Data privacy

§1 Information about the processing of personal data

  1. Below we inform you about the processing of your personal data when using our websites. Personal data refers to all data which are personally related to you, e.g. name, address, e-mail addresses, user behaviour, IP address.
  2. The person responsible in accordance with Art. 4, Par. 7 General Data Protection Regulation (GDPR) is:
    REMS GmbH & Co KG, Stuttgarter Straße 83, 71332 Waiblingen, Deutschland, Telefon +49 7151 1707-0, Telefax +49 7151 1707-110, E-Mail info@rems.de
  3. You can reach our Data Protection Officers at the above postal address with the supplement "Datenschutzbeauftragter" or at the e-mail address:
    dataprivacy@rems.de

§2 Data subject rights

  1. You can exercise the following rights against us regarding the personal data concerning you:
    • Right of access by the data subject (Art. 15 GDPR)
    • Right to rectification and erasure (Art. 16 and 17 GDPR),
    • Right to restriction of processing (Art. 18 GDPR),
    • Right to object to processing (Art. 21 GDPR),
    • Right to data portability (Art. 20 GDPR)
  2. You also have the right to lodge a complaint with a data privacy supervisory authority about the processing of your personal data by us (Art. 77 GDPR).
  3. Right to object
    Insofar as your personal data are processed based on justified interests in accordance with Art. 6 Par. 1 Sent. 1 letter f GDPR, you have the right according to Art. 21 GDPR to lodge a complaint against the processing of your personal data insofar as there are reasons which arise from your special situation or the objection addresses direct advertising. In the latter case, you have a general right to object which will be implemented by us without specification of a special situation. If you wish to exercise your right to revoke or to object, an e-mail to dataprivacy@rems.dewill suffice.

§3 Elicitation of personal data in visiting our website

  1. If you use our websites exclusively for information purposes, that is if you do not register or transfer other information, we only elicit the personal data that your browser transmits to our server. If you wish to read our websites, we elicit the following data that are technically necessary for us to show you our websites and to ensure their stability and security (the legal basis is Art. 6 Par. 1 Sent. 1 letter f GDPR):
    • IP address
    • Date and time of the inquiry
    • Time zone difference from Greenwich Mean Time (GMT)
    • Content of the request (concrete page)
    • Access status/HTTP status code
    • Respective transferred data volume
    • Website from which the request comes
    • Browser
    • Operating system and its user interface
    • Language and version of the browser software
  2. Cookies are also saved on your computer in addition to the above data when you use our websites. Cookies are small text files which are saved on your hard drive assigned to the browser that you are using and by which certain information flows to the place that set the cookie (to us in this case). Cookies cannot run programs or transmit viruses to your computer. They help to make the website user-friendlier and more effective on the whole.
  3. Use of cookies:
    1. Our websites use the following types of cookies, the scope and function of which are explained below
      • Transient cookies (see b))
      • Persistent cookies (see c))
      • Third-party cookies (see d))
    2. Transient cookies are deleted automatically when you close the browser. These include especially the session cookies. These save a so-called session ID with which various inquiries of your browser can be assigned to the common session. These enable your computer to be recognised when you return to our website. The session cookies are deleted when you log out or close the browser.
    3. Persistent cookies are deleted automatically after a set time which can vary according to the cookie. You can delete the cookies at any time in the security settings of your browser.
    4. Third-party cookies are offered by third parties who are not responsible for the website. These are used for identification for coverage measurements or marketing purposes. They are only set if you you have granted express consent or release the third-party contents yourself with the appropriate symbols on the website (e.g. Facebook, Twitter, Instagram, YouTube).
  4. You can configure your browser setting as you wish and, for example, refuse acceptance of third-party cookies or all cookies. However, we must remind you that your refusal to accept cookies may mean that you can no longer use all the functions of this website.

§4 Other functions and offers of our website (Service-Portal, Recruitment-Portal or Online-Shop)

  1. In addition to the purely informational use of our website, we offer various services which you can use if interested. As a rule, you will need to provide further personal data for these which we use to offer the respective service.
  2. We use external service providers to provide some of the services. We select and engage these carefully and they are bound by our instructions.
  3. Insofar as our service providers or partners are based in a country outside the European Economic Area (EEA), we will inform you about the consequences of this circumstance in the description of the respective service offer.

