printmailbookmark
You are here: RST > Useful pages > Data Privacy Policy

Data Privacy Policy

The following data protection statement applies to the websites of Rostock System-Technik GmbH, a member of the ABLE GROUP.

We thank you for your interest in our company. The RST attaches great importance to data protection. Your personal data is collected and processed in accordance with the applicable data protection regulations, and in particular the EU General Data Protection Regulation (GDPR). This statement describes how and for what purpose your data is collected and used and what options you have related to your personal data. This statement may change. Please check the statement regularly for any changes.

With your use of this website, you give your consent to the collection, use and transfer of your data in accordance with this data protection statement.

1 General responsibility

The controller responsible for the collection, processing and use of your personal data within the meaning of the GDPR is

RST Rostock System-Technik GmbH

Friedrich-Barnewitz-Str. 9
18119 Rostock
Germany

Phone: +49 (0) 381 56-0
E-mail: info(at)rst-rostock.de

Contact details of the Data Protection Officer:

Solveig Mielke
RST Rostock System-Technik GmbH

Friedrich-Barnewitz-Str. 9
18119 Rostock
Germany

Phone: +49 (0) 381 56- 238
E-mail: datenschutzbeauftragter(at)rst-rostock.de

If you wish to object to the collection, processing or use of your data by us pursuant to these data protection provisions as a whole or for individual measures, you can send your objection to the above address. You can print out or store this data protection statement at any time.

2 General use of the website

2.1 Access data

We collect information about you when you use this website. We automatically record information about your usage behaviour and your interaction with us and record data about your computer or mobile device. We collect, store and use data concerning every visit to this website (so-called server log files). The access data includes the name and URL of the file retrieved, the date and time of retrieval, the data volume transferred, report on successful retrieval (HTTP response code), browser type and browser version, operating system, referrer URL (i.e. the last visited website), IP address and the requesting provider. We use this log data without assigning it to your person and without creating a profile for statistical analyses for the purpose of the operation, security and optimisation of our website, for the anonymous recording of the number of visitors to our website (traffic) and the scale and nature of use of our website and services, as well as for billing purposes to measure the number of clicks obtained by cooperation partners. On the basis of this information, we can provide personalised and location-related content and analyse the data traffic, to find and rectify errors and improve our services. We reserve the right to check the log data retroactively if there are clear grounds for justified suspicion of illegal use. We store IP addresses for a limited period in the log files, if this is necessary for security purposes or for the provision of a service. We also store IP addresses if we suspect a criminal act relating to the use of our website. We also store the data of your last visit in some cases (e.g. registration, login, clicking of links etc.).

2.2 E-mail contact

If you contact us (e.g. by contact form or e-mail), we store your details in order to reply to your enquiry and any follow-up questions. We only store additional personal data if you give your consent to this or if this is permitted by law without special consent.

2.3 Cookies

Our websites use cookies which include a so-called Cookie ID. A cookie ID is a clear identifier of the cookie. This allows a user’s individual browser to be distinguished from other internet browsers. A specific internet browser can be recognised and identified by the unique cookie ID.

Using a cookie, the information and offerings on our website can be optimised. Cookies allow us to recognise a user of our website. The purpose of recognising a user is to make it easier for the customer to use our website.

A user can prevent the use of cookies by our website at any time by adjusting the settings of the internet browser used accordingly and permanently opt out from the use of cookies. In addition, cookies that have already been used can be deleted at any time. If the user deactivates the use of cookies, it may be the case that not all of the functions of our website will be fully available.

2.4 Newsletter

When we offer a newsletter by e-mail, we regularly inform our customers and business partners in it about offers from the company. A user can only receive a newsletter from our company if he has a valid e-mail address and has actively registered for the newsletter service. A confirmation e-mail will be sent to this e-mail address when a user first registers for the first time for the newsletter service in the double-opt-in process to check that it is valid.

The personal data collected when a user registers for the newsletter will only be used to send our newsletter. Subscribers to the newsletter can also be sent information by e-mail if this is necessary for the operation of the newsletter service. Personal data collected for the purpose of the newsletter service is not forwarded onto third parties.

A user can cancel his subscription to our newsletter at any time. The consent to store personal data provided by the user can be revoked at any time.

Every newsletter includes a link for this purpose. The user can also inform us at any time of his revocation by other means.

2.5 Legal basis and duration of storage

The legal basis of data processing for the preceding paragraphs is Article 6 (1) (f) GDPR. Our interests in data processing in particular include ensuring the operation and security of the website, investigating the way the website is used by visitors, and simplifying the use of the website. Unless specifically stated, we store personal data only as long as necessary to fulfill the pursued purpose.

 

3 Your rights as a data subject

Under the applicable laws you have various rights concerning your personal data. If you would like to exercise these rights, please send your enquiry by e-mail or post clearly identifying yourself to the address above. An overview of your rights is provided below.

3.1 Right to confirmation and information

You have at all times the right to receive confirmation from us about whether personal data concerning yourself is processed. If this is the case, you have the right to obtain from us free of charge information about the personal data stored concerning yourself together with a copy of this data. You also have the right to the following information:

  1. the processing purposes;
  2. the categories of personal data which are processed;
  3. the recipients or categories of recipients to whom the personal data has been disclosed or is yet to be disclosed, in particular recipients in third countries or in international organisations;
  4. if possible, the planned length of time the personal data is to be stored, or if this is not possible, the criteria for determining this length of time;
  5. the existence of a right to correction or deletion of the personal data concerning yourself or the limitation of processing by the controller or a right to object to this processing;
  6. the existence of a right to complain to a supervisory authority;
  7. if the personal data is not collected from you, all available information about the origin of the data;
  8. the existence of automated decision-making including profiling according to Article 22 Paragraphs 1 and 4 GDPR and – at least in these cases– meaningful information on the logic involved and the consequences and intended effect of such processing for you.

