Privacy Policy
In this Privacy Policy, we will inform you about the processing of your personal data and your data protection rights within the scope of your contact to Rite-Hite GmbH. Your privacy is an important concern to us. We exercise great care in the protection of your personal data. Your personal data will be exclusively processed in compliance with the applicable provisions under data protection laws.
For the sake of convenience, only the masculine form is used for personal names and personal nouns on this website. The corresponding terms apply to all genders in accordance with the principle of gender equality. This language is used solely for editorial purposes and entirely without prejudice.
(1) General Information about data processing and data subject rights
Data Controller and Contact
Data controller for all processing activities in the context of your business relationship to Rite-Hite GmbH, unless stated otherwise, is:
Rite-Hite GmbH
Carl-Zeiss Straße 3
34471 Volkmarsen
Germany
Contact: info-de@ritehite.com
Data Protection Officer
It is important to us that data processing is secure and compliant with data protection law. For documentation and regular review, we have appointed an external data protection officer.
Datenschutzberatung Moers GmbH
Neue Straße 22
34369 Hofgeismar
Germany
If you have any questions regarding data protection, please contact our external data protection officer at rite-hite@dsb-moers.de. Further contact details can be found at www.dsb-moers.de.
Purposes and legal bases of data processing
The purposes of data processing by Rite-Hite GmbH are the provision of services, fulfillment of contracts, fulfillment of legal obligations, provision of information about services of Rite-Hite GmbH and the possibility to contact us.
Personal data is processed on the basis of one of the following legal bases:
- Art. 6 (1) a GDPR for the processing of personal data with the consent of the data subject.
- Art. 6 (1) b GDPR for the processing of personal data necessary for the performance of a contract with the data subject, as well as for taking appropriate steps prior to entering into a contract.
- Art. 6 (1) c GDPR for the processing necessary for compliance with a legal obligation to which we are subject in accordance with applicable EU law or in accordance with the applicable law of a country in which the GDPR is applicable in whole or in part.
- Art. 6 (1) f GDPR for the processing of personal data necessary to protect the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject. Legitimate interests are, in particular, our commercial interest to be able to provide our website, the security of information, the enforcement of our own legal claims and the compliance with further legislation.
Recipients of Personal Data
We engage third party companies or individuals as service providers or business partners to support our business. These third parties are our processors and may, for example, provide and help us with computing and storage services. From time to time, we may remove or engage new processors. Rite-Hite will ensure that processors are bound by written agreements and provide an appropriate level of protection.
Our service providers have been contractually obligated to maintain confidentiality and protect data in the event that access to personal data cannot be excluded. Data will only be transferred to third countries in compliance with the rights of the data subject and only if sufficient guarantees are effective pursuant to Art. 44 et seqq. GDPR, especially under the provisions of the EU Standard Contractual Clauses.
If applicable, we provide personal data to public authorities and state institutions, such as tax authorities, public prosecutors' offices or courts, to which we (must) transfer personal data, e.g. to fulfil legal obligations or to protect legitimate interests.
Storage period and deletion of personal data
We process personal data only as long as necessary to achieve the purpose. If the processing purpose ceases to apply, we delete the data in accordance with the provisions of Art. 17 GDPR. As soon as the purpose of processing no longer applies, we retain the data in accordance with the statutory retention periods. Any retention beyond shall only take place in the event of an exception pursuant to Art. 17 (3) GDPR.
Data Security
Your personal data are protected from unauthorized access and unlawful processing or transfer, as well as from accidental loss, alteration or destruction. Before the introduction of new methods of data processing, particularly new IT systems, Rite-Hite undertakes technical and organizational measures to protect your personal data. These measures are based on the state of the art, the risks of processing and the need to protect the data. The technical and organizational measures relevant to data protection are documented and reviewed regularly by the Data Protection Officer. Our security measures will be continuously improved based on the state of the art.
Rights and Provision of Data Subjects
You can exercise your right to information, rectification and deletion of data at any time. Simply contact us in the ways described above. If you wish data to be deleted but we are still legally obliged to retain it, access to your data will be restricted (blocked). The same applies in the event of an objection. You can exercise your right to data portability insofar as the technical possibilities are available to the recipient and to us.
If you have given your consent to any data processing, you can revoke your consent at any time with effect for the future. For this purpose, the contact options described above are available to you.
