Policy

Welcome to our website. Below you will find our Privacy Policy:

TABLE OF CONTENTS:

I. General information
1. Contact details of the controller
II. Concrete information on the collection of personal data
1. Visiting the website
2. Cookies
3. Contact form, request form, contact by email, fax or telephone
III. Rights of the data subject
1. Right of access under Article 15 GDPR
2. Right to rectification under Article 16 GDPR
3. Right to erasure under Article 17 GDPR
4. Right to restriction of processing under Article 18 GDPR
5. Right to information under Article 19 GDPR
6. Right to data portability under Article 20 GDPR
7. Right to object under Article 21 GDPR
8. Automated individual decision-making, including profiling, under Article 22 GDPR
9. Right to lodge a complaint with a supervisory authority under Article 77 GDPR
10. Right to an effective judicial remedy under Article 79 GDPR

I. GENERAL INFORMATION

1. Contact details of the controller

RAUTEC Automatisierungs- und Prozessleittechnik GmbH
Bechterdisser Straße 70
33719 Bielefeld
Germany
Phone +49 521 92476 0
Fax +49 521 92476 21
Email rautec(at)rautec.de

II. CONCRETE INFORMATION ON THE COLLECTION OF PERSONAL DATA

1. Visiting the website

a) Purpose of the processing of data

Every time a user accesses a page from our website or calls up a file stored on our website, access data relating to this process are stored in a log file. Each dataset consists of:

(1) the page from which the file was requested,
(2) the name of the file,
(3) the date and time of the request,
(4) the amount of data transmitted,
(5) the access status (file transmitted, file not found, etc.),
(6) a description of the type of operating system and web browser used,
(7) the host name of the accessing computer,
(8) the client IP address.

We use this data in order to operate our website, in particular to determine the utilisation of the website and website malfunctions, and to make adjustments or improvements. The client IP address is used for the purpose of transmitting the data requested; when no longer technically required, the client IP address will be rendered anonymous by deleting the last block of numbers (Ipv4) or the last octet (Ipv6).

b) Duration of retention

Data are stored every time a user accesses a page from our website or calls up our website; such data will be deleted as soon as they are no longer required for the purpose of the collection, which is the case within three months of the visitor leaving the website at the latest.

c) Legal basis

The legal basis for the temporary storage of the aforementioned data is Article 6(1)(f) of the EU General Data Protection Regulation (hereinafter referred to as "GDPR"). The legitimate interest is to make available our website and to check for misuse.

d) Possibility of objection and removal

The data subject may object to processing by abstaining from using our website and, subject to the requirements described in more detail below in the "Rights" section, may request the erasure of the data collected by him or her in this way by making an informal declaration.

2. Cookies

a) Purpose of the processing of data

In order to make it technically possible to visit our website and to place orders, we transmit so-called cookies to the data subject's end device. Cookies are small text files that enable the data subject's end device to be identified, usually by recording the name of the domain from which the cookie data were sent, information on the age of the cookie and an alphanumeric identifier. Saving the cookie on the end device used - without interfering with the operating system - enables the end device to be recognised and enables us to make immediately available any possible presettings. We use this information to adapt our website and the services offered to your needs and to enable you to access our website more quickly.

b) Duration of retention

The different cookies are stored for different lengths of time; however, the maximum period is two years. Cookies are stored on your local end device, not on our server, which is why the actual deletion period depends on how your browser software is configured. Please refer to the operating instructions of your browser software to find out how to delete - either ad hoc or automatically - cookies that we have set.

c) Legal basis

The legal basis for the storage of the aforementioned data is Article 6(1)(f) GDPR. The legitimate interest in setting cookies is, on the one hand, to optimise the quality of our website through analysis and, on the other hand, to enable users to visit our website; in particular, a number of functions on our website cannot be used without cookies, since, in the absence of cookies, the user and the settings he or she has made would not be recognised when changing to a different page, language settings would be lost, and it would not be possible to perform searches. In addition, the legal basis for storing data for the purpose of performing a contract is Article 6(1)(b) GDPR.

d) Possibility of objection and removal

The data subject may block the use of cookies in the end device used or delete these cookies after use. In some circumstances, however, it may not be possible to use individual functions of our website. Please refer to the operating instructions of the browser software to find out how to block cookies and delete cookies that have already been saved.

3. Contact form, request form, contact by email, fax or telephone

a) Purpose of the processing of data

We provide a contact form on our website. The data subject may use this contact form to contact us electronically, and we are able to process the query. The following data are collected and stored: name, company, address, email address, telephone number, date and time of the query, and a description of the concern.

In the context of a request for an information pack on our website, we collect the following data: name, company, address, email address, telephone number, date and time of the query, a message and the chosen field for which the user has requested further information.

Users may contact us by email, fax or telephone. The data transmitted to us in this way and specified by the data subject will be saved by us so that we can process the query. Such data include the name, address, email address, phone and/or fax number, the date and time of the query, a description of the concern and, where applicable, contract data if the query is made in the context of preparing or executing a contract.

Data will not be divulged to third parties. They serve the purpose of processing the contact enquiry or of sending an information pack.

b) Duration of retention

Once data are no longer required for achieving the purpose, they will be deleted. This is the case where the conversation has been successfully completed and the circumstances have been clarified, and no contractual or fiscal retention periods prevent such deletion. That period is five years for personal data that fall under Section 147 of the German Fiscal Code (AO) and ten years for personal data that fall under Section 257 of the German Commercial Code (HGB). These periods commence at the end of the calendar year in which the data were collected.

c) Legal basis

The legal basis for storing the aforementioned data is Article 6(1)(b) GDPR in the context of the initiation or performance of a contract, or Article 6(1)(f) GDPR. The controller's legitimate interest is the ability to process contact enquiries and to prevent the abuse of contact enquiry.

d) Possibility of objection and removal

The data subject has the possibility at any time to object to the storage of data. Data stored with regard to this process will then be deleted. If a contract has been concluded, the above remarks apply to the keyword "conclusion of contract".

