Data protection

§4 Additional features and offers on our website

 

(1) In addition to the use of our website for information purposes, we provide various services which may be of interest to you. To use these services you will generally need to provide additional personal data which we will use to provide the service in question and to which the abovementioned basis for data processing will apply.

 

(2) We sometimes use external service providers to process your data. We have selected and commissioned these carefully. They are bound by our instructions and are reviewed on a regular basis.

 

(3) We may also forward your personal data to third parties when we run campaigns or competitions, conclude contracts with or offer similar services jointly with partners. You will be given more information about this when you provide your personal information or below in the description of the offer.

 

(4) If our service provider or partner has its registered office in a country outside the European Economic Area (EEA), we will tell you about the consequences of this in the offer description.

 

§5 Using our web shop

 

(1) If you wish to place an order in our web shop, you must provide the personal data we need to process your order in order to enter into a contract with us. Compulsory information required to process such contracts is marked accordingly. All other information is optional. We will process the information you provide in order to process your order. To do this, we may pass your payment details to our main bank. The legal basis for this processing is Art. 6(1)(1b) GDPR.

 

You have the option of creating a customer account which we can use to store your details for subsequent purchases. When you create an account under “My Account”, you consent to the data you provide being stored. You may revoke this consent at any time. You can have all other data, including your user account, deleted, taking into account any statutory retention obligations, by sending a message to our customer service team.

 

We may also process the data you provide to inform you about other interesting products from our portfolio or to send you emails with technical information.

 

(2) Under commercial and tax law stipulations, we are obliged to save your address, payment details and order information for a period of ten years. After [two years] however, we will restrict the processing of said data, in other words your data will only be used to comply with the statutory obligations.

 

(3) The order process will be encrypted using TLS technology to prevent unauthorised access to your personal data, in particular financial data, by third parties.

 

§6 Newsletter

 

(1) With your consent, you can subscribe to our newsletter which we use to keep you informed about our latest special offers. The goods and services promoted are specified in the declaration of consent.

 

(2) We use the so-called double opt-in procedure for subscription to our newsletter. This means that when you subscribe, we will send an email to the email address you specified in which we will ask you to confirm that you wish to receive the newsletter. If you do not confirm your subscription within [24 hours], your information will be blocked and will be automatically deleted after a month. We also save your IP address and the time of your subscription and confirmation in each instance. The purpose of this is to prove your subscription and, where applicable, to be able to resolve any potential misuse of your personal data.

 

(3) The only information required to send you the newsletter is your email address. The provision of other, separately marked data is optional and will be used so we can address you personally. After you confirm, we will save your email address so we can send you the newsletter. The legal basis for this processing is Art. 6(1)(1a) GDPR.

 

(4) You can revoke your consent to the sending of the newsletter and unsubscribe from the newsletter at any time. You can revoke said consent by clicking the “Unregister” link provided in every newsletter email, by sending an email to info@rademacher.de, or by sending a message to the contact details provided in the Legal Notice.

 

§7 Service Center, ZenDesk

 

(1) We use the system provided by Zendesk Inc., 1019 Market Street San Francisco, CA 94103, USA (“Zendesk”) to process service, support and other help requests, and to operate RADEMACHER. We use Zendesk so we can process your requests quickly and efficiently. This constitutes a legitimate interest as defined by Art. 6(1)(1f) GDPR.

 

(2) We have concluded a Data Processing Agreement (DPA) with Zendesk. Under the terms of said agreement, Zendesk is obliged to only use our customers’ user data to process requests within the framework of the EU data protection standards, and not to disclose the same to third parties. We have agreed upon EU standard contractual clauses for this purpose which have been expanded to include the current requirements of the data protection supervisory authorities. This ensures that a level of data protection equivalent to the GDPR is ensured even in the case of a data transfer to the USA.

 

(3) You can view Zendesk’s Privacy Policy at https://www.zendesk.de/COMPANY/CUSTOMERS-PARTNERS/PRIVACY-POLICY/.