Right to lodge complaints
If you have any objections or complaints with the way in which we process your personal data, you have the right to lodge a complaint with the relevant data protection supervisory authority, where the applicable laws provide for such remedy.
Provision obligation
Without providing correct data, addressing your interests regarding your business relationship to Rite-Hite may not be possible.
Changes to this Privacy Policy
The latest version of this Privacy Policy applies. This version dates from 15.09.2022.
The current version of our privacy policy is available at: https://www.ritehite.com/en/eu/data-protection
(2) Data Processing on this Website
The purpose of data processing on this website is to provide information about the products and services of our company, combined with the opportunity for users to be able to get in contact with the appropriate contact person.
When you visit the website, a connection is established with your browser. The information collected, which is listed as follows, is stored in temporary system files and recorded automatically: IP address of your device, data and time of access, name and URL of files accessed, website from which access is initiated or from which you are directed to our site (referrer URL), browser used and, where applicable, the operating system of your device, as well as the name of your provider.
The data specified is processed by us for the purpose of seamlessly establishing a connection and for system security. The connection data created is automatically deleted. If the website is used improperly, log files, which need to be retained for evidence purposes, are saved until the incident is clarified.
This website uses “Hypertext Transfer Protocol Secure” (https). The connection between your browser and our server is encrypted.
Contact forms
If you contact us via our contact form, your data from the form will be processed for your request. The legal basis for the data transfer to us is your consent according to Art. 6 (1) a GDPR. Personal data entered into forms on our website will be transmitted to Rite-Hite via a secure connection in encrypted form. You can withdraw your consent at any time with effect for the future.
Newsletter
On our website you can subscribe to receive a newsletter. The purpose of sending the newsletter is to inform you about new products and services of our company. If you subscribe to the newsletter on our website, we process your data on the basis of your consent pursuant to Art. 6 (1) a GDPR. In case of a newsletter subscription, the so-called double opt-in procedure is used, i.e. the request for the newsletter must be actively confirmed by you once again by clicking on the link in the e-mail sent to you. You can unsubscribe at any time by clicking on the "Unsubscribe" link.
Cookies
This website uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website is used to evaluate your visit to the website and to improve the information we provide.
If cookies that are not necessary for the operation of the website are used, we ask for your consent in advance; the legal basis for data processing is Art. 6 (1) a GDPR (consent).
If the use of cookies is necessary for the functionality of the website, we use cookies on the basis of our legitimate interests. The legal basis for data processing is then Art. 6 (1) f GDPR (legitimate interests). The cookies will be deleted after two years at the latest. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.
You can choose to opt out of all but the necessary cookies. In the settings of the browser, you can change the settings to ensure that cookies will be blocked. Most browsers provide you with an explanation on how to do this in the so-called ‘help-function’. However, if you block the cookies, it is possible that you will not be able to enjoy all the technical features our website has to offer and it may negatively affect your user experience.
Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). The legal basis for this processing is your consent pursuant to Art. 6 (1) a GDPR.
Google Analytics also uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. It is not excluded that the information generated by the cookie about your use of this website is transferred to a Google server in the USA and stored there. On this website IP-anonymization is activated, your IP address will be shortened by Google within member states of the European Union or in other states which are party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. A data transfer to the USA shall only be carried out if the requirements of Art. 44 et seqq. GDPR are fulfilled. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on the website activities and to provide further services to the website operator in connection with the use of the website and the internet. The IP address transmitted by your browser within the scope of Google Analytics is not combined with other data from Google. The user data is deleted after 14 months.
You can revoke your consent at any time with effect for the future and prevent the use of data by Google by downloading and activating the available browser plugin://tools.google.com/dlpage/gaoptout?hl=de.
You can also prevent the storage of cookies by adjusting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all the functions of this website to their full extent.
Further information on data protection at Google can be found at https://policies.google.com/privacy.
Adobe Typekit
We use fonts provided by Adobe (Adobe Typekit, provider: Adobe Systems Incorporated, A17 345 Park Avenue, San Jose, CA, 95110). In this case, the font is provided by Adobe for display in your browser. A data transfer to the USA only takes place if the requirements of Art. 44 et seq. GDPR are fulfilled. The legal basis is our legitimate interest in the appealing display of our website according to Art. 6 (1) f GDPR. You can find Adobe's privacy policy here: https://www.adobe.com/privacy/policies/typekit.html.
