Personal data comprise all facts allowing the identification of individual persons. These include the name, date of birth, address, telephone number, E-Mail address, but also your IP address. Data are anonymous, if no connection can be made to the user as an individual person.
Responsible department and data protection officer
Address: Vorstadt 1, 96190 Untermerzbach
Contact information: www.rosler.com, +49 9533 924-0, firstname.lastname@example.org
Contact of the data protection officer: email@example.com
Your rights as a person concerned
First of all, we would like to inform you at this point about your rights as a person concerned. These rights are spelled out in Art. 15 – 22 EU-GDPR. They include:
- The right of access by the data subject (art. 15 EU-GDPR),
- The right to erasure (“right to be forgotten”), (art. 17 EU-GDPR),
- The right to rectification (art. 16 EU-GDPR), The right to data portability (art. 20 EU-GDPR),
- The right to restriction of processing of personal data (Art. 18 EU-GDPR),
- The right to object to the handling of personal data (art. 21 EU-GDPR).
To assert your rights and for any questions regarding the handling of data in our company, please contact firstname.lastname@example.org. In addition, you have the right to file a claim with a data protection authority.
Transparency and information obligations
Transparency and information obligations for customers, suppliers and contractual partners of Rösler Oberflächentechnik GmbH in accordance with the EU General Data Protection Regulation.
Rights of objection
In connection with your rights of objection please consider the following: Whenever we are using your personal data for the purpose of direct advertising (e.g. direct mailing) you have the right to object to this type of data handling at any time without having to provide a reason. This also applies to a profiling, if it takes place in connection with direct advertising activities.
As soon as you object to the use of your personal data for the purpose of direct advertising, we will no longer do so. Your objection is free-of-charge and can be done entirely at your discretion, preferably addressed to: email@example.com.
In case we are handling your data for safeguarding legitimate interests, you can object to this data handling for reasons associated with your personal situation at any time; this applies also to profiling based on these interests. We will no longer use your personal data unless we can state compelling reasons, which will overrule your interests, rights and freedoms or, if the use of your data serves to enforce or defend legal claims by our company.
Purposes and legal bases of data processing
Your personal data is processed in full compliance with the requirements of the EU-GDPR and all other applicable regulations pertaining to data protection. Especially Art. 6 EU-GDPR is the legal basis for the handling of data.
We are using your data for initiating business relations, for fulfilling contractual and legal obligations, for executing contractual relationships, for offering products and services and for deepening our customer relations. The latter can also include studies for marketing purposes and direct advertising. Your consent automatically includes our obligation for handling your data in line with data protection regulations. In this connection we inform you about the purpose of using your data and your right to object. If your consent also includes the use of particular categories of your personal data, we will specifically point this out upon your consent.
The use of particular categories of personal data as described in Art. 9, para. 1 EU-GDPR only takes place if and when this is required for legal reasons and if there is no reason to assume that the protection of your data outweighs their use.
Passing of data to third parties
We will only pass your data to third parties in compliance with legal regulations or with your express consent. Otherwise no transfer to third parties takes place, unless we are obligated to do so because of binding legal requirements (providing of data to external authorities like, for example, supervisory offices or for criminal investigations).
Data recipients / recipient categories
Within our company we ensure that only those people who require your personal data for the fulfillment of contractual or legal obligations receive them. Frequently, service providers support our employees in their work. We have concluded the required data protection contracts with all our service providers. For the administration of our website one external service provider has temporary access to personal data from the respective contact forms.
Transfer of data to countries outside the EU / intent to transfer data to such countries
Data transmission in third countries (outside the European Union or the European Economic Zone) takes place only if it is required for the execution of contractual obligation and for handling of queries, if it is legally prescribed or if you have granted us your consent for it. We transmit your personal data to a service provider or to Group companies outside the European Economic Zone: USA, Switzerland, Russia, Serbia, Brazil, China, India. Beyond that, we have worldwide representatives to whom personal data is also transmitted where appropriate. The compliance with data protection regulations is ensured through our corporate privacy rules and EU standard contractual clauses.