 

§8 Objection to the processing of your data or revocation of consent to the same

 

(1) If you have given your consent to the processing of your data, you may revoke this at any time. Such revocation has an impact on the legitimacy of the processing of your personal data once you have informed us of the same.

 

(2) Wherever we use the balancing of interests as the grounds for processing your personal data, you may object to said processing. This is the case in particular where the processing is not necessary to fulfil a contract with you, which will be made clear by us in the subsequent description of the functions. When exercising such a right to object, we kindly ask you to state the reason why we should not process your personal data. In the event of your reasoned objection, we will check the situation and cease or modify the data processing, or present to you our compelling legitimate grounds on the basis of which we will continue with the processing.

 

(3) Obviously, you may object to the processing of your personal data for advertising and data analysis purposes at any time. You can let us know about your objection to advertising using the following contact details:

 

RADEMACHER Geräte-Elektronik GmbH

Buschkamp 7

46414 Rhede / Westphalia (Germany)

info@rademacher.de

 

Tel: +49 (0)2872 / 933 - 0

Fax: +49 (0)2872 / 933 – 251

 

§9 Web analytics

 

1. Use of Google Analytics

 

(1) This website uses Google Analytics, a web analytics service provided by Google Inc. ("Google"). Google Analytics uses so-called "cookies", text files stored on your computer which enable analysis of your use of the website. Information generated by the cookie relating to your use of the website is generally transmitted to and stored on one of Google's servers in the USA. However, if IP anonymisation is activated on this website, your IP address will be shortened by Google beforehand within member states of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to one of Google's servers in the USA and shortened there. Google uses this information on behalf of the operator of this site to evaluate your use of the website, to compile reports on website activities, and to provide the website operator with other services related to use of the website and the internet.

 

(2) The IP address transmitted by your browser as part of Google Analytics is not combined with any other data held by Google.

 

(3) You can prevent storage of the cookies by changing the respective settings in your browser. However, we wish to point out that some functions offered by the website will not be fully available in this case. Furthermore, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google, as well as the processing of this data by Google, by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en-GB.

 

(4) This website uses Google Analytics with the “_anonymizeIp()” extension. This means that IP addresses will be processed in truncated form thus preventing them from being directly linked to a particular individual. Where the data collected about you contains a personal reference, this will be excluded straight away and the personal data will then be erased immediately.

 

(5) We use Google Analytics so we can analyse and regularly improve the use of our website. We can use the statistics obtained to improve our site and make it more interesting and attractive for you as a user. For the exceptional cases in which your personal data is transferred to the USA, we have agreed upon EU standard contractual clauses with Google which have been expanded to include the current requirements of the data protection supervisory authorities. This ensures that a level of data protection equivalent to the GDPR is ensured even in the case of a data transfer to the USA.

 

(6) Third-party provider information: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. User terms and conditions: http://www.google.com/analytics/terms/de.html, data protection overview: http://www.google.com/intl/de/analytics/learn/privacy.html, and the Privacy Policy: https://policies.google.com/privacy?hl=en-GB&gl=de.

 

 

2. Google Web Fonts

This website uses so-called Web Fonts provided by Google to ensure the uniform use of fonts on this site. These Google fonts are locally installed so that a connection to Google’s servers will not be established in conjunction with this application. For more information on Google Web Fonts, please follow this link: https://developers.google.com/fonts/faq and consult Google’s Data Privacy Declaration under: https://policies.google.com/privacy?hl=en.

 

3. Google Tag Manager

(1) Google Tag Manager enables the management of marketer website tags via an interface. The Tag Manager itself, which uses the tags, works without cookies however and does not record any personal data. The Tag Manager only activates different tags which may in turn record data. Relevant explanations about these various third-party providers can be found in this Data Protection Declaration. The Google Tag Manager does not use this data however. If you have disabled cookies through your browser settings, or by some other means, this will be taken into account for all tracking tags that have been used with Google Tag Manager. The tool will not change your cookie settings.