§5 Revocation or objection to processing of your data

  1. If you have granted us your consent for the processing of your personal data, you can revoke this at any time. The revocation comes into effect for the future so that we are no longer allowed to process your personal data from the time of your revocation.
  2. Insofar as we base the processing of your personal data on weighing of interests, you can raise objection to this processing. This is the case when the processing is, in particular, not necessary for fulfilment of a contract with you which we demonstrate respectively in the following description of the functions. When exercising such a right to object, we ask you to present reasons why we should not process your personal data in the way we do. In the event of a reasonable objection, we will examine the circumstances and will either discontinue or adapt the processing or point out our legitimate reasons worthy of protection on the basis of which we will continue the processing.
  3. You are, of course, entitled to object to the processing of your personal data for the purposes of advertising and data analysis at any time.
  4. The objection or revocation must be sent to the contact addresses listed in § 1.

§6 SSL or TLS encryption

  1. For security reasons and to protect the transfer of confidential contents, we use SSL or TLS encryption on our websites. This ensures secure transmission of inquiries with the contact form or also orders on the site. You can recognise an SSL or TLS encryption by the prefix "https://" in the address line of the Internet browser as well as by a padlock icon displayed next to it.
  2. When the SSL or TLS encryption is activated, data can be sent to us via the websites without third parties being able to read it.

§7 E-mail contact and use of the contact form, ordering of advertising literature

  1. You can use the contact form or the specified e-mail address to contact us. Your personal data such as name, e-mail address or telephone number will be processed in the course. The data specified here by the user will be processed by us exclusively for making contact and handling your inquiry in connection with this data.
  2. The legal basis for processing these data is our legitimate interest in making contact and processing your inquiry in accordance with Art. 6 Par. 1 Sent. 1 letter f GDPR.
  3. If the inquiry by the contact form or e-mail leads to conclusion of a contract, the processing of the provided data is necessary to fulfil the contract. The legal basis for this is Art. 6 Par. 1 Sent. 1 letter b GDPR.
  4. You can order advertising literature with a form provided on our website. Which data are elicited here is visible from the form. Data will be processed in this respect in accordance with Art. 6 Par. 1 Sent. 1 letter f GDPR based on our legitimate interest in the processing of your inquiry as well as in accordance with Art. 6 Par. 1 Sent. 1 letter b GDPR for the performance of pre-contractual measures.

    The personal data elicited by us in this respect will be deleted automatically after sending the requested literature unless any legal obligations to preserve records exist or if you have consented to further processing of your personal data above and beyond the inquiry.
  5. The personal data provided for the above named purposes will be processed until they are no longer required to achieve the purpose or you have revoked your consent to processing. The achievement of purpose is obsolete when the user’s inquiry could be finally clarified and the contact is thus ended.
  6. The objection or revocation must be sent to the contact addresses listed in § 1.

§8 Settings for the receipt of e-mails (subscriptions)

  1. On our websites, we offer you the possibility of making various settings for the receipt of e-mails, e.g. receipt of information and offers for products and services. If you wish to receive e-mails from us, personal data will be elicited. Your e-mail address is necessary to be able to send you information and offers.
  2. If you are not logged in with your user account, we make use of the so-called double-opt-in method. To do this, we send a message to your registered e-mail address with a confirmation link. If you confirm this link, your settings for the receipt of e-mails become active and the time of the change is recorded. These data serve us as verification of the change of your settings for the receipt of e-mails and to expose possible misuse of your personal data.
  3. Legal basis for the processing of these data in accordance with Art. 6 Par. 1 Sent. 1 letter a GDPR are your consents. You can revoke your granted consent for the receipt of e-mails at any time. You can send the revocation to the contact addresses listed in § 1 or declare it by confirming the deregistration link in the respective e-mail. If you have a user account with us, you can view, extend or revoke your consents at any time under https://www.rems.de/subscriptions/manage.