Duration of data storage
We keep your data as long as they are required for a specific purpose. Please keep in mind that numerous data storage regulations stipulate the storage of data beyond their specific purpose. This applies mainly to data storage periods prescribed by commercial and tax laws (for example, the German commercial code, tax regulations, etc.). After they have fulfilled their purpose and no other data storage requirements exist anymore, the data is routinely deleted.
Please take into consideration that we can keep data, for which we have received your consent or, for legal disputes for which we use the data as evidence within the scope of legal statutes of limitation, which can have a duration of 30 yeas; the normal statute of limitation expires after three years.
Safe transmission of data
To protect the data handled by our company against accidental or deliberate manipulation, loss or access by non-authorized persons, we are utilizing the required technical and organizational protective tools. The level of protection is continuously reviewed with data safety experts and adapted to the latest data safety standards.
The data traffic to and from our website is encoded. The transmission protocol for our Internet presentation is HTTPS utilizing the most current encoding systems (TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384, 256-Bit-key, TLS 1.2). In addition, in case of job applications we offer our users the possibility for encoding contents. These data can only be de-coded by us. Of course, there is always the possibility of alternative communication channels (for example, by mail).
Obligations for Provision of Data
Diverse personal data is necessary to establish, execute and terminate contractual obligation and to fulfil the contractual and legal duties associated with it. The same applies for the use of our website and the various functions that it provides. We have summarised its details for you in the above mentioned point. In certain cases, data must also be collected or provided owing to legal provisions. Please note that processing of your query or the execution of the underlying contractual obligation without provision of this data is not feasible.
Categories, sources and origin of the data
The underlying context determines which data we are using: For example, you may place an online purchase order, send us an enquiry through the contact form, send us an application or file a claim. Please note that we may pass certain information requiring special processing separately to the responsible department/persons, for example, uploading of job applications or contact forms.
When you visit our website, we collect and process the following data:
- Name of the Internet service provider
- Information about the website, from which you visit us
- Your web browser and operating system and language settings
- The IP address assigned by your Internet service provider
- Requested files, transferred data volume, downloads/file export
- Information about the pages/sections in our website you visit with date and time
- For safety reasons (especially to protect against attempted attacks against our web server) is data is stored in line with Art. 6, para. 1 lit. F EU-GDPR. Anonymization by shortening the IP address takes place after 30 days at the latest so that no connection to the user is established.
As part of a contact request, we collect and process the following data:
- Personal information
- Title, first name, last name, phone number, e-mail address
- Company information
- Name of the company
- Information about wishes and interests
As part of supplier self-disclosure, we collect and process the following data:
- Personal information
- Title, first name, last name, phone number, e-mail addres
- Company-related data
As part of newsletter registration, we collect and process the following data:
- Personal information
- Title, first name, last name, phone number, e-mail address
As part of Rösler Academy seminar registration, we collect and process the following data:
- Personal information
- Title, first name, last name, phone number, e-mail address
- Company information
- Company / invoice address
- Participant data
- Title, first name, last name, e-mail address
Contact form / contact by e-mail (Art. 6 para. 1 lit. a, b EU-GDPR)
There is a contact form on our website that can be used for electronic contact. If you contact us with this form we are using the data you provided in the form to reply to your questions and requests. In doing so, the principle of data economy and data avoidance is observed, as you only have to provide the data that we absolutely need to contact you. These are your title, first name, last name, e-mail address and telephone number (for queries) of the further company information (company, address, sector and department) as well as the message field itself. For technical and legal reasons your IP address will also be registered. All other data are voluntary fields and can be provided optionally (e.g. to answer your questions on a more individual basis). When you contact us by e-mail, we will use the personal data listed in your e-mail only for processing your enquiry. If you do not use our contact forms, no additional data will be collected.
