Data protection information

A. General information

1. Responsible body and contact details

Controller in the sense of the GDPR for these websites is

Remondis QR GmbH
Bei der Gasanstalt 9
23560 Lübeck

Further company details can be found in the Imprint.

Contact details of our data protection officer:

REMONDIS Industrie Service GmbH & Co. KG
- Data Protection Officer -
Brunnenstraße 138
44536 Lünen
datenschutz-risnoSpam@remondis.de

2. Data categories, purposes and legal bases of data processings

We process your personal data in accordance with the provisions of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG) as well as all other applicable legal provisions. As a matter of principle, the nature and the scope of the data processing are determined by the service or information you have chosen and the contractual relationship in existence with you. Purposes and legal bases can be seen from part B.

3. Data recipients

We transfer your personal data to the following data recipients:

• The transfer takes place in compliance with a legal requirement under which we are obliged to report or pass on the data (e.g. to authorities).
• The transfer of data takes place to external companies that act as order processors on our behalf or that act on our behalf (this concerns, for example, courier and logistics companies, call centres, external computer centres, EDP and IT applications, website management, auditing services, credit institutions, data disposal, etc.).
• The transmission of data to third parties takes place with your consent.
• Data is transferred for the purpose of processing a contractual relationship with you pursuant to Art. 6 para. 1 s. 1 lit. b GDPR (e.g. to an affiliated company within the group (cf. item 2) or a subcontractor or to a logistics company).
• Data is transferred to subsidiaries or also affiliated enterprises in order to fulfil statutory obligations or on the basis of your legitimate interests. In this context, it can be a question of economic, administrative or also other internal business purposes; this only applies to the extent that your interests or fundamental rights and liberties requiring the protection of personal data do not override.
• Transfer is to credit agencies to access creditworthiness information.
• Transmission is done to examine and to make claims (e.g. debt collection companies, legal consultants).
• Transmission is done in order to handle the planning, preparation and/or implementation of a (partial) sale of the enterprise or a merger (or similar processes such as a take-over within the framework of liquidation, bankruptcy, dissolution etc.) with another enterprise.

4. Deletion of data and duration of storage

In principle, we process and store your data only for the duration of our business relationship, including the initiation and execution of the contract as well as the statutory retention periods (e.g. from commercial or fiscal law).

If the data is no longer required for the fulfilment of contractual or legal obligations and rights, it is regularly deleted, unless its – temporary – further processing is necessary for the fulfilment of the purposes listed above for an overriding legitimate interest.

Insofar as individual processing of personal data requires other deletion periods, these are mentioned in the description of the individual processing operations under part B.

5. Processing of your data in a third country

Data is only transferred to bodies in third countries (states outside the European Union (EU) or the European Economic Area (EEA)) if it is necessary for the execution of an order/contract from or with you, if it is required by law (e.g. reporting obligations under tax law), if appropriate data protection levels exist or if you have given us your consent.

The processing of your data in a third country may also be carried out in connection with the involvement of service providers, e.g. as part of commissioned processing. If there is no EU Commission decision on an adequate level of data protection for the country in question, we will ensure through appropriate suitable measures (e.g. EU standard contractual clauses) that your rights and freedoms are adequately protected and guaranteed.

Information on the appropriate or adequate safeguards and on the possibility of obtaining a copy from you can be obtained from the Data Protection Officer upon request.

6. Automated decisions in the individual case / profiling

Procedures for automated decision-making / profiling which have a legal effect towards you or considerably impair you in a similar way are not used by us.

7. Duty to provide data

You only need to provide the data which is necessary for the use of the website and its functions or for the commencement and implementation of a business relationship or for a pre-contractual relationship with us or which we are obligated to collect by law. However, without these data, we are not in a position to provide our website to you properly and securely, to reply properly to your inquiries to us and also to conclude or to perform a contract with you. This may also relate to data which become necessary later.