§9 Participation in campaigns

  1. We offer you the possibility to participate in competitions or other campaigns of our company on our website. A prerequisite for this is that you open a user account. Which data are elicited here is visible from the form. These data are surrendered voluntarily.
  2. The data for the purposes of opening a user account and for handling your participation in a campaign are processed in accordance with Art. 6 Par. 1 Sent. 1 letter b GDPR for the fulfilment of a contract concluded with you or for performance of pre-contractual measures based on your registration or participation in the campaign concerned.
  3. You are entitled to makes changes to or delete your user account at any time.
  4. We will delete the personal data elicited by us in this respect as soon as you let us know that you wish (e.g. by e-mail to dataprivacy@rems.de) and no legal tax or trade obligations for preservation of records prevent it.

§10 Service-Portal (service.rems.de)

  1. We offer users and interested parties of our Service-Portal the possibility to open a user account. It is necessary to elicit and process personal data such as name, address, e-mail address, etc. for this. Which data are elicited here is visible from the form. The data that are essential for providing the service are marked as must fields. All other data can be surrendered voluntarily. The legal basis for this is the necessity of fulfilment of a contract in accordance with Art. 6 Par. 1 Sent. 1 letter b GDPR.
  2. You are entitled to makes changes to or delete your user account at any time.
  3. We will delete the personal data elicited by us in this respect as soon as you let us know that you wish (e.g. by e-mail to dataprivacy@rems.de) and no legal tax or trade obligations for preservation of records prevent it.
  4. Information on the use of products with Connected functionality
    Our products with Connected functionality send measured data together with the unique device ID to the Microsoft Azure Cloud after their registration. The data are processed and stored there. In addition, data for geopositioning and transferred together with the measured data and evaluated by Google Geolocation API. The use can call these data via our Service-Portal and generate a report. The report is saved by us.
    Your personal data are elicited and processed for performance of the contract for work between our customers and their end customers as well as for the compilation of reports on the work performed with the used tool. Insofar as consent by the end customer is available, we will receive the personal data elicited by our customers. The legal basis for this is the necessity for fulfilment of a contract in accordance with Art. 6 Par. 1 Sent. 1 letter b GDPR as well as Art. 49 Par. 1 Sent. 1 letter b GDPR or the consent of the end customer in accordance with Art. 6 Par. 1 Sent. 1 letter a GDPR as well as Art. 49 Par. 1 Sent. 1 letter a GDPR.
  5. Recipient of the data
    The data will be transferred to Microsoft Ireland, Netherlands, Virginia, California (Azure AD B2B) or the respective server locations but also to the USA or Microsoft companies in the USA or outside Europe if necessary. These provide support and maintenance services for the Microsoft servers within the EU. Therefore, it cannot be ruled out that Microsoft USA has access to your personal data. In terms of data protection legislation, the USA are not a safe third country in accordance with the data protection standards prevalent in the EU.
    The geodata are transferred to the Google Geolocation Service and Google Maps Service as well as to the respective server location of Google but also to the USA or Google companies in the USA or outside Europe if necessary. These provide support and maintenance services for the Google servers within the EU. Therefore, it cannot be ruled out that Google USA has access to your personal data. In terms of data protection legislation, the USA are not a safe third country in accordance with the data protection standards prevalent in the EU.
    An individual contract in accordance with Art. 28 Par. 6 GDPR was concluded with Microsoft and Google. Moreover, EU standard contracts were signed with the service provides which should assure a data protection level appropriate to the EU. It cannot be totally ruled out that the processed data are open to access outside the EU.

§11 Recruitment-Portal (recruitment.rems.de)

