Privacy Statement

General Information

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data includes any data that can personally identify you. For detailed information on data protection, please refer to our privacy policy below this text.

Data Collection on this Website

Who is responsible for the data collection on this website?

Data processing on this website is carried out by the website operator. You can find the operator's contact details in the section “Notice on the Responsible Party” in this privacy policy.

How do we collect your data?

Your data is collected, first of all, by you providing it to us. This could be data you enter in a contact form, for example.

Other data is automatically collected by our IT systems or after your consent when you visit the website. This mainly includes technical data (e.g., internet browser, operating system, or the time the page was accessed). This data is collected automatically as soon as you enter this website.

What do we use your data for?

Part of the data is collected to ensure the website is provided without errors. Other data may be used to analyze your user behavior.

What rights do you have regarding your data?

You have the right at any time to obtain free information about the origin, recipients, and purpose of your stored personal data. You also have the right to request the correction or deletion of this data. If you have given your consent to data processing, you can revoke this consent at any time with future effect. Furthermore, you have the right to request the restriction of the processing of your personal data under certain circumstances. You also have the right to lodge a complaint with the competent supervisory authority.

For this and other questions regarding data protection, you can contact us at any time.

Analysis Tools and Third-Party Tools

When visiting this website, your browsing behavior can be statistically analyzed. This mainly happens through so-called analysis programs.

Detailed information on these analysis programs can be found in the following privacy policy.

Hosting

We host the content of our website with the following provider:

External Hosting

This website is hosted externally. The personal data collected on this website is stored on the servers of the hosting provider(s). This data may include, in particular, IP addresses, contact requests, metadata, communication data, contract data, contact details, names, website access logs, and other data generated via a website.

External hosting is carried out to fulfill our contractual obligations toward potential and existing customers (Art. 6 para. 1 lit. b GDPR) and to ensure the secure, fast, and efficient provision of our online services by a professional provider (Art. 6 para. 1 lit. f GDPR). If consent has been requested, processing is based solely on Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDG, as long as the consent includes the storage of cookies or access to information on the user's device (e.g., device fingerprinting) under the TDDG. The consent can be revoked at any time.

Our hosting provider(s) will only process your data to the extent necessary to fulfill their service obligations and in compliance with our instructions regarding this data.

We use the following hosting provider(s):

Timme Hosting GmbH & Co. KG
Ovelgönner Weg 43
21335 Lüneburg
Germany

General Information and Mandatory Information


Data Protection

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and according to legal data protection regulations and this privacy policy.

When you use this website, various personal data is collected. Personal data is data that can personally identify you. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this happens.

We would like to point out that data transmission over the Internet (e.g., communication via email) can have security vulnerabilities. Complete protection of the data from access by third parties is not possible.

Notice on the Responsible Party

The responsible party for data processing on this website is:

RHEWUM GmbH
Rosentalstrasse 24
42899 Remscheid
Germany

Phone: +49 (0) 2191 - 5767-0
Email: info@rhewum.de

The responsible party is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data (e.g., names, email addresses, etc.).

Data Retention Period

Unless a more specific retention period is stated within this privacy policy, your personal data will remain with us until the purpose for data processing ceases to apply. If you submit a legitimate request for deletion or revoke your consent for data processing, your data will be deleted unless we have other legally permissible reasons for retaining your personal data (e.g., retention periods required by tax or commercial law). In such cases, data will be deleted once these reasons no longer apply.

General Information on the Legal Basis for Data Processing on this Website

If you have consented to data processing, we process your personal data based on Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR if special categories of data (e.g., health data) are processed under Art. 9 para. 1 GDPR. In the case of explicit consent to the transfer of personal data to third countries, the data processing is also based on Art. 49 para. 1 lit. a GDPR. If you have consented to the storage of cookies or access to information on your device (e.g., via device fingerprinting), data processing is also based on § 25 para. 1 TDDG. Consent can be revoked at any time. If your data is required for the performance of a contract or pre-contractual measures, we process your data based on Art. 6 para. 1 lit. b GDPR. We also process your data if necessary to fulfill a legal obligation, based on Art. 6 para. 1 lit. c GDPR. Data processing may also be based on our legitimate interest under Art. 6 para. 1 lit. f GDPR. Information on the relevant legal bases for each case is provided in the following sections of this privacy policy.