8. Information on the right to object

Under the statutory preconditions, the following rights as a data subject, which you can claim against us, accrue to you as a data subject:

• Right to information: You are at any time entitled to demand a confirmation from us within the framework of Art. 15, GDPR, whether we process personal data concerning you; if this is the case, you are further entitled within the framework of Art. 15, GDPR, to receive information about these personal data and certain further information amongst others, purposes of processing, categories of personal data, categories of recipients, planned storage time, the origin of the data, the use of automated decision-making and, in the case of a transfer to a third country, the suitable guarantees) and a copy of your data.
• Right to rectification: You are entitled to demand from us pursuant to Art. 16, GDPR, that we rectify personal data stored concerning you if they are incorrect or defective.
• Right to erasure: Under the preconditions of Art. 17, GDPR, you are entitled to demand that we erase personal data concerning you without delay. Amongst other things, the right to erasure does not exist if the processing of the personal data is necessary for (i) exercising the right to freedom of expression and information, (ii) to fulfil a legal obligation to which we are subject (legal statutory archiving duties) or (iii) to establish, to exercise or to defend legal claims.
• Right to restriction of processing: Under the preconditions of Art. 18 GDPR, you are entitled to demand that we restrict the processing of your personal data.
• Right to data portability: Under the preconditions of Art. 20, GDPR, you are entitled to demand that we provide the personal data concerning your which you have provided to us in a structured, commonly used and machine-readable format.
• Right to object: Under the preconditions of Art. 21, GDPR, you have the right to object to the processing of your personal data, with the result that we must end the processing of your personal data. The right to object only exists in the limits provided for in Art. 21, GDPR. In addition, our interests may override ending of the processing, with the result that we are entitled to process your personal data despite your objection.
• Right to lodge a complaint with a supervisory authority: Under the preconditions of Art. 77, GDPR, you are entitled to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your workplace or the place of the alleged infringement, if you are of the opinion that the processing of the personal data concerning you infringes the GDPR. The right to lodge a complaint exists notwithstanding any other administrative law or judicial remedy.

A list of the data protection supervisory authorities and their contact data can be seen from the following link: https://www.bfdi.bund.de/DE/Service/Anschriften/anschriften_table.html

Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein

Holsteiner Straße 98
24103 Kiel
Telefon: 04 31/988-12 00
Fax: 0431 988-1223
E-Mail: mailnoSpam@datenschutzzentrum.de

However, we recommend that you always lodge a complaint with our data protection officer first.

Your applications for the exercising of your rights should be addressed in writing or electronically to the address stated above under 1 or directly to our data protection officer.

9. Information on the right to object (Art. 21, GDPR)

If your personal data are processed on the basis of Art. 6 subsection 1 sentence 1 lit. f GDPR (data processing on the basis of balance of interests) or on the basis of Art. 6 subsection 1 sentence 1 lit. e GDPR (data processing in the public interest), you have the right to object to the processing at any time.

In any case, we then no longer process your personal data for purposes of direct marketing or a profiling connected with it and, over and above this, also not for other purposes, unless we can prove cogent reasons for the processing which override your rights and freedoms, or the processing serves to establish, exercise or defend legal claims. In such a case, you must state reasons for the objection which result from your particular situation.

As far as possible, you should send your objection to the following contact address:

datenschutz-risnoSpam@remondis.de

10. Changes

This data protection information can be adapted by us at any time (e.g. if the data processing or the legal framework conditions change). Any changes will be made known by publication of the changed data protection information on the website. To the extent that nothing to the contrary is stipulated, such changes take effect immediately. Therefore, please check this data protection information regularly in order to find the current version at the time.

B. Individual processing, purposes and legal bases

1. Logging

When using the website, certain connection data and data provided by your Internet browser are temporarily stored. The following data is logged and stored in log files for the operation of the website:

• (Anonymised) IP address of the retrieving computer
• Operating system of the retrieving computer
• Browser version of the retrieving computer
• Name of the retrieved file
• Date and time of retrieval
• Referring URL
• Nature of terminal device (e.g. desktop/Smartphone)
• Connection logging

The logging of the data and their processing in log files is technically absolutely necessary for the proper and secure operation of the website. The legal basis for the (initial) storage and/or reading of data from your terminal device is therefore § 25, subsection 2, no. 1, TTDSG. To the extent that automatically transmitted data (e.g. the public IP address of your terminal device) is processed, the processing is done on the basis of Art. 6, subsection 1, lit b, GDPR, insofar as you are visiting our website for purposes of performance of a contract with you or for pre-contractual measures (e.g. information about our products, inquiries) and also within the framework of our legitimate interest according to Art. 6, subsection 1, lit. f, GDPR. Our legitimate interest is the proper and secure provision of the website or our online offer.

The log file information is stored anonymously after the session has ended.

