The protection of your data is an important concern for us. We collect, store and use your data according to the legal requirements. Below you will be informed about the way in which we collect, store and process your data.
I. Name and address of the person responsible
The person responsible within the meaning of the basic data protection regulation and national data protection laws of the member states as well as other data protection regulations is the:
Tel.: +49 7121 3016 0
Fax: +49 7121 3016 100
II. General information on data processing
1. SCOPE OF PERSONAL DATA PROCESSING
Personal data are individual information about the personal or factual circumstances of a certain or identifiable natural person. This includes information such as Your name, postal or e-mail address as well as access data as part of the use of our website. Personal data will be stored by us in addition to the access data only if you voluntarily, for example in the context of a registration, a survey, a contest, a contact request, a registration for a newsletter or Online order. In addition, personal data is only used to the extent necessary and only for the purpose that you have agreed or legally permitted. For the secure transfer of your data, REECO GmbH uses encryption methods in secured areas. This means that communication between your browser and, for example, our ordering system is not readable by others on the Internet. The use of our ordering system is also valid as approval for the storage and use of your data by REECO GmbH and its partners.
2. Legal basis for the processing of personal data
In so far as we obtain the consent of the individual for the processing of personal data, article 6 para.1(a) EU General Data Protection Regulation (GDPR) as a legal basis.
In the processing of personal data necessary for the performance of a contract to which the person concerned is a party, Article 6 para. 1(b) GDPR serves as the legal basis. This also applies to processing operations which are necessary for the implementation of pre-contractual measures.
In so far as a processing of personal data is necessary for the fulfilment of a legal obligation which is subject to our company, article 6 para.1 (c) GDPR serves as a legal basis.
In the event that vital interests of the data subject or another natural person require the processing of personal data, article 6 para.1 (d) GDPR serves as the legal basis.
If the processing is necessary to safeguard the legitimate interest of our company or a third party and their interests, fundamental rights and fundamental freedoms of the data Subject do not outweigh the first-mentioned interest, article 6 para.1 (f) GDPR shall serve as the legal basis for processing.
3. Data deletion and Storage time
The personal data of the data subject will be deleted or blocked as soon as the purpose of the storage ceases to apply. In addition, storage may also take place if this is provided for by the European or national Legislators in Union law regulations, laws or other regulations to which the person responsible is subject. The data will be blocked or deleted even if a storage period prescribed by the aforementioned standards expires unless there is a requirement for further storage of the data for a contract conclusion or a performance of the contract.
III. Provision of the website and creation of LogFiles
1. Provision of our website
The provision of this website requires the handling of personal data, such as the IP-address for the retrieval of the contents displayed on this website.
By calling up our Internet pages, REECO GmbH receives access data, which are stored for backup purposes and in principle allow identification:
- The name of your Internet service provider
- The country from which you come
- The website from which you visited us
- The search term when you come to our site via a search engine
- The websites you visit with us
- The user tool (Web browser, operating system) used for your access
- Files you have downloaded from our site (e.g. pdf or Word documents)
- The Duration and
- The date and time of the visit
These data are evaluated by REECO GmbH and enable us to optimize our offers as a whole and to make the contents more personalized for you, e.g. to recognize you as a return visitor to our Internet offering. If you have an existing data record, the new data can in many cases be assigned to it. The IP-address of the computer from which access is made is stored for a period of one month only for backup purposes.
The data is also stored in the log files of our system. A storage of this data together with other personal data of the user does not take place.
IV. USE OF CONTACT FORMS
You also have the possibility to contact us via our contact form. We collect the personal data that you enter in the contact form.
1. Legal basis
The handling of your personal data for the provision of this website and for communication through this website is based on our legitimate interest. For the provision of this website, it is technically necessary that we process certain personal data (e.g. the IP address). For your communication with us, it is necessary that we deal with the personal data.
2. Balancing of interests
As part of the required balance of interests, we have each weighed your interest in the confidentiality of your personal information and our interests in the provision of this website and the contact with each other. Your interest in secrecy occurs in both cases. Otherwise, we may not be able to provide you with this website or respond to your contact request.
