Data Protection Statement

A.    Responsible authority for data processing

We, 

 

Riese & Müller GmbH

Am Alten Graben 2

64367 Mühltal (Germany)

Telephone: 0049 6151/36686-0

Fax: 0049 6151/36686-489

Email: dataprivacy@r-m.de

 

are responsible for the processing of personal data within the scope of our web presence, and in accordance with the requirements of the General Data Protection Regulation (GDPR).

Through this data protection statement, we would like to inform you of the type, scope and purposes of the processing of your personal data (hereinafter referred to simply as “data”).

B.    Data use, purposes of processing and legal basis

We process data when people get in contact, use our services (e.g. register for our newsletter), as well as visit our website. Personal data is only used and processed by us for the purpose for which you supplied it, either by your consent or in order to fulfil our contractual obligations. In addition, data processing is carried out in order to safeguard our legitimate interests.

The processing of your data may also take place by other departments within Riese & Müller GmbH. In some cases, we also make use of external service providers for processing. These have been carefully selected and commissioned by us, are bound by our instructions and are regularly checked.

The specific purposes of processing, the subject’s data, as well as the legal basis for data processing are laid out in the following list:

a) Purpose of website visit

We record your visits to our website. In doing this, the following data is processed: Name of the website visited in each case, date and time of the visit, the volume of data transferred, browser type as well as version, the operating system you use, the referrer URL (of the website you visited directly before), your IP address and the requesting provider. We collect this data on the basis of our legitimate interests in accordance with Article 6(1) f) GDPR.

b) Contacting us

If you get in contact with us using one of our contact forms or via email, your details will be used exclusively for the purpose of processing and resolving your query. The subject’s data are: Your email address, surname, first name, subject, message as well as other optional data you have entered. If registering for a guarantee, your address, the dealer, frame number, date of purchase and price of purchase will also be stored. This data is processed by us on the basis of your consent in accordance with Article 6(1) a) GDPR.

c) Press mailing list

In order to receive press releases by email, you can register for our press mailing list. When registering for the press mailing list we use the data you have provided. The subject’s data are: Your email address, surname, first name, editor, as well as other optional data you have entered.

Inclusion in the press mailing list occurs exclusively on the basis of your prior consent in accordance with Article 6(1) a) GDPR.

d) Newsletter

In order to receive advertising information by email, e.g. relating to our products or special offers, you can subscribe to our newsletter. When registering for the newsletter we use the data you have provided. The subject’s data are: Your email address, surname, first name as well as other optional data you have entered.

Sharing your data with third parties and third countries

The newsletter is sent using the MailChimp service provided by Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, headquartered in the USA. Your email address, surname and first name, as well as other optional data you have provided are stored on MailChimp servers in the USA. MailChimp uses this information to send and evaluate the newsletters on our behalf. Furthermore, MailChimp may, according to its own statements, use this data to optimise or improve its own services, e.g. for the technical optimisation of the mailing and the presentation of the newsletter or to determine from which countries the recipients come. MailChimp does not, however, use your data to contact our customers itself, nor does it pass the data on to third parties.

You can find further information on data protection at: https://mailchimp.com/legal/privacy/. In order to maintain the European level of data protection “The Rocket Science Group LLC d/b/a MailChimp” has been certified under the privacy shield agreement: https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&status=Active.

Sending of the newsletter occurs exclusively on the basis of your prior consent in accordance with Article 6(1) a) GDPR. If you are under 16 years of age, the registration for the newsletter requires the consent of your legal guardian.

Registration for our newsletter is carried out according to the so-called double opt-in procedure. In order to prevent fraudulent activity, we send you an email after registration, asking you to confirm your registration. In order to prove that the registration process has occurred in accordance with legal requirements, the newsletter registration will be recorded. This also includes storing the time of the registration and confirmation as well as the IP address. Changes are recorded by the newsletter service provider employed by us.

You can withdraw consent to receive the newsletter by email at any time. At the end of every newsletter there is also a link for withdrawing consent. If you have registered purely for our newsletter and have then cancelled this registration, your personal data will be erased.

e) Dealer search

In order to display the dealer search, we use Google Maps JavaScript API v3. In order to display and submit a search query, data including your IP address and location is transferred to the Google server in the USA and stored there.

We have, however, implemented a solution which means your consent is required before data is transferred. You can provide this at the bottom of the page or in the dealer search itself. This means that the above-mentioned data is only sent to the Google server and relevant data (including map displays) is loaded from there after your consent has been obtained. Data is only transferred in this context if you have also chosen to use the dealer search function. If not, you can use the page search to find a dealer by another means. The results are displayed on the basis of your prior consent in accordance with Article 6(1) a) GDPR.

You can find further information on how Google uses data and may share it with third parties in the Google data protection statement, under the following link: https://www.google.com/policies/privacy/  

f) Processing job applications

Personal data which you have provided as part of a job application will only be processed by us within the scope of the application process. We will not share your personal information with third parties.