  1. We collect and store personal data of applicants for the purposes of conducting an application process for posted job vacancies as well as for unsolicited applications.
  2. In order to be able to apply for job vacancies online through our Recruitment-Portal, you need a personal user account. Which data are elicited here is visible from the form. These data are surrendered voluntarily. The data provided will be processed by us for the purposes of handling the application procedure. The legal basis for this is Art. 88 Par. 1 GDPR in conjunction with § 26 Par. 1 Federal Data Protection Act.
  3. All data from your application will be collected and processed to select the suitable applicant for the job vacancy posted by us. You yourself determine the data that are processed by us as you yourself initiate the data transmission. The respective application will also be transferred to the persons in charge of the respective technical department for the selection of applicants. The Works Council may also have access to your application in order to exercise their right of co-determination and control.
  4. If the application procedure is successful and leads to the signing of an employment contract with the applicant, the data provided by the applicant will be processed further for the purposes of handling the employment relationship. The legal basis for this is Art. 88 Par. 1 GDPR in conjunction with § 26 Par. 1 Federal Data Protection Act.
  5. Special data categories are only processed by us insofar as you have surrendered these to us in order for us to be able to consider your application in its present form or in the event of legal obligation. This information will not be included in the application process unless there is a legal obligation to do so. The legal basis for this is Art. 9 Par. 2 Sent. 2 letters b and e GDPR.
  6. In the event that an employment relationship evolves between you and us, we are entitled to process the data that you transmit further. Processing then takes place for the execution or termination of the employment relationship. An appointment without your applicant data is not possible. The legal basis is Art. 88 Par. 1 GDPR in conjunction with § 26 Par. 1 Federal Data Protection Act.
  7. If the application procedure ends without conclusion of an employment contract with the applicant, the data provided by the applicant will be deleted 4 months after announcement of the decision at the latest. The reasons for this are our legitimate interests, e.g. for the documentation of the obligation to produce proof for possible proceedings under the General Act on Equal Treatment.
  8. If the applicant wishes to be considered for other potential posts in the company despite refusal in the application procedure, we will obtain the appropriate consent for further processing of the data for this from the applicant. The data provided by the applicant will be deleted after one year from granting of the consent unless the applicant revokes his/her consent at an earlier time. The same applies for unsolicited applications.
  9. The revocation must be sent to the contact addresses listed in § 1.

§12 Online-Shop (commercial customers, https://www.rems.de)

  1. We only sell to commercial customers through our Online-Shop. We offer these the possibility to place orders in selected countries. You require a personal user account for this. Which data are elicited here is visible from the form. The data that are essential for handling orders are marked as must fields. All other data can be surrendered voluntarily. The legal basis for this is the necessity of fulfilment of a contract in accordance with Art. 6 Par. 1 Sent. 1 letter b GDPR.
  2. You are entitled to makes changes to or delete your user account at any time.
  3. We will delete the personal data elicited by us in this respect as soon as you let us know that you wish (e.g. by e-mail to dataprivacy@rems.de) and no legal tax or trade obligations for preservation of records prevent it.

§13 Postal advertising

If we send advertising literature about our products by post, such processing of personal data will take place based on Art. 6 Par. 1 Sent. 1 letter f GDPR for the sending of information and offers of interest. Addressees of such advertising can revoke their consent for processing their data for such purposes in the future at any time, e.g. by e-mail to dataprivacy@rems.de. We will then delete the data concerned immediately from our distributor.

§14 Entering and performing contract/delivery relationships

  1. Insofar as suppliers, customers or other (potential) contract partners surrender personal data to us (e.g. name of the responsible contact partner), we will process such data based on Art. 6 Par. 1 Sent. 1 letter b GDPR to perform a contract concluded with the contract partner or to carry out pre-contractual measures.
  2. We will delete the personal data elicited by us in this respect as soon as you let us know that you wish (e.g. by e-mail to dataprivacy@rems.de) and no legal tax or trade obligations for preservation of records prevent it.

§15 Transference of data to third parties

  1. Your personal data will not be transferred to third parties for any other purposes than those listed above. We will only pass on your data to third parties when you have expressly granted your consent in accordance with Art. 6 Par. 1 Sent. 1 letter a GDPR, the disclosure is necessary in accordance with Art. 6 Par. 1 Sent. 1 letter f GDPR for the enforcement, exercising or defence of rights and there is no reason to assume that you have a predominant interest worthy of protection in the non-disclosure of your data for the event that there is a legal obligation for disclosure in accordance with Art. 6 Par. 1 Sent. 1 letter c GDPR and this is legally allowed and necessary in accordance with Art. 6 Par. 1 Sent. 1 letter b GDPR for the handling of contract relations with you. Insofar as third parties are contracted by us with a contract processing, this will take place in accordance with Art. 28 GDPR.
  2. When you place an order in our Online-Shop, any contracts will be concluded with us or the foreign REMS GmbH & Co KG branch office or REMS GmbH & Co KG affiliate responsible for your location as specified within the scope of the respective order. We will pass on the data necessary for conclusion or performance of a contract to the branch office/affiliate responsible for your order where necessary.
  3. In certain countries, you have the possibility of choosing a dealer who will be at your disposal as a direct local contact within the scope of your order through our Online-Shop. If you do so, we are entitled to inform the dealer chosen by you and to pass on your data.
  4. We work with external carrying companies, e.g. DPD, DHL for the collection and shipment of orders. The following personal data are passed on to the carrier for the purpose of providing the service:
    • First name, surname
    • Delivery address, any supplementary data
    • Mail number (for the purpose of delivery to a DHL packing station)
    The legal basis for this is the necessity of fulfilment of a contract in accordance with Art. 6 Par. 1 Sent. 1 letter b GDPR.

