Contact
Contact
RAFI GmbH & Co. KG

Ravensburger Str. 128–134
88276 Berg/Ravensburg
Germany
P +49 751 89-0
F +49 751 89-1300

Phone Kontakt
  1. Home
  2. Ι Data protection

Cookie declaration

Read more

 

Information for business partners

Download

 

Rights of Persons Affected

Download

 

Processing of your applicant data

Download

PRIVACY POLICY OF RAFI GMBH & CO. KG

This Privacy Policy provides information about the following topics:

 

  • Sect. 1: Controller for Data Processing and Data Protection Officer; Scope
  • Sect. 2: General PrinciplesofProcessing Personal Data
  • Sect. 3: Log-Data and Cookies when using our WEBSITE
  • Sect. 4: Additional Features and Options (Contact, Newsletter, Online-Catalogue, Training Courses, Applications)
  • Sect. 5: Statistical and Marketing Tools (Google Analytics, DoubleClick by Google, Google Tag Manager)
  • Sect. 6: Third Party Content (Monotype Web Fonts, Youtube)
  • Sect. 7: Data Security
  • Sect. 8: Your Rights
  • Sect. 9: Amendments to the Privacy Policy

 

1. Controller for Data Processing and Data Protection Officer; Scope

(1) We, the company RAFI GmbH & Co. KG, Ravensburger Strasse 128-134, 88276 Berg / Ravensburg, Germany, Tel.: +49 751 89-0, Fax: +49 751 89-1300, E-Mail: info.headquarters@remove-this.rafi-group.com, are the Data Controller for the processing your personal data as a user of our website, available at www.rafi-group.com (hereinafter referred to as „WEBSITE (“you”) in accordance with Art. 4 No. 7 General Data Protection Regulation (GDPR). If you are an applicant or intern/trainee, we hereby also inform you about the handling of your personal data in our specially designed area for applicants.

(2) Our external Data Protection Officer is Mr. Ioannis Dimas, c/o ETES GmbH, Talstraße 106, 70188 Stuttgart, Deutschland, E-Mail: datenschutz@remove-this.rafi-group.com.

(3) Hereinafter, in the context of our information obligations, we would like to inform you in detail about the ways in which we process your personal data when visiting our WEBSITE and the use of our other features and options (hereinafter referred to as “Services”) on our WEBSITE. Furthermore, we would like to inform you about the associated protective measures, which we have taken by implementing both technical and organizational methods with regard to our WEBSITE as well as your rights relating to processing your personal data.

(4) We have included links to third party websites on our WEBSITE. This Privacy Policy does not regulate the processing of personal data on these third party websites. We recommend that you read the data protection information on the referenced external websites which you visit.

2. General Principles of Processing of Personal Data

(1) „Personal data“ means any information relating to an identified or identifiable natural person (‘data subject’). Your personal data therefore includes all data that can be directly or indirectly assigned to your person such as your name, your address, your phone number or your e-mail address.

 (2) Personal data is processed by us primarily if and to the extent

  • you have given us your consent to the processing personal data for one or several specific purposes (Article 6 (1) Subpar. 1 a) GDPR), or
  • the processing is necessary for the performance of a contract to which you are a party or for the performance of pre-contractual actions at your request (Article 6 (1) Subpar. 1 b) GDPR), or
  • the processing of data is necessary to fulfill a legal obligation to which we are subjected (Article 6 (1) Subpar. 1 c) GDPR), or
  • the processing of data is necessary to ensure our legitimate interests or those of a third party, unless your interests or fundamental rights and freedoms requiring the protection of your personal data prevail (Article 6 (1) Subpar. 1 f) GDPR).

 

(3) In the following provisions of this Privacy Policy, we describe on which of the regulatory bases listed in paragraph 2 or other regulations we base the processing of your personal data in individual cases.

(4) In part, we use external service providers to process your data. These have been carefully selected and commissioned by us, are bound by our instructions and are regularly inspected. Furthermore, we may pass on your personal data to third parties if contracts or similar services are offered by us together with partners. Further information can be obtained by stating your personal data or in the following provisions of this Privacy Policy. Insofar as our service providers or partners are based in a state outside the European Economic Area (EEA), we will inform you about the consequences of this circumstance in the following provisions of this Privacy Policy.