Right to Withdraw Your Consent for Data Processing

Many data processing operations are only possible with your explicit consent. You can revoke your previously given consent at any time. The legality of data processing carried out until the withdrawal remains unaffected by the withdrawal.

Right to Object to Data Collection in Special Cases and to Direct Advertising (Art. 21 GDPR)

IF DATA PROCESSING IS BASED ON ART. 6 PARA. 1 LIT. E OR F GDPR, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME, FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION, TO THE PROCESSING OF YOUR PERSONAL DATA; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS FOR PROCESSING CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS, OR THE PROCESSING SERVES TO ASSERT, EXERCISE, OR DEFEND LEGAL CLAIMS (OBJECTION PURSUANT TO ART. 21 PARA. 1 GDPR).

IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR SUCH ADVERTISING PURPOSES; THIS ALSO APPLIES TO PROFILING INSOFAR AS IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (OBJECTION PURSUANT TO ART. 21 PARA. 2 GDPR).

Right to Lodge a Complaint with the Competent Supervisory Authority

In the event of GDPR violations, data subjects have the right to lodge a complaint with a supervisory authority, particularly in the member state of their habitual residence, place of work, or the place of the alleged violation. The right to lodge a complaint exists without prejudice to other administrative or judicial remedies.

Right to Data Portability

You have the right to have data that we process based on your consent or in fulfillment of a contract automatically handed over to you or a third party in a common, machine-readable format. If you request the direct transfer of the data to another responsible party, this will only be done to the extent technically feasible.

Access, Correction, and Deletion

Within the scope of the applicable legal provisions, you have the right to free information about your stored personal data, its origin and recipients, and the purpose of the data processing, as well as a right to correct or delete this data, if necessary. For this, and any other questions about personal data, you can contact us at any time.

Right to Restriction of Processing

You have the right to request the restriction of the processing of your personal data. You can contact us at any time regarding this. The right to restriction of processing applies in the following cases:

  • If you dispute the accuracy of your personal data stored by us, we usually need time to verify this. During the verification period, you have the right to request the restriction of the processing of your personal data.
  • If the processing of your personal data was/is unlawful, you may request the restriction of data processing instead of deletion.
  • If we no longer need your personal data, but you need it for the assertion, defense, or exercise of legal claims, you have the right to request the restriction of the processing of your personal data instead of deletion.
  • If you have objected under Art. 21 para. 1 GDPR, a balance must be struck between your interests and ours. As long as it is not yet determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.

If you have restricted the processing of your personal data, such data may only be processed – apart from being stored – with your consent or for the assertion, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or a member state.

Objection to Advertising Emails

The use of contact details published as part of the legal notice requirements for sending unsolicited advertising and information materials is hereby prohibited. The operators of the pages expressly reserve the right to take legal action in the event of unsolicited advertising information, such as spam emails.

Data Collection on this Website


Server Log Files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • Browser type and version
  • Operating system used
  • Referrer URL
  • Hostname of the accessing computer
  • Time of the server request

These data will not be merged with other data sources.

The collection of this data is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of the website – for this purpose, the server log files must be recorded.

Contact Form

If you send us inquiries via the contact form, the information you provide, including the contact details you enter, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not share this data without your consent.

Inquiry by Email, Telephone, or Fax

If you contact us via email, telephone, or fax, your inquiry, including all resulting personal data (name, inquiry), will be stored and processed by us for the purpose of handling your request. We do not share this data without your consent.

The processing of this data is based on Art. 6 para. 1 lit. b GDPR, provided that your request is related to the fulfillment of a contract or necessary for the performance of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of requests addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR), if this has been requested; consent can be revoked at any time.