III. RIGHTS OF THE DATA SUBJECT

If personal data concerning the user are processed on our website, then the person concerned (the data subject) has the following rights vis-à-vis the controller according to the GDPR.

1. Right of access under Article 15 GDPR

The data subject has the right to the following information:

a) the purposes of the processing;

b) the categories of personal data concerned;

c) the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;

d) where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;

e) the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;

f) the right to lodge a complaint with a supervisory authority;

g) where the personal data are not collected from the data subject, any available information as to their source;

h) the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

i) Where personal data are transferred to a third country or to an international organisation, the data subject will have the right to be informed of the appropriate safeguards pursuant to Article 46 GDPR relating to the transfer.

We will provide the data subject with a copy of the personal data undergoing processing. For any further copies requested by the data subject, the controller may charge a reasonable fee based on administrative costs.

2. Right to rectification under Article 16 GDPR

The data subject has the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject has the right to have incomplete personal data completed, including by means of providing a supplementary statement.

3. Right to erasure under Article 17 GDPR

The data subject has the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller has the obligation to erase personal data without undue delay where one of the following grounds applies:

a) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;

b) the data subject withdraws consent on which the processing is based according to point (a) of Article 6(1) or point (a) of Article 9(2) GDPR, and where there is no other legal ground for the processing;

c) the data subject objects to the processing pursuant to Article 21(1) GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2) GDPR;

d) the personal data have been unlawfully processed;

e) the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;

f) the personal data have been collected in relation to the offer of information society services referred to in Article 8(1) GDPR.

4. Right to restriction of processing under Article 18 GDPR

The data subject has the right to obtain from the controller restriction of processing where one of the following applies:

a) the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data,

b) the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;

c) the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims, or

d) the data subject has objected to processing pursuant to Article 21(1) GDPR pending the verification whether the legitimate grounds of the controller override those of the data subject.

5. Right to information under Article 19 GDPR

If the data subject has exercised his or her right to rectification or erasure of personal data or restriction of processing carried out in accordance with Article 16, Article 17(1) and Article 18 GDPR against the controller with regard to personal data concerning him or her, and if the controller has communicated to each recipient to whom the personal data have been disclosed the data subject's request (unless this proved impossible or involved disproportionate effort), then the data subject has the right to be informed about those recipients.

6. Right to data portability under Article 20 GDPR

The data subject has the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from us, where

a) the processing is based on consent pursuant to point (a) of Article 6(1) or point (a) of Article 9(2) or on a contract pursuant to point (b) of Article 6(1) GDPR; and

b) the processing is carried out by automated means.

The rights and freedoms of others may not be adversely affected as a result.

In exercising the right to data portability pursuant to paragraph 1, the data subject has the right to have the personal data transmitted directly from us to another controller, where technically feasible.

The exercise of the right to data portability is without prejudice to the right to erasure under Article 17 GDPR. The right to data portability does not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

7. Right to object under Article 21 GDPR

The data subject has the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on point (e) or (f) of Article 6(1) GDPR, including profiling based on those provisions.

We will no longer process the personal data unless we demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.

Where personal data are processed for direct marketing purposes, the data subject has the right to object at any time to processing of personal data concerning him or her for such marketing, which includes profiling to the extent that it is related to such direct marketing. Where the data subject objects to processing for direct marketing purposes, the personal data will no longer be processed for such purposes.

Any consent granted by the data subject may be withdrawn by him or her at any time. Any collection and processing undertaken until such time remains, however, lawful.

8. Automated individual decision-making, including profiling, under Article 22 GDPR

The data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her.

This does not apply if the decision

a) is necessary for entering into, or performance of, a contract between the data subject and us,

b) is authorised by Union or Member State law to which we are subject and which also lays down suitable measures to safeguard the data subject's rights and freedoms and legitimate interests; or

c) is based on the data subject's explicit consent.

Such decisions may not be based on special categories of personal data referred to in Article 9(1) GDPR, unless point (a) or (g) of Article 9(2) GDPR applies and suitable measures to safeguard the data subject's rights and freedoms and legitimate interests are in place.

In the cases referred to under points (a) and (c), we will implement suitable measures to safeguard the data subject's rights and freedoms and legitimate interests, at least the right to obtain human intervention on our part, to express his or her point of view and to contest the decision.

9. Right to lodge a complaint with a supervisory authority under Article 77 GDPR

Without prejudice to any other administrative or judicial remedy, every data subject has the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement if the data subject considers that the processing of personal data relating to him or her infringes the GDPR.

The supervisory authority with which the complaint has been lodged will inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Article 78 GDPR.

10. Right to an effective judicial remedy under Article 79 GDPR

Without prejudice to any available administrative or non-judicial remedy, including the right to lodge a complaint with a supervisory authority pursuant to Article 77 GDPR, each data subject has the right to an effective judicial remedy where he or she considers that his or her rights under the GDPR have been infringed as a result of the processing of his or her personal data in non-compliance with the GDPR.

Proceedings against us or a processor will be brought before the courts of the Member State where we or the processor have an establishment. Alternatively, such proceedings may be brought before the courts of the Member State where the data subject has his or her habitual residence, unless we or the processor is a public authority of a Member State acting in the exercise of its public powers.