Dear visitor
With this data protection policy, we wish to inform you in a general,
transparent and clear manner of how we handle your personal data in accordance
with the EU General Data Protection Regulation (GDPR).
In this document, we tell you which data we collect and store, what we do with it and for what purposes we process it.
As rule, our website at http://www.rev.de can
be visited without disclosing any personal data. If you wish however to avail
of a service offered through our website, we might ask you to submit some
personal data.
For interactions such as queries or orders where we need to process personal
data to fulfil your request, we will always first seek your general consent in
accordance with article 6 paragraph 1, 1 lit. a GDPR.
All data is processed in compliance with the GDPR. The legal basis for the processing of personal data is article 6 paragraph 1, 1 lit. f GDPR that lists the legitimate interests that allow us to process your personal data.
Collection of general data (log files)
a) When you call up our website in your browser, some information is
automatically sent by the page to the server. This data is stored temporarily
in a log file. The following information is automatically recorded and kept
until it is automatically erased:
• Internet Protocol address (IP address) of your device
• Date and time of access
• Name and URL of the page
• URL or previously viewed web page (referrer)
• Browser name and operating system of your device
b) The data specified in a) is processed by us for the following purposes:
• Establishment of a good connection between our server and your device
• User-friendly access and use of our website
• Evaluation of system security and stability
• General administrative purposes
The legal basis for the processing of such data is article 6 paragraph 1, 1
lit. f GDPR. Our legitimate interest is in line with the purposes of data
collection and processing listed in b). We never use the data to attempt to
identify you as a person.
Collection and storage of personal data;purpose and methods of data processing
a) Contact form on our website
Our website includes a contact form through which you can submit queries of any
type.
To submit the form, you must enter a valid e-mail address so that we can get in
contact with you. We also ask you to submit you title and name. Personal data
obtained through the submission of the contact form is processed by us with
your consent in accordance with article 6 paragraph 1, 1 lit. a GDPR.
b) Consent to the processing of personal data
Your consent to the processing of your personal is:
1. Given freely
2. Informed
3. Valid and unambiguous
4. Revocable
Transfer of data
Our parent company might from time to time request us to transfer your personal
data to a third party. Such transfers are only made for the purposes listed
below. We only transfer your personal data to a third party:
• With your explicit consent according to article 6 paragraph 1, 1 lit. a GDPR
• Where transfer is necessary for the purposes of the legitimate interests
pursued by us or by a third party in accordance with article 6 paragraph 1, 1
lit. f GDPR, except where such interests are overridden by your interests or
fundamental rights and freedoms as the data subject as defined in article 6
paragraph 1, 1 lit. a GDPR, which require protection of personal data
• Where transfer is necessary for compliance with a legal obligation to which
we are subject in accordance with article 6 paragraph 1, 1 lit. c GDPR
• Where transfer is necessary for the performance of a contract to which you
are party in accordance with article 6 paragraph 1, 1 lit. b GDPR
Your rights
According to article 15 GDPR, as the data subject, you are entitled to
information regarding the use and processing of your personal data by us. In
particular, you are entitled to the following information:
a) The purposes of the processing
b) The categories of personal data concerned
c) The recipients or categories of recipient to whom the personal data has been
or will be disclosed
d) The envisaged period for which the personal data will be stored
e) The existence of the right to request from us rectification or erasure of
personal data or restriction of processing of personal data
f) The right to lodge a complaint with a supervisory authority
g) Where the personal data is not collected from the data subject, any
available information as to its source
h) The existence of automated decision-making, including profiling
You are also entitled to know whether your
personal data has been or will be disclosed to recipients in third countries or
to international organisations. Where personal data is transferred to a third
country or to an international organisation, you have the right to be informed
of the appropriate safeguards relating to the transfer.
Should you wish to avail of your right to information, please contact our Data
Protection Officer or a member of our data processing team.
Right to rectification (article 16 GDPR)
You have the right to demand that we rectify inaccurate personal data
concerning you without undue delay. Taking into account the purposes of
processing, you have the right to have incomplete personal data completed,
including by means of providing a supplementary statement.
Right to erasure ("right to be
forgotten") (article 17 GDPR)
You have the right to demand that we erase personal data concerning you without
undue delay, unless we are legally prevented from doing so in order to comply
with legal obligations, for reasons of public interest or for the
establishment, exercise or defence of legal claims.