 

(2) Google may ask for your consent to send some product data (e.g. your account information) to other Google products in order to enable certain functions, e.g. to make it easier to add new conversion tracking tags for AdWords. Google’s developers also check information about product use from time to time in order to further optimise the product. Google will never forward data of this nature to other Google products without your consent however.

 

You can find more information in the Google usage guidelines and Google privacy notices for this product.

 

§10 Social media

 

1. Use of social media plug-ins

 

(1) We currently use the following social media plug-ins: [Facebook, Twitter, Xing, LinkedIn, Instagram]. We use the so-called two-click solution for these. That means that when you visit our site, at first no personal data is sent to the plug-in provider at all. You can recognise the plug-in provider by the marking on the box or by its initials or the logo. We give you the opportunity of communicating with the plug-in provider directly via the button. The plug-in provider only receives the information that you have visited the relevant web page of our online site when you click the marked field, thereby activating it. The data specified in point 3 of this declaration is also transmitted. In the case of Facebook and Xing, the IP address is anonymised immediately after collection in Germany according to information from the respective providers. By activating the plug-in, personal data about you is then transmitted to the respective plug-in provider and is stored there (in the USA in the case of American providers). Since the plug-in providers collect data, in particular, through cookies, we recommend deleting all cookies via the security settings in your browser before clicking the greyed out box.

 

(2) We have no influence over the data collected or the data processing procedures and we are unaware of the full extent of the data collection, the purposes of the processing or the retention periods. We also have no information about erasure of the data collected by the plug-in providers.

 

(3) The plug-in provider saves the data collected about you as a user profile and uses this for advertising, market research and/or demand-oriented design purposes for its website. Such an analysis is done in particular (even for users who are not logged in) in order to display appropriate advertising and to inform other users of the social network about your activity on our website. You have the right to object to the creation of this user profile. You must contact the plug-in provider in question to exercise this right. Through the plug-ins, we provide you with the option to interact with the social networks and other users so we can improve our site and make it more attractive and interesting for you as a user. The legal basis for using the plug-ins is Art. 6(1)(1f) GDPR.

 

(4) The data is transferred regardless of whether or not you have an account with the plug-in provider and are logged in to it. If you are logged in with the plug-in provider, your data collected on our site will be associated with your existing account with the plug-in provider. When you press the activated button and, for example create a link to the page, the plug-in provider also stores this information in your user account and shares it with your contacts publicly. After using a social network, we recommend you log out periodically, but in particular before activating the button as you can avoid association with your profile with the plug-in provider.

 

(5) You can find more information about the purpose and extent of this data collection and processing by the plug-in providers in the privacy policies for these providers listed below. There you will also find more information about your rights in this respect and settings you can change to protect your privacy.

 

(6) Addresses of the respective plug-in providers and the URLs for their privacy policies:

a) Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; http://www.facebook.com/policy.php; more information about data collection: http://www.facebook.com/help/186325668085084, http://www.facebook.com/about/privacy/your-info-on-other#applications and http://www.facebook.com/about/privacy/your-info#everyoneinfo. We have agreed upon EU standard contractual clauses with Facebook which have been expanded to include the current requirements of the data protection supervisory authorities. This ensures that a level of data protection equivalent to the GDPR is ensured even in the case of a data transfer to the USA.

b) Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA; https://twitter.com/privacy. We have agreed upon EU standard contractual clauses with Twitter which have been expanded to include the current requirements of the data protection supervisory authorities. This ensures that a level of data protection equivalent to the GDPR is ensured even in the case of a data transfer to the USA.

 c) Xing AG, Gänsemarkt 43, 20354 Hamburg, DE; http://www.xing.com/privacy.

 d) LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; http://www.linkedin.com/legal/privacy-policy. We have agreed upon EU standard contractual clauses with LinkedIn which have been expanded to include the current requirements of the data protection supervisory authorities. This ensures that a level of data protection equivalent to the GDPR is ensured even in the case of a data transfer to the USA.

 e) Instagram: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland; https://help.instagram.com/519522125107875. We have agreed upon EU standard contractual clauses with Facebook which have been expanded to include the current requirements of the data protection supervisory authorities. This ensures that a level of data protection equivalent to the GDPR is ensured even in the case of a data transfer to the USA.

