Data Protection Policy

1. Data protection at a glance

General information

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data refers to any data by which you can be personally identified. Please refer to our data protection policy below for detailed information about our data protection practices.

Data collected on this website

Who is responsible for data collection on this website?

The data processing on this website is carried out by the website operator. Its contact details can be found in the “Information about the controller” section of this data protection policy.

How do we collect your data?

Your data is first collected when you provide it to us. This could be data you enter in a contact form, for example.

Other data is collected automatically or with your consent by our IT systems when you visit the website. Such data is mainly technical data (e.g. Internet browser, operating system or time of page access). This data is collected automatically when you enter this website.

What do we use your data for?

Some data is collected to ensure that the website operates correctly. Other data may be used to analyse your usage patterns.

What rights do you have regarding your data?

You have the right to be informed at any time, free of charge, about the source, recipient and purpose of the personal data stored about you. You also have the right to request that this data be corrected or erased. If you have consented to the processing of your data, you may withdraw your consent at any time with effect for the future. You also have the right to request the restriction of the processing of your personal data in certain circumstances. Moreover, you have the right to make a complaint to the relevant supervisory authority.

If you have any questions about this or any other aspect of our data protection policy, please feel free to contact us at any time.

Analysis tools and third-party tools

When you visit this website, your browsing behaviour may be statistically evaluated. This is mainly done with analytics programs.

Please refer to the following data protection policy for more information about these analytics programs.

2. Hosting

We host the content of our website with the following provider:

All-Inkl

The provider is ALL-INKL.COM – Neue Medien Münnich, Owner: René Münnich, Hauptstraße 68, 02742 Friedersdorf (hereinafter: All-Inkl). Please refer to All-Inkl’s data protection policy for details: https://all-inkl.com/datenschutzinformationen/.

The use of All-Inkl is based on Article 6 (1f) GDPR. We have a legitimate interest in ensuring that our website is as reliable as possible. If consent has been obtained, the processing will be carried out exclusively on the basis of Art. 6 (1a) GDPR and Section 25 Para. 1 TDDDG [German Telecommunications Telemedia Data Protection Act], insofar as the consent includes the storage of cookies or access to data on the user’s device (e.g. device fingerprinting) within the meaning of the Telecommunications Telemedia Data Protection Act [TDDDG]. Consent may be revoked at any time.

Contract data processing

We have entered into a contract data processing agreement for the use of the aforementioned service. This is a legally required data protection contract, which ensures that the service provider only processes the personal data of our website visitors on our behalf and in accordance with the GDPR.

3. General and mandatory information

Data protection

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with data protection legislation and this data protection policy.

A variety of personal data is collected when you use this website. Personal data refers to data by which you can be personally identified. This data protection policy explains what data we collect and how we use it. It also explains how and why this is done.

Please be aware that there are inherent security risks in transmitting data over the Internet (e.g. in communication by email). It is not possible to completely protect data from access by third parties.

Information about the controller

The controller for the data processing on this website is:

REM CAPITAL AG
Tübinger Strasse 43
70178 Stuttgart
Germany

Phone: +49 71122739288
Email: datenschutz@remcapital.de

The controller is the natural person or legal entity which alone or jointly with others determines the purposes and means of processing personal data (e.g. names, email addresses, etc.)

Storage period

Unless a particular retention period is specified in this data protection policy, we will retain your personal data until the purpose for which it was collected no longer applies. If you make a legitimate request for erasure or revoke your consent to data processing, your data will be erased unless we have other legally permissible reasons for retaining your personal data (e.g. tax or commercial retention periods); in the latter case, erasure will take place after these reasons cease to apply.

General information on the legal basis for the processing of data on this website

If you have consented to the processing of your personal data, we will process your personal data on the basis of Art. 6 (1a) GDPR and Art. 9 (2a) GDPR, if special categories of data according to Art. 9 (1) GDPR are processed. In the case of explicit consent to the transfer of personal data to third countries, the data processing is also carried out on the basis of Art. 49 (1a) GDPR. If you have consented to the storage of cookies or access to data on your device (e.g. via device fingerprinting), the data processing is additionally based on Section 25 (1) TDDDG. Consent may be revoked at any time. If your data is necessary for the performance of a contract or for the execution of pre-contractual measures, we process your data on the basis of Art. 6 (1b) GDPR. Furthermore, we process your data if this is necessary to fulfil a legal obligation on the basis of Art. 6 (1c) GDPR. The data processing can also be based on our legitimate interest according to Art. 6 (1f) GDPR. Please refer to the following paragraphs of this data protection policy for information on the relevant legal basis in each case.

Data protection officer

We have appointed a data protection officer.