3. categories of recipients
We use service providers for the provision of our website. We transmit personal data to these service providers for this purpose. These service providers are contractually obligated by us to exercise the same care when handling personal data as we do ourselves.
These service providers are subject to the same strict data protection regulations and are also included in the data protection concept of REECO GmbH.
Personal data is only transmitted to state institutions and authorities in the context of legal or judicial obligations.
V. Buy online tickets; Register online as visitor, trade visitor, conference participant, sponsor or Exhibitor
1. ONLINE TICKETS AND LEGAL BASIS
You can buy online tickets for trade fairs and congresses through our website. We process the personal data that you enter in the order form. The processing of your personal data takes place for the initiation, execution and fulfilment of the corresponding contract.
In this context, REECO GmbH processes personal data only for the exercise of the business purposes of REECO GmbH. These are organization and realization of events, in particular of trade fairs, exhibitions, markets, congresses, seminars, workshops, conferences, training and continuing education programs, mainly in the field of renewable energies. Provision of Services on the Internet. Operation of a publishing house. The REECO GmbH also operates this and for certain events separate internet offers.
The processing of personal data takes place in particular for the execution of business processes in connection with the above activities, for your information and for advertising our events and services (on the basis of Sec.7 subsec. 3 UWG), for their optimization and market and opinion research. You can object to the sending of electronic mail by sending an e-mail to the following email@example.com
VI. Registration as exhibitor, visitor, conference participant and legal basis
You can register as a visitor, trade visitor or exhibitor as part of our website. We process the personal data that you provide to us as part of your registration.
The processing of your personal data takes place for the initiation, implementation and processing of the corresponding usage contract.
You do not need to register to participate in events organized by REECO GmbH and its subsidiaries. Of course, you can also buy an anonymous ticket at the cash register counters without registering. Our hosts and hostesses, as well as our service center and the exhibition project management, will support you.
Without registration, we are unfortunately not able to provide for you services such as online pre-sale or simplified repeated ticket purchase, match-making, travel services or other services of REECO GmbH.
Something else is for you as a visitor for only pure trade fair shows. (Currently CEB, interCOGEN and WTT). In this case, we need the data necessary to secure the trade visitor status; and
- If you want to redeem a voucher. In this case, we need your names and contact details for the reasons mentioned below under “Exhibitors”.
In detail, we process your personal data for the following purposes:
- Purchase of (partly discounted) tickets for our events;
- Redeem vouchers, tickets with which you can avoid possible waiting times at the trade fair entrance;
- Registration of future Tickets;
- Delivery and payment of other offerings from REECO GmbH (e.g. exhibition directories and catalogues);
- Review of trade visitor status, as some of our events are reserved for a trade audience. You can better plan your visit to the fair beforehand because we can provide you in advance with announcements, specialist information and other materials for the events you are interested in and can specifically recommend exhibitors or services to you;
- If you are an exhibitor, the data will help us to carry out your trade fair appearances smoothly, to offer you a selection of individually tailored service offers and to introduce you to the products, services and marketing offers of REECO GmbH;
- If you are a conference participant, the data will help us to organize your congress participation smoothly, to offer you a selection of individually tailored service offers and to present you the products, services and marketing offers of REECO GmbH;
- Your voluntary participation in our market and opinion research helps us to improve our events and our service offering;
- Prevention or detection of abuse and fraud, especially in the case of vouchers and free tickets;
- Easily update your personal data over the Internet.
Data that is collected later is also assigned to the customer account. This includes, for example, the data collected when ordering a ticket, the number of the voucher of an exhibitor inviting you to send e-mail addresses of other persons for whom you also order tickets
simultaneously with your Order,
You may have multiple customer accounts with us if you are registered with different email addresses.
VII. categories of recipients
We solely pass on the data to third parties in the instances described below. Some beneficiaries are located outside the European Economic Area (EEA). Please refer to the following section.
- Group Companies: REECO GmbH may transmit the personal data of its exhibitors to its group companies if they wish to provide information about their events and services. The group companies are obligated according to the requirements of data protection. The group companies of REECO GmbH can be found on our homepage http://www.reeco.eu/standorte.html.