If personal data is transferred to a third country or an international organisation, you have the right to be informed of the suitable safeguards relating to the transfer pursuant to Article 46 GDPR.

3.2 Right to correction

You have the right to ask us to correct immediately incorrect personal data concerning yourself. Taking into account the purposes, you have the right to ask for the completion of incomplete personal data – including by means of a supplementary statement.

3.3 Right to deletion (“right to be forgotten”)

You have the right to ask us to delete immediately personal data concerning yourself, and we have to delete personal data immediately if one of the following reasons applies:

  1. The personal data is no longer required for the purposes for which it was collected or otherwise processed.
  2. You revoke your consent upon which the processing is based pursuant to Article 6 Paragraph 1 Letter a GDPR or Article 9 Paragraph 2 Letter a GDPR, and there is no other legal basis for the processing.
  3. You object to the processing pursuant to Article 21 Paragraph 1 GDPR and there are no overriding legitimate reasons for the processing, or you object to the processing pursuant to Article 21 Paragraph 2 GDPR.
  4. The personal data was processed unlawfully.
  5. The deletion of the personal data is required to meet a legal obligation under Union law or the law of the member states which we are subject to.
  6. The personal data was collected in relation to information society services pursuant to Article 8 Paragraph 1 GDPR.

If we have published personal data and are accordingly required to delete it, we will take appropriate measures, including of a technical nature, taking into account the available technology and implementation costs, to inform the persons responsible for the data processing that you have asked them to delete all links to this personal data or copies or replications of this personal data.

3.4 Right to limit the processing

You have the right to ask us to limit the processing if one of the following circumstances exists:

  1. the correctness of the personal data is disputed by you, for a period of time which allows us to check the correctness of the personal data,
  2. the processing is unlawful and you rejected the deletion of the personal data and instead asked for the limitation of the use of the personal data;
  3. we no longer need the personal data for processing purposes, but you need the data to enforce, exercise or defend legal rights, or
  4. you have objected to the processing pursuant to Article 21 Paragraph 1 GDPR, unless and until it is clear our company’s legitimate reasons override your own reasons.

3.5 Right to data portability

You have the right to receive the personal data concerning yourself that you have provided us in a structured, common and machine-readable format, and you have the right to transfer this data to another controller without any hindrance from ourselves, if

  1. the processing is based on consent pursuant to Article 6 Paragraph 1 Letter a GDPR or Article 9 Paragraph 2 Letter a GDPR or a contract pursuant to Article 6 Paragraph 1 Letter b GDPR and
  2. the processing is performed with the help of automated processes.

In exercising your right to data portability pursuant to Paragraph 1, you have the right to have the personal data transferred directly from one controller to another, where technically feasible.

3.6 Right to object

You have the right to object at any time for reasons relating to your particular situation to the processing of personal data concerning yourself which is performed on the basis of Article 6 Paragraph 1 Letters e or f GDPR; this also applies to profiling based on these provisions. We will no longer process the personal data, unless we can provide proof of compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the enforcement, exercising or defence of legal rights.

If personal data is processed by us for direct advertising purposes, you have the right to object at any time to the processing of personal data concerning yourself for the purpose of such advertising; this also applies to profiling, if it is related to such direct advertising. You have the right, for reasons relating to your particular situation, to object to the processing of personal data concerning yourself for scientific or historical research purposes or statistical purposes pursuant to Article 89 Paragraph 1 GDPR, unless the processing is required for the performance of a task in the public interest.

3.7 Automated decisions including profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning yourself or similarly significantly affects you.

3.8 Right to revoke consent required under data protection law

You have the right to revoke at any time any consent to the processing of personal data.

3.9 Right to complain to a supervisory authority

You have the right to complain to a supervisory authority, in particular in the member state of your place of residence, your place of work or the place of the alleged breach, if you are of the view that the processing of the personal data concerning yourself is unlawful.

4 Data security

We make every effort to ensure the security of your data within the framework of applicable data protection laws and technical possibilities.

Your personal data will be transmitted in encrypted form. We use the SSL (Secure Socket Layer) coding system, but point out that data transmission over the Internet (for example, when communicating by e-mail) may have security vulnerabilities. Providing complete protection of data, denying access from third parties, is not possible.

To safeguard your data, we maintain technical and organizational security measures that we always adapt to state-of-the-art technology.

We do not guarantee that our offer will be available at specific times; disturbances, interruptions or failures cannot be excluded. The servers we use are regularly and thoroughly backed up.

5 Auto­mated deci­sion-making

Automated decision-making based on the personal data collected does not take place.

6 Transfer of data to third parties, no transfer of data to non-EU coun­tries

We use your personal data only within our company. If we use third parties in the fulfilment of contracts, personal data will only be transferred to these third parties to the extent that it is required for the respective service. If we outsource some parts of the data processing (“contract data processing”), we place the contract data processor under contract to use the personal data only in accordance with the requirements of the applicable data protection laws and to ensure that the rights of the data subject are protected. We do not transfer and do not plan to transfer data to bodies or persons outside of the EU outside of the cases referred to in this statement under 2.4.

September 2018