Hotjar
This website uses the web analytics service Hotjar. Hotjar is a European company based in Malta (Hotjar Ltd, Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe). With Hotjar we analyze the movements on our site, for example mouse movements, scrolling, clicking buttons. From this, so-called heatmaps are created. Based on these heatmaps, we are able to optimize the site and improve the user experience. In addition, we can obtain direct user feedback and thus further improve the customer experience. The legal basis for the data processing is your consent in accordance with Art. 6 (1) a GDPR. The security of the data is guaranteed by an order processing agreement with Hotjar Ltd. The following data is collected via Hotjar:
- Mouse history,
- Clicking of buttons,
- Scrolling of the screen,
- Anonymized IP address,
- Size of the visitor's screen,
- Type of device (smartphone, computer) and browser used,
- Country of the visitor,
- Language settings set.
You can turn off tracking by Hotjar by enabling the "Do Not Track header" in your browser. These settings are possible in all current browsers. Please remember to make these settings in all your devices that you use to visit our site. Provided you have already set these preferences, Hotjar will not track your visit. For more information about Hotjar's privacy practices, please also read Hotjar's privacy policy at https://www.hotjar.com/privacy. Instructions for the Do Not Track settings can be found at https://www.hotjar.com/opt-out.
Microsoft Advertising (former Bing Ads)
We would like to determine which of our ads on the Microsoft search engine Advertising have led to actions by users on our site, e.g. orders. This serves to optimize our online offer. Due to the use of cookies, the legal basis is your consent in accordance with Art. 6 (1) a GDPR. For this purpose, we use "Bing Ads", a service of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. If you click on an ad in Bing, a cookie is stored on your device. If you will be forwarded to a defined page on our website, we can use the cookie to determine the relationship between advertising and intended effect ("conversion measurement"). We can only measure the total number of conversions achieved. No personal data is transmitted to Microsoft in this context. You can object to the tracking of Bing Ads by deactivating the setting of cookies in your browser. Alternatively, use the opt-out service from Microsoft: http://choice.microsoft.com/de-DE/opt-out.
You can find Microsoft's privacy policy here: https://privacy.microsoft.com/de-de/privacystatement.
Google Tag Manager
We use the "Google Tag Manager" from Google Ireland Limited, Gordon House, Barrrow Street, Dublin 4, Ireland to control the Google Services. This is used to manage the Google services on our site, no processing of personal data is done by the Google Tag Manager.
MaxCDN
To optimize the performance of our website, we use the content delivery network MaxCDN. The legal basis for this is our legitimate interest according to Art. 6 (1) f GDPR. MaCDN is a service provided by Stackpath LLC, 2021 McKinney Ave. Suite 1100, Dallas, TX 75201, USA. You can find Stackpath's privacy policy at https://www.stackpath.com/legal/privacy-statement/.
Cloudflare
For the optimized display of our cookie banner, we use the service of Cloudflare Inc, 101 Townsend St, San Francisco, CA 94107, USA, e-mail: privacyquestions@cloudflare.com. The legal basis for the processing is our legitimate interest according to Art. 6 (1) f GDPR.
Thomas Webtrax
On this website, we use software from Thomas Publishing LLC, 5 Penn Plaza, New York, NY 10001, USA, phone: 1-212-695-0500 for our online marketing activities and web analytics. The legal basis for the processing is your consent according to Art. 6 (1) a GDPR.
(3) Privacy Notice for customers, business partners and third parties
We process personal data of you as a customer, interested party, business partner or third party for the establishment, execution and termination of a contract pursuant to Art. 6 (1) b GDPR. In the run-up to a contract, your personal data may be processed to prepare offers or orders or to fulfill other requests of the interested party in connection with the conclusion of the contract. In this context, you must provide us with all personal data that we need to prepare and carry out our business relationship with you. Without this information, we will not be able to process your request and/or execute the contract. As a prospective customer, you may be contacted as part of the contract initiation process using the data you have provided.