The transfer of personal data from visitors to group companies takes place only for visitors who have been mediated by the respective group company. In a larger group of companies, such as the REECO GmbH, it cannot be ruled out that individual subsidiaries, parts thereof or rights to events will be sold to third parties or acquired by REECO GmbH. In such transactions, customer data is usually transmitted as well. Your personal data will be protected according to the data protection requirements.
- Foreign representatives of REECO GmbH: REECO GmbH may transmit data about visitors and exhibitors from their respective areas of representation to the foreign representatives of REECO GmbH, who act as distribution partners for REECO GmbH, e.g. when ordering and paying for Tickets for foreign visitors via our foreign representatives. The transfer of personal data to foreign representations takes place only for exhibitors and visitors who come from the corresponding representation area of the respective foreign representation.
- Promotions: We sometimes send, ourselves or on behalf of third parties, offerings to visitor or exhibitor groups or organize lotteries. In such cases, the client shall receive neither your name nor your address or any other person-related Data, unless you voluntarily consent thereto.
- Exhibitor: When you redeem a voucher, we send your data to the exhibitor, who invites you with the voucher for a visit to his trade fair stand. This is used for billing between REECO GmbH and the respective exhibitor. We also want to make sure that you can properly use the voucher that is specific to you. In addition, exhibitors can use a lead tracking service, which allows the individual exhibitor to scan the barcode on their ticket and thus receive their contact information, similar to a business card. These are Company name, address, title, first and last name, function, postal address, country, telephone number(s), email address as well as any other information you have provided about your interests and/or company. When you hand over your visitor ticket or exhibitor pass – like a business card – to an exhibitor for scanning, the exhibitor will be given access to the above information. Unnoticed data collection without your participation does not take place. In accordance with the international character of the trade fair (or the Congress), exhibitors who are located outside the European Union and thus outside the scope of the European data protection laws are also represented. Again, in individual cases, you can object or agree to the transmission of your data by withdrawing or offering your ticket to be scanned.
VIII. Special Privacy Notices
The transfer of data to the extent described above may in some cases be carried out in countries outside the European Economic Area (EEA). These countries do not, for example, have a level of data protection comparable to the level of protection within the EU (e.g. Serbia, Bosnia and Herzegovina, China or India). For the protection of your data, our group companies and contractors established outside the EEA, to whom data are to be transmitted, such as foreign representatives, are based on the EU standard contractual clauses for the transfer of personal data to Third countries to ensure adequate data protection.
You can find the EU standard contractual clauses at the following link:
1. Description and scope of data processing
X. Conversion tracking using third-party providers
This website uses third-party tools for analysis. These tools measure the effectiveness with which users are addressed through ads (so-called “conversion tracking”).
If you click on ads from one of the third parties listed below, a conversion tracking cookie will be placed on your computer. If you visit a particular Web site, of the third party and we can see that you clicked on the ad and were redirected to that page. This allows us to collect data that is important for our advertising activities. We may find out the total number of users who have clicked on an ad, the duration of the visit, the operating system, the device model, the location, the payment processes performed, and the functionality of mobile apps. No personal information about the identity of the user will be communicated to us.
If you do not wish to participate in this conversion tracking procedure, you can reject the required setting of a cookie, for example by using a browser setting that generally disables the automatic setting of cookies. For example, use the “Do Not Track” option (“dnt”) of your Internet browser.
- We work with the following third-party providers in the context of conversion tracking
- „DoubleClick by Google“(Accuen Conversion Pixel) / Google Adwords Conversion Pixel
You can prevent the storage of cookies by a corresponding setting of your browser software; however, we would point out that you may not be able to use all features of our website in full. You can also prevent Google from capturing the data generated by the cookies and accessing your use of the website, as well as the processing of this data by clicking the following link under the item “DoubleClick”- Download and install the available browser plug-in extension.
For more information about Google’s privacy and cookies, click here.
- Twitter Conversion Pixel
For more information on privacy and cookies of Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, please click here.
- LinkedIn Conversion Pixel
For more information about LinkedIn Corporation privacy and cookies, 1000 West Maude Avenue, Sunnyvale CA 94085, United States, please click here.