2. Contact form/ requests for information

In the interest of communication with customers and interested parties, we offer a contact form on our website where you can request information about our products or contact us in general. In addition to the voluntary information and the content of your message, we require the following information from you:

Title
Surname
First
Address
Phone number
Email address

We need this information to process your request, to contact you correctly and to send you an answer. Requests received via the contact form are stored as emails and regularly checked to see whether data can be deleted. Should data no longer be required in the context of a relationship with a customer or interested party, or should the customer have a contrary interest, we will delete the data concerned not later than after 180 days, provided that this does not conflict with statutory retention obligations. The legal basis for this data processing is Art. 6 para. 1 lit. f) GDPR. Insofar as contact is made to initiate contractual relations, the legal basis is Art. 6 subsection 1 lit. b) GDPR.

3. Matomo

On our websites we use a version of Matomo which is implemented on our own servers. This is an open source analysis software for the purpose of statistical evaluation of visitor access. Based on this evaluation, we particularly wish to track which of our sites are accessed and are therefore of interest and how often and how long, but not by whom they are accessed. The version of Matomo implemented does not use any cookies. We only store anonymised user data for collecting general statistical values, without comprehensively analysing user behaviour. A comprehensive analysis of user behaviour is also not possible due to the anonymised collection of the data. The IP address transmitted in the server log-in is anonymised on our server before it is transmitted to the Matomo installation and replaced by a random IP address. In addition, a user ID is produced by means of a random HASH figure. It is not possible to trace the data automatically transmitted from your terminal device, such as the IP address and the user ID, using the anonymised data which has been produced at random, as time entries are randomised by the Matomo installation and the genuine IP address is anonymised immediately in our log files. After the end of the session (i.e. as a rule when the browser is closed), the random IP address and user ID are deleted by Matomo.

The purpose of the processing is the statistical analysis of user behaviour to optimise the functionality of our websites. Our legitimate interest lies in the improvement of our websites and our online offer.

The legal basis for the use of Matomo is Art. 6 para. 1 s. 1 lit. f GDPR.

If you do not agree to the storage and analysis of your usage data from your visit to our website, you can also prevent its collection by Matomo here at any time. An opt-out cookie will then be set via your browser, which means that Matomo will not collect any session data. Please note: If you delete your cookies, the opt-out cookie will also be deleted and you will have to set it again.

4. Fulfilment of statutory requirements

We also process your data to fulfil statutory requirements. We are subject to a number of legal obligations. These are primarily statutory requirements (for example from commercial and fiscal acts), but also, if applicable, other official requirements. This in particular includes fulfilment of fiscal law control and reporting duties as well as archiving and documentation duties.

The legal basis for the processing is Art. 17, subsection 3, lit. b, GDR, and Art. 6, subsection 1, sentence 1, lit. c), GDPR.

5. Assertion and defence of rights

Under certain circumstances, we also process your personal data in order to be able to claim our rights and to assert our legal claims and/or to defend ourselves against legal claims and/or to the extent that this is necessary to avert or to prosecute criminal offences.

The legal basis for the processing is Art. 17, subsection 3, lit. e, GDPR, as well as Art. 5, subsection 1, sentence 1, lit. f), GDPR. Our legitimate interest is assertion of and defence of rights.

6. Sale of enterprise, mergers etc.

Under certain circumstances, we also process your personal data processed via the websites in order to handle a sale of enterprise or a merger (or similar processes such as a take-over within the framework of liquidation, bankruptcy, dissolution etc.) with another enterprise. In the event of another enterprise acquiring or intending to acquire the assets/capital, which can also include your personal data, from us or if we carry out or aim for a merger with another enterprise, we must possibly grant this enterprise access to your personal data stored with us or transfer them for the purpose of examination and performance of the sale of enterprise/merger (e.g. to determine the company value, business risks or similar).

We process your personal data for this purpose to safeguard our legitimate interests according to Art. 6, subsection 1, lit. f, GDPR, in order to be able to plan and carry out a planned sale of enterprise or merger.

C. Overview Cookies

Cookies are small text files that are stored on your hard drive by your browser. We also use so-called session cookies. These serve to establish a clear connection between you and our Internet presence. Only a random number is stored for this purpose. The session cookie is automatically removed when the browser is closed.

If you do not wish to accept cookies on your computer (or another device), you can deactivate them in your Internet browser. However, this may impair the user-friendliness and functionality of the website. The cookies used by us are technically absolutely necessary in order to be able to provide the website and its function or the functions required by you (e.g. language settings). The legal basis for the (initial) storage and/or reading of data from your terminal device is § 25, subsection 2, nol. 1, TTDSG.

Our Website does not use cookies.

Status of 19.01.2024