SILISTA GmbH
Attn. Peter Rappold
Silvanerweg 24
73235 Weilheim/Teck

Phone: +49 702 394 27 27
Email: peter.rappold@silista.de

Notice on data transfers to non-EU countries with inadequate data protection and transfers to US companies not certified by the DPF

We use tools from companies based in countries with inadequate data protection laws and US tools whose providers are not certified under the EU-US Data Privacy Framework (DPF). If these tools are enabled, your personal data may be transferred to and processed in those countries. Please note that countries with inadequate data protection laws do not guarantee a level of data protection comparable to that in the EU.

We would like to point out that the USA is generally considered to have a level of data protection comparable to that of the EU. Data transfers to the US are permitted if the recipient is certified under the EU-US Data Privacy Framework (DPF) or provides appropriate additional safeguards. Information about transfers to non-EU countries, including the recipients of the data, can be found in this data protection policy.

Recipients of personal data

As part of our business, we work with a number of external organisations. This sometimes requires the transfer of personal data to these external organisations. We only transfer personal data to external organisations if this is necessary for the fulfilment of a contract, if we are legally obligated to do so (e.g. transfer of data to tax authorities), if we have a legitimate interest according to Art. 6 (1f) GDPR or if another legal basis permits the data transfer. Where we use data processors, we only transfer our clients’ personal data on the basis of a valid data processing agreement. In the case of joint processing, a joint processing agreement will be concluded.

Revocation of your consent to data processing

Many data processing operations are only possible with your explicit consent. You may revoke your consent at any time. Revocation shall not affect the lawfulness of the processing carried out up until the time of revocation.

Right to object to data collection in special cases and to direct marketing (Art. 21 GDPR)

WHEN DATA PROCESSING IS BASED ON ART. 6 (1E) OR (1F) GDPR, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA FOR REASONS RELATING TO YOUR PARTICULAR SITUATION, INCLUDING PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH THE PROCESSING IS BASED IS SET OUT IN THIS DATA PROTECTION POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS THE PERSONAL DATA CONCERNED, UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS, OR THE PROCESSING IS NECESSARY FOR THE ESTABLISHMENT, EXERCISE OR DEFENCE OF LEGAL CLAIMS (OBJECTION PURSUANT TO ART. 21 (1) GDPR).

IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR SUCH MARKETING PURPOSES, INCLUDING PROFILING IN RELATION TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (OBJECTION PURSUANT TO ART. 21 (2) GDPR).

Right to lodge a complaint with the competent supervisory authority

In the event of a breach of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the member state of their habitual residence, place of work or the place where the alleged breach took place. The right to lodge a complaint is without prejudice to any other administrative or judicial remedy.

Right to data portability

You have the right to request that data which we process automatically on the basis of your consent or in the performance of a contract be made available to you or to a third party in a standard machine-readable format. If you request that the data be transferred directly to another controller, this will only be done to the extent that it is technically feasible.

Access, rectification and erasure

Within the framework of the applicable legal provisions, you have the right to obtain, free of charge, information about your stored personal data, its origin and recipients, as well as the purpose of the data processing, and, where applicable, the right to have this data corrected or erased. If you have any questions about this or any other aspect related to personal data, please feel free to contact us at any time.

Right to restrict processing

You have the right to request the restriction of the processing of your personal data. Please feel free to contact us at any time in this regard. The right to restrict processing applies in the following cases:

If you dispute the accuracy of the personal data we hold about you, we will usually need time to investigate. For the duration of the investigation, you have the right to request the restriction of the processing of your personal data.
If the processing of your personal data was/is unlawful, you may request that the processing be restricted instead of erased.
If we no longer need your personal data, but you need it to exercise, defend or assert legal claims, you have the right to request the restriction of processing instead of erasure.
If you have objected in accordance with Art. 21 (1) GDPR, a balance must be struck between your interests and ours. As long as it is not clear whose interests prevail, you have the right to request the restriction of the processing of your personal data.

If you have restricted the processing of your personal data, such data may be processed – apart from storage – only with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural person or legal entity or for reasons of an important public interest of the European Union or a member state.

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content, such as orders or requests, that you send to us as the site operator, this site uses SSL or TLS encryption. You can tell an encrypted connection is working by the address bar of your browser which changes from “http://” to “https://” and by the padlock icon in your browser bar.

When SSL or TLS encryption is enabled, the data you send to us cannot be read by third parties.

Objection to marketing emails

The use of contact data published within the framework of the imprint obligation for the purpose of sending unsolicited advertising and information materials is not permitted. The operators of the pages expressly reserve the right to take legal action in the event of unsolicited advertising information, such as spam emails.

4. Data collected on this website

Cookies

Our web pages use “cookies”. Cookies are small data packets that do not harm your device. They are stored on your device either temporarily for the duration of a session (session cookies) or permanently (persistent cookies). Session cookies are automatically deleted after your visit. Persistent cookies remain on your device until you delete them or your web browser automatically deletes them.

