Data protection
The following privacy policy is intended to explain to you in a comprehensible, transparent and clear manner how your personal data is processed by ROTHENBERGER AG (hereinafter "ROTHENBERGER", "we", or "us").
Controller
The controller within the meaning of data protection laws, in particular the EU General Data Protection Regulation (GDPR), is
ROTHENBERGER AG
Spessartstraße 2-4
65779 Kelkheim
in most cases with one or more of its subsidiaries.
Data Protection Officer
If you have any questions about this privacy policy and other data protection issues, please contact our data protection officer:
Rudolf Fiedler, Data Protection Officer
DDP Data Protection GmbH
Zum Gottschalkhof 2
60594 Frankfurt am Main.
What is personal data?
Personal data is any information relating to an identified or identifiable natural person ("data subject").
What data is processed on our website?
Collection of general information when visiting our website
When you visit our website, a so-called log data record (so-called server log files) is temporarily and anonymised collected, stored and processed on our web server. This consists of:
§ the page from which the page was requested (so-called referrer URL),
§ the name and URL of the requested page,
§ the date and time of the request,
§ the description of the type, language and version of the web browser used,
§ the IP address of the requesting computer, which is shortened so that a personal reference can no longer be established,
§ the amount of data transferred,
§ the operating system,
§ the message as to whether a call was successful (access status/Http status code),
§ the GMT time zone difference.
The log data is processed for the following purposes:
§ Ensuring a smooth connection to the website,
§ Ensuring the smooth use of our website,
§ analysing system security and stability and
§ to optimise our website.
The legal basis for the processing of this log data is Art. 6 para. 1 sentence 1 lit. f GDPR. The above-mentioned purposes also represent our legitimate interest in data processing.
We do not use your data to draw conclusions about your person. Information of this kind may be statistically evaluated by us in anonymised form in order to optimise our website and the technology behind it.
Registration on our website
To register on our website, we require general "personal data", which is transmitted to us via an input mask. These consist of:
§ First name and surname,
§ date of birth,
§ address,
§ telephone number,
§ e-mail address and
§ the time of transmission.
This data is processed for the purpose of creating a customer profile and on the basis of your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
Contact form
When using our contact form, the "contact form data" transmitted through it is collected, stored and processed: These include in particular:
§ First name and surname,
§ address,
§ customer group,
§ telephone number,
§ e-mail address and
§ the time of transmission.
Contact form data is processed for the purpose of processing customer enquiries. The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR, whereby the purpose of the contact form data processing corresponds to our legitimate interest in data processing. If you contact us to enquire about an offer, the legal basis is Art. 6 para. 1 sentence 1 lit. b GDPR and the contact form data processing is carried out to implement pre-contractual measures.
Newsletter
If you register for our newsletter, the following "newsletter data" will be collected, stored and processed by us:
§ the page from which the page was requested (so-called referrer URL),
§ the date and time of the request,
§ the description of the type of web browser used,
§ the IP address of the requesting computer, which is shortened so that a personal reference can no longer be established,
§ the e-mail address,
§ the date and time of registration, the confirmation email and confirmation.
We would like to point out that we evaluate your user behaviour when sending the newsletter. For the analysis, the emails sent contain so-called web beacons or tracking pixels, which are one-pixel image files stored on our website. We link the web beacons with your email address to create an individual ID for the purposes of analysis. Links contained in the newsletter also contain this ID. The data is collected exclusively in pseudonymised form, i.e. the IDs are not linked to your other personal data, and direct personal identification is excluded.
The newsletter data is processed for the purpose of delivering the subscribed newsletter by e-mail. As part of the registration process, you consent to the processing of your personal data in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. We use the so-called double opt-in procedure to subscribe to the newsletter. This means that after you have registered, we will send you an email to the email address you have provided, in which we ask you to confirm that you wish to receive the newsletter. The purpose of this procedure is that we can prove your registration and, if necessary, clarify any possible misuse of your personal data. You can revoke your consent to the sending of the newsletter at any time with effect for the future and unsubscribe from the newsletter. You can declare your cancellation by clicking on the link provided in every newsletter e-mail or by sending a message to the contact option given below.
Application form
If you apply via our application form on our website, we collect, store and process your "applicant data". These are in particular
§ First name and surname,
§ address,
§ e-mail address,
§ telephone number,
§ mobile phone number and
§ attachments enclosed with the application (e.g. CV, cover letter, certificates).