The data will only be stored until the application process is complete. If the application is unsuccessful, the data will be deleted. If the application is successful, the data will be transferred to our employee files. We would like to point out that, notwithstanding the above-mentioned provisions, the application documents will be stored for three months. The processing is necessary to carry out precontractual steps in accordance with Article 6(1) b) GDPR.

g) Website analytics

In order to analyse user behaviour on our website, optimise our online services and also to personalise content and ads, we use specific cookies that store your IP address. Data processing is undertaken in this context on the basis of our legitimate interests in accordance with Article 6(1) f) GDPR. Please refer also here to section C. c) on Google Analytics.

Sharing your data with third parties and third countries

Within the scope of our website analytics, we use Google Analytics, a web analysis service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Google uses servers for this, which are located in the USA.

The EU Commission certified in an adequacy decision, the EU-US Privacy Shield, that the level of data protection of the above-mentioned countries is identical with that of the EU. The service provider we employ, Google, is certified. You can find information on this here: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Please refer here in addition to following section C.

 

C.    Use of cookies  

a)    General

In order to make the visit to our website appealing and to enable usage of certain functions, we use so-called cookies on several pages. Cookies are small text files that are placed on your terminal device. Some of the cookies we use are deleted at the end of your browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your device and allow us or our partner companies to recognise your browser upon your next visit (persistent cookies).

In concrete terms, we use the following cookies. If a cookie is not deleted by the user, it will be saved until it is used for its intended purpose of (see table). It will then be automatically deleted within (see table).

Name of the cookie

Expiration date

Description

PHPSESSID

Expiry after closing the browser

Front-end session cookie

X-Magento-Vary

Expiry after closing the browser

The Magento 2 cookie stores the accessed page. Thereby, several versions of a single page can be saved in the cache.

_ga

2 years

This cookie is used to distinguish users.

form_key

Expiry after closing the browser

Stores a randomly generated key in order to avoid fake requests.

mage-banners-cache-storage,
mage-cache-sessid, mage-cache-storage, mage-cache-storage-section-invalidation

Expiry after closing the browser

Facilitates the caching of content in the browser in order to speed up the loading of pages.

mage-messages

Expiry after closing the browser

Used to display system messages after user actions.

mage-translation-file-version

Expiry after closing the browser

Facilitates the translation of content in other languages.

mage-translation-storage

Expiry after closing the browser

Facilitates the translation of content in other languages.

private_content_version

2 years

Handles additional AJAX requests to render user-defined content.

store

1 year

Saves the page view or page language displayed.

product_data_storage

Expiry after closing the browser

The front-end product repository uses the section product_data_storage of the data storage cache as a data source. In this section, all product data are stored in this section that originate from the server when a customer visits a product page.

recently_compared_product

Expiry after closing the browser

Products that were recently compared by the visitor.

recently_compared_product_previous

Expiry after closing the browser

Products that were previously compared by the visitor.

recently_viewed_product

Expiry after closing the browser

Products that were recently accessed by the visitor.

recently_viewed_product_previous

Expiry after closing the browser

Products that the visitor has accessed before.

section_data_ids

Expiry after closing the browser

Allows the visitor to receive data if something changes particularly for him/her on the server.

shop_country

1 day

Stores the country code of the current visitor.

login_redirect

Expiry after closing the browser

Sets the URL to be forwarded after successful registration and login.

_gat

1 day

This cookie does not store any user information but is used only for limiting the queries to doubleclick.net and is used by Google per default.

_gid

1 day

Contains a unique identifier to distinguish users.

mage-banners-cache-storage

31.12.2099

Saves customer-based discount rules and the current store ID.

mage-banners-cache-timeout

31.12.2099

Saves the validity duration of mage-banners-cache-storage.

mage-cache-timeout

31.12.2099

Contains the validity duration of mage-cache-storage.

mage-translation-file-version

31.12.2099

Contains the translations used on the page.

product_data_storage

31.12.2099

Contains the data of the last/currently displayed product.

recently_compared_product

31.12.2099

Products that were recently compared by the visitor. (Timestamp + product ID)

recently_compared_product_previous

31.12.2099

Products that were previously compared by the visitor. (Timestamp + product ID)

recently_viewed_product

31.12.2099

Products that were recently accessed by the visitor. (Timestamp + product ID)

recently_viewed_product_previous

31.12.2099

Products that the visitor has previously accessed. (Timestamp + product ID)

private_content_version

31.12.2099

Handles additional AJAX requests to render user-defined content.

mage-cache-storage

31.12.2099

Contains the following data:

-      Shopping cart contents

-      Product data of compared products

-      Customer data (name, first name, ID of the website used by the customer)

-      A country code table

-      Whether the buy-now function is activated for the customer

-      Last order data

-      Data of all wish lists created by the customer

-      ID for product_data_storage

-      Data of the last compared products

-      Data of the last viewed products

-      Wish-list data

mage-cache-storage-section-invalidation

31.12.2099

Specifies whether the local storage is obsolete and needs to be updated.