Cookies can be first-party cookies (set by us) or third-party cookies (set by third-party companies). Third-party cookies allow certain third-party services to be integrated into websites (e.g. cookies for processing payment services).

Cookies have different functions. Many cookies are technically necessary to enable certain features of the website (e.g. the shopping basket feature or the display of videos). Other cookies may be used to evaluate user behaviour or for advertising purposes.

Cookies that are necessary to carry out the electronic communication process, to provide certain features requested by you (e.g. for the shopping basket feature) or to optimise the website (e.g. cookies for measuring the web audience) are stored on the basis of Art. 6 (1f) GDPR, unless another legal basis is specified. The website operator has a legitimate interest in the storage of necessary cookies for the technically faultless and optimised provision of its services. If consent for the storage of cookies or similar identification technologies has been obtained, the processing will be carried out exclusively on the basis of consent (Art. 6 (1a) GDPR and Section 25 Para. 1 TDDDG [German Telecommunications Telemedia Data Protection Act]); consent can be revoked at any time.

You can configure your browser to notify you when a cookie is placed, to accept cookies only in specific instances, to refuse cookies in certain instances or generally, and to automatically delete cookies when you close your browser. If cookies are disabled, the functionality of this website may be limited.

The cookies and services used on this website are set out in this data protection policy.

Consent with Borlabs Cookie

Our website uses Borlabs Cookie consent technology to obtain your consent to place certain cookies in your browser or use certain technologies, and to document this in accordance with data protection regulations. The provider of this technology is Borlabs GmbH, Rübenkamp 32, 22305 Hamburg (hereinafter referred to as Borlabs).

When you visit our website, a Borlabs cookie is stored in your browser, which stores the consent you have given or the revocation of such consent. This data is not shared with the provider of the Borlabs Cookie.

The collected data will be stored until you request us to erase it or delete the Borlabs cookie on your own, or until the purpose for which the data was collected no longer applies. Mandatory legal retention periods remain unaffected. Details of Borlabs Cookie data processing can be found at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/.

Borlabs Cookie consent technology is used to obtain legally required consent for the use of cookies. The legal basis is Art. 6 (1c) GDPR.

[borlabs-cookie type=”btn-cookie-preference” title=”Cookie-Einstellungen anpassen”/]

Server log files

The provider of these pages automatically collects and stores information in server log files, which your browser automatically transmits to us. These are:

Browser type and version
Operating system used
Referrer URL
Host name of the accessing computer
Time of server request
IP address

This data is not merged with other data sources.

The collection of this data is based on Article 6 (1f) GDPR. The website operator has a legitimate interest in the technically correct presentation and optimisation of its website – for this purpose the server log files must be recorded.

Contact form

If you send us an enquiry via the contact form, we will store your details from the enquiry form, including the contact details you provide there, for the purposes of processing the enquiry and in the event of any follow-up queries. We will not share this data without your consent.

The processing of this data is based on Art. 6 (1b) GDPR, if your enquiry is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries sent to us (Art. 6 (1f) GDPR) or on your consent (Art. 6 (1a) GDPR), where this has been requested; consent may be revoked at any time.

The data you provide in the contact form will be kept by us until you ask us to erase the data, until you withdraw your consent to the retention of the data, or until the purpose for which the data is retained no longer applies (e.g. after your enquiry has been dealt with). Mandatory legal provisions – especially retention periods – remain unaffected.

Enquiries by email, phone or fax

If you contact us by email, phone or fax, your enquiry, including any resulting personal data (name, enquiry), will be stored and processed by us for the purpose of dealing with your enquiry. We will not share this data without your consent.

The data you send us in the contact enquiry will be kept by us until you ask us to erase the data, until you withdraw your consent to the retention of the data, or until the purpose for which the data is retained no longer applies (e.g. after your matter has been dealt with). Mandatory legal provisions – especially legal retention periods – remain unaffected.

5. Social media

This website uses elements of the LinkedIn network. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

Every time you access a page on this website that contains LinkedIn elements, a connection is made to LinkedIn’s servers. Your IP address tells LinkedIn that you have visited this website. If you click the LinkedIn “Recommend” button and are logged into your LinkedIn account, LinkedIn may associate your visit to this site with your user account. Please note that we, as the provider of the pages, have no knowledge of the content of the transmitted data or their use by LinkedIn.

The use of this service is based on your consent according to Art. 6 (1a) GDPR and Section 25 Para. 1 TDDG. Consent may be revoked at any time.

Data transfers to the US are based on the EU Commission’s standard contractual clauses. Details can be found here: https://www.linkedin.com/help/linkedin/answer/a1343190/datenubertragung-aus-der-eu-dem-ewr-und-der-schweiz?lang=de

For more information, please see LinkedIn’s data protection policy at: https://www.linkedin.com/legal/privacy-policy.

