1. Scope of the processing of personal data
You can rely on the protection and security of your personal data. The protection of your privacy when processing personal data is an important concern for RSBG SE, and we make sure to take it into account in all our business dealings. Therefore, we would like to take this opportunity to explain to you our basic rules for handling your personal data—which, of course, is managed in compliance with the applicable European and national data protection regulations.
2. Name and address of the data controller
The data controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of the member states as well as other data protection regulations is:
Tel.: +49 201 5657 8010
3. Legal basis for the processing of personal data
Insofar as we obtain the consent of the data subject for the processing of personal data, Article 6 (1) (a) GDPR serves as the legal basis for the processing of personal data.
In the processing of personal data required for the performance of a contract to which the data subject is a party, Article 6 (1) (b), GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre- contractual measures.
Insofar as the processing of personal data is required to fulfil a legal obligation to which our company is subject, Article 6 (1) (c), GDPR serves as the legal basis.
In the event that the vital interests of the data subject or another natural person require the processing of personal data, Article 6 (1) (d) GDPR serves as the legal basis. If processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not override the first-mentioned interest, Article 6 (1) (f) GDPR serves as the legal basis for processing data.
4. Purpose of data processing
When you visit our website, your browser transmits certain data to our web server due to technical requirements. We use this technical access information to continuously improve the attractiveness and usability of our webpages and their contents and to identify possible technical problems of our Internet presence. In addition, in order to protect our legitimate interests, we store this data for a limited time in order to be able to bring about a derivation of personal data in the event of unauthorized access or access attempts to local servers. The following paragraphs will tell you what this information is in detail.
We use “cookies” on our website. You will find further details of this in our Cookie guideline under Item 6 below.
5. Description and scope of data processing
Every time you visit our website, our system automatically collects data and information from the computer system of the invoking computer. This data is recorded in the form of logs.
The following data is collected in the process:
IP address of the user
Date and time of access
HTTP version of websites from which the user’s system arrived at our website
Websites accessed by the user's system via our website
HTTP status code of the server response
Size of the response in bytes
This processing is technically necessary in order to be able to display our website. We also use the data to ensure the security and stability of the website.
The processing of the data mentioned is necessary for the provision of the website and serves to protect a legitimate interest of our company. The legal basis for this processing is accordingly Article 6 (1) (f) GDPR.
Online presence on social media, external services and content on our website
We maintain an online presence on the social media platform LinkedIn in order to communicate with interested persons and users who are active there and to be able to provide these persons with information there.
In this context, we integrate external services or content on our website via links. If you use such a service (by clicking on the link and opening the platform), or if third party content is displayed to you, communication data (e.g. IP addresses or general device information) will be exchanged between you and the respective provider for technical reasons.
In addition, the provider of the respective external services or content may collect personal data about you—e.g. via the corresponding cookies—and process them thereafter for further purposes of its own. We have configured the services or content of providers who are known to process data for their own purposes to the best of our knowledge and belief in such a way that either communication for purposes other than the presentation of the content or services on our website is omitted, or communication only takes place if you actively decide to use the external service. However, since we usually and/or to a large extent have no influence on the data collected by third parties and its processing by them, we cannot provide any binding information on the purpose and scope of their processing of your data.
RSBG SE operates a profile on LinkedIn. LinkedIn is a social network and an online platform for professionals, specialist personnel and managers.
According to Article 26 GDPR we are jointly responsible with LinkedIn for the use of the Page Insights during the operation of our LinkedIn profile. LinkedIn has entered into an arrangement with us that determines who is responsible for fulfilling which obligations with respect to data protection. This agreement can be called up here. According to this agreement, LinkedIn is primarily responsible for providing the data subject with information concerning the joint processing and for enabling the data subject to exercise his or her data protection rights. Independently of this agreement, we hereby inform you concerning your visit to our profile and thus provide you with the information required under data protection
You can contact LinkedIn at:
LinkedIn Ireland Unlimited Company
You can contact LinkedIn online here.