Newsletter (Art. 6, para. 1 lit. a EU-GDPR)
It is possible to subscribe to a free newsletter on our website. The e-mail address provided during newsletter registration and your name will be used for sending the partially personalized newsletter. In doing so, the principle of data minimization and data avoidance is observed; first name, last name, company name and e-mail address are marked as mandatory fields. For reasons of technical necessity as well as for legal protection, your IP address is also processed when ordering the newsletter. We use the “double opt-in” procedure for sending newsletters by e-mail. This means that you will only receive advertising by e-mail if you have previously expressly confirmed that you want us to activate the newsletter service. We do this by sending you a notification e-mail and asking you to confirm that you would like to receive our newsletter at this e-mail address by clicking on a link contained in this e-mail. Of course, you can unsubscribe at any time using the unsubscribe option provided in the newsletter, thus revoking your consent. Furthermore, it is also possible to unsubscribe from the newsletter at any time directly via our website. We provide information about new products and offers at regular intervals in our newsletter and also use newsletter web bugs and link-tracking to monitor its success. The web bug measures the opening of the respective newsletter and the link-tracking counts the clicks on the respective links in the newsletter. Thanks to the anonymising, neither method permits conclusions to be drawn with regard to an individual person. The web bug and tracking data processing is implemented with Google Analytics. In addition, we also carry out success evaluations and customer satisfaction surveys after projects have been completed and at regular intervals. This data is collected on the basis of your consent (Art. 6 I lit. a GDPR). You can revoke this consent informally at any time at firstname.lastname@example.org. The linking to user IDs will be automatically deleted after a period of 23 months.
Supplier self-disclosure (Art. 6 para. 1 lit. b EU-GDPR)
If you wish to submit a supplier self-disclosure on our website for the purpose of contract initiation, we will request the data from you that we need for the evaluation. In doing so, the principle of data economy and data avoidance is observed, as you only have to provide the data that we absolutely need for the evaluation. All other data are voluntary fields and can be provided optionally (e.g. to answer your questions on a more individual basis).
Seminar registration (Art. 6 para. 1 lit. b EU-GDPR)
Our internet presence offers you the possibility to take advantage of our seminar offers in an online registration procedure. On the basis of an online registration initiated by you, we process your personal data, which you make available to us electronically for the purposes of registration. We will treat all personal data strictly confidentially and exclusively for the purposes of online registration in accordance with the applicable statutory data protection provisions. The online registration for one of our seminar programs requires the mandatory entry of certain personal data marked with mandatory fields in our online registration form (e.g. first and last name, postal address and e-mail address). You have the option of voluntarily providing further contact information in addition to the information in the mandatory fields which will make it easier for us to contact you (e.g. your telephone number). In order to process your registration as specifically as possible and to take your registration requests into account, it is possible to voluntarily provide further information.
The data and files transmitted by you will be processed and used exclusively for the purpose of processing your online registration. The data and files transmitted by you will be separated from other data. Only the persons responsible for the registration procedure have access to your registration data and, in the case of a later training course, the persons responsible for the training course. Your registration by e-mail will be transmitted in encrypted form. We will not pass on your registration data to third parties unless you have expressly given your prior consent to the transfer or there is a legal obligation for the transfer.
Advertising purposes for existing customers (Art. 6 para. 1 lit. f EU-GDPR)
Rösler Oberflächentechnik GmbH is keen to cultivate the relationship with you as our valued customer and to send you information and offers about our products / services in the form of newsletters. For this reason we are using your data to send you the respective information and offers by e-mail. If you do not want to receive such e-mails you can object to the use of your personal data for these direct advertising activities at any time; this applies also for a profiling in connection with direct advertising. Once you object, we will no longer use your data for this purpose. Your objection is free-of-charge and can be done entirely at your discretion, preferably by e-mail addressed to: email@example.com or by mail to Vorstadt 1, 96190 Untermerzbach.
Portal for job applicants (Art. 6 para. 1 lit. a, b EU-GDPR)
We are pleased to learn about your interest in working for Rösler Oberflächentechnik GmbH. We appreciate the confidentiality of your personal data and are using them only for the purpose of an effective and correct processing of your job application and for contacting you when processing your application. Your data will not be passed on to third parties without your approval.
