The protection of your personal data on the occasion of your visit to our homepage is important to us. Your data is protected as required by laws. We would like to inform you below about the nature and extent of the processing of personal data via this website in accordance with Article 13 of the General Data Protection Regulation (GDPR).
I. Details of the responsible body
RECO GmbH
Junkersring 11
53844 Troisdorf
Germany
Tel.: +49 (0) 2241-39704-0
Email: info@reco-gmbh.com
II. Details of the data protection officer
If you have any questions regarding data protection, please contact our external company data protection officer:
Mr Arndt Halbach from GINDAT GmbH
Wetterauer Str. 6
42897 Remscheid
Germany
Tel.: +49 (0) 2191 / 909 430
Email: datenschutz@reco-gmbh.com
III. Data processing via the website
Your visit to our website is logged. Initially, the following data that your browser transmits to us is collected:
- The IP address currently used by your PC or your router
- Date and time
- Browser type and version
- The operating system of your PC
- The pages you have viewed
- Name and size of the requested file(s)
- and, if applicable, the URL of the referring website.
This data is only collected for the purposes of data security, to improve our web offer and for error analysis based on Art. 6 para. 1 f GDPR. We reserve the right to use this data in the event of system abuse in order to determine the reasons and the trigger of the abuse, as well as to take legal action if necessary. In addition, the IP address of your computer is only evaluated anonymously (shortened by the last 3 digits).
You can visit our website without providing any personal information.
We would like to point out that data transmission on the Internet (e.g. communication by e-mail) can have security gaps. Complete protection of the data against access by third parties is not possible. You should therefore send us confidential data by another means, e.g. by post.
Secure data transmission
To protect the security of your data during transmission, we use a state-of-the-art encryption process (SSL) via HTTPS.
Processing data (customer and contract data)
We process personal data only insofar as they are necessary for the establishment, content or amendment of the legal relationship (inventory data). This is done based on Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures. We only process personal data about the use of our Internet pages (usage data) insofar as this is necessary to enable the user to use the service or to bill the user. The collected customer data will be deleted after completion of the order or termination of the business relationship. Statutory retention periods remain unaffected.
IV. Recipients of personal data
For the implementation and handling of processing procedures, we may use service providers by way of commissioned data processing.
Specifically, we have used service providers to host our website.
The contractual relationships with our service providers are regulated in accordance with the provisions of Art. 28 GDPR, which contain the legally required points on data protection and data security.
V. Google Maps
This site uses the map service Google Maps via an API. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Tel: +353 1 543 1000, Fax: +353 1 686 5660, email: support-deutschland@google.com.
To actively use the functions of Google Maps, it is necessary to save your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission.
Google Maps is not loaded without your consent, a so-called 2-click solution is implemented.
Only after you have clicked on the link to activate Google Maps will data be transmitted to Google. By clicking, you give your consent to the loading of Google Maps.
The legal basis is your consent within the meaning of Art. 6 para. 1 lit. a GDPR. If consent is not required, the legal basis in this case is our legitimate interest in a graphically appealing website Art 6 para. 1 lit. f GDPR.
You can find more information on the handling of user data in Google’s privacy policy:
https://www.google.de/intl/de/policies/privacy/
VI. Your rights
Pursuant to Articles 15-21 of the GDPR, if the conditions described therein are met, you may exercise the following rights in relation to the personal data we process.
You can request information pursuant to Art. 15 GDPR about your personal data processed by us.
If inaccurate personal data is processed, you have a right to rectification in accordance with Art. 16 GDPR.
If the legal requirements are met, you can request the deletion or restriction of processing (Art. 17, 18 GDPR).
You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent shall not affect the lawfulness of the processing carried out based on the consent until revocation.
Right of objection according to Art. 21 GDPR
The data subject shall have the right to object at any time, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her carried out based on Article 6 para. 1 (e) or (f) of the GDPR, including any profiling based on those provisions.
VII. Standard periods for the deletion of data
If there is no statutory retention requirement, the data will be deleted or destroyed if it is no longer required to achieve the purpose of the data processing. Different periods apply to the storage of personal data: data relevant under tax law is generally stored for 10 years, while other data in accordance with commercial law is generally stored for 6 years. Finally, the storage period can also be based on the statutory limitation periods, which, for example, according to Art. 195 et seq. of the German Civil Code (BGB), are usually three years, but in certain cases can be up to thirty years.
VIII. Right of appeal to a supervisory authority
Every data subject has the right to lodge a complaint with a supervisory authority under Article 77 of the GDPR if he or she considers that the processing of personal data relating to him or her infringes the GDPR. The competent supervisory authority in matters of data protection law is the State Data Protection Commissioner of the federal state in which our company is based.
The State Commissioner for Data Protection and Freedom of Information
North Rhine-Westphalia
Postal Box 20 04 44
40102 Düsseldorf
Germany
Tel.: +49 (0) 211-38424-0
Fax: +49 (0) 211-38424-999
Email: poststelle@ldi.nrw.de