 

2. Integration of YouTube videos

 

(1) We have integrated YouTube videos in our website which are stored at http://www.YouTube.com and can be played from our website directly. These are all integrated in “enhanced data protection mode”, in other words no data about you as a user is sent to YouTube unless you play the videos. The data specified in paragraph 2 is only transmitted when you play the videos. We have no influence over this data transmission.

 

(2) By visiting the website, YouTube receives the information that you have accessed the sub-page of our website in question. The data specified in point 3 of this declaration is also transmitted. This happens regardless of whether YouTube provides a user account you are logged in to and even if you have no user account. If you are logged into Google, your data will be associated with your account immediately. If you do not want this data to be associated with your profile at YouTube, you must log out before pressing the button. YouTube stores your data as a user profile and uses it for advertising, market research and/or demand-oriented design purposes for its website. Such an analysis is done in particular (even for users who are not logged in) in order to deliver appropriate advertising and to inform other users of the social network about your activity on our website. You have the right to object to the creation of this user profile. You must contact YouTube to exercise this right.

 

(3) More information about the purpose and scope of the data collection and its processing by YouTube can be found in YouTube’s privacy policy. There you will also find more information about your rights and settings you can change to protect your privacy: https://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA. We have agreed upon EU standard contractual clauses for this with Google which have been expanded to include the current requirements of the data protection supervisory authorities. This ensures that a level of data protection equivalent to the GDPR is ensured even in the case of a data transfer to the USA.

 

3. Integration of Google Maps

 

(1) We use the Google Maps facility on this website. With it, we can show you interactive maps on the website directly and enable you to use the map functions conveniently.

 

(2) When you visit the website, Google receives the information that you have accessed the relevant sub-page of our website. The data specified in point 3 of this declaration is also transmitted. This happens regardless of whether Google provides a user account that you are logged into or whether or not any such user account exists. If you are logged into Google, your data will be associated with your account immediately. If you do not want this data to be associated with your profile at Google, you must log out before pressing the button. Google stores your data as a user profile and uses it for advertising, market research and/or demand-oriented design purposes for its website. Such an analysis is done in particular (even for users who are not logged in) in order to deliver appropriate advertising and to inform other users of the social network about your activity on our website. You have the right to object to the creation of this user profile. You must contact Google to exercise this right.

 

(3) You can find more information about the purpose and extent of this data collection and processing by the plug-in providers in the providers’ privacy policies. There you will also find more information about your rights in this respect and settings you can change to protect your privacy: http://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA. We have agreed upon EU standard contractual clauses for this with Google which have been expanded to include the current requirements of the data protection supervisory authorities. This ensures that a level of data protection equivalent to the GDPR is ensured even in the case of a data transfer to the USA.

 

4. Facebook Connect

 

(1) Where a so-called “Facebook Connect button” appears on this website, you have the option of logging in to your Facebook user data on our website. Information about your activity on our website may also be fed automatically into your Facebook profile via Facebook Connect. In this respect, when activating the button, you are given the option of both expressly consenting to access to your Facebook user data and consenting to the publication of information and activity in your Facebook profile. Additional data (e.g. contact via your email address) is only used when you have previously and expressly consented to the same. Please note that by using Facebook Connect, Facebook receives information about the application or website, including about the actions you perform. To customise the process of establishing connections, in some circumstances Facebook may receive a limited amount of information before the application or website is authorised. Please see Facebook’s Data Policy for the purpose and extent of this data collection and the further processing and use of data by Facebook, as well as your rights in this respect and the available settings to protect your privacy.

 

Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA;

https://www.facebook.com/policy.php; more information about data collection:

https://www.facebook.com/help/186325668085084,

https://www.facebook.com/about/privacy/your-info-on-other#applications and

https//www.facebook.com/about/privacy/your-info#everyoneinfo.

