With this data protection policy, we wish to inform you in a general, transparent and clear manner of how we handle your personal data in accordance with the EU General Data Protection Regulation (GDPR).
In this document, we tell you which data we collect and store, what we do with it and for what purposes we process it.
As rule, our website at http://www.rev.de can
be visited without disclosing any personal data. If you wish however to avail
of a service offered through our website, we might ask you to submit some
For interactions such as queries or orders where we need to process personal data to fulfil your request, we will always first seek your general consent in accordance with article 6 paragraph 1, 1 lit. a GDPR.
All data is processed in compliance with the GDPR. The legal basis for the processing of personal data is article 6 paragraph 1, 1 lit. f GDPR that lists the legitimate interests that allow us to process your personal data.
Collection of general data (log files)
a) When you call up our website in your browser, some information is automatically sent by the page to the server. This data is stored temporarily in a log file. The following information is automatically recorded and kept until it is automatically erased:
• Internet Protocol address (IP address) of your device
• Date and time of access
• Name and URL of the page
• URL or previously viewed web page (referrer)
• Browser name and operating system of your device
b) The data specified in a) is processed by us for the following purposes:
• Establishment of a good connection between our server and your device
• User-friendly access and use of our website
• Evaluation of system security and stability
• General administrative purposes
The legal basis for the processing of such data is article 6 paragraph 1, 1 lit. f GDPR. Our legitimate interest is in line with the purposes of data collection and processing listed in b). We never use the data to attempt to identify you as a person.
Collection and storage of personal data;purpose and methods of data processing
a) Contact form on our website
Our website includes a contact form through which you can submit queries of any type.
To submit the form, you must enter a valid e-mail address so that we can get in contact with you. We also ask you to submit you title and name. Personal data obtained through the submission of the contact form is processed by us with your consent in accordance with article 6 paragraph 1, 1 lit. a GDPR.
b) Consent to the processing of personal data
Your consent to the processing of your personal is:
1. Given freely
3. Valid and unambiguous
Transfer of data
Our parent company might from time to time request us to transfer your personal data to a third party. Such transfers are only made for the purposes listed below. We only transfer your personal data to a third party:
• With your explicit consent according to article 6 paragraph 1, 1 lit. a GDPR
• Where transfer is necessary for the purposes of the legitimate interests pursued by us or by a third party in accordance with article 6 paragraph 1, 1 lit. f GDPR, except where such interests are overridden by your interests or fundamental rights and freedoms as the data subject as defined in article 6 paragraph 1, 1 lit. a GDPR, which require protection of personal data
• Where transfer is necessary for compliance with a legal obligation to which we are subject in accordance with article 6 paragraph 1, 1 lit. c GDPR
• Where transfer is necessary for the performance of a contract to which you are party in accordance with article 6 paragraph 1, 1 lit. b GDPR
According to article 15 GDPR, as the data subject, you are entitled to information regarding the use and processing of your personal data by us. In particular, you are entitled to the following information:
a) The purposes of the processing
b) The categories of personal data concerned
c) The recipients or categories of recipient to whom the personal data has been or will be disclosed
d) The envisaged period for which the personal data will be stored
e) The existence of the right to request from us rectification or erasure of personal data or restriction of processing of personal data
f) The right to lodge a complaint with a supervisory authority
g) Where the personal data is not collected from the data subject, any available information as to its source
h) The existence of automated decision-making, including profiling
You are also entitled to know whether your
personal data has been or will be disclosed to recipients in third countries or
to international organisations. Where personal data is transferred to a third
country or to an international organisation, you have the right to be informed
of the appropriate safeguards relating to the transfer.
Should you wish to avail of your right to information, please contact our Data Protection Officer or a member of our data processing team.
Right to rectification (article 16 GDPR)
You have the right to demand that we rectify inaccurate personal data concerning you without undue delay. Taking into account the purposes of processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
Right to erasure ("right to be
forgotten") (article 17 GDPR)
You have the right to demand that we erase personal data concerning you without undue delay, unless we are legally prevented from doing so in order to comply with legal obligations, for reasons of public interest or for the establishment, exercise or defence of legal claims.
The right to erasure applies in cases where:
a) The personal data is no longer necessary for the purposes for which it has been collected or otherwise processed
b) You withdraw your consent on which the processing is based according to article 6 paragraph 1 a or article 9 paragraph 2 a GDPR, and where there is no other legal ground for processing
c) You object to the processing pursuant to article 21 paragraph 1 GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to article 21 paragraph 2 GDPR
d) The personal data has been unlawfully processed
e) The personal data has to be erased for compliance with a legal obligation in Union or Member State law to which we are subject
f) The personal data has been collected in relation to the offer of information society services referred to in article 8 paragraph 1 GDPR
Right to restriction of processing
(article 18 GDPR)
You have the right to demand that we restrict the processing of your data, if you contest the accuracy of the personal data, or if the processing is unlawful but you oppose the erasure of the personal data and request the restriction of its use instead; if we no longer need the personal data for the purposes of processing, but require it for the establishment, exercise or defence of legal claims; or where you have objected to processing pursuant to article 21 paragraph 1 GDPR.
Right to data portability (article 20
You have the right to receive the personal data that you have provided to us in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another controller without hindrance.
Conditions for consent (article 7
paragraph 3 GDPR)
You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. Prior to giving consent, you shall be informed thereof. It will be as easy to withdraw as to give consent.
Right to object (article 21 GDPR)
You have the right to object, on grounds relating to your particular situation, to processing of personal data concerning you in accordance with article 21 GDPR. Should you object to processing for direct marketing purposes, your personal data will no longer be processed for such purposes.
Right to lodge a complaint with a
supervisory authority (article 77 GDPR)
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.
Normally, such a complaint should be lodged with a supervisory authority in the state of your habitual residence or place of work.
Should you wish to avail of your right to lodge a complaint, please contact our Data Protection Officer or a member of our data processing team.
Security of processing (article 32 GDPR)
We have implemented appropriate technical and organisational measures to ensure a level of security appropriate to the risks of unauthorised access or misuse of your personal data. Our data protection policy ensures the following:
2. Data integrity
3. Availability and suitability of the systems and services used for data processing
Our staff members undergo regular training in data protection and security and are legally obliged to treat your data with confidentiality and in accordance with the GDPR.
We do not use tracking techniques in connection with our website.
In order to make our website as user-friendly
text files that are stored on your device.
Cookies do not enable us to identify you as a person. We use mainly session cookies that contain information of the pages you have visited. Session cookies are automatically deleted when you leave our website. You can also delete cookies manually through your browser (e.g. by deleting your browse history). Data obtained through cookies is used by us for legitimate purposes and only pursuant to article 6 paragraph 1, 1 lit. f GDPR.
Each time you call up our website, data is recorded in a log file. This data does not include any personal information, and does not enable us to identify you as a person.
The following data is logged each time you access our website:
» Name of the file you called up
» Date and time of your visit
» Volume of transferred data
» Information whether you successfully accessed our website
decision-making / profiling
As a company that values your privacy, we do not use automated decision-making or profiling tools.
Name and address of Data
in accordance with GDPR:
REV Ritter GmbH, Frankenstrasse 1-4, 63776 Mömbris, firstname.lastname@example.org, www.rev.de
data protection officer: Sabine Imhof
Competent data protection authority
Landesamt für Datenschutzaufsicht, Promenade 27, 91522 Ansbach (Germany)
Tel.: 0981/53-1300, Fax: 0981/53-981300