In the application form you are asked for personal data. In this connection we follow the principle of keeping the data volume at a minimum by only requesting information required to thoroughly examine your application, for example your CV (curriculum vitae), or those data we must collect by law. These mandatory fields are marked with *(asterisk). For technical and legal reasons your IP address will also be registered.
Without these data we, unfortunately, will not be able to process your application. In this case our application processing system will not allow uploading of the application forms. Of course, you have the possibility to voluntarily add data in your application form.
To provide the best possible protection for the safety and confidentiality of your data, we are utilizing special safety software. The transmission of your application documents to us is always encoded.
We store your data solely for the purpose described above, until the application process is completed and respective deadlines have expired – latest six months after a decision has been communicated. However, you may want us to keep your application forms for a longer period so that we can match your profile with other vacant positions in our company.
For this we need your approval, which you can provide by clicking on the respective checkbox when uploading your application. In this case we store your data for twelve months. Of course, you can always withdraw your consent with immediate effect by phone +49 9533 924 456, by e-mail to firstname.lastname@example.org or by mail to Personal, Hausen 1, 96231 Bad Staffelstein.
Automated decisions in single cases
We do not utilize fully automated processes to make and implement a decision.
The data generated by etracker is processed and stored by etracker on behalf of the provider of this website exclusively in Germany and is therefore subject to strict German and European data protection laws and standards. etracker has been independently audited and certified in this regard and awarded the ePrivacyseal data protection seal of approval.
Data processing is carried out on the basis of the legal provisions of Art. 6 Para. 1 lit. f (legitimate interest) of the German Data Protection Regulation (DSGVO). Our concern in terms of the DSGVO (legitimate interest) is the optimization of our online offer and our web presence. Since the privacy of our visitors is important to us, the data that may allow a reference to an individual person, such as the IP address, login or device identifiers, are anonymized or pseudonymized as soon as possible. No other use, combination with other data or transfer to third parties will take place.
You can object to the aforementioned data processing at any time by clicking on the slider. The objection has no adverse consequences. If no slider is displayed, data collection is already prevented by other blocking measures.
Further information on data protection at etracker can be found here.
We use Videolyser, a service of Christian Eckardt, Kirchtal 5, 37431 Bad Lauterberg, Germany, for the integration of videos within the framework of our legitimate interest in a technically flawless online offer and its economically efficient design and optimization pursuant to Art.6 para. 1 lit.f DSGVO. This is a particularly data-saving service for embedding videos, as your data is only collected pseudonymously. Your IP address is already shortened by the last digits before it is stored in the server log files and replaced by a randomly generated number https://www.videolyser.de/artikel/dsgvo-videolyser, so that no personal data of yours is stored by Videolyser when you watch a video on our website.
Webinars / video conferencing (Art. 6 para. 1 p. 1 lit. b, f European Union General Data Protection Regulation (EU-GDPR), § 26 Federal Data Protection Act (BDSG))
Rösler Oberflächentechnik GmbH uses video conferencing services to conduct webinars on various topics offered. For this purpose, Rösler Oberflächentechnik GmbH uses the video conferencing tool Zoom. Zoom is a service of Zoom Video Communications, Inc. which is based in the USA. Zoom is used either via your web browser or alternatively via the Zoom app installed on your end device.
We wish to point out that further data processing, for example in connection with calling up the Zoom website and/or installing the Zoom app, is not part of our responsibility.
When using Zoom, your user data stored at Zoom (e.g. name, email address, profile picture, language, etc.) is processed. Additionally, connection data (e.g. IP address) and metadata (e.g. meeting ID, phone numbers, dates, etc.) is collected. Finally, image and sound data from you is processed. For this purpose, Zoom gains access to the camera and microphone of your end device for the duration of the transmission, if you allow this. The image and sound transmission can be suspended by you at any time. In addition, it is possible to make text entries (chat) and to transfer files together with their contents (in the case of file exchange).
The processing of the data is carried out for the implementation of webinars and serves the implementation of pre-contractual measures or the fulfilment of the contract, Art. 6 para. 1 p. 1 lit. b EU-GDPR. Insofar as the video conferences take place within the company between employees on the basis of § 26 (1) BDSG. Furthermore, the data processing is carried out on the basis of our legitimate interest in effective communication design according to Art. 6 para. 1 p. 1 lit. f EU-GDPR.