 

(2) We have agreed upon EU standard contractual clauses with Facebook which have been expanded to include the current requirements of the data protection supervisory authorities. This ensures that a level of data protection equivalent to the GDPR is ensured even in the case of a data transfer to the USA.

 

5. Facebook Pixel

To measure conversion rates, this website uses the visitor activity pixel of Facebook. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook’s statement the collected data will be transferred to the USA and other third-party countries too.

This tool allows the tracking of page visitors after they have been linked to the website of the provider after clicking on a Facebook ad. This makes it possible to analyze the effectiveness of Facebook ads for statistical and market research purposes and to optimize future advertising campaigns.

For us as the operators of this website, the collected data is anonymous. We are not in a position to arrive at any conclusions as to the identity of users. However, Facebook archives the information and processes it, so that it is possible to make a connection to the respective user profile and Facebook is in a position to use the data for its own promotional purposes in compliance with the Facebook Data Usage Policy. This enables Facebook to display ads on Facebook pages as well as in locations outside of Facebook. We as the operator of this website have no control over the use of such data.

The use of Facebook Pixel is based on Art. 6 Sect. 1 lit. f GDPR. The operator of the website has a legitimate interest in effective advertising campaigns, which also include social media. If a corresponding agreement has been requested (e.g. an agreement to the storage of cookies), the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the agreement can be revoked at any time.

In Facebook’s Data Privacy Policies, you will find additional information about the protection of your privacy at: https://www.facebook.com/about/privacy/.

You also have the option to deactivate the remarketing function “Custom Audiences” in the ad settings section under  https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this, you first have to log into Facebook.

If you do not have a Facebook account, you can deactivate any user based advertising by Facebook on the website of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/.

 

6. Pinterest plg-in

We use social plug-ins of the social network Pinterest on this website. The network is operated by Pinterest Inc., 808 Brannan Street, San Francisco, CA 94103-490, USA („Pinterest”).

If you access a site or page that contains such a plug-in, your browser will establish a direct connection with Pinterest’s servers. During this process, the plug-in transfers log data to Pinterest’s servers in the United States. The log data may possibly include your IP address, the address of the websites you visited, which also contain Pinterest functions. The information also includes the type and settings of your browser, the data and time of the inquiry, how you use Pinterest and cookies.

Data are stored and analyzed on the basis of Art. 6 Sect. 1 lit. f GDPR. The website operator has a legitimate interest in the highest possible visibility on social media. If a respective declaration of consent has been obtained, the data will be processed exclusively on the basis of Art. 6 Sect. 1 lit. a DGDPR. Any such consent may be revoked at any time.

For more information concerning the purpose, scope and continue processing and use of the data by Pinterest as well as your affiliated rights and options to protect your private information, please consult the data privacy information of Pinterest at: https://about.pinterest.com/en/privacy-policy.

 

7. Integration of Zendesk

(1) We use the system of the company Zendesk Inc., 1019 Market Street San Francisco, CA 94103 USA ("Zendesk") to process service, support and or help requests and to operate RADEMACHER. We use Zendesk to be able to process your inquiries quickly and efficiently. This constitutes a legitimate interest within the meaning of Art. 6 (1) lit. f DSGVO.

(2) Our company accounts on Instagram and Facebook are also integrated into our Zendesk system for the purpose of fast and efficient processing. If you send us a message via the respective pages, it will be processed by us via Zendesk. The use of your data on the Facebook or Instagram pages by the providers cannot be influenced by us as page operator.

(3) The messages sent to us remain with us until you request us to delete them or the purpose for storing the data no longer applies (e.g. after processing your request has been completed). Mandatory legal provisions - in particular retention periods - remain unaffected.

(4) Zendesk has Binding Corporate Rules (BCR) that have been approved by the Irish Data Protection Authority. These are binding corporate rules that legitimize corporate data transfers to third countries outside the EU and EEA. Details can be found here: https://www.zendesk.de/blog/update-privacy-shield-invalidation-european-court-justice/.

