Privacy Policy

A. General information

The following information applies to all data processing on this website.

1. Responsible body and contact details

Controller of these internet pages is

REMEX GmbH
Am Fallhammer 1
40221 Düsseldorf

Further information about our company and contact details can be found in our > Imprint.
Contact details of our data protection officer:

Althammer & Kill GmbH & Co. KG
Herr Niels Kill
Mörsenbroicher Weg 200
40470 Düsseldorf

> kontakt-dsb@althammer-kill.de

2. Data categories, purposes and legal basis of data processing

We process your personal data in accordance with the provisions of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG) as well as all other applicable legal provisions.

The type and scope of data processing are generally determined by the service or information you have selected. For details on the data categories, purposes and legal bases, please refer to Part B.

3. Data recipients

We transfer your personal data if necessary to the following data recipients:

  • The transfer takes place in compliance with a legal requirement according to which we are obliged to report or pass on the data (e.g. to authorities).
  • Data is transferred to external companies that act as order processors on our behalf or that will act on our behalf (this concerns, for example, courier and logistics companies, call centres, external computer centres, EDP and IT applications, website management, auditing services, credit institutions, data disposal, etc.).

4. Deletion of data and duration of storage

In principle, we process and store your data only for as long as is necessary for the purposes for which they are processed.

If the data are no longer required for the fulfilment of contractual or legal obligations and rights, they are regularly deleted, unless their - temporary - further processing is required for the fulfilment of the purposes listed above for an overriding legitimate interest.

Insofar as individual processing operations of personal data require other deletion periods, these are mentioned in the description of the individual processing operations under Part B.

5. Processing of your data in a third country

Data will only be transferred to third countries (countries outside the European Union (EU) or the European Economic Area (EEA)) if it is necessary for the execution of an order/contract from or with you, if it is required by law (e.g. reporting obligations under tax law), if appropriate data protection levels exist or if you have given us your consent.

The processing of your data in a third country can also take place in connection with the involvement of service providers, e.g. within the framework of commissioned processing. If there is no EU Commission decision on an adequate level of data protection for the country in question, we ensure that your rights and freedoms are adequately protected and guaranteed by means of appropriate guarantees (e.g. EU standard contractual clauses).

Information on the appropriate or adequate safeguards and on the possibility of obtaining a copy from may be obtained on request.

 

6. Automated decision-making in individual cases / profiling

We do not use automated decision-making/profiling procedures that have a legal effect on you or that significantly affect you in a similar way.

7. Obligation to provide data

You only need to provide the data that is necessary for the use of the website and its functions. Without this data, however, we will not be able to provide you with our website properly and securely, to respond properly to your enquiries to us. This may also relate to data required at a later date.

 

8. Your rights as a data subject

You are entitled to the following rights as a data subject, which you can assert against us, subject to the legal requirements:

  • Right of access: You are entitled to request confirmation from us at any time within the scope of Art. 15 of the GDPR as to whether we are processing personal data relating to you; if this is the case, you are also entitled within the scope of Art. 15 of the GDPR to receive information about this personal data as well as certain other information (including processing purposes, categories of personal data, categories of recipients, planned storage period, the origin of the data, the use of automated decision-making and, in the case of third country transfers, the appropriate safeguards) and a copy of your data.
  • Right to rectification: In accordance with Art. 16 GDPR, you are entitled to demand that we rectify the personal data we hold about you if it is inaccurate or incorrect.
  • Right to erasure: You have the right to request that we erase personal data relating to you without undue delay, subject to the conditions set out in Article 17 of the GDPR. The right to erasure does not apply, inter alia, if the processing of the personal data is necessary for (i) the exercise of the right to freedom of expression and information, (ii) compliance with a legal obligation to which we are subject (e.g. legal obligations to retain records) or (iii) the assertion, exercise or defence of legal claims.
  • Right to restrict processing: You are entitled to demand that we restrict the processing of your personal data under the conditions of Art. 18 GDPR.
  • Right to data portability: You are entitled, under the conditions of Art. 20 GDPR, to demand that we hand over to you the personal data concerning you that you have provided to us in a structured, common and machine-readable format.
  • Right of withdrawal: You have the right to withdraw your consent to the processing of personal data at any time with effect for the future.
  • Right to object: You have the right to object to the processing of your personal data under the conditions of Art. 21 GDPR, so that we have to stop processing your personal data. The right to object only exists within the limits provided for in Art. 21 GDPR. In addition, our interests may conflict with the termination of processing, so that we are entitled to process your personal data despite your objection.
  • Right to lodge a complaint with a supervisory authority: You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your place of residence, place of work or place of the alleged infringement, under the conditions set out in Article 77 of the GDPR, if you consider that the processing of personal data concerning you infringes the GDPR. The right of appeal is without prejudice to any other administrative or judicial remedy.