The company is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US to ensure that European data protection standards are respected when data is processed in the US. Every company certified under the DPF agrees to comply with these data protection standards. For more information, please contact the provider at the following link https://www.dataprivacyframework.gov/participant/5448.

6. Analytics tools and advertising

Google Tag Manager

We use Google Tag Manager. The service provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies on our website. Google Tag Manager itself does not create user profiles, store cookies or perform any independent analysis. It is used only to manage and deploy the tools it integrates. However, Google Tag Manager does collect your IP address, which may also be transmitted to Google’s parent company in the United States.

The use of Google Tag Manager is based on Article 6 (1f) GDPR. The website operator has a legitimate interest in quickly and easily integrating and managing various tools on its website. If consent has been obtained, the processing will be carried out exclusively on the basis of Art. 6 (1a) GDPR and Section 25 Para. 1 TDDDG [German Telecommunications Telemedia Data Protection Act], insofar as the consent includes the storage of cookies or access to data on the user’s device (e.g. device fingerprinting) within the meaning of the Telecommunications Telemedia Data Protection Act [TDDDG]. Consent may be revoked at any time.

The company is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US to ensure that European data protection standards are respected when data is processed in the US. Every company certified under the DPF agrees to comply with these data protection standards. For more information, please contact the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.

Google Analytics

This website uses features of the Google Analytics web analytics service. The service provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables website operators to analyse the behaviour of visitors to their websites. This provides the website operator with various usage data, e.g. page views, time spent on the site, operating systems used and the user’s country of origin. This data is associated with the user’s device. The data is not assigned to a user ID.

We may also use Google Analytics to track, among other things, your mouse and scroll movements and clicks. In addition, Google Analytics uses a variety of modelling approaches to complement the collected data sets and employs machine learning technologies in data analysis.

Google Analytics uses technologies that allow users to be identified for the purpose of analysing user behaviour (e.g. cookies or device fingerprinting). The information collected by Google about your use of this website will be transmitted to and stored by Google on servers in the US.

The use of this service is based on your consent according to Art. 6 (1a) GDPR and Section 25 Para. 1 TDDG. Consent may be revoked at any time.

Data transfers to the US are based on the EU Commission’s standard contractual clauses. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

The company is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US to ensure that European data protection standards are respected when data is processed in the US. Every company certified under the DPF agrees to comply with these data protection standards. For more information, please contact the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.

[borlabs-cookie id=”google-analytics” type=”btn-switch-consent”/]

IP anonymisation

Google Analytics IP anonymisation is enabled. This means that your IP address will be shortened by Google within the member states of the European Union or other countries that are party to the European Economic Area Agreement before it is transferred to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the US, where it will be truncated. Google will use this data on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity and to provide the operator of this website with further services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be combined with other data held by Google.

Browser plugin

You may refuse the collection and processing of your data by Google by clicking on the following link to download and install the browser plugin: https://tools.google.com/dlpage/gaoptout?hl=de.

For more information about how Google Analytics handles user data, please see Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.

Contract data processing

We have a contract data processing agreement with Google and fully comply with the strict requirements of the German data protection authorities when using Google Analytics.

7. Plugins und tools

Google Fonts (local hosting)

This site uses Google Fonts, provided by Google, to ensure a consistent display of fonts. Google Fonts are installed locally. There is no connection to Google’s servers.

For more information about Google Fonts, please see https://developers.google.com/fonts/faq and the privacy policy of Google: https://policies.google.com/privacy?hl=de.

Font Awesome (local hosting)

This site uses Font Awesome to display fonts in a consistent manner. Font Awesome is installed locally. There is no connection to Fonticons, Inc.’s servers.

For more information about Font Awesome, see Font Awesome’s privacy policy https://fontawesome.com/privacy.

Wordfence

We have integrated Wordfence into this website. The provider is Defiant Inc., Defiant, Inc., 800 5th Ave Ste 4100, Seattle, WA 98104, USA (hereinafter “Wordfence”).

Wordfence is used to protect our website from unwanted access or malicious cyber-attacks. For this purpose, our website maintains a constant connection with Wordfence’s servers so that Wordfence can compare its databases with the attempts to access our website and block them if necessary.

The use of Wordfence is based on Art. 6 (1f) GDPR. The website operator has a legitimate interest in protecting its website as effectively as possible against cyber attacks. If consent has been obtained, the processing will be carried out exclusively on the basis of Art. 6 (1a) GDPR and Section 25 Para. 1 TDDDG [German Telecommunications Telemedia Data Protection Act], insofar as the consent includes the storage of cookies or access to data on the user’s device (e.g. device fingerprinting) within the meaning of the Telecommunications Telemedia Data Protection Act [TDDDG]. Consent may be revoked at any time.

Data transfers to the US are based on the EU Commission’s standard contractual clauses. Details can be found here: https://www.wordfence.com/help/general-data-protection-regulation/.