(5) We have entered into a Data Processing Agreement (DPA) with Zendesk. This obliges Zendesk to use the user data of our customers only within the framework of EU data protection standards exclusively for processing the requests and not to pass them on to third parties. In this context, we have agreed to EU standard contractual clauses that have been supplemented in accordance with the current requirements of the data protection supervisory authorities. This ensures that even in the case of data transfer to the USA, a level of data protection that complies with the DSGVO is guaranteed.

(6) You can view Zendesk's data protection notice at https://www.zendesk.de/company/privacy-and-data-protection/.

§11 Online advertising

 

1. HubSpot

 

(1) We use HubSpot for our online marketing activities. This is an integrated software solution which we use for various aspects of our online marketing. HubSpot is a software company from the USA with a branch in Ireland: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland (“HubSpot”).

Areas in which HubSpot is used:

• Content management (website and blog)
• Email marketing (newsletter and automated mailings, for example for the provision of downloads)
• Reports and analytics
• Contact management (CRM)
• Landing pages and contact forms

(2) With our subscription service (e.g. newsletter), we enable our website visitors to find out more about our company, download content and provide contact information and other demographic information. This information will be stored on the servers of our software partner HubSpot. It may be used by us to contact visitors to our website and to determine which of our company’s services may be of interest to them.

(3) For the exceptional cases in which personal data is transferred to the USA, we have agreed upon EU standard contractual clauses with HubSpot which have been expanded to include the current requirements of the data protection supervisory authorities. This ensures that a level of data protection equivalent to the GDPR is ensured even in the case of a data transfer to the USA.

(4) We only ever use the information collected to optimise our marketing efforts. You can find more information about HubSpot’s privacy policy on the following page: https://legal.hubspot.com/privacy-policy. You can find all of HubSpot’s EU data privacy resources here: https://legal.hubspot.com/de/datenschutz.

(5) The processing of personal data by HubSpot detailed above will be on the basis of Art. 6(1)(f) of the GDPR. We have a legitimate interest in analysing user behaviour, both to optimise our web offering and to customise it to the user’s individual preferences.

(6) If data collection by HubSpot is generally not desired, users can prevent cookies from being saved at any time with the appropriate browser settings.

(7) We do not store any data in connection with the use of HubSpot ourselves (except in purely statistical form)

 

2. Facebook custom audiences

 

(1) We also use the “custom audiences” remarketing function from Facebook Inc. (“Facebook”) on the website. This enables users of the website to be shown interest-based advertisements (“Facebook ads”) when visiting the Facebook social network or other websites which also use this system. By doing so, we are pursuing the aim of showing you advertising that is relevant to you to make our website more interesting and attractive for you.

 

(2) Based on the marketing tools used, your browser automatically establishes a direct connection with Facebook’s server. We have no influence over the extent and subsequent use of the data collected by Facebook using these tools, and we are therefore informing you in line with our own knowledge of the same: The integration of Facebook custom audiences means that Facebook receives information that you have accessed the web page in question on our website or that you have clicked one of our advertisements. If you have registered for a Facebook service, Facebook can associate the visit with your account. Even if you are not registered with Facebook, or are not logged in, there is the possibility of the provider obtaining and storing your IP address and other identifying features.

 

(3) For cases in which personal data is transferred to the USA, we have agreed upon EU standard contractual clauses with Facebook which have been expanded to include the requirements of the data protection supervisory authorities. This ensures that a level of data protection equivalent to the GDPR is ensured even in the case of a data transfer to the USA.

 

(4) The “Facebook custom audiences” function can be disabled [here and] for logged in users at https://www.facebook.com/settings/?tab=ads#_.

 

(5) The legal basis for the processing of your data is Art. 6(1)(1f) GDPR. You can find more information about data processing by Facebook at https://www.facebook.com/about/privacy.