3. Log-Data and Cookies when using our WEBSITE

3.1 Log-Data

(1) In connection with the use of our WEBSITE we will collect those data that your internet browser automatically transmits to our server. The following data is collected hereby:

  • IP address of the network access device of the respective requesting computer
  • Date and time of the request (in GMT)
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the requirement (concrete page)
  • Access Status / HTTP status code
  • Each transmitted amount of data
  • Website from which the request comes
  • Browser
  • Operating system and its interface
  • Language and version of the browser software

 

(2) This information is technically necessary for us to ensure you can use the WEBSITE and make sure it functions properly, in particular to display the WEBSITE and to ensure the security and stability of the WEBSITE. There is no link between this data and personal data of a specific natural person. Our legitimate interest lies in a functioning WEBSITE. The legal basis is Art. 6 (1) Subpar. 1 f) GDPR.

(3) We will delete this data as soon as it is no longer necessary for the purpose of its collection. A storage of your IP address will last up to seven days in its entirety, thereafter in anonymized form. Your IP address will be reduced by the last octet (or a corresponding subsegment in the case of IPv6). The temporary storage of the IP address by our system is necessary in order to remedy disruptions of our WEBSITE and to avert dangers. In all other cases, the deletion takes place when the respective session has ended.

3.2 Cookies

In addition to the aforementioned data, cookies are stored on your computer when you use our WEBSITE. You can find more information about the cookies we use in our cookie statement at www.rafi-group.com/en/cookie-declaration/. In section 5 of this Privacy Policy we inform you about the statistical and marketing tools we use on our WEBSITE that cookies use in section 5 of this data protection declaration.

4. Other Features and Offers

In connection with various services on our WEBSITE, which you may use if you are interested, you usually have to provide further personal data. Here is what that means respectively:

4.1 Ordering Brochures and Contact/Feedback

(1) If you contact us, e.g. when ordering our printed flyers, brochures and / or catalogs or to provide us with your feedback, the processing of your voluntarily communicated contact information (e.g. first name, surname, e-mail address, telephone number) will be used to answer your inquiries and / or suggestions via the contact form, e-mail or otherwise. The processing of your data is only for processing the contact as well as to prevent misuse and ensure the security of our information technology systems.

(2) The legal basis for the processing of the data is Art. 6 (1) Subpar. 1 f) GDPR. If your message aims to conclude a contract, then additional legal basis for the processing of your data is Art. 6 (1) Subpar. 1 b) GDPR.

(3) Insofar as the deletion of your personal data does not violate statutory retention periods, we will delete them as soon as they are no longer necessary for the purpose of their collection.

4.2 Subscription to our Newsletter

(1) With your consent, you can subscribe to our newsletter, which informs you about our latest interesting offers and activities. The advertised offers and activities are mentioned in the declaration of consent.

(2) The newsletter is sent via the technical service provider CleverReach GmbH & Co. KG (Muehlenstraße 43, 26180 Rastede, Germany; „CleverReach“). For this, it is necessary that we transfer your data given in the course of the newsletter registration to CleverReach. This data is stored on the servers of CleverReach in Germany or Ireland. Further information on data protection can be found in the CleverReach Privacy Policy at: www.cleverreach.com/en/privacy-policy/.

(3) To register for our newsletter, we use the so-called double opt-in procedure. This means that after you have registered, we will send you an e-mail to the e-mail address listed in which we ask you to confirm that you wish to receive the newsletter. If you do not confirm your registration within 24 hours, your information will be blocked and automatically deleted after one month. In addition, we store your IP addresses and times of registration and confirmation.

(4) The only requirement for sending the newsletter is your e-mail address. The specification of additional, separately tagged data is voluntary and will be used to address you personally. After your confirmation, we will save your e-mail address for sending you the newsletter. The legal basis is Art. 6 (1) Subpar. 1 a) GDPR

(5) You can revoke your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can revoke by clicking on the link provided in each newsletter, by e-mail to info.headquarters@rafi-group.com or by sending a message to the contact details mentioned in Sect. 1 at any time. You may also unsubscribe via this link: www.rafi-group.com/en/newsletter-registration/newsletterunsubscribe/.

(6) We will delete your data as soon as it is no longer necessary to achieve the purpose of its collection, your e-mail address becomes unreachable or if you revoke your consent to the sending of newsletters. Your data is therefore stored as long as the subscription to the newsletter is active.

