REHAU is pleased about your interest in our internal and our products. We want you to feel comfortable when you contact REHAU. For this reason the security of your personal data such as your name, address, telephone number or e-mail address which is created when you contact REHAU is important to us.
This privacy statement is intended for anyone with which REHAU interacts including customers and prospects, visitors of our Web sites, users of our apps/applications, other users of our products or services and visitors to our sites. It contains the information discribed in Art. 13 and 14 GDPR.
The processing of personal date takes place within the guidelines of legal regulations.
The Term "personal data" refers to all information relating to an identified or identifiable natural person. "Processing" means any operation or set of operation which is performed on personal date whether or not by automated means such as collection, recording, organization, arrangement, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or association, qualification, erasure or destruction.
Further data protection terms are used in accordance with the definitions in Art. 4 GDPR.
2. Name and address of the controller
REHAU Automotive SE & Co. KG
3. General processing purposes and legal bases
REHAU collects and processes your personal date in particular in the following cases:
- If you contact us directly e.g. via our website, via REHAU customer service or if you visit us at our locations, participate in our events, customer satisfaction surveys and competitions and are interested in our products or services or have any other concerns.
- If you or your employer buy products or services directly from us.
- If you or your employer request information about our products and services (e.g. sending brochures or price lists).
- If you buy or use REHAU products.
- If you or your employer offer or sell us products or services.
Please help us keep your information current by informing us of changes to your personal data, in particular your contact details.
Insofar as REHAU processes personal data, this applies in particular to your name and your official contact data such as company, function, telephone number or e-mail address as well as contract and transaction date. Additional data categories may be collected for special purposes described in detail below.
Besides the collection of your data from our contact forms on our website, we also collect the data directly from you or from generally accessible sources (e.g. commercial register, authorities and internet) to the necessary extent for the purpose.
4. Individual processing purposes and legal bases
In the following we inform you for which purposes REHAU processes which personal date. In the case of nonrecurring circumstances, REHAU will generally draw your attention to this information separately in the specific processing situation and, if necessary, provide additional information.
4.1. Processing of data for the preparation, conclusion and performance of contracts
As a manufacturing company, REHAU processes personal data within the scope of acquisition (also under 4.10.) and sales processes as well as for the execution of contracts. For this purpose, data is processed in particular for contract initiation, quotation processing, customer consulting procurement, production and delivery of goods, contract management and complaint processing.
Within the context of these activities, the following data categories are processed in particular:
- Contact data/ personnel master data (surname first name, address, e-mail address etc.)
- Logistics data such as delivery address
- Contract data, payment data
It may be necessary for us to pass on the data for the preparation of an offer and the execution of the contract to third parties who are integrated into the supply chain or otherwise required for the execution of the contract.
For the purpose of credit checks of our business partners, we process data which we receive under the legal requirements of credit agencies (such as Schufa). In addition, to further minimize the risk of default, REHAU reserves the right to report payment experiences with customers to a payment experience pool of a scoring company (Creditreform, Bisnode). This does not apply to payment experiences with natural persons.
In order to optimize financial transactions, REHAU reserves the right to assign receivables from its business customers to a refinancing company as part of receivables financing. Only company-related data (name of debtor, reason, amount, due date of the receivable) will be passed on for the purpose of receivables financing. Insofar as necessary for the verification of the receivable, the refinancing company will pass on the aforementioned company data to third parties for credit assessment.
The legal basis for debt financing/factoring is, insofar as personal data is involved in exceptional individual cases, Art. 6 I f GDPR.
If data is collected directly for the processing of an inquiry or the execution of a contract, REHAU will inform you which data is absolutely necessary. If it is not you yourself but your employer or another third party which is contractually connected with you or your employer which is the contracting party, the data will be processed on the basis of Art. 6 I f GDPR. The data will be processed insofar as the data is required for the execution of the contract or for the fulfilment of further legal e.g. product liability obligations and duties (e.g. duties to inform, clarify and warn).
If processing is carried out on the basis of Art. 6 I f GDPR, you can always object the processing on grounds relating to your particular situation.
4.2. Use of customer portal
REHAU offers its customers the use of a customer portal to simplify the processing of orders for access to certain product configurators and other services. With the registration you will be informed which data is necessary for the use of the customer portal. Purpose and legal basis are described in section 4.1. Furthermore optional data will be used to contact the customer (according to section 4.10).