We also process personal data for advertising purposes if this is compatible with the purpose of the contract. If your personal data is only collected for advertising purposes, you can choose whether you want to provide this data. You are advised that providing data for this purpose is voluntary. As part of the communication process, Rite-Hite will ask for your consent. If you give your consent, you will have a choice of contact methods, such as email and telephone, to withdraw your consent. If you object to the use of your information for promotional purposes, we will stop using it for those purposes and limit or block its use for those purposes. We may use third-party websites and platforms and publicly available information to collect and add some information to the information you provide to us in order to send you relevant communications (for marketing purposes). Examples of information collected include additional job-related profile information.
In addition to marketing purposes, legitimate interests consistent with each purpose include, but are not limited to: Ensuring technical operations, responding to non-contractual inquiries, ensuring data security, ensuring data availability, and correcting errors and defects. If we have to pass on data for these purposes, we will explicitly inform you of this fact.
In addition, we process your personal data to comply with legal requirements, based on Art. 6 (1) c GDPR in conjunction with relevant legal provisions. The requirements may arise, for example, from the commercial, tax, money laundering, financial or criminal codes. The processing purposes are based on the respective legal obligation.
Complaints and general customer reactions are stored and evaluated for internal optimization purposes based on Art. 6 (1) f GDPR. If necessary, your contact details will be used to provide you with feedback.
(4) Privacy Notice for Applicants
You can use our career portal to apply for jobs advertised there or to submit unsolicited applications. Data processing takes place exclusively for the purpose of initiating employment relationships on the basis of Art. 88 (1) GDPR related with national laws.
Your data will be stored for the duration of the application process; if you enter into an employment relationship with us, your application data will be stored by us for the duration of your employment relationship. If, after completion of the application process, you are not accepted, we will retain your data on a legal basis for a further six months and then delete it; in the case of unsolicited applications or after your consent to store the data for a longer period for possible future employment, we will retain your data until you revoke your consent or for a maximum of two years.
(5) Data Processing on our Social Media Platform LinkedIn
We use our LinkedIn presence to provide information about our company, products and services, combined with the opportunity for users to interact with us in a targeted manner. We are processing personal data basing on Art. 6 (1) f GDPR. Our legitimate interest is, in particular, our business interest in sharing information with our users and being able to communicate with them.
Before we publish pictures of persons, we ask for your consent (legal basis: Art. 6 (1) a GDPR), or we make a written contractual agreement with your (legal basis: Art. 6 (1) b GDPR). In exceptional cases we may publish pictures based on our legitimate interest for making information about our company available (legal basis: Art. 6 (1) f GDPR).
We entered into a data processing agreement with LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland: https://de.linkedin.com/legal/l/dpa.
It is not excluded that data may be processed by systems outside the European Economic Area. LinkedIn has committed itself to comply with the European General Data Protection Regulation. A data transfer to systems outside the EU only takes place if the requirements of Art. 44 ff. GDPR are observed. You can learn more by clicking https://www.linkedin.com/help/linkedin/answer/62533?trk=microsites-frontend_legal_privacy-policy&lang=en.
For information relating to LinkedIn’s privacy policy please check back at: https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy.
Data disclosure to authorities requires the existence of overriding statutory provisions.
(1) Data Processing on our Social Media Platform Twitter
Twitter is a service provided by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103 U.S.A.
If we process data with Twitter, this is done based on the purpose outlined below and is based on the legal bases listed below. There is no transfer of data to Twitter, such as IP addresses, due to the embedding of tweets on homepages or similar.
However, we may retweet tweets from you, reply to tweets from you or write tweets that refer to you or your Twitter account. In this respect, your public data on Twitter may be made available to followers of our site.
The purpose of data processing on our Twitter site is to provide information about products, services and news, combined with the possibility for users to interact with us in a targeted manner. The legal basis for the data processing is Art. 6 (1) f GDPR. Our legitimate interest is our business interest in sharing information with our users and being able to communicate with them.
If we publish images of individuals, this is done via consent (legal basis: Art. 6 (1) a GDPR), based on a contractual agreement (legal basis: Art. 6 (1) b GDPR) and in exceptional cases based on legitimate interests (legal basis: Art. 6 (1) f GDPR.
Data processed by Twitter
It is not excluded that data from users is processed on systems outside the European Union. Retrieval of public tweets is possible worldwide.
We do not have any influence on the type and scope of the data processed by Twitter Inc. or the transfer of the data to third parties. Furthermore, there are no control options for us.