Data processing is carried out on the legal basis of Art. 6 para. 1 sentence 1 lit. a GDPR and Art. 88 para. 1 GDPR in conjunction with. § 26 BDSG. The purpose of data processing is the internal processing of applications. If you have not yet reached the age of 16, we require the consent of your legal guardian.
If your application cannot be considered for a specific vacancy, we may include your application in the applicant pool and consider it for future vacancies. The legal basis for this is also Art. 6 para. 1 sentence 1 lit. a GDPR and Art. 88 para. 1 GDPR in conjunction with Section 26 BDSG. § 26 BDSG.
You can request information about the scope, origin and recipients of the stored data and its correction at any time free of charge. After the end of your application process, your applicant data will be deleted by us immediately, unless you have given us your express consent to include you in our applicant pool. If your applicant data is included in our applicant pool, we will store your data for a period of two (2) years and will then delete it without being asked after this period has expired. Earlier deletion is possible at any time at your request. Further information on data protection can be found at https://karriere.rothenberger.com/jsp/bms/forms/privacy/PrivacyFormDyn.jsp?syssnbrlk=.
How long do we store your data?
All data that you provide to us will be deleted as soon as it is no longer required for the purpose for which it was collected. This is generally the case for the data used to provide the website when the respective session has ended.
If the data is stored in log files, this is the case after 14 days at the latest. Storage beyond this period is possible. In this case, the IP addresses of the users are anonymised so that it is no longer possible to identify the accessing user.
How do we guarantee data security?
We use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties (e.g. TSL encryption on our website), taking into account the state of the art, the implementation costs and the nature, scope, context and purpose of the processing as well as the existing risks of a data breach (including its probability and effects) for the data subject. Our security measures are continuously improved in line with technological developments.
We will be happy to provide you with more detailed information on request. Please contact our data protection officer for more information.
Who do we share your data with?
The protection of your data is important to us. For this reason, we do not sell, exchange or rent your data. For certain technical processes of data processing, we use the support of external service providers who act as processors for us in accordance with Art. 28 GDPR. They are bound to strict confidentiality and only process data on our behalf and in accordance with our instructions.
If your personal data is passed on by us to our subsidiaries or is passed on to us by our subsidiaries (e.g. for advertising purposes), this is done on the basis of existing order processing relationships.
Which cookies do we use?
We use so-called "cookies" on our website. Cookies are small text files that are stored on your end device (laptop, tablet, smartphone, etc.) when you visit our website. Cookies cannot execute programmes or transfer viruses to your end device and therefore cannot cause any damage. With the help of cookies, we can make our website more user-friendly, effective and secure for you.
A distinction is made between "session cookies" and "permanent cookies". "Session cookies" are deleted automatically at the end of your browser session. In contrast, "permanent cookies" remain permanently on your end device until you delete them. "Permanent cookies" help us to recognise you when you return to our website.
With a modern web browser, you can monitor, restrict or prevent the setting of cookies. Many web browsers can be configured so that cookies are deleted automatically when the programme is closed.
However, we would like to point out that deactivating cookies may result in you only being able to use our website to a limited extent
Technically necessary cookies
The technical structure of our website requires us to use cookies. Without these cookies, our website cannot be displayed (completely correctly) or the support functions cannot be enabled. These are basically "session cookies" that are deleted at the end of your visit to the website, or at the latest when you close your browser. You cannot deselect these cookies if you wish to use our website. The individual cookies can be seen in the Consent Manager. The legal basis for the processing is Art. 6 para. 1 sentence 1 lit. f GDPR. The stated purpose of data processing also represents our legitimate interest in data processing.
Technically unnecessary cookies
We only use technically unnecessary cookies with your consent. You can select these cookies via the cookie consent tool when you first visit our website. The functions are only activated with your consent and can be used in particular to enable us to analyse and improve visits to our website, to make it easier for you to use our website via different browsers or end devices, to recognise you when you visit us again or to place advertising (possibly also to tailor advertising to your interests, measure the effectiveness of advertisements or show interest-based advertising). The legal basis for this processing is Art. 6 para. 1 sentence 1 lit. a GDPR. You can withdraw your consent at any time without this affecting the lawfulness of data processing up to the point of withdrawal.
To find out which providers use cookies, please refer to the information below on the display, tracking, remarketing and web analysis technologies used.