When using the customer portal, the individual transactions are stored and archived in accordance with the legal storage regulations based on Art. 6 I c GDPR.
You can terminate the use of the customer portal and the storage of your personal data in the customer portal at any time as long as they are not necessary for the fulfillment of a contract. Please contact the sales office responsible for you (link: “contact us” in the customer portal). The storage of the transactions remains unaffected.
4.3 Use of supplier portal
REHAU maintains a supplier portal. When registering as a supplier, you will be informed of the type and scope of the data required for registration. The data is used for all business processes in relation with the procurement of goods and services, including measures for quality assurance, management of supplier relationships, processing of contracts, risk management, use of information and communication systems, optimisation of internal processes and administration of the supplier portal. For these purposes, it may also be necessary for us to pass on your personal data to other companies in the REHAU Group and for these Group companies to contact you.
4.4. Application process (Art. 6 I b GDPR)
For the application procedure there are additional data protection notices which will be communicated separately within the application. The following information also applies to all applications.
4.5. Participation in events and on-site visits (Art. 6 I f GDPR)
We are looking forward to meeting you personally during a visit on site or at one of our events. We process your personal data in order to organize and carry out events and to provide you with information material. In the case of events, we may forward the data to the speakers and participants. This is important to ensure the smooth running of the event. We also use the data collected in this process to evaluate and post-process our events.
REHAU also uses the survey monkey functions to gain feedback. If you participate in a corresponding survey, the data protection information of survey monkey (https://www.surveymonkey.de/mp/legal/privacy-policy/) applies.
For the documentation of the events as well as the press and public relations work picture and video recordings of the events can be provided. Personal (image) data will also be processed. You may object to this processing at any time for reasons arising from your particular situation. In this case we ask you to inform the photographers or organizers of these reasons in advance. They will take your objection into account and take the necessary measures.
4.6. Use of services (consulting)
In addition to our products and system solutions, REHAU offers various services. This also includes consulting and services which we offer by telephone, e-mail, contact form and possibly also on site. With this service we would like to support you in the selection of the REHAU systems and their application.
Within the context of this service, the necessary data that you provide in connection with the service request, such as contact data / personal master data (surname, first name, address, e-mail address, etc.) may be stored together with the products concerned and the problem. In this way, we want to ensure that we can provide you with targeted further advice in the event of any queries at a later date on the basis of the previous service history. The basis of this storage is the justified interest in an effective and consistent consulting activity, even over time. Your data will only be stored in direct connection with the service case. As far as the service data are relevant for the defense against claims of liability, especially product liability, REHAU will also process them for this purpose. The data will be deleted if they are no longer required for this purpose, at the very latest after the end of the limitation periods existing for this liability.
If the data is only processed on the basis of Art. 6 I f GDPR, you have the right to object the processing on grounds relating to your particular situation.
4.7. Access to the company premises for the delivery of goods or performance of a service or work performance
In this case, we collect not only your data which are directly necessary for the execution of a contractual relationship, such as name, first name, company, invoice data, vehicle identification data, but also the duration of your stay at REHAU on the basis of Art. 6 I f GDPR. In the event of an emergency and a necessary evacuation, the aim is to have knowledge of the persons staying in the building or on the premises. If you are on business, the duration of your stay can also be used to check and optimize internal processes and to check the conclusiveness of performance data (e.g. invoices).
When goods are delivered, cameras are also used to monitor logistical processes at various locations.
On the basis of legal requirements or Art. 6 I f GDPR to prove the fulfilment of road safety obligations, the safety instructions given to the visitor are also documented.
Of course you can disagree with the uses on the basis of Art. 6 I f GDPR at any time on grounds relating to your particular situation.
Video surveillance at our locations only takes place openly. Appropriate signs will point this out to you. This video surveillance serves to secure our production and our data processing systems. This ensures even greater protection of personal data.
4.8. Corporate communication and external image (Art. 6 I f GDPR)
As part of our participation in events, the visit to our trade fair presence and other events, images and video recordings of these events are made to document the event for press and public relations work and corporate communications. Personal (image) data is also processed in this process.