4.3 Contact Form for our B2B Online Catalog

(1) If you would like to send us an inquiry or message (e.g. about our products) via our B2B online catalog (eCatalog), the processing of your voluntarily provided contact data (e.g. first and last name, address, telephone number, fax, e-mail-address etc.) for replying to your message sent via the contact form. Your e-mail address is sufficient for a contact request or the request for information material. If you request an offer, it is necessary that you provide us with further data necessary for the preparation of the offer.

(2) The legal basis is Art. 6 (1) Subpar. 1 (f) GDPR. If your message is aimed at the conclusion of a contract (for example, because you request an offer), then an additional legal basis for the processing of your data is Art. 6 (1) Subpar. 1 (b) GDPR.

(3) We may also process the information you provide to inform you of other interesting offers or to provide you with technical information e-mails. The legal basis for this is Art. 6 (1) Subpar. 1 (f) GDPR.

(4) Insofar as it does not violate statutory retention periods regarding your personal data, we will delete the data as soon as they are no longer required to achieve the purpose for which they were collected.

4.4. Registration for our Training Courses

(1) If you want to register for a training course on our WEBSITE, it is necessary for the conclusion of the contract that you provide your personal data in order to process your registration. Mandatory information required for registration is marked accordingly, all non-marked information is voluntary. We also process the voluntary data you provide to process your registration. The legal basis for this is Art. 6 (1) Subpar. 1 (b) GDPR and Art. 6 (1) Subpar. 1 (f) GDPR for the voluntary data you provided.

(2) Insofar as it does not violate statutory retention periods regarding your personal data, we will delete them as soon as they are no longer required to achieve the purpose for which they were collected. Due to commercial and tax law requirements, we are obliged to save your address and order data for a period of ten years.

4.5. Job Applications

(1) The application process on our WEBSITE is carried out using software to process the application data from softgarden e-Recruiting GmbH, Tauentzienstr. 14, 10789 Berlin, Germany ("softgarden"). softgarden processes the data on our behalf.

(2) For more information about softgarden and the purpose and scope of data collection and processing as part of the application process, please refer to the data protection declaration for the application process, available at: https://rafi.softgarden.io/de/data-security.

(3) You can download the applicant information from us according to Art. 13, 14 GDPR: Processing of your applicant data (PDF).

5. Statistics and Marketing Tools

5.1 etracker

(1) Our WEBSITE uses the web analysis service ‘etracker’ from etracker GmbH (Erste Brunnenstrasse 1, 20459 Hamburg, Germany; “etracker”), to analyze the use of our WEBSITE and enable us to regularly improve it. 

(2) To do this, we don’t use any cookies as standard. We would obtain your explicit consent separately in advance if we were to use analysis and optimization cookies. If this is the case and if you agree, then cookies are used which allow a statistical analysis of the use of the application. Cookies are small text files that are stored by the internet browser on the user’s terminal device. etracker cookies do not contain any information that enables identification of a user.

(3) The data generated with etracker is processed and stored exclusively in Germany and is therefore subject to strict German and European data protection laws and standards. etracker has been independently audited and certified in this regard and awarded the ePrivacyseal data protection seal of approval.

(4) If you agree to the analysis and optimization cookies, then they will be processed on the basis of this consent according to Art. 6 (1) sub-section 1 letter a GDPR. You can revoke this at any time with effect for the future, e.g. via the buttons “Change your consent” or “Revoke your consent” in our cookie declaration [www.rafi-group.com/en/cookie-declaration/].

(5) The data will otherwise be processed based on our legitimate interest according to Art. 6 (1) sub-section 1 letter f GDPR. Our legitimate interest is the optimization of our WEBSITE to improve our offer and to make it more interesting for you as a user. As the privacy of our customers is important to us, data that may allow a reference to an individual person, such as the IP address, login, or device identifiers, is anonymized or pseudonymized as soon as possible. No other use, combination with other data or disclosure to third parties will take place.

(6) You will find further information on data protection at etracker here.

You may object to the aforementioned data processing based on our legitimate interest at any time. An objection will have no adverse consequences.

