1. Information on the processing of personal data
In the following we inform you about the processing of personal data when you use our website and when concluding business transactions.

Personal data is all data that can be related to you personally, e.g. name, address, e-mail address, user behaviour.

The data controller pursuant toArticle 4 No. 7 EU General Data Protection Regulation (GDPR) is Rematec GmbH & Co. KG (see our Legal Information section, where you will also find the contact details of our data protection officer).

2. Processing of personal data when visiting our website
a) Server log files
If you use the website solely for information purposes, i.e. if you do not interact with us by email or similar and transmit information to us, information is automatically sent to the server of our website by the browser used on your end device. The following data is collected, which is technically necessary in order to display our website to you and to ensure stability and security (the legal basis is Art. 6 para. 1 p. 1 lit. f) GDPR):

- IP address of the requesting computer
- Date and time of the request
- Time zone difference from Greenwich Mean Time (GMT)
- Content of the request (name and URL of the file retrieved)
- Access status/http-Statuscode
- Respective amount of data transmitted
- Website from which the request originates (referrer URL)
- Browser used and if applicable the operating system and the name of your access provider
- Language and version of browser software.

b) Integration of third-party services
Our website also provides links to the following social media websites:

- Facebook (Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland),
- Instagram (a company of Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland),
- YouTube (a Google Inc. company, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA).

These links are indicated with the corresponding logos of the social media platforms. If you click on these logos, you will be redirected to the respective platforms by your browser.

We would like to point out that if you do this, data is also transferred to the USA, where the level of data protection is lower than in the EU.

If you are registered and logged in to one or more of these platforms, the social media platform concerned can assign your visit to our websites to your respective social media account.

For details of the purposes and scope of data processing by the social media platforms, your rights in this regard and the settings options for protecting your privacy, please refer to the data protection notices

of Facebook: https://www.facebook.com/about/privacy/
of Instagram: https://de-de.facebook.com/help/instagram/519522125107875
of YouTube: https://policies.google.com/privacy?hl=de

3. Processing of personal data when contacting us
If you contact us (e.g. by e-mail), we will process your details for the purpose of processing the enquiry and any follow-up questions that may arise. The data processing is based on our legitimate interest in being able to contact you on the basis of your enquiry, Art. 6 para. 1 p. 1 lit. f) GDPR. Where data processing is carried out for execution of pre-contractual measures carried out at your request for the purpose of implementation of a contract (or for the latter purpose if you are an existing customer), the legal basis for this data processing is Art. 6 para. 1 p. 1 lit. b) GDPR.

Use of our contact form
If you contact us via the contact form provided on the website, the information you provide there will be processed by us for the purpose of dealing with your enquiry. For this you will have to provide a valid e-mail address and your first and last name so that we know who the enquiry is from and so that we can respond to it. You can provide additional information voluntarily. The legal basis for the processing is your voluntarily given consent pursuant to Art. 6 para. 1 p. 1 lit. a) GDPR. If you do not wish to give consent for this, please use alternative contact methods (e-mail, postal letter, telephone, fax etc.).

4. Processing of personal data when visiting our Facebook or Instagram pages
In addition to our website, we offer you the opportunity to find out about our current offers and to interact with us and other users via the Facebook and Instagram internet platforms, so that we can constantly improve our offers and make them more interesting for you. The legal basis for this is Art. 6 para. 1 p. 1 lit. f) GDPR.

The provider Facebook Ireland Limited. (‘Facebook’), 4 Grand Canal Square, Dublin 2, Ireland provides us, as the site administrator, with aggregate statistical data that tells us how users interact with our page (known as page insights). You can find more information on this here:
https://www.facebook.com/legal/terms/information_about_page_insights_data.

For more information on the purpose and scope of data processing by Facebook, please refer to the Facebook privacy policy at https://www.facebook.com/about/privacy/update.

5. Processing of personal data in business transactions
We process personal data that we receive within the framework of the contractual relationship or during the initiation of such a relationship (offer phase) or through your contacting us by yourself, through our sales representatives or from publicly accessible sources (e.g. your Internet presence).