The data you send to us via contact requests will remain with us until you request deletion, revoke your consent to storage, or the purpose for storing the data no longer applies (e.g., after your request has been processed). Mandatory legal provisions – especially retention periods – remain unaffected.

Social Media


Facebook

This website integrates elements from the social network Facebook. The service provider is Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland. According to Facebook, the collected data is also transferred to the USA and other third countries.

An overview of the Facebook social media elements can be found here:
https://developers.facebook.com/docs/plugins/?locale=de_DE.

When the social media element is active, a direct connection is established between your device and the Facebook server. Facebook receives the information that you have visited this website with your IP address. If you click the Facebook "Like" button while logged into your Facebook account, you can link the content of this website to your Facebook profile. This allows Facebook to associate your visit to this website with your user account. We would like to point out that we, as the provider of these pages, have no knowledge of the content of the data transmitted or its use by Facebook. For more information, please refer to Facebook’s privacy policy:
https://de-de.facebook.com/privacy/explanation.

The use of this service is based on your consent under Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDG. Consent can be revoked at any time.

As far as personal data is collected on our website using the tool described here and transmitted to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, are jointly responsible for this data processing (Art. 26 GDPR). Joint responsibility is limited solely to the collection of the data and its transmission to Facebook. The processing by Facebook that takes place after the data is transmitted is not part of the joint responsibility. The obligations we share have been set forth in a joint processing agreement. The wording of the agreement can be found here:
https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the privacy information when using the Facebook tool and for the privacy-compliant implementation of the tool on our website. Facebook is responsible for the security of Facebook products. Data subject rights (e.g., access requests) regarding data processed by Facebook can be asserted directly with Facebook. If you assert your rights with us, we are required to forward your request to Facebook.

Data transmission to the USA is based on the EU Commission's standard contractual clauses. Details can be found here:
https://www.facebook.com/legal/EU_data_transfer_addendum,
https://de-de.facebook.com/help/566994660333381, and
https://www.facebook.com/policy.php.

The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that aims to ensure compliance with European data protection standards for data processing in the USA. Any company certified under the DPF is committed to complying with these data protection standards. More information is available from the provider at the following link:
https://www.dataprivacyframework.gov/participant/4452.

X (formerly Twitter)

This website includes features of the service X (formerly Twitter). These features are provided by the parent company X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. For data processing of individuals residing outside the USA, Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland, is responsible.

When the social media element is active, a direct connection is established between your device and the X server. X (formerly Twitter) then receives information about your visit to this website. By using X (formerly Twitter) and the "Retweet" or "Repost" function, the websites you visit are linked to your X (formerly Twitter) account and shared with other users. We would like to point out that we, as the provider of these pages, have no knowledge of the content of the data transmitted or its use by X (formerly Twitter). For more information, please refer to X’s privacy policy:
https://x.com/de/privacy.

The use of this service is based on your consent under Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDG. Consent can be revoked at any time.

Data transmission to the USA is based on the EU Commission's standard contractual clauses. Details can be found here:
https://gdpr.x.com/en/controller-to-controller-transfers.html.

You can change your privacy settings on X (formerly Twitter) in the account settings under:
https://x.com/settings/account.

The company is certified under the "EU-US Data Privacy Framework" (DPF). More information about the DPF is available at:
https://www.dataprivacyframework.gov/participant/2710.

Instagram

This website includes functions of the Instagram service, provided by Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland.

When the social media element is active, a direct connection is established between your device and the Instagram server. Instagram receives information about your visit to this website.

If you are logged into your Instagram account, you can link the content of this website to your Instagram profile by clicking the Instagram button. This allows Instagram to associate your visit to this website with your user account. We would like to point out that we, as the provider of these pages, have no knowledge of the content of the data transmitted or its use by Instagram.

The use of this service is based on your consent under Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDG. Consent can be revoked at any time.