 

You can delete all cookies stored on your computer and change the settings on most browsers so that cookies cannot be stored. You can find out how to do this here for example: www.allaboutcookies.org.

If you do this, you may have to adjust some of the settings manually every time you visit a page and accept some impairment of functionality.

We use cookies in order to personalise content and ads and to analyse visits to our website. In addition, we share information on your use of our website with our partners for social media, advertising and analysis. You can find details at:  https://policies.google.com/technologies/partner-sites?hl=en.

In addition, further so-called third-party cookies may be installed when visiting this website, for instance for using Google Maps or Google Analytics. We have no control over the installation of the cookies, their functions and contents.

Please also refer to the following section C b) on the use of Google advertising tools:

 

 

b)    Google advertising tools

This website uses web analysis services provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). These service are outlined in the following. We share data with Google for these purposes. Please refer to the guidance on Google data usage in the Google Partner Network at:

https://policies.google.com/technologies/partner-sites?hl=en

or

www.google.com/privacy_ads.html

 

c)    Google Analytics

Google Analytics uses so-called “cookies”, which are text files placed on your computer to enable your use of the website to be analysed. The information generated by the cookie about your use of this website (including your IP address) will be transferred to a Google server in the USA and stored there. Google will use this information to analyse your use of the website, compile reports on website activity for the website operators and provide other services related to use of the website and the internet.

Google will also pass this information on to third parties if required to do so by law or where third parties process these data on behalf of Google. Google will not associate your IP address with other Google data under any circumstances. You can prevent the installation of cookies via the corresponding setting in your browser software; we would also point out that in this case you may not be able to completely utilise all functions of the website. By using this website, you are stating your agreement to the processing of the data obtained about you by Google in the manner described above and for the aforementioned purpose.

You can object to the collection of data with future effect at any time by using the deactivation browser add-on from Google Analytics, found at http://tools.google.com/dlpage/gaoptout?hl=en

You can also stop Google Analytics from collecting data by clicking the following > link <. An opt-out cookie is installed which prevents the collection of your information when you visit this website in the future:

<a href=”javascript:gaOptout()”>Deactivate Google Analytics</a>     
We would like to point out that this website uses Google Analytics with the “anonymizeIp()” extension. This means that IP address are only stored in an anonymous form, making it impossible to draw a direct connection between an identifiable person and the stored data.

By rejecting the tracking function, a new cookie will be installed, which will however save no personal data on you and all other cookies will remain blocked unless you have given your consent to their use.

 

D.    Your rights as a data subject

1. Information

You may request details, free of charge, about all of the personal data that we have stored about you.

 

2. Rectification, erasure, restriction of processing (blocking), objection

Should you no longer consent to the storage of your data or should the data be incorrect, we will arrange for your data to be erased or blocked accordingly, or for the necessary corrections to be made (provided this is permissible under current law). The same applies should you only consent to us processing data in a restricted manner in future.

 

 

3. Data transferability

We will store your data in a transferable form, so that the data can also be transferred to another company at your request.

 

4. Exercising your rights as a data subject

If you have any questions about the processing of your personal data, if you would like information or to rectify, block, object to the use of, or erase data, or request for data to be transferred to another company, please contact:

Riese & Müller GmbH

Am Alten Graben 2

64367 Mühltal (Germany)

Telephone: 0049 6151/36686-0

Fax: 0049 6151/36686-489

Email: dataprivacy@r-m.de

 

5. Our data protection officer

The data protection officer for our company is:

CTM-COM GmbH

Mr Moritz Görmann

In den Leppsteinswiesen 14

64380 Roßdorf (Germany)

Telephone: 0049 6154-57605111

Email: datenschutz@ctm-com.de

 

6. Right of appeal

In addition, a right to appeal to the responsible supervisory authority exists

The Data Protection officer for Hessen [Hesse]

Gustav-Stresemann-Ring 1

65189 Wiesbaden (Germany)

Telephone: 0049 611/1408-0

Fax: 0049 611/1408-900

Email: poststelle@datenschutz.hessen.de

 

7. Please note

Data from which we are unable to identify the data subject, e.g. where this has been anonymised for the purposes of analysis, is not covered by the above-mentioned rights. The right to information, erasure, blocking, correction or transfer to another company of this data is only possible if you make additional information available to us which allows us to identify the data.

E.    Withdrawing consent with future effect

You can withdraw your consent at any time with future effect. Data used for the purposes of accounting and bookkeeping is not affected by termination/withdrawal of consent or erasure. Your withdrawal of consent shall not affect the legality of the prior processing.

F.    Storage period

Personal data which has been shared with us via our website is only stored until we have fulfilled the purpose for which it was entrusted to us. Where retention periods relating to commercial and tax law must be observed, the period for storing specific data may be up to 10 years.

G.    Security

We protect the transfer of your data with a secure (AES 256 Bit) TLS connection. TLS (Transport Layer Security) is a security technology that ensures your personal data is transferred over the internet securely, without being accessible by external parties.

Contact
Contact

Great ideas and strong impulses at the push of a button.

Our team would be happy to give you advice.