- Facebook Conversion Pixel
For more information on the privacy and cookies of Facebook, Inc., 1601 Willow Road, Menlo Park, CA 94025, USA, please click here.
XI. Other tools for marketing and optimization purposes
We also use the following tools for marketing and optimization purposes:
- Google Adwords Remarketing Pixel
By using the remarketing or “similar target group” feature of Google Inc. (“Google”), we can target visitors to the site with advertisements by showing personalized, interest-related ads to visitors of our website, when they visit other Web pages on the Google Display-network. Google uses the so-called “cookies” to perform the analysis of website usage, which is the basis for the creation of interest-related advertisements. To do this, Google stores a small file with a sequence of numbers in the browsers of the visitors to the website. This number records website visits and anonymous data on website use. There is no storage of personal data of visitors to the website.
- Google Tag Manager
Google Tag Manager is a solution that allows us to manage various website tags through one interface. The Tag Manager tool itself (which implements the tags) is a cookie-less domain and does not collect personally identifiable information. The tool makes it possible to trigger other tags, which may, in turn, collect data. Google Tag Manager does not access this data. If disabled at the domain or cookie level, it will remain in effect for all tracking tags implemented with Google Tag Manager.
XII. GOOGLE ANALYTICS/ GOOGLE-APIS
Our website uses Google Analytics, a Web Analytics service from Google Inc. (“Google”). Google Analytics uses the so-called “cookies”, which are text files stored on your computer and which allow you to analyze the use of the website.
Furthermore, this site uses Google APIs, a program interface provided by Google. As part of this, user data such as the IP address, in particular, can also be transmitted to Google.
The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, in the event that IP anonymization is enabled on this website, Google’s IP address will be shortened in advance within Member States of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the United States and be shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address submitted by your browser as part of Google Analytics will not be merged with other Google data. You can prevent the storage of cookies by a corresponding setting of your browser software; However, we would point out that in this case, you may not be able to use all features of this website in full. You can also prevent Google from capturing the data generated by the cookie and related to your use of the website (including your IP address) to Google as well as the processing of such data by using the browser plugin available to Download and install at the following link [tools.google.com/dlpage/gaoptout]. In view of the discussion on the use of analytical tools with complete IP addresses, we would like to point out that this website uses Google Analytics with the “_anonymizeIp()” code and IP addresses will therefore only be processed in a shortened form to prevent persons from being identified.
XIII. SOCIAL MEDIA
REECO GmbH uses “social plug-ins”, a technology with which you can share certain content via social networks. To protect your privacy, we offer these social plug-ins as so-called “2-click buttons”. The “2-click solution” that prevents data (e.g. IP address) from being transmitted to social networks, such as Facebook, when opening our website.
The buttons are deactivated by default and are only activated by the first click of the social plug-ins. The content of the plug-ins is transmitted by Facebook, Twitter and Google directly to your browser and incorporated by it into our website.
By clicking on the Social Plug-ins for the second time, you can fully use the functions such as “recommend”.
This activation will be saved in your browser for up to eight weeks. You can disable the function at any time by clicking on the individual buttons or by deleting the cookies in your browser.
Please note the following points for each plug-in:
1. FACEBOOK-PLUGINS (LIKE & SHARE-BUTTON)
On our pages, plugins of the social network Facebook, provider Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA, can be integrated. The Facebook plug-ins are recognizable by the Facebook logo or the like button on our site. An overview of the Facebook plugins can be found here: https://developers.facebook.com/docs/plugins/.
If you do not wish Facebook to be able to associate your Facebook user account with a visit to our site, please log out of your Facebook account.
2. TWITTER PLUGIN
You can change your Twitter privacy settings in Account Settings at https://twitter.com/account/settings.
3. GOOGLE+ PLUGIN
Our website can use Google + features. The provider is the Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Collection and dissemination of information: You can use the Google+ button to publish information worldwide. The Google+ button gives you and other users personalized content from Google and our partners. Google stores both the information that you gave for a content +1, as well as information about the page you viewed when you clicked +1. Your +1 can appear as hints along with your profile name and photo in Google services, such as search results or your Google profile, or elsewhere on Websites and ads on the Internet.
