DE|EN

Privacy Policy

Data privacy statement

I. Controller

In terms of the General Data Protection Regulation and other national data protection laws of the
Member States and other legal data privacy regulations, the controller is:

Roeck Relations
Jürgen Röck, Owner
Badstr. 20
93059 Regensburg
Germany
Tel.: +49 (0)941 5997700
Email: j.roeck@roeck-relations.de

II. General information regarding data processing

1. Extent of the processing of personal data
As a basic principle, we only process our users’ personal data to the extent necessary for us to provide a functioning website and our content and services. Our users’ personal data is processed on a regular basis only after the users have given their consent. Exceptions apply in cases where it is not possible to obtain consent beforehand for real reasons and the processing of the data is authorised by legal regulations.

2. Legal basis for the processing of personal data
Insofar as we obtain the consent of the data subject to the processing of personal data, Art. 6(1) 1st sentence lit. a General Data Protection Regulation (GDPR) (EU) serves as the legal basis. Art. 6(1) 1st sentence lit. b GDPR serves as the legal basis concerning the processing of personal data that is necessary in order to perform a contract to which the data subject is party. The same applies
to processing that is necessary in order to execute pre-contractual measures. If the processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Art. 6(1) 1st sentence lit. c GDPR serves as the legal basis.
In cases where vital interests of the data subject or of another natural person render the processing of personal data necessary, Art. 6(1) 1st sentence lit. d GDPR serves as the legal basis. If the processing is necessary to protect a legitimate interest of our company or of a third party, and
the interests and fundamental rights and freedoms of the data subject do not override this legitimate interest, Art. 6(1) 1st sentence lit. f GDPR serves as the legal basis.

3. Erasure of data and storage period
The personal data of the data subject is erased or blocked as soon the the purpose for its storage ceases to apply. Furthermore, data can be stored if this has been required by the European or national legislative authorities in ordinances, laws or other provisions based on European Union law to which the controller is subject. A blocking or erasure of the data is also effected if a storage period prescribed by the above standards expires, unless it is necessary for the storage of the data to continue in order for a contract to be concluded or performed.

III. Provision of the website and creation of logfiles

1. Description and extent of data processing
Every time our website is visited, our system automatically captures data and information from the computer system of the computer used to access it. When this occurs, the following data is collected:

- User’s browser type and version;
- User’s operating system;
- User’s IP address/Internet service provider
- Date/Time of access;
- Websites from which the user’s system gets to our website;
- Websites visited by the user’s system via our website.

The data is stored in our system’s logfiles. This data is not stored together with any of the user’s other personal data.

2. Legal basis for the data processing
The legal basis for the temporary storage of the data and logfiles is Art. 6(1) 1st sentence lit. f GDPR.

3. Purpose of the data processing
The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user’s computer. For this to occur, the user’s IP address must be stored for the duration of the session. The storage in logfiles is done in order to ensure that the website can function. Furthermore, the data serves to help us to optimise the website and ensure that our IT systems are secure. The data is not evaluated for marketing purposes in this connection. We also have a legitimate interest in data processing for these purposes according to Art. 6(1) 1st
sentence lit. f GDPR.

4. Storage period
The data is erased as soon as it is no longer necessary in order to achieve the purpose of its collection. If the data is captured to provide the website, this occurs when the respective session has ended. If the data is stored in logfiles, this occurs after no later than seven days. It is possible for data to be stored for longer than this. In this case, the users’ IP addresses are erased or masked, so that it is no longer possible to match them to the client visiting the website.

5. Options of objection and deletion
For the operation of the website, it is urgently necessary to capture the data required to make the website available and to store the data in logfiles. The user therefore does not have the option of objecting.

IV. Use of cookies

1. Description and extent of data processing
Our website uses cookies. Cookies are text files that are stored on the user’s computer system in or by the Internet browser. If a user visits a website, a cookie can be stored on the user’s operating system. This cookie contains a character string which enables the browser to be clearly identified the next time the website is visited. Data of the users that is collected in this way is pseudonymised using technical precautions. It is therefore no longer possible to match the data to the user visiting the website. The data is not stored together with any of the users’ other personal data. When they visit the website, a banner informs the users that cookies are used for purposes of analysis and refers them to this data privacy statement. This website uses the following types of cookies, whose scope and mode of operation are explained below:

- Transient cookies
Transient cookies are automatically erased when you close the browser. This particularly includes session cookies. These cookies store what is called a session ID, which can be used to match different requests by your browser with the joint session. That way, your computer can be recognised again when you return to our website. The session cookies are erased when you log out or close the browser.