    If you have consented to disclosure of the data:
    • E-mail address (for the purpose of notification of delivery)
    The legal basis for this is your voluntarily granted consent in accordance with Art. 6 Par. 1 Sent. 1 letter a GDPR.

    If you have not consented to the disclosure of your personal data, no data will be transferred to the carrying company. In this case, may we point out that no notification of delivery or change in the delivery by the carrying company is possible.

    To prevent notification of delivery by external carrying companies, your revocation must be sent directly to the carrying company.
  5. We only process personal data in countries in which the data privacy laws offer the same security level as in the EU/EEA. Insofar as data are passed on in the necessary scope to recipients based outside of the EU/EEA, this takes place based on standard contract clauses of the EU Commission.

§16 PayPal payment

  1. On our websites, we offer the possibility of making payments by PayPal. PayPal is an online service provider for handling payments and is operated by PayPal (Europe) S.à.r.l et Cie., S.C.A., 22--24 Boulevard Royal, 2449 Luxembourg, Luxembourg. You can handle orders directly through your PayPal account by the selecting the PayPal payment type. In addition, it is also possible to make payments by credit card via PayPal even if you have no PayPal account.
  2. We pass on the data that you have entered with us and the data of your order to PayPal for collection of the invoiced amount. This is usually your name, address, e-mail address, phone number and IP address as well as other data necessary for handling the payment. These are used especially for identity checking and credit assessment, payment administration and prevention of fraud. The legal basis for this is the necessity of fulfilment of a contract in accordance with Art. 6 Par. 1 Sent. 1 letter b GDPR.
  3. We have no influence over the type, scope and purposes of processing or erasure of the elicited data of the service provider. You are entitled to object to the processing of your personal data, albeit to PayPal directly. The objection does not extend to the personal data that are obligatory for handling of the payment.
  4. Further information on the type and scope of data processing can be found in the data privacy declarations of PayPal. These can be found under https://www.paypal.com/de/webapps/mpp/ua/privacy-full

§17 Linking of YouTube-Videos

  1. We have linked YouTube videos to our website which are saved and viewable on the YouTube platform. YouTube is a platform of Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland. After selecting one of the YouTube videos filmed and embedded by us, it is played in “extended data privacy mode”. This represents electronic consent in accordance with Art. 7 GDPR. Otherwise it will not be played.
  2. Google receives the data cited in § 3 when you select the YouTube video. This happens regardless of whether or not you have a Google user account. If you have a Google user account and are logged in with your Google user account when you visit our website, these data will be assigned directly to your Google user account.

    If you do not want the data to be merged with your Google user account, you must log out from the Google user account before selecting the YouTube video. Google uses these data to create user profiles but also for advertising purposes, market research or requirement-based design of their websites. You are entitled to raise objection to the creation of such user profiles. However, this objection must be made directly to Google.
  3. The legal basis for processing these data is our legitimate interest for the presentation of our company in accordance with Art. 6 Par. 1 Sent. 1 letter f GDPR.
  4. Google complies with the legal data privacy requirements of the European Economic Area and Switzerland regarding the elicitation, use, transfer, storage and other processing of personal data from the European Economic Area, the United Kingdom and Switzerland. All transfers of personal data to third countries or an international organisation are subject to suitable guarantees such as described in Article 46 GDPR. The legal basis for this is the necessity of fulfilment of a contract with Microsoft in accordance with Art. 6 Par. 1 Sent. 1 letter b in conjunction with Art. 46 Par. 2 letter c GDPR.
  5. Further information on the type and scope of data processing by Google is available under https://privacy.google.com/businesses/controllerterms/
  6. Setting possibilities and other information on the protection of your data is available under https://www.google.de/intl/de/policies/privacy/ or https://privacy.google.com/businesses/compliance/?hl=de#!?modal_active=none.