As far as personal data is collected on our website using the tool described here and transmitted to Facebook or Instagram, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, are jointly responsible for this data processing (Art. 26 GDPR). Joint responsibility is limited solely to the collection of the data and its transmission to Facebook or Instagram. The processing by Facebook or Instagram that takes place after the data is transmitted is not part of the joint responsibility. The obligations we share have been set forth in a joint processing agreement. The wording of the agreement can be found here:
https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the privacy information when using the Facebook or Instagram tool and for the privacy-compliant implementation of the tool on our website. Facebook is responsible for the security of Facebook and Instagram products. Data subject rights (e.g., access requests) regarding data processed by Facebook or Instagram can be asserted directly with Facebook. If you assert your rights with us, we are required to forward your request to Facebook.

Data transmission to the USA is based on the EU Commission's standard contractual clauses. Details can be found here:
https://www.facebook.com/legal/EU_data_transfer_addendum,
https://privacycenter.instagram.com/policy/, and
https://de-de.facebook.com/help/566994660333381.

For more information, please refer to Instagram’s privacy policy:
https://privacycenter.instagram.com/policy/.

The company is certified under the "EU-US Data Privacy Framework" (DPF). More information about the DPF is available at:
https://www.dataprivacyframework.gov/participant/4452.

Pinterest

We use elements from the Pinterest social network on this website, operated by Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland.

When you access a page containing such an element, your browser establishes a direct connection to Pinterest’s servers. This social media element transmits log data to Pinterest’s server in the USA. This log data may include your IP address, the address of the websites you visit that also contain Pinterest features, the type and settings of your browser, the date and time of the request, your usage of Pinterest, and cookies.

The use of this service is based on your consent under Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDG. Consent can be revoked at any time.

For more information on the purpose, scope, and further processing and use of data by Pinterest, as well as your rights and privacy protection options, please refer to Pinterest’s privacy policy:
https://policy.pinterest.com/de/privacy-policy.

Analytics and Advertising

Matomo

This website uses the open-source web analytics service Matomo.

With the help of Matomo, we are able to collect and analyze data about the use of our website by visitors. This allows us to find out, for example, when specific page views were made and from which region they came. Additionally, we collect various log files (e.g., IP address, referrer, browser used, and operating systems) and can measure whether our website visitors take specific actions (e.g., clicks, purchases, etc.).

The use of this analytics tool is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior to optimize both its website and its advertising. If corresponding consent has been requested, processing is based solely on Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDG, insofar as the consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) as defined by the TDDG. Consent can be revoked at any time.

IP Anonymization

We use IP anonymization when analyzing data with Matomo. Your IP address will be shortened before the analysis so that it can no longer be linked directly to you.

Cookie-free Analytics

We have configured Matomo to ensure that it does not store any cookies in your browser.

Hosting

We host Matomo exclusively on our own servers, so all analytics data remains with us and is not shared with third parties.

Newsletter

If you wish to subscribe to the newsletter offered on the website, we require an email address from you as well as information that allows us to verify that you are the owner of the specified email address and agree to receive the newsletter. To ensure the newsletter is sent with your consent, we use the so-called double opt-in procedure. This involves sending a confirmation email to the provided address, and only once confirmation has been received will the email address be actively added to the distribution list. These data will be used exclusively for the purpose of sending the requested information and offers. Your data will not be sold to third parties. The newsletter software used is Newsletter2Go. Your data will be transmitted to Newsletter2Go GmbH, which is prohibited from selling your data or using it for purposes other than sending newsletters. Newsletter2Go is a German, certified provider selected in accordance with the requirements of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act. Further information can be found here:
https://www.newsletter2go.de/informationen-newsletter-empfaenger/.

You can revoke your consent to the storage of data, email address, and its use for sending the newsletter at any time, for example by using the "Unsubscribe" link in the newsletter. Our privacy measures are subject to constant technical updates, so we ask you to regularly review our privacy policy for changes.

Source: https://www.e-recht24.de