 

§12 Data security

(1) We have implemented technical and organisational security measures to prevent unwanted access to your data. We have contractually obliged our employees to treat personal data confidentially and carefully. All of our service providers are also monitored by us. During your website visit, we use the common SSL (Secure Socket Layer) procedure in conjunction with the strongest level of encryption supported by your browser in each instance. This is usually 256-bit encryption. If your browser does not support 256-bit encryption, we revert to 128-bit v3 technology instead. You can tell if an individual page of our website is being transmitted in encrypted form from the closed appearance of the key and lock icon in the status bar at the bottom of your browser.

 

(2) We also use suitable technical and organisational security measures to protect your data against random or deliberate manipulation, full or partial loss or destruction, and against unauthorised access by third parties. Our security measures are continually improved in line with the latest technological developments.

 

B. HomePilot® “WR-Connect” remote access service and the HomePilot® App

 

1. Use of “WR-Connect” without registration

(1) You can control your HomePilot® remotely via the internet using our “WR-Connect” remote access service. Only the update service can be used without registering with “WR-Connect”. As part of the update service, the following data will be transmitted to our server:

 

• The HomePilot® software version
• The HomePilot® UID
• Date of the request (an update verification is performed every six hours)

 

This data will be deleted 1 year after it is last accessed.

 

(2) Data processing within “WR-Connect” will be on the basis of Art. 6(1)(b) of the GDPR. This permits the processing of all data necessary for fulfilment of a contract. When connecting the HomePilot®, and on first starting up the app, you concluded a contract with us for use of the app and the HomePilot® connection function.

 

2. Use of “WR-Connect” with registration (creation of a user account for WR-Connect)

 

(1) For use of the HomePilot® app, the personal data you provided during the registration process will be stored in a “WR-Connect” user account. The following technical specifications will also be stored in said user account only when remote access to your HomePilot® is also approved:

 

• The HomePilot® UID
• SW versions
• Name of the HomePilot® in the portal
• Uptime (system stability message)
• Time of the last successfully established connection
• Number and type of the devices connected to the HomePilot®
• The IP address of your internet connection

 

(2) The data specified above will only be processed for the purpose of providing the app functionality and to technically implement and monitor the HomePilot®.

 

(3) Data processing within “WR-Connect” and the HomePilot® app will be on the basis of Art. 6(1)(b) of the GDPR. This permits the processing of all data necessary for fulfilment of a contract. When connecting the HomePilot®, and on first starting up the app, you concluded a contract with us for use of the app and the HomePilot® connection function.

 

(4) The data retrieved via “WR-Connect” and the app will not be combined with other data. This data will only be erased when you unsubscribe from “WR-Connect”.

 

3. Data recipients/contract processing

 

(1) The company MarcanT AG, Herforder Str. 163a, Bielefeld, 33609 (“MarcanT AG”) provides the server for WR-Connect and for the HomePilot® app. We have concluded a contract processing agreement with MarcanT AG under which the data is only processed on our behalf and in accordance with our instructions.

 

4. HomePilot® HD Camera Indoor/Outdoor

 

(1) In our indoor and outdoor HomePilot® HD cameras we use a video streaming function provided by Shenzhen Foscam Intelligent Technology Co., Ltd (“Foscam”), TCL International E City, No. 1001 Zhongshan Road, Nanshan District, Shenzhen 518055, PRC.

 

(2) The video streaming function (“P2P”) can be used, for example, for live videos on a smartphone outside the home network. By enabling the video streaming function (“P2P”), a direct connection is established between your smartphone and the HD camera. At the same time, video data is also sent to Foscam. Please note that, as provider of the camera, we have no knowledge of the content of the data transmitted or its use by Foscam. You can find more information about this in Foscam’s Privacy Notice at: https://www.foscam.com/company/Privacy-Notice.html.

 

(3) We have agreed upon EU standard contractual clauses with Foscam which have been expanded to include the current requirements of the data protection supervisory authorities. This ensures that a level of data protection equivalent to the GDPR is ensured even in the case of a data transfer to the USA.