- Persistent cookies
Persistent cookies are automatically erased after a prescribed period, which can vary according to the cookie. You can erase the cookies in the security settings on your browser at any time.

2. Legal basis for the data processing
The legal basis for the use of cookies in the processing of personal data is Art. 6(1) 1st sentence lit. f GDPR.

3. Purpose of the data processing
We install cookies to structure our website so that it is more user-friendly. Several elements on our website make it particularly necessary for the visiting browser to remain identified after changing pages.

4. Storage period, options of objection and deletion
Cookies are stored on the user’s computer and transmitted from that computer to our site. That is why, as a user, you have full control over the use of cookies. You can deactivate or restrict the transfer of cookies by changing the settings on your web browser. Cookies that are already stored can
be erased at any time. This can also occur automatically by your determining the maximum storage period in your browser settings. If cookies are deactivated for our website, it may no longer be possible to use all of the website functions to the full extent. The following links help you to choose settings to refuse or accept cookies on the most common browsers:

- Internet Explorer / Windows Edge: http://windows.microsoft.com/de-de/windows-vista/blockor-
allow-cookies
- Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen
- Google Chrome: https://support.google.com/chrome/answer/95647?hl=de
- Safari: https://support.apple.com/kb/ph21411?locale=de_DE
- Opera: http://help.opera.com/Windows/10.20/de/cookies.html

V. Contact form and email contact

1. Description and extent of data processing
When you contact us using a contact form on our website or by email, the data you disclose (your email address and possibly other data you provide) is transmitted to us and stored by us. In this connection, no data is disclosed to third parties. The data is used exclusively to process the conversation.

2. Legal basis for the data processing
If the consent of the user has been given, the legal basis for processing the data is Art. 6(1) 1st sentence lit. a GDPR Art. 6(1) 1st sentence lit. f GDPR is also the legal basis for the processing of personal data transmitted in the course of the website being contacted. If the aim of the contact being made is to conclude a contract, the additional legal basis for the processing is Art. 6(1) 1st sentence lit. b GDPR.

3. Purpose of the data processing
The processing of the personal data from the input mask is only used to process the contact. The other personal data processed while the form is being sent serves to prevent misuse of the contact form.

4. Storage period
We erase the data accumulating in this connection once storage is no longer necessary, or limit the processing if legal retention obligations apply.
5. Options of objection and deletion The user always has the option of withdrawing his consent to the processing of the personal data or
of objecting to his personal data being stored. In this case, all personal data which was stored while the contact was made is erased.

VI. Google Fonts

1. On this website we use the Google Fonts range for a consistent presentation of fonts provided by Google. This serves to make the presentation of our web presence attractive and represents a legitimate interest in terms of Art. 6(1) 1st sentence lit. f GDPR.

2. By your visiting the website, Google receives the information that you have accessed the corresponding subpage on our website. In addition, the data mentioned in section III of this statement is transmitted. This occurs no matter whether Google provides a user account with which you have logged in or whether no user account exists. If you are logged into Google, your data will be matched to your account directly. If you do not want to be matched with your Google profile, you must log out before activating the button. Google stores your data as a user profile and uses it for the purposes of advertising, market research and/or the needs-based presentation of its website. An evaluation like this is particularly conducted (even for users who are not logged in) to generate needsbased advertising and to inform other social network users of your activities on our website. You have the right to object to these user profiles being built, although you need to address Google to exercise
this right.

3. You will receive further information on the purpose and extent of the data collection and its processing by the provider in the provider’s data privacy statements. In these statements you will also find further information on your rights and settings options in this regard to protect your privacy. http://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA and has made itself subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-USFramework.

VII. Rights of the data subject

If your personal data is processed, you are a data subject in terms of the GDPR, and you are entitled
to the following rights with respect to the controller:

- Right to information (Art. 15 GDPR)
- Right to rectification (Art. 16 GDPR)
- Right to erasure (Art. 17 GDPR)
- Right to restriction of processing (Art. 18 GDPR)
- Right to being informed (Art. 19 GDPR)
- Right to data portability (Art. 20 GDPR)
- Right to object (Art. 21 GDPR)
- Right to withdraw the declaration of consent according to data privacy laws (Art. 7(3) GDPR)
- Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

The provider expressly points out that there are security gaps in the data
transmission on the Internet (e.g. in email communication) and that it
cannot be completely protected against access by third parties.

The use of the contact data in the legal notice for the purposes of
commercial advertising is expressly discouraged unless the provider has
given its written consent beforehand or a business relationship already
exists. The provider and all persons mentioned on this website hereby
object to any commercial use and disclosure of their data.