Google records information about your +1 activities to enhance Google services for you and others. In order to use the Google + button, you need a globally visible, public Google profile that must contain at least the name chosen for the profile. This name is used in all Google services. In some cases, this name may also replace a different name that you used when sharing content through your Google account. The identity of your Google profile can be viewed by users who know your email address or have other identifying information from you.
4. INSTAGRAM PLUGIN
Features of the Instagram service can be integrated on our pages. These features are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA.
If you are logged in to your Instagram account, you can link the contents of our pages to your Instagram profile by clicking on the Instagram button. This will allow Instagram to associate the visit to our pages with your user account. We would like to point out that as a provider of the pages we are not aware of the contents of the transmitted data and their use by Instagram.
5. LINKEDIN PLUGIN
Our website can use LinkedIn network features. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.
Each time you visit one of our web pages that contain LinkedIn features, it connects to LinkedIn servers. LinkedIn is informed that you have visited our website with your IP address. If you click on LinkedIn’s “recommend” button and you are logged in to your LinkedIn account, LinkedIn will be able to associate your visit to our website with you and your user account. We would like to point out that as a provider of the website we have no knowledge of the content of the transmitted data and their use by LinkedIn.
6. XING PLUGIN
Our websites can use features of the network Xing. The provider is Xing AG, Dammtor Straße 29-32, 20354 Hamburg, Germany.
Each time you retrieve one of our web pages, which include features of Xing, a connection is made to Xing servers. To the best of our knowledge, no personal data is stored. In particular, no IP addresses are stored or the usage behavior evaluated.
XIV. Newsletter KAJOMI Mail
1. DESCRIPTION AND SCOPE OF DATA PROCESSING
On our website, there is the possibility to subscribe to a free newsletter. When registering for the newsletter, the data from the input form is sent to us and Kajomi GmbH (see point 2):
– E-Mail Adress
– First name
– Last name
– Sex (gender)
We only use your first and last name as well as your sex to optimize and personalize the contents of our newsletters. If necessary, we ask you to provide further data, the information only serves to adapt the contents to the readers.
The following data are also collected:
– Registration and confirmation date
The registration for the newsletter is logged by this data in order to be able to prove the registration according to legal requirements.
In the same way, changes to your profile are logged by Kajomi GmbH.
Registration takes place in the so-called double-opt-in procedure. You will receive an e-mail from us in which you will be asked to agree to receive our newsletter once you have given your e-mail address. This second confirmation is intended to protect against misuse of your email address.
The collected data will be used by us exclusively for the sending of the newsletter.
If you purchase goods or services (tickets) on our website and deposit your E-mail address here, this can subsequently be used by us for the sending of newsletters. In such a case, we will only send direct mail advertising for our own similar goods or services.
2. Use of the shipping service provider “KAJOMI”
The newsletter is sent via the newsletter delivery platform “Kajomi Mail” of the provider kajomi GmbH, Lochhamer Str. 9, 82152 Martinsried. Kajomi is a service with which the sending of newsletters can be organized and analyzed, among other things.
The personal data collected in the context of these legal notices are stored by Kajomi GmbH on servers in Germany. KAjomi GmbH uses this data for the following purposes:
– Sending newsletters on our behalf
– Evaluation of the newsletter on our behalf (for example, to determine the residential regions of the recipients)
– Kajomi GmbH can use this data, according to its own specifications, to improve its own services (e.g. for the technical optimization of the shipment and the presentation)
Kajomi GmbH does not use the collected data itself for contacting or passing on to third parties.
3. Statistical survey and analysis
Sent newsletters contain a so-called “web beacon”. This is a large pixel file that is called by the Kajomi GmbH server when the newsletter is opened. This file collects the following technical information:
– Opening the newsletter
– Time of retrieval
– Links clicked on
Technical information is also retrieved, which cannot be assigned to the respective user:
– Browser type
– Operating system
4. Purpose of data processing
This information is used to improve the service based on technical data or the determination of the target group and your reading behavior based on the call locations (determined by the IP address) and access times. Individual users are neither observed by us, nor by Kajomi GmbH, or analyzed in any way. The evaluations serve only to identify the reading habits of the users and to adapt the contents to them or to send different contents according to the interests of the users.
