In this Data Protection Notice, we R&R PR Management – inform you about the processing of your personal data. Personal data are collected, processed and used when you visit or interact with our website.
Personal data encompass information that relates to an identified or identifiable person. This primarily includes information that allows conclusions to be drawn about your identity, such as your name or e-mail address. Statistical data, which we collect (for example) when you visit our website and cannot be attributed to you as a person, do not fall under the definition of personal data.
1. Contact and controller
The contact and so-called controller for the processing of your personal data when you visit this website within the meaning of the EU General Data Protection Regulation (GDPR) is
R&R PR Management
If you have any questions about data protection in relation to our online offering or the use of our website, you can also ask them of our Data Protection Officer at: email@example.com at any time.
2. Online Offering
Every time you visit our website, we collect the data that your browser automatically transmits in order to make it possible for you to visit the website. These data particularly include:
· IP address of the requesting terminal device
· Date and time of the request
· Time zone difference from Greenwich Mean Time (GMT)
· Content of the request (specific page)
· Access status/ HTTP status code
· Each data quantity transmitted
· Website from which the request was made
· Operating system and user interface
· Language and version of the browser.
The data processing is necessary to make it possible for you to visit the website and to ensure the permanent operability and security of our systems. In addition, the aforementioned data are temporarily stored for the purposes described above in internal log files in order to generate statistical information about the use of our website so that we can improve our website to better suit the usage habits of our visitors (e.g. when the percentage of mobile terminal devices from which pages are accessed increases) and to perform general maintenance of our website.
The legal basis for the aforementioned data processing is Art. 6 (1) (b) GDPR.
3. Your Contact Data and Communications
You can communicate with us at firstname.lastname@example.org or by using our contact forms. When you do this, we process both your contact data and the content of your communications with us. We process these data only for the purpose of communicating with you.
It is necessary for us to use so-called cookies for a part of our services. A cookie is a text file that is stored on the hard drive either temporarily (“session cookies”) or for a longer time (“persistent cookies”). Cookies are not used to execute programs or upload viruses to your computer. Rather, the main purpose of cookies is to provide you with an offering tailored to your preferences and to make using the service as time-saving as possible.
We use persistent cookies to store your language settings or to notify us that information placed on our website was shown to you, so that it will not be shown again the next time you visit the website, for example. Persistent cookies are automatically deleted after a predefined period of time, which may vary depending on the cookie.
The legal basis for the aforementioned data processing is Art. 6 (1) (f) GDPR. These services are based on our legitimate interests. By processing this data, we want to make the use of our website more convenient and personalised.
12. Data recipients
We disclose the data we collect only when necessary to perform the contract or provide the technical functions of the website or when there is another legal basis for data disclosure.
As a general rule, we process your data ourselves. However, we also use service providers in part. In addition to the service providers named in this data protection notice, data recipients may particularly include data centres that store our website and databases, IT service providers that maintain our systems, and consulting firms. Insofar as we disclose data to third parties, these data may only be used to perform their tasks. The service providers have been carefully selected and contracted by us. They are contractually bound to follow our instructions, maintain suitable technical and organisational measures to protect the rights of data subjects and are regularly monitored by us.
In addition, data may be disclosed in response to official government enquiries, court orders and legal proceedings if that is necessary for the assertion or enforcement of rights.
13. Length of storage
As a general rule, we store your personal data for only as long as necessary to fulfill the contractual or statutory obligations under which we collected the data. After that, we immediately erase the data unless we need them as evidence in support of civil claims until the expiration of statutory limitation periods or due to statutory retention obligations.
For evidence purposes, we must retain the contract data for three years from the end of the year in which the business relationships with you end. Any claims become time-barred at this time at the earliest in accordance with the regular limitation period under law.
14. Your Rights
Provided that the corresponding legal criteria are met, you have the following data protection rights by law:
· Right of access (Article 15 GDPR)
· Right to erasure (‘right to be forgotten’) (Article 17 GDPR)
· Right to rectification (Article 16 GDPR)
· Right to restriction of processing (Article 18 GDPR)
· Right to data portability (Article 20 GDPR)
· Right to withdraw consent (Article 7 (3) GDPR)
· Right to object (Article 21 GDPR)
You also have the right to complain to the data protection supervisory authority with jurisdiction over us.
15. Changes to the Data Protection Notice
We update this data protection notice from time to time, for example when we make changes to our website or when the statutory requirements have changed.
© R&R PR Management – Status: January 2019