Profiling
To what extent we analyse the behaviour of website visitors with pseudonymised user profiles, please refer to the information below on the display, tracking, remarketing and web analysis technologies used.
Use of Google Analytics
If you have given your consent, we use the functions of the web analysis service Google Analytics on our website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics uses cookies for its services. The personal data collected by the cookies (in particular the IP address) is anonymised and then generally transferred to a Google server in the USA. The data is stored there for 14 months. Deletion takes place automatically once a month after this period has expired.
The purpose of using Google Analytics is to analyse the behaviour of our users on our website and to make appropriate adjustments. The legal basis for data processing is your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
You can find more information on terms of use and data protection at Privacy Policy - Privacy Policy & Terms of Use - Google.
You can also prevent the storage of cookies by selecting the appropriate settings in your browser software. However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.
You are of course free to revoke the use of cookies at any time in accordance with Art. 7 para. 3 GDPR. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by setting your browser accordingly. Google provides a deactivation add-on for the most common browsers. You can find this under the following link: Browser Add On to deactivate Google Analytics. However, we would like to point out that in this case you may not be able to use all the functions of our website.
Use of Google Maps
We use the Google Maps map service on our website via an API. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Maps offers us the opportunity to implement interactive maps on our website. These are used to show you our location. To use the functions of Google Maps, it is necessary to save your IP address. This information is usually transmitted to a Google LLC server in the USA and stored there. The provider of this site has no influence on this data transfer.
The use of Google Maps is in the interest of an appealing presentation of our online offers and to make it easy to find the places we have indicated on the website. This constitutes an overriding legitimate interest on our part within the meaning of Art. 6 para. 1 sentence 1 lit. f GDPR.
You can find more information on the handling of user data in Google's privacy policy: Privacy Policy - Privacy Policy & Terms of Use - Google.
Embedded YouTube videos
On our website, we use embedded videos from the video platform YouTube, which is operated by YouTube, LLC, 901 Cherry Ave. San Bruno, CA 94066, USA ("YouTube"). YouTube is a platform that enables the playback of audio and video files.
When you call up a corresponding page on our website, the embedded YouTube player establishes a connection to YouTube so that the video or audio file can be transmitted and played back. This also transfers data to YouTube as the controller. We are not responsible for the processing of this data by YouTube.
Further information on the scope and purpose of the data collected, the further processing and use of the data by YouTube, your rights and the data protection options you can select can be found in YouTube's privacy policy. YouTube refers to Google's privacy policy for data protection. This can be found at the following link: Privacy Policy - Privacy Policy & Terms of Use - Google.
Social media plugins
We use social media plugins from various social networks on our website. When using the plugins, your internet browser establishes a direct connection to the servers of the respective social network. As a result, the respective provider receives the information that your Internet browser has accessed the corresponding page of our online offering, even if you do not have a user account with the provider or are not currently logged into it. Log files (including the IP address) are transmitted directly from your Internet browser to a server of the respective provider and may be stored there. The provider or its server may be located outside the EU or the EEA (e.g. in the USA).
The plugins are independent extensions of the social network providers. We therefore have no influence on the scope of the data collected and stored by the social network providers via the plugins.
The purpose and scope of the collection, further processing and use of the data by the social network as well as your rights in this regard and setting options to protect your privacy can be found in the privacy policy of the respective social network.
Instagram: Meta Data Policy - How Meta collects and uses user data - Privacy Centre (instagram.com).
Facebook: Meta Data Policy - How Meta collects and uses user data | Privacy Centre (facebook.com).
Twitter: Twitter Privacy Policy.
YouTube: Privacy Policy - Privacy Policy & Terms of Use - Google.
LinkedIn: LinkedIn Privacy Policy.
Xing: Privacy policy at XING.
If you do not want the social network providers to receive data about this online offering and possibly store or use it, you should not use the respective plugins.
Facebook Pixel
We use the Facebook pixel on our website. We have implemented a code for this on our website. The Facebook pixel is a snippet of JavaScript code that loads a collection of functions with which Facebook can track your user actions if you have come to our website via Facebook ads.
For example, when you view a product on our website, the Facebook pixel is triggered and saves your actions on our website in one or more cookies. These cookies enable Facebook to match your user data (customer data such as IP address, user ID) with the data of your Facebook account. Facebook then deletes this data again. The data collected is anonymous and cannot be viewed by us and can only be used in the context of adverts. If you are a Facebook user and are logged in, your visit to our website is automatically assigned to your Facebook user account. We only want to show our services and products to people who are genuinely interested in them. With the help of Facebook pixels, our advertising measures can be better customised to your wishes and interests. This means that Facebook users (provided they have allowed personalised advertising) see suitable advertising. Facebook also uses the data collected for analysis purposes and its own adverts.