The collection of the user’s e-mail address is used to deliver the newsletter. The collection of other personal data as part of the registration process is intended to prevent misuse of the services or the e-mail address used.
5. Completion of a data processing agreement
We have concluded a so-called “data processing Agreement” with Kajomi GmbH, in which we undertake to Kajomi GmbH to protect the data of our customers and not to pass them on to third parties.
6. Online Call and data management
There are cases in which we direct the newsletter recipients to the websites of Kajomi GmbH. For example, our newsletters contain a link that allows the newsletter recipients to access the newsletter online (e.g. in case of display problems in the e-mail program). Furthermore, newsletter recipients can correct their data, e.g. the e-mail address afterwards. The data protection declaration of Kajomi GmbH is also only available on its website.
7. Legal basis for data processing
The legal basis for the processing of the data after registration for the newsletter by the user is of the user’s consent in accordance with article 6 para.1 (a) GDPR.
The legal basis for the sending of the newsletter as a result of the sale of goods or services is Sec. 7 Subsec. 3 UWG.
8. Duration of storage
The data will be deleted as soon as it is no longer necessary to achieve the purpose of its collection. The e-mail address and other data of the user mentioned above are thus stored as long as the subscription to the newsletter is active. After the newsletter has been unsubscribed, the data is deleted from both our servers and those of Kajomi GmbH.
9. Information on stored data
You can request information about your stored data free of charge at any time.
The link contained in each newsletter will take you to your profile. There you can check, change or delete your specified data.
You can also contact firstname.lastname@example.org for free by e-mail to get information about your stored data.
10. Possibility of opposition and elimination
Subscription to the newsletter may be terminated at any time by the user concerned free of charge. For this purpose, there is a corresponding link in each newsletter. In addition, unsubscribing can be done via the link to the profile, which is also included in every newsletter.
Unsubscribing from the newsletter and the deletion of the stored data can also be done free of charge at email@example.com .
Unsubscribing from the newsletter is required if you do not agree that your data will be transmitted to kajomi GmbH for analysis purposes or you wish to revoke your consent.
The legality of the data processing operations already carried out remains unaffected by the revocation. Data stored with us for other purposes (e.g. ticket purchase) remain unaffected by this.
XV. ONLINE BOOKING SYSTEM EDOOBOX
1. DESCRIPTION AND SCOPE OF DATA PROCESSING
On our website, there is the possibility to order and pay for congresses, conferences, seminars, admission tickets and other events.
In this context, personal data are also processed.
The following data types are regularly subject to processing and are subject to article 4 (2) and article 28 GDPR:
- Person master data (title, first and last name)
- Communication data (e-mail addresses)
- Personal data such as address information, communication data, booking history,
Payment data without account and credit card details.
If you purchase goods or services (tickets) on this booking system and place your e-mail address here, we may subsequently use this information to send you newsletters.
2. Use of the service provider “EDOOBOX”
The online booking system Edoobox used by us is operated by the company Edoobox Etzensperger Informatik AG CH-3366 Bettenhausen.
The data collected in the context of these legal notices are stored by Ezensperger Informatik AG on servers in Germany and Switzerland.
Ezensperger Informatik AG does not use the collected data itself to contact or transmit to third parties.
3. CONCLUSION OF AN ORDER DATA PROCESSING AGREEMENT
We have an order data processing contract in accordance with article 28 (3) GDPR
and confidentiality agreement with Ezensperger Informatik AG, in which we oblige Ezensperger Informatik AG to protect the data of our customers and not to pass them on to third parties.
4. Legal basis for data processing
The legal basis for the processing of the data is the existence of a consent of the user according to article 6 para. 1 (a) GDPR. This is granted at every ordering process.
5. Duration of storage
The data will be deleted as soon as it is no longer necessary to achieve the purpose of its collection.
6. Information about stored data
You can request information about your stored data free of charge at any time.