The publication of the image material takes place both electronically in social media such as Facebook and in print media. Legal basis for this processing is Art. 6 I f GDPR for corporate communication as well as § 23 KunstUrhG as applicable.
As far as factually possible and legally reasonable, reference will be made again to the photographs at each individual event. If the processing of the pictures takes place on the basis of Art. 6 I f GDPR, you can object to this use at any time on grounds relating to your particular situation. You can exercise this right by informing the photographer of these reasons in advance and he will take this into account in his work. We will be happy to provide you with details of the event in question.
4.9. Compliance, law enforcement and crime prevention (Art. 6 I f GDPR)
To the extent required by law, REHAU uses personal data to assert legal claims and to defend legal disputes. Within the context of the company's compliance requirements, the data may also be used to prevent, clarify or prevent criminal offences. In addition to the previously mentioned data categories insofar as they are required for the purpose, creditworthiness data, visit data, account data as well as correspondence, purchasing and sales data are also used for this purpose. REHAU also uses an internal whistleblower system for name and anonymous reports of compliance violations. This data will be deleted or made completely anonymous in accordance with the applicable legislation or immediately after the respective case has been concluded.
Security is generally also served by systems for building and plant security as well as for securing our data processing systems, such as access controls or video surveillance. The mentioned controls only take place openly at our sites. You can find out more about them in detail on site.
We process your personal data further in connection with the usual checks of business partners within the framework of compliance requirements. Insofar as we have not requested your personal data directly from you, we have collected them from publicly accessible sources and databases as part of the due diligence. The data collected from these sources are processed exclusively for this purpose and deleted as soon as they are no longer required for this purpose. The processing is based on Art. 6 I c GDPR insofar as the due diligence is based on legal requirements or on Art. 6 I f GDPR the legitimate interest of the company in the evaluation of its business partners for the reduction of risks. If the processing is based on Art. 6 I f GDPR, you can object to this on grounds relating to your particular situation.
4.10. Advertising communication and market research (Art. 6 I f GDPR)
As far as legally permissible on the basis of Art. 6 I f GDPR or if you give us your consent (Art. 6 I a GDPR), we process your data in particular for advertising communication, customer satisfaction surveys, advertising campaigns and for the implementation of sweepstakes. In this way, we can further improve our range of products and services and act in a more targeted manner.
Within the context of these activities, the necessary data such as contact data / personal master data (surname, first name, address, e-mail address, etc.) can be processed. Only as far as a permission is given further data which you provide to us for this purpose will be processed, e.g. interests, personal preferences, professional situation.
In the case of an existing customer relationship or if you have consented to this, you will generally receive the above information by electronic mail. For business partners who are not consumers, the information is provided by telephone or analogue.
For the purposes mentioned it may be necessary for us to pass on your personal data to companies of the REHAU Group in order to better respond to your wishes or to continuously improve our products and services. In each case you can disagree with the use of your data for purposes of direct advertising at any time according to Art. 21 Para. 2 GDPR or revoke a corresponding consent at any time according to Art. 7 Para. 3 GDPR with effect for the future.
For the further development of our products, services and business processes as well as for market research, we analyse the data available to us on business transactions, contracts and enquiries. It is in no way possible to draw conclusions about individual natural persons. Of course we respect it if you do not want us to use your personal data to support our customer relationship - in particular for direct marketing or market research.
4.11. Compliance with legal obligations (Art. 6 I c GDPR)
REHAU is subject to a number of legal obligations regarding the processing and storage of personal data. These relate, for example, to commercial and tax retention regulations in accordance with the commercial code and the tax code.
In order to meet these obligations, we process your data to the required extent and, if necessary, pass them on to the responsible authorities within the framework of statutory reporting obligations.
4.12. Further processing purposes
Data processing also takes place within the context of quality management to determine and improve customer satisfaction, to further develop products and services, to carry out research and development and to improve IT security and IT operations. The last point also includes processing to identify and prevent unauthorized access to personal data.
Legal basis for the processing of these data is art. 6 I f GDPR. Insofar as no consent is given, no conclusions can be drawn about individual natural people.
In individual cases this processing can be objected on grounds relating to your particular situation.
4.13. Transfer of data to third parties
For the