Facebook Conversion API
We use the Facebook Conversion API for server-side event tracking on our website. The following personal data is collected:
§ Usage data (e.g. websites visited, interest in content, access times),
§ Meta/communication data (e.g. device information, IP addresses),
§ Location data (information on the geographical position of a device or person).
§ Extended data processing: e-mail address, telephone number, gender, date of birth, first and last name, address, user ID
Purpose of the data processing:
This interface is used to transfer information about your usage behaviour on our website to Facebook for analysis purposes. This enables us to present you with advertisements tailored to your website behaviour.
Recipient
We do not pass on your data to third parties. However, we work with Facebook to generate user statistics through the Facebook Conversion API, which includes processing your data in the United States. This data processing takes place on the basis of the standard contractual clauses approved by the European Commission.
Provider
Facebook Ireland Ltd.
4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
Purpose of data processing: Facebook Conversion API
Details/information on data protection:
- [https://www.facebook.com/about/privacy](file:///C:/TEMP/msohtmlclip1/01/clip_filelist.xml)
- [https://www.facebook.com/settings?tab=ads](file:///C:/TEMP/msohtmlclip1/01/clip_filelist.xml)
Duration of data storage
You can revoke your consent to data processing by Conversion API for our website at any time with effect for the future by adjusting your preferences in our cookie settings. To do this, simply deselect the cookie in the "Marketing" section.
Legal basis
Art. 6 para. 1 a) GDPR Consent
Google Tag Manager
We use Google Tag Manager on our website. It helps us to make adjustments to our website even without programming knowledge.
In addition, Google Tag Manager supports many programmes and software tools and also records visitor interactions on our website, which we can evaluate as recorded data with additional tools if necessary in order to make our website more visitor-friendly. The Google Tag Manager itself does not process or collect any data.
To summarise, it can be said that Google Tag Manager is used for the setup, configuration, quality control and further development of our website.
SSL encryption
To protect the security of your data during transmission, we use state-of-the-art encryption methods (e.g. SSL) via HTTPS.
What are your rights?
You have the following rights vis-à-vis ROTHENBERGER with regard to your personal data:
- Information about your data stored by us and its processing (Art. 15 GDPR),
- Correction of incorrect personal data (Art. 16 GDPR),
- Erasure of your data stored by us (Art. 17 GDPR),
- Restriction of data processing if we are not yet allowed to delete your data due to legal obligations (Art. 18 GDPR)
- Objection to the processing of your data by us (Art. 21 GDPR),
- data portability if you have consented to the data processing or have concluded a contract with us (Art. 20 GDPR) and
- Revocation of consent to data processing once given (even before the GDPR came into force) (Art. 7 para. 3 GDPR).
You can assert all of the data subject rights described above against ROTHENBERGER if you address your specific request to the following contact details:
Rudolf Fiedler Data Protection Officer DDP Data Protection GmbH Zum Gottschalkhof 2 60594 Frankfurt am Main.
Right to lodge a complaint with a data protection supervisory authority
You can lodge a complaint with a data protection supervisory authority at any time if you believe that we are violating the General Data Protection Regulation when processing your personal data. As a rule, you can contact the supervisory authority of your usual place of residence, your workplace or our company.
You can find a list of supervisory authorities (for the non-public sector) with addresses at BfDI - Addresses and links - Addresses and links (bund.de).
What individual right of objection do you have?
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (f) of Article 6(1) GDPR, including profiling based on those provisions within the meaning of Article 4(4) GDPR.
If you lodge an objection, we will no longer process your personal data unless
§ we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or
§ the processing serves the establishment, exercise or defence of legal claims.
The objection can be made informally and should preferably be addressed to our data protection officer:
Rudolf Fiedler
Data Protection Officer DDP Data Protection GmbH
Zum Gottschalkhof 2
60594 Frankfurt am Main
Change to our privacy policy
We reserve the right to amend this privacy policy so that it always complies with current legal requirements or to implement changes to our services in the privacy policy, e.g. when introducing new services. The new privacy policy will then apply to your next visit.
This privacy policy is valid as of: July 2022.