 

5. Use of the HomePilot® Google Assistant app via “WR Connect”

 

(1) The HomePilot® Google Assistant app makes it possible to control the devices in your HomePilot® Smart Home System via Google using voice commands. Google Assistant (provider is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google”)) is a software solution for voice input and output in which voice commands are analysed, interpreted and executed by Google. Google provides an interface for partners which allows those partners to provide their own functions, so-called apps. This allows partners to connect their systems specially and use Google’s voice control. You can find more information about the collection, processing and use of personal data in Google Assistant at the following URL: https://policies.google.com/privacy?hl=en.

 

(2) Google alone will be responsible for the processing of your personal data within the speech processing in Assistant.

 

(3) As soon as you enable the HomePilot® Google Assistant app, the following personal data will be transmitted to Google or will be collected and processed by Google:

• name, description and ID of the devices, sensors and scenes which are approved for control in the Google Assistant app
• readings from sensors approved for control in the Google Assistant app.

 

(4) Our HomePilot® Google Assistant app also uses Google software. This is used to transmit information needed for the HomePilot® Google Assistant app functionality to Google in encrypted form. Google will store this data in the cloud. Personal data may be forwarded to and stored on servers outside the Federal Republic of Germany and the European Union. We have therefore agreed upon EU standard contractual clauses with Google which have been expanded to include the current requirements of the data protection supervisory authorities. This ensures that a level of data protection equivalent to the GDPR is ensured even in the case of a data transfer to the USA. Google alone will be responsible for the processing of your personal data by the Google software and in the Google cloud. Please check that you agree with Google.de’s privacy terms and conditions and wish to grant your consent when configuring the Google Assistant app.

 

(5) Please note that the data specified in this section will be created by Google, or by a subcontractor, as a user profile with an alias. This may be analysed for advertising or market research or to make the Google Assistant app more user friendly. According to Google, it is not possible to link it back to you directly.

 

6. Use of the HomePilot® Alexa skill via “WR Connect”

 

(1) The HomePilot® Skill (“Skill”) makes it possible to control the devices in your HomePilot® Smart Home system via Amazon Echo devices using voice commands. Amazon Echo is hardware for voice input and output in which voice commands are analysed, interpreted and executed by Amazon. Amazon provides an interface for partners which allows those partners to provide their own functions, so-called skills. This allows partners to connect their systems specially and use Amazon’s voice control. You can find more information about the processing of personal data by Amazon Alexa in Amazon.de’s data protection declaration at the following URL: https://www.amazon.de/gp/help/customer/display.html?nodeId=201566380. Amazon alone will be responsible for the processing of your personal data when using Alexa skills.

 

(2) As soon as you enable the Skill, the following personal data will be transmitted to Amazon and processed by Amazon:

 

• Name, description and ID of the devices, sensors and scenes which are approved for control in the Skill
• Readings from sensors approved for control in the Skill

 

(3) Our Skill also uses software from Amazon. This is used to transmit information needed for the Skill’s functionality to Amazon in encrypted form. This data will be stored in the cloud by Amazon. Personal data may be forwarded to and stored on servers outside the Federal Republic of Germany and the European Union. We have agreed upon EU standard contractual clauses with Amazon which have been expanded to include the current requirements of the data protection supervisory authorities. This ensures that a level of data protection equivalent to the GDPR is ensured even in the case of a data transfer to the USA.

You can find more information about the collection, processing and use of personal data by Amazon Alexa in Amazon.de’s privacy notice at the following URL:

https://www.amazon.de/gp/help/customer/display.html?nodeId=201566380.

 

(4) Amazon alone will be responsible for the processing of your personal data by the Amazon software and in the Amazon cloud. Please check that you agree with Amazon.de’s privacy notice and wish to grant your consent when configuring the Amazon Alexa app.

 

(5) The personal data specified in this section will be created by Amazon, or by a subcontractor, as a user profile with an alias. This may be analysed for advertising or market research or to make the app more user friendly. It is not possible to link it back to you directly.