7. verify, modify, or delete data
The link you receive with each order will take you to your profile. There you can verify, modify or delete your specified data.
You can also contact us via e-mail firstname.lastname@example.org to get information about your stored data.
XVI. Links to other websites
REECO GmbH provides links to third-party offers in special areas. We have no control over the fact that the operators of other websites comply with the data protection regulations. The provider of these pages is solely responsible for the contents and in particular for damages that arise from the use or non-use of such information presented. REECO GmbH only checks pages at the time of the link setting. All subsequent changes are the responsibility of the provider.
XVII. Rights of the person concerned
If personal data are processed by you, you are affected by GDPR and you are entitled to the following rights to the person responsible:
1. Right to information (right to access)
You may request the person responsible to confirm whether personal data pertaining to you is processed by us.
If such processing is required, you can request information from the person responsible for the following:
- The purposes for which the personal data are processed;
- The categories of personal data that are processed;
- The recipients or categories of recipients to whom their personal data have been or will be disclosed;
- The planned duration of the storage of your personal data or, if specific information is not available, criteria for determining the duration of storage;
- The existence of a right to rectification or deletion of personal data relating to it, a right to limitation of processing by the person responsible or a right of objection against such processing;
- The existence of a right of appeal by a supervisory authority;
- All available information on the origin of the data, if the personal data are not collected by the person concerned;
- The existence of automated decision-making, including profiling pursuant to article 22 (1) and (4) of the GDPR and, at least in such cases, meaningful information on the logic involved and the scope and impact of such a Processing for the person concerned.
You have the right to request information on whether personal data relating to you is transmitted to a third country or to an international organization. In this context, you may request to be informed of the appropriate guarantees pursuant to article 46 GDPR in connection with the transmission.
2. Right to Rectification
You have the right to rectification and/or completion to the person responsible, provided that the processed personal data relating to you are incorrect or incomplete. The person responsible has to make the correction without delay.
3. RIGHT TO RESTRICT PROCESSING
You may request the restriction of the processing of personal data relating to you under the following conditions:
- If you dispute the accuracy of the personal data relating to you for a period of time which allows the person responsible to verify the accuracy of the personal information;
- The processing is unlawful and you refuse to delete the personal data and instead demand the restriction of the use of personal data;
- The person responsible no longer needs the personal data for the purposes of processing, but they need it for the assertion, exercise or defence of legal claims, or
- If you have appealed against the processing in accordance with article 21 (1) of the GDPR and it is not yet certain whether the legitimate reasons of the person responsible prevail over your reasons.
If the processing of personal data concerning you has been restricted, this data may only be used with your consent or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for reasons of an important public interest of the Union or of a Member State.
If the limitation of processing has been restricted according to the above conditions, you will be informed by the person in charge before the restriction is lifted.
4. Right to delete
- a) deletion obligations
You may require the person responsible to delete the personal data relating to you immediately, and the person responsible is obligated to remove this data immediately, provided that one of the following reasons applies:
- Your personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
- You revoke your consent to the processing according to article 6 (1)(a) or Article 9 (2)(a) GDPR and there is no other legal basis for processing.
- In accordance with article 21 (1) of the GDPR, they shall object to the processing and there are no prior justifiable reasons for the processing or, in accordance with article 21 (2), GDPR opposition to processing.
- Your personal data has been unlawfully processed.
- The deletion of personal data concerning you is required to fulfill a legal obligation under Union law or the law of the Member States to which the person responsible is subject.
- The personal data concerning you were collected in relation to information society services provided in accordance with article 8 (1) GDPR.
- b) Information to third parties
If the person responsible has made personal data concerning you public and is obliged to delete them pursuant to article 17 (1) of the GDPR, it shall take appropriate measures, including technical means, in order to inform the data controller who process the personal data, taking into account the available technology and the implementation costs, that you as an affected person requests the deletion of all links to such personal data or of copies or replications of such personal data.