The data are processed by us
a) to the extent necessary to provide the contractual services. The processing is thus carried out for the purpose of fulfilling the contract and on the basis of the Art. 6 para. 1 p. 1 lit. b) GDPR.
b) for the purpose of credit assessment to avoid a payment default and on the basis of Art. 6 para. 1 p. 1 lit. b) GDPR and Art. 6 para. 1 p. 1 lit. f) GDPR to protect the legitimate interests of us or third parties. When ordering on account (customers) or granting a down payment (suppliers), we may therefore carry out an assessment of the credit risk on the basis of mathematical and statistical procedures at a credit agency (scoring). For this purpose, the personal data required for the credit assessment, i.e. name/company, postcode, city, are passed to the credit agency. Based on this information, a statistical probability of a credit default and thus your inability to pay is calculated, which may affect the conditions on which a contract is agreed.
c) in the context of direct advertising, in order to inform you as an existing customer about similar or other interesting products from our portfolio or to inform you of changes, for example in the scope of our offer. The legal basis for this is Art. 6 para. 1 p. 1 lit. f) GDPR.
You have the right to object to this at any time with effect for the future (Art. 21 GDPR) with the consequence that your data will no longer be processed or used in this regard.
d) insofar as we are entitled or obliged to do so under statutory provisions and requirements (e.g. under commercial and tax law) (Art. 6 para. 1 p. 1 lit. c) GDPR).
e) on the basis of your consent, where you have expressly given us such consent for specific purposes (Art. 6 para. 1 p. 1 lit. a) GDPR).

6. Disclosure of data
Data is only passed to others
a) to those positions inside the company that require them in order to fulfil our contractual and legal obligations.
Processors used by us (Art. 28 GDPR) may also be sent data for these purposes. Such processors are companies in the fields of IT services, telecommunications, advising and consulting, marketing (incl. advertising print companies), credit assessment, address research and data destruction.
We have concluded data protection agreements with these companies to protect your data in accordance with legal requirements.
b) to third parties where this is permitted or required by law, if you have consented or if we are authorised to provide information. This includes public bodies and institutions such as the police/ public prosecutor’s office, supervisory authorities, plus other companies such as banks/ financial institutions, debt collection and mail order companies and auditors/tax consultants.

7. Data security
We maintain up-to-date technical measures to ensure the protection of personal data. These are adapted to the current state of the art in each case.

8. Duration of processing
Personal data is only stored as long as it is necessary to achieve its specific purpose. This usually corresponds to the duration of the contract, taking into account the statutory retention obligations.

9. Your rights
You have the right to obtain information from us at any time about the personal data we hold about you Information (Article 15 GDPR). This also concerns the recipients or categories of recipients to whom this data is passed on and the purpose of the storage.

In addition, you have the right under the terms of Art. 16 GDPR to request a correction and/or, under the terms of Art. 17 GDPR, the deletion and/or, under the terms of Article 18 GDPR, the restriction of the processing.

Furthermore, under the terms of Art. 20 GDPR, you can request a data transfer at any time.

In the event that personal data is processed for the purpose of safeguarding legitimate interests (Art. 6 para. 1 sentence 1 lit. f GDPR), you can object to the processing of personal data relating to you at any time with effect for the future. In the event of an objection, we shall be obliged to refrain from any further processing of your data for the aforementioned purposes unless
- there are compelling legitimate grounds for processing that override your interests, rights and freedoms, or
- the processing is necessary for the establishment, exercise or defence of legal claims.

Additionally, you can revoke your consent (Art. 6 para. 1 p. 1 lit. a GDPR) at any time with effect for the future with the consequence that no further processing takes place from that time point on.

Please address all requests for information, revocations or objections to data processing by e-mail to datenschutz@rematec.org.

For more detailed information, please refer to the full text of the GDPR, which can be found online at https://dsgvo-gesetz.de/.

You are also entitled to complain to the competent supervisory authority about matters relating to data protection law.