§18 Linking of Google Maps

  1. We use Google Maps on our website. Google Maps is a service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA. This service allows us to show interactive maps and enables convenient use of the map function for the user. This function is blocked as standard. The function is only activated when you use it actively. This represents electronic consent in accordance with Art. 7 GDPR.
  2. Google receives the data cited in § 3 when you select the map function. This happens regardless of whether or not you have a Google user account. If you have a Google user account and are logged in when you visit our website, these data will be assigned directly to your Google user account.

    If you do not want the data to be merged with your Google user account, you must log out from the Google user account before using the map function. Google uses these data to create user profiles but also for advertising purposes, market research or requirement-based design of their websites. You are entitled to raise objection to the creation of such user profiles. However, this objection must be made directly to Google.
  3. The legal basis for processing these data is our legitimate interest for the presentation of our company in accordance with Art. 6 Par. 1 Sent. 1 letter f GDPR.
  4. Google complies with the legal data privacy requirements of the European Economic Area and Switzerland regarding the elicitation, use, transfer, storage and other processing of personal data from the European Economic Area, the United Kingdom and Switzerland. All transfers of personal data to third countries or an international organisation are subject to suitable guarantees such as described in Article 46 GDPR. The legal basis for this is the necessity of fulfilment of a contract with Microsoft in accordance with Art. 6 Par. 1 Sent. 1 letter b in conjunction with Art. 46 Par. 2 letter c GDPR.
  5. Further information on the type and scope of data processing by Google is available under https://privacy.google.com/businesses/controllerterms/
  6. Setting possibilities and other information on the protection of your data is available under https://www.google.de/intl/de/policies/privacy/ or https://privacy.google.com/businesses/compliance/?hl=de#!?modal_active=none.

§19 Linking of BING Maps

  1. We use Bing Maps on our website. Bing Maps is a service offered by the Microsoft Corporation, One Microsoft Way, Redmond, WA 98052--6399, USA. This service allows us to show interactive maps and enables convenient use of the map function for the user. This function is blocked as standard. The function is only activated when you use it actively. This represents electronic consent in accordance with Art. 7 GDPR.
  2. Microsoft receives the data cited in § 3 when you select the map function. This happens regardless of whether or not you have a Microsoft user account. If you have a Microsoft user account and are logged in when you visit our website, these data will be assigned directly to your Microsoft user account.

    If you do not want the data to be merged with your Microsoft user account, you must log out from the Microsoft user account before using the map function. Microsoft uses these data to create user profiles but also for advertising purposes, market research or requirement-based design of their websites. You are entitled to raise objection to the creation of such user profiles. However, this objection must be made directly to Microsoft.
  3. The legal basis for processing these data is our legitimate interest in showing business partners in the online map service in accordance with Art. 6 Par. 1 Sent. 1 letter f GDPR.
  4. Microsoft complies with the legal data privacy requirements of the European Economic Area and Switzerland regarding the elicitation, use, transfer, storage and other processing of personal data from the European Economic Area, the United Kingdom and Switzerland. All transfers of personal data to third countries or an international organisation are subject to suitable guarantees such as described in Article 46 GDPR. The legal basis for this is the necessity of fulfilment of a contract with Microsoft in accordance with Art. 6 Par. 1 Sent. 1 letter b in conjunction with Art. 46 Par. 2 letter c GDPR.
  5. Further information on the type and scope of data processing by Microsoft is available under https://privacy.microsoft.com/de-de/privacystatement.
  6. Setting possibilities and other information on the protection of your data is available under: https://www.microsoft.com/en-us/licensing/product-licensing/products#OST.

We reserve the right to adapt this data protection information to the current actual and legal requirements. You can call and print the respective latest data protection information at any time from our website.