- c) Exceptions
The right to delete does not exist as far as the processing is required
- On the exercise of the right to freedom of expression and information;
- To fulfil a legal obligation which requires processing under the law of the Union or of the Member States to which the person responsible is subject, or to carry out a task which is in the public interest or in the exercise of public authority Transferred to the person responsible;
- For reasons of public interest in the field of public health in accordance with article 9 (2) (h) and (i) and article 9 (3) GDPR;
- For archival purposes of public interest, scientific or historical research purposes or for statistical purposes pursuant to article 89 (1) GDPR, to the extent that the law referred to in subparagraph (a) is likely to render impossible or seriously impair the achievement of the objectives of that processing, or
- For the assertion, exercise or defence of legal claims.
5. Right to information
If you have the right to rectify, delete or restrict the processing to the person responsible, the latter is obliged to notify all recipients to whom your personal data have been disclosed of this correction or deletion of the data or restriction of processing, unless: this proves to be impossible or involves a disproportionate effort.
You have the right to be informed about these recipients by the person responsible.
6. Right to Data portability
You have the right to receive the personal data relating to you, which you have provided to the person responsible, in a structured, common and machine-readable format. You also have the right to transmit this data to another person responsible without hindrance by the person in charge of the personal data provided that
- The processing is based on a consent according to article 6 (1)(a) GDPR or article 9 (2)(a) GDPR or on a contract pursuant to article 6 (1)(b) GDPR and
- The processing is carried out using automated procedures.
In exercising this right, you also have the right to obtain that personal data relating to you be transmitted directly by a person responsible to another person responsible, as far as this is technically feasible. Freedoms and rights of other persons may not be affected by this.
The right to data portability does not apply to the processing of personal data necessary for the performance of a task which is in the public interest or is carried out in the exercise of public authority delegated to the person responsible.
7. Right to Object
You have the right at any time, for reasons that arise from your particular situation, against the processing of your personal data, which is based on article 6 (1)(e) or (f) GDPR to appeal; This also applies to a profiling based on these provisions.
The person responsible no longer processes your personal data, unless he can prove compelling reasons for the processing that outweigh their interests, rights and freedoms, or the processing serves the Assertion, exercise or defence of legal claims.
If your personal data is processed in order to operate direct advertising, you have the right at any time to object to the processing of the personal data relating to you for the purpose of such advertising; This also applies to profiling as far as it is related to such direct advertising.
If you object to processing for direct marketing purposes, your personal data will no longer be processed for these purposes.
You have the possibility to exercise your right of objection in connection with the use of information society services, Notwithstanding Directive 2002/58/EC, by means of automated procedures in which technical specifications are used.
8. Right to revoke the data protection declaration of consent
You have the right to revoke your data protection declaration of consent at any time. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.
9. Automated decision in individual cases including profile
You have the right not to be subjected to a decision based solely on automated processing, including profiling, which will have a legal effect on you or, in a similar manner, significantly affect you. This does not apply if the decision
- Is necessary for the conclusion or fulfilment of a contract between you and the person responsible,
- is permissible on the basis of legislation of the Union or of the Member States to which the person responsible is subject, and where such legislation contains appropriate measures to safeguard their rights and freedoms and their legitimate interests or
- With your express consent.
However, these decisions may not be based on specific categories of personal data in accordance with article 9 (1) GDPR, unless article 9 (2)(a) or (g) GDPR is applicable and reasonable measures have been taken to protect the rights and freedoms as well as your legitimate interests.
As regards the cases referred to in (1) and (3), the person responsible shall take appropriate measures to safeguard the rights and freedoms and your legitimate interests, including at least the right to obtain the intervention of a person on the part of the party in charge, to express his/her own position and heard on challenge of the decision.
10. Right to appeal to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to appeal to a supervisory authority, in particular in the Member State of your residence, your workplace or the location of the suspected Infringement, if they consider that the processing of your personal data violates the GDPR.
We are responsible for the following state representatives for data protection:
The National Commissioner for Data Protection Baden-Württemberg
Dr. Stefan Brink
Postfach 10 29 32
Telephone: 07 11/61 55 41 – 0
The supervisory authority in which the complaint was lodged shall inform the complainant of the status and results of the appeal, including the possibility of a judicial remedy under article 78 GDPR.
Reutlingen, May 2018