A list of the respective data protection supervisory authorities and their contact details can be found in the following link: https://www.bfdi.bund.de/DE/Service/Anschriften/anschriften_table.html

The supervisory authority responsible for us is:

State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia
Kavalleriestr. 2-4
40213 Düsseldorf
Telefon: 0211/38424-0
Fax: 0211/38424-999
E-Mail: poststelle@ldi.nrw.

However, we recommend that you always direct a complaint to us in the first instance. If possible your requests to exercise your rights should be addressed in writing or electronically to the address given in point 1 above.

9. Information on the right to object (Art. 21 GDPR)

Insofar as the processing of your personal data is carried out on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR (data processing based on a balance of interests) or on the basis of Art. 6 para. 1 sentence 1 lit. e GDPR (data processing in the public interest), you have the right to object to the processing at any time without incurring any costs other than the transmission costs according to the basic rates.

We will then in any case no longer process the personal data for direct marketing or related profiling purposes, nor for any other purposes, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the purpose of asserting, exercising or defending legal claims.

10. Amendments

We may amend this data protection information at any time (e.g. in the event of changes in data processing or the legal framework). Any changes will be announced by publishing the amended data protection information on the website. Unless otherwise specified, such changes will take effect immediately. Therefore, please check this data protection information regularly to view the most current version.

B. Individual processing operations, purposes and legal bases

1. Logging

When using the website, certain connection data and data provided by your internet browser are temporarily stored. For the operation of the website, the following data is logged and stored in log files:

  • (Anonymised) IP address of the calling computer

  • Operating system of the calling computer

  • Browser version of the calling computer

  • Name of the retrieved file

  • Date and time of the retrieval

  • Referring URL

  • Type of end device (e.g. desktop/smartphone)

  • Connection logging

The logging of data or its processing in log files is technically absolutely necessary for the proper and secure operation of the website. The legal basis for the (initial) storage and/or readout of data from your terminal device is therefore § 25 para. 2 no. 1 TTDSG.

Insofar as automatically transmitted data (e.g. the public IP address of your end device) is processed, the processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR, insofar as you visit our website for the purpose of executing a contract with you or for pre-contractual measures (e.g. information about our products, enquiries), as well as within the scope of our legitimate interest according to Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in the proper and secure provision of the website or our online offer.

The log file information is stored anonymously after the session is ended.

 

2. Contact form

We offer a contact form on our website, which you can use to get in touch with us. In addition to the voluntary information and your message content, we require you to provide the following information:

  • Name
  • E-mail adress

We need this information to process your enquiry and to send you a reply. Enquiries received via the contact form are stored as emails and regularly checked to see whether data can be deleted.

If data is no longer required in the context of the interested party relationship or if your conflicting interest outweighs this, we will delete the relevant data after 180 days at the latest, provided that this does not conflict with any statutory retention obligations.

The legal basis for this data processing is Art. 6 para. 1 lit. f GDPR.
Insofar as the contact is made for the purpose of initiating contractual relations, the legal basis is Art. 6 para. 1 lit. b GDPR.

  

3. Matomo

On our websites, we use a version of Matomo implemented on our own servers. This is an open source analysis software for the purpose of statistical evaluation of visitor access. With the help of this analysis, we would like to understand in particular which of our pages are accessed how often and for how long and are therefore of interest, but not by whom they are accessed. The version of Matomo implemented on our server does not use cookies. We only store anonymised user data for the collection of general statistical values without comprehensively analysing user behaviour.

A comprehensive analysis of user behaviour is also not possible due to the anonymised data collected. The IP-address transmitted in the server log-in is anonymised on our server before it is transmitted to the Matomo installation and replaced by a random IP address. In addition, a user ID is created by means of a random HASH value. It is not possible for us to track the data automatically transmitted by your terminal device, such as the IP address, as well as the user ID on the basis of the anonymised and randomly generated data, as temporal entries are randomised at the Matomo installation and the real IP address is immediately anonymised. After the session ends (i.e. usually when the browser is closed) the randomised IP-address and user ID are deleted by Matomo.

The legal basis for the use of Matomo is Art. 6 para. 1 sentence 1 lit. f GDPR.
Our legitimate interest is the improvement of our websites, respectively of our online offer.

 

4. Compliance with legal requirements

We also process your data to comply with legal requirements. We are subject to a variety of legal obligations. These are primarily legal requirements (e.g. from commercial and tax laws), but also other official requirements where applicable. These include, in particular, the fulfilment of control and reporting obligations under tax law as well as archiving and documentation obligations.

The legal basis for the processing is Art. 17 para. 3 lit. b GDPR and Art. 6 para. 1 sentence 1 lit. c GDPR.

 

5. Enforcement and defence of rights

We may also process your personal data in order to be able to assert our rights and enforce our legal claims and/or to be able to defend ourselves against legal claims and/or insofar as this is necessary for the defence or prosecution of criminal offences.

The legal basis for the processing is Art. 17 para. 3 lit. e GDPR and Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest is the enforcement and defence of rights.