Deactivate tracking

5.2. LeadLab

Unsere Webseite nutzt die Zählpixeltechnologie der WiredMinds GmbH (www.wiredminds.de) zur Analyse des Besucherverhaltens. Hierbei wird die IP-Adresse eines Besuchers verarbeitet. Die Verarbeitung erfolgt ausschließlich zu dem Zweck, firmenrelevante Informationen wie z. B. den Unternehmensnamen zu erheben. IP Adressen von natürlichen Personen werden von der weiteren Verwendung ausgeschlossen (Whitelist-Verfahren). Eine Speicherung der IP-Adresse in LeadLab erfolgt in keinem Fall. Bei der Verarbeitung der Daten ist es unser besonderes Interesse, die Datenschutzrechte natürlicher Personen zu wahren. Unser Interesse stützt sich auf Art. 6 Abs. 1 lit. (f) DSGVO. Die von uns erhobenen Daten lassen zu keiner Zeit einen Rückschluss auf eine identifizierbare Person zu.

Die WiredMinds GmbH nutzt diese Informationen, um anonyme Nutzungsprofile, bezogen auf das Besuchsverhalten auf unserer Webseite, zu erstellen. Die dabei gewonnenen Daten werden nicht benutzt, um den Besucher unserer Webseite persönlich zu identifizieren.

Vom Tracking ausschließen (Um Sie dauerhaft vom Tracking durch WiredMinds LeadLab auf dieser Website auszuschließen wird ein technisch notwendiges Cookie gesetzt)

5.3 Leadinfo

We use the lead generation service provided by Leadinfo B.V., Rotterdam, The Netherlands, which recognizes visits of companies to our website based on IP-addresses and shows us related publicly available information, such as company names or addresses. In addition, Leadinfo places two first-party cookies for providing transparency on how our visitors use our website and the tool processes domains from provided form inputs (e.g. “leadinfo.com”) to correlate IP addresses with companies and to enhance its services. For additional information, please visit www.leadinfo.com. On this page: www.leadinfo.com/en/opt-out you have an opt-out option. In the event of an opt-out, your data will no longer be used by Leadinfo.

6. Third-Party Content

6.1 Web Fonts by Monotype

(1) Our WEBSITE uses so-called web fonts provided by Monotype Inc., Monotype, 600 Unicorn Park Drive, Woburn, MA 01801, USA (Fonts.net). (“Monotype”).

(2) The tracking code of the web fonts does not collect, process or save any personal data. When you access our WEBSITE, Monotype collects the project identification number of the web font (anonymized), the URL of the licensed website linked to a customer number to identify the licensee and the licensed web fonts, and the URL of the previously visited page.

(3) Monotype stores the anonymized project identification number of the web fonts in encrypted log files with such data for a period of 30 days in order to determine the monthly number of page views. After such determination and storage of the number of page views, the log files are deleted.

(4) Monotype shares anonymized data with subsidiaries and affiliates.

(5) Further information on this and Monotype can be found in the privacy policy of Monotype: https://www.monotype.com/legal/privacy-policy/web-font-tracking-privacy-policy

6.2 YouTube

(1) We have integrated videos from YouTube, a service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") into our online offer, which are stored on www.YouTube.com and can be played from our WEBSITE, provided that you give us your prior consent via our cookie banner. Alternatively, you can use the link "www.YouTube.com" for the respective video to go directly to the YouTube website and watch the video there. In this case, Google's privacy policy for YouTube applies, which you can find on the YouTube website.

(2) By playing YouTube videos on our WEBSITE, YouTube receives the information that you have accessed the corresponding sub-page of our WEBSITE. In addition, the data mentioned under Sect. 3.1 of this Policy will be transmitted. This happens regardless of whether YouTube provides a user account that you are logged in to, or if there is no user account.  When you are logged in to Google, your data will be assigned directly to your account. If you do not wish your profile to be assigned on YouTube, you must log out before activating the button. YouTube stores your data as user profiles and uses them for purposes of advertising, market research and / or custom design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide appropriate advertising and to inform other users of the social network about their activities on our WEBSITE. You have the right to object to the creation of these user profiles, and you must address YouTube directly to exercise that.

(3) The legal basis for using YouTube on our WEBSITE is your consent in accordance with Art. 6 (1) subpara. 1 (a) GDPR. You can withdraw your consent at any time with future effect e.g. revoke with the buttons "change your consent" or "revoke your consent" in our cookie statement [https://www.rafi-group.com/en/cookie-declaration].

(4) Google processes your personal data in the US and has subjected itself to the EU-US Privacy Shield, www.privacyshield.gov/EU-US-Framework.

(5) For more information on the purpose and scope of your data collection and processing by YouTube, please read the Privacy Policy of Google in order to receive further information about your rights and settings options for the protection of your privacy.