You can reach LinkedIn ’s data protection officer
a) Data collected by LinkedIn
b) Data used by us and legal basis
LinkedIn provides us with statistics and usage data on the basis of which we can analyse the use of our LinkedIn page (“Page Insights”). This enables us to continually improve our presence on LinkedIn. We as an operator have no influence over the processing of Insights data and all further information collected according to Article 13 GDPR such as the storage duration of cookies on users’ terminals. The primary responsibility according to the GDPR for the processing of Insights data lies with LinkedIn. In this regard, we draw attention to the agreement regarding joint responsibility according to Article 26 GDPR that LinkedIn has made with us and the duties that LinkedIn has taken on according to this agreement.
We as the page administrator have no other possibility, also taking into account user tracking, of evaluating user behaviour on our LinkedIn page. It is also fundamentally not possible for us to identify a visitor to our LinkedIn page on the basis of the Page Insights. In particular, under the agreement with LinkedIn we have no right to demand that LinkedIn disclose individual user data. In addition to any personal information provided to us directly by the users, depending on the user’s privacy settings we can also see information on the user’s profile, the user’s Likes and the user’s contributions. You can see which information LinkedIn uses to create the Page Insights profile here.
The operation of the LinkedIn profile and the use of the Page Insights serve our legitimate interest in an effective external representation and in communication with our interested parties.
This interest justifies the operation of the page overriding both the legitimate interests of LinkedIn users and those of visitors to our profile who do not have a LinkedIn account. The legal basis is accordingly Article 6 (1) (f) GDPR.
Our website uses the web service of Cybot A/S, Havnegade 39, 1058 København, Denmark (“Cookiebot”). Cookiebot lets us show you a comprehensive cookie banner that contains all the cookies used on our site. This gives you an always up-to-date and transparent indication of which cookies are being set and the option to reject optional cookies.
The use of Cookiebot serves our legitimate interest in having a legally compliant website, Article 6 (1) (f) GDPR.
Cookiebot collects the following data from you:
- The IP address in anonymized form
- The date and time of any consent to cookies
- Technical browser data
- The cookies, if any, that you have given your consent to
All of the data that is collected is stored exclusively in the European Union. All user data will be deleted by Cookiebot after 12 months from registration (cookie consent) or immediately after termination of the Cookiebot service.
You can prevent data collection and storage by disabling cookies in your browser. However, if you disable cookies, the website may not be displayed correctly.
7. Cookie guideline
For example, we use session cookies in this way in order to recognize that you have already visited individual pages of our website. The purpose of the cookies used is to enable us to offer the functions of our website properly.
The following data is collected in the process:
First visit or recurring use
Session ID of the user
The technologically necessary cookies are automatically deleted when the local browser is closed or a certain time (24 h) has elapsed without the user carrying out an action on the website.
The data processed using cookies is necessary for the stated purposes in accordance with our legitimate interests pursuant to Article 6 (1) (f) GDPR.
8. Data deletion and storage time
Personal data will be deleted or blocked as soon as the purpose of storage ceases to apply.
Storage may still be necessary for a longer period if this has been required by the European or national legislators in EU regulations, laws or other provisions to which the data controller is subject. The data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract. We automatically delete data stored for technical reasons after 90 days.
9. Possibility of objection and erasure
The user can, at any time, revoke any consent he or she may have given regarding the processing of personal data (see also 9. Rights of data subjects). If the user contacts us by e-mail, he or she can object to the storage of his or her personal data at any time. In such a case, the conversation cannot be continued. The collection of the data for the provision of the website and the storage of the data in log files are absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user.
10. Rights of data subjects
If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the data controller:
The right to information about your personal data stored by us, Article 15 GDPR.
The right of rectification, erasure or restriction of processing of your personal data, Articles 16-18 GDPR.
The right to object to processing which serves our legitimate interest, a public interest or profiling, unless we can prove compelling legitimate grounds for processing which outweigh your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims, Article 21 GDPR.
The right to data portability, Article 20 GDPR.
The right to lodge a complaint with a supervisory authority, Article 77 GDPR.
The right to withdraw your consent to the collection, processing and use of your personal data at any time with effect for the future, Article 7 (3) GDPR.
If you wish to exercise your rights, you can address your request to the contact listed in Item 2, e.g. info(at)rsbg.de.