The data will only be stored for as long as is absolutely necessary to achieve the purpose and for as long as there are no statutory retention obligations that prevent deletion. Please note that the data may have to be stored for verification purposes based on legal retention obligations. In this case, the data will be deleted at the latest after expiry of the respective retention period.
Zoom processes and stores your data in the USA and is obliged by corresponding contractual regulations to comply with EU data protection standards and to guarantee the European level of data protection. Data may also be processed or stored in third countries on the basis of your consent (Art. 49 para. 1 p. 1 lit. a EU-GDPR), in which case you will be informed separately.
For more information on data processing by Zoom, see: https://rosler-academy.zoom.us/terms and https://rosler-academy.zoom.us/privacy
Rösler Oberflächentechnik GmbH maintains presences on “social media,” presently on Facebook, YouTube, Xing, LinkedIn, kununu and vimeo. Insofar as we have control over the processing of your data, we ensure that the applicable data protection regulations are observed.
The following provides you with the most important information on data protection law in relation to our presences.
Name and address of the person responsible for the company
In addition to Rösler Oberflächentechnik GmbH, the person responsible for the company presences within the meaning of the EU General Data Protection Regulation (EU-GDPR) and other data protection regulations is
(Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland)
(LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Irland)
(New Work SE, Dammtorstraße 30, 20354 Hamburg, Deutschland)
(Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Irland)
(kununu GmbH, Neutorgasse 4-8, Top 3.02, A - 1010 Wien)
(Vimeo, Inc. 555 West 18th Street, New York, New York 10011, USA)
However, you use these platforms and their functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g. commenting, sharing, rating).
We would further like to point out that, in doing so, your data may be processed outside the area of the European Union.
Your rights / option to object
If you are a member of a social network and do not want the network to collect data about you via our presence and link it to your stored membership data with the respective network, you must
- log out of the respective network before visiting our fan page,
- delete the cookies stored on your device and
- close and restart your browser.
After logging in again, however, you will again be recognizable to the network as a specific user.
For a detailed description of the respective processing and the opt-out options, please refer to the information linked below:
- Opt-Out: https://www.facebook.com/settings?tab=ads
- Opt-Out: https://www.xing.com/settings/privacy/data/tracking
- Opt-Out: https://tools.google.com/dlpage/gaoptout?hl=de
- Opt-Out: https://www.xing.com/settings/privacy/data/tracking
Altogether, you have the following rights regarding the processing of your personal data:
Right to information; right to rectification; right to erasure; right to restriction of processing; right to object; right to data portability; right to complain about unlawful processing of your personal data to the competent data protection authority.
However, since Rösler Oberflächentechnik GmbH does not have complete access to your personal data, you should contact the providers of the social media directly when asserting your rights, as they each have access to the personal data of their users and can take appropriate measures and provide information.
Should you still require assistance, we will of course do our best to support you. Please contact email@example.com.
Information on copyright and art copyright
If you want to publish pictures, texts, plans, videos, music, etc. on our website, you should know that you may possibly thus assign all rights of use to the network, which could ultimately have legal consequences for you if you are not the author or rights holder yourself.
Online offers and children
Persons under the age of 16 years are not allowed to transmit data to us or make a consent declaration without the specific approval of their parents. We want to encourage all parents and guardians to share in the online activities of their children.
Links to other providers
Our website also contains links - clearly indicated by this symbol - to the websites of other companies. Insofar as links to websites of other providers are present, we have no influence on their contents. Therefore, no guarantee or liability can be assumed for these contents. The respective provider or operator of the pages is always responsible for the content of these pages.
The linked pages were checked for possible legal violations and recognizable infringements at the time of linking. Illegal contents were not recognizable at the time of linking. However, a permanent control of the contents of the linked pages is not reasonable without concrete evidence of a violation of the law. If we become aware of any infringements, such links will be removed immediately.