In this context, we would like to point out that you use the services provided by Twitter Inc. and all associated functions (e.g., sharing and rating content) takes place on your own responsibility. Information about the data processing carried out by Twitter Inc. and the corresponding purposes pursued can be found in the data protection guidelines of Twitter Inc. here: https://twitter.com/en/privacy
It is possible for you to restrict the processing of your data by Twitter. For that purpose, you can open the general settings of your Twitter account and change your privacy settings.
You can control and individualize your privacy settings here: https://twitter.com/settings/your_twitter_data
For this purpose, additional assistance exists on: https://help.twitter.com/en/forms/privacy
You can also change certain settings for your mobile devices (e.g., smartphones, tablets, etc.) so that Twitter only has limited access to your contact data, location data, calendar data or photos. These setting options differ depending on the operating system used on your mobile device.
For more information and assistance, please refer to the following links: https://help.twitter.com/en/personalization-data-settings
To view the processed data, obtain information about their use and download the corresponding data as an archive, you can follow this link. https://help.twitter.com/en/managing-your-account/accessing-your-twitter-data
To contact Twitter, you can follow this link: https://help.twitter.com/en/forms/privacy
(2) Data Processing on our Social Media Platform YouTube
We use a YouTube channel of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5. The purpose of data processing on our YouTube channel is to provide information about products, services and news, combined with the possibility for users to interact with us in a targeted manner. The legal basis for the data processing is Art. 6 (1) f GDPR. Our legitimate interest is in particular our business interest to share information with the visitors of the YouTube channel and to be able to communicate with them.
The YouTube service is based on the following data processing agreement with Google Ireland Ltd.: https://www.youtube.com/t/terms_dataprocessing.
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland is responsible for the collection and further processing of personal user data on YouTube channels. Please note that YouTube collects and processes certain information about your visit to our YouTube channel even if you do not have a YouTube user account or are not logged in to YouTube. For us as the provider of this YouTube channel, only your public profile on YouTube is visible. The kind of information visible for us depends on your settings in your profile. For information about the processing of personal data by YouTube, please refer to YouTube's privacy policy at https://policies.google.com/privacy?hl=de&gl=de.
If we publish images of individuals, this is done via consent (legal basis: Art. 6 (1) a GDPR), based on a contractual agreement (legal basis: Art. 6 (1) b GDPR) and in exceptional cases based on legitimate interests (legal basis: Art. 6 (1) f GDPR.
YouTube Analytics
We also process your activities on our YouTube channel with the help of the statistics service YouTube Analytics. This process helps us to understand our video and channel performance and optimize our channel and our content. This process is consistent with the purpose of data processing described below. Anonymous statistics are created based on your activities. Among other things, we can gain insights into the interactions and activities of our subscribers, the views and the reach of our videos, information about which countries and cities our visitors come from, as well as statistics about the gender ratios, age structures, providers, and interests of our visitors. Neither conclusions about individual users nor access to individual user profiles by the administrator are possible.
Data Transfer to third countries
Due to the affiliation of the provider Google Ireland Limited to the Google group, which has its headquarters in the USA, a data transfer to Google LLC and thus to all states in which Google has data centers cannot be excluded. To ensure an adequate level of data protection, Google Ireland Limited bases such data transfers on the standard contractual clauses of the European Commission.
In this context, we would like to point out that you are using the service provided by Google Ireland Limited (YouTube) and all associated functions such as sharing and rating videos, participation in discussions on your own responsibility. Data that you have voluntarily provided on YouTube will be processed by Google (e.g. name and username, email address, telephone number) and may therefore also be transmitted to third countries. The transfer of personal data to the USA was judged by the ECJ to be fundamentally unsafe without further security measures, as it cannot be ruled out that US security authorities will gain access to this data.
It is possible for you to restrict the processing of your data by Google. To do this, you can open the general settings of your Google account and change your privacy settings. Information on how to individualize your privacy settings can be found here: https://policies.google.com/privacy?hl=de&gl=de#infochoices
You can also change certain settings for your mobile devices (e.g. smartphones, tablets, etc.) so that Google only has limited access to your contact data, location data, calendar data or photos, among other things. These setting options differ depending on the operating system used on your mobile device.