The right to erasure applies in cases where:
a) The personal data is no longer necessary for the purposes for which it has
been collected or otherwise processed
b) You withdraw your consent on which the processing is based according to
article 6 paragraph 1 a or article 9 paragraph 2 a GDPR, and where there is no
other legal ground for processing
c) You object to the processing pursuant to article 21 paragraph 1 GDPR and
there are no overriding legitimate grounds for the processing, or you object to
the processing pursuant to article 21 paragraph 2 GDPR
d) The personal data has been unlawfully processed
e) The personal data has to be erased for compliance with a legal obligation in
Union or Member State law to which we are subject
f) The personal data has been collected in relation to the offer of information
society services referred to in article 8 paragraph 1 GDPR
Right to restriction of processing
(article 18 GDPR)
You have the right to demand that we restrict the processing of your data, if
you contest the accuracy of the personal data, or if the processing is unlawful
but you oppose the erasure of the personal data and request the restriction of
its use instead; if we no longer need the personal data for the purposes of
processing, but require it for the establishment, exercise or defence of legal
claims; or where you have objected to processing pursuant to article 21
paragraph 1 GDPR.
Right to data portability (article 20
GDPR)
You have the right to receive the personal data that you have provided to us in
a structured, commonly used and machine-readable format. You also have the
right to transmit this data to another controller without hindrance.
Conditions for consent (article 7
paragraph 3 GDPR)
You have the right to withdraw your consent at any time. The withdrawal of
consent shall not affect the lawfulness of processing based on consent before
its withdrawal. Prior to giving consent, you shall be informed thereof. It will
be as easy to withdraw as to give consent.
Right to object (article 21 GDPR)
You have the right to object, on grounds relating to your particular situation,
to processing of personal data concerning you in accordance with article 21
GDPR. Should you object to processing for direct marketing purposes, your
personal data will no longer be processed for such purposes.
Right to lodge a complaint with a
supervisory authority (article 77 GDPR)
Without prejudice to any other administrative or judicial remedy, you have the
right to lodge a complaint with a supervisory authority, in particular in the
Member State of your habitual residence, place of work or place of the alleged
infringement, if you consider that the processing of personal data relating to
you infringes the GDPR.
Normally, such a complaint should be lodged with a supervisory authority in the
state of your habitual residence or place of work.
Should you wish to avail of your right to lodge a complaint, please contact our
Data Protection Officer or a member of our data processing team.
Security of processing (article 32 GDPR)
We have implemented appropriate technical and organisational measures to ensure
a level of security appropriate to the risks of unauthorised access or misuse
of your personal data. Our data protection policy ensures the following:
1. Confidentiality
2. Data integrity
3. Availability and suitability of the systems and services used for data
processing
Our staff members undergo regular training in data protection and security and
are legally obliged to treat your data with confidentiality and in accordance
with the GDPR.
Tracking
We do not use tracking techniques in connection with our website.
Cookies
In order to make our website as user-friendly
as possible and to meet your expectations, we use cookies. Cookies are small
text files that are stored on your device.
Cookies do not enable us to identify you as a person.
We use mainly session cookies that contain information of the pages you
have visited. Session cookies are automatically deleted when you leave our
website. You can also delete cookies manually through your browser (e.g. by
deleting your browse history). Data obtained through cookies is used by us for
legitimate purposes and only pursuant to article 6 paragraph 1, 1 lit. f GDPR.
Each time you call up our website, data is recorded in a log file. This data
does not include any personal information, and does not enable us to identify
you as a person.
The following data is logged each time you access our website:
» Name of the file you called up
» Date and time of your visit
» Volume of transferred data
» Information whether you successfully accessed our website
Automated individual
decision-making / profiling
As a company that values your privacy, we do not use automated decision-making
or profiling tools.
Name and address of Data
Protection Officer
in accordance with GDPR:
REV Ritter GmbH, Frankenstrasse 1-4, 63776 Mömbris, info@rev.de, www.rev.de
data protection officer: Sabine Imhof
Competent data protection authority
Landesamt für Datenschutzaufsicht, Promenade
27, 91522 Ansbach (Germany)
Tel.: 0981/53-1300, Fax: 0981/53-981300
poststelle@lda.bayern.de, https://www.lda.bayern.de