7. Data Security

(1) We use technical and organizational security measures to protect accruing or collected personal data, in particular against accidental or intentional manipulation, loss, destruction or against the attack of unauthorized persons. Our security measures are continuously improved in line with technological developments.

(2) Our WEBSITE is encrypted using SSL technology to prevent access by unauthorized third parties. You can recognize the secure transmission by the protocol name "https: //" in the URL line.

8. Your Rights

(1) With regard to the processing of personal data concerning you, you are entitled to the rights listed below in a)-h) under the legal preconditions. Please contact the Data Protection Officer or us for this. The contact details can be found under Sect. 1.

a) Right to Information

Subject to Art. 15 GDPR you can require a confirmation as to whether personal data concerning you are processed by us. In this case, according to Art. 15 (1) GDPR, you have the right to obtain information about the processing purposes, the categories of personal data processed, the recipients or categories of recipients to whom we have disclosed or will disclose the personal data, the planned retention period or the criteria for the personal data determining the retention period, the right of rectification or deletion of your personal data, as well as restriction of processing or objection to processing, the existence of a right to complain to a supervisory authority, the origin of the data, if we have not collected your data from you, existence of an automated decision-making including profiling and according to Art. 15 (2) GDPR the right to be informed about the appropriate guarantees according to Art. 46 GDPR in connection with the transfer of personal data to third countries.

b) Right to Rectification

According to Art. 16 GDPR you can demand the immediate correction and / or considering the purpose of the processing the completion of your personal data, if your data is incorrect or incomplete.

c) Right to Deletion

According to Art. 17 GDPR you can require the immediate deletion of your personal data, provided that there is a reason under Art. 17 (1) a) - f) GDPR. However, the right to delete your personal data does not exist, in particular, if its processing is required to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal rights (Art. 17 (3) GDPR).

d) Right to Restriction of Processing

You may restrict the processing of your personal data in accordance with Art. 18 GDPR, as long as we verify the accuracy of your data, if you refuse the deletion of your data due to unlawful processing and instead demand the restriction of the use of your data, if you need your data for the assertion, exercise or defense of legal claims or if you have objected to the processing, as long as it is not certain that our legitimate reasons prevail.

e) Right to Consultation

According to Art. 19 GDPR we communicate any rectification or deletion of your personal data or a limitation of their processing under Art. 16, 17 (1) and 18 GDPR to all recipients to whom your personal data have been disclosed, unless this turns out to be impossible or is associated with a disproportionate effort. According to Art. 19 sent. 2 GDPR you have the right to be informed about these recipients on request.

f) Right to Data Portability

According to Art. 20 GDPR you have the right to receive your personal data, which you have provided us, in a structured, common and machine-readable format and to transmit this data to another person responsible, provided that the further requirements of Art. 20 GDPR exist, in particular, this is technically feasible.

g) Right to Objection

As far as we base the processing of your personal data on the balance of interests according to Art. 6 (1) Subpar. 1 f) GDPR, you can object to the processing according to Art. 21 GDPR. This is the case if, in particular, the processing is not required to fulfill a contract with you, which we present in each case in the above description of the offers. In the event of such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the case of your justified objection, we examine the situation and according to Art. 21 (1) sent. 2 GDPR either no longer process the personal data or prove to you our compelling legitimate reasons for the processing that outweigh your interests, rights and freedoms. Further processing is reserved, if the processing serves the assertion, exercise or defense of legal claims.

According to Art. 21 (2) GDPR, you can object to the processing of your personal data for the purpose of advertising and profiling at any time, as far as it is associated with direct advertising.

You can inform us or the Data Protection Officer about your objection under the contact data mentioned in Sect. 1.

h) Right to revoke the Consent

(1) According to Art. 7 (3) GDPR you have the right to revoke any data protection consent granted to us, at any time with effect for the future. However, this does not affect the lawfulness of the processing that took place based on your consent until the time of the cancellation.

(2) If you believe that the processing of your data violates data protection regulations, you have the additional right to complain to a supervisory authority according to Art. 77 GDPR. Please contact a supervisor in the Member State of your place of residence, your work place or the location of the potential breach. An overview can be found here

9. Amendments to the Privacy Policy

We reserve the right to change this Privacy Policy at any time with future effect. A current version is available on our WEBSITE. Please visit the WEBSITE regularly to find out about the applicable Privacy Policy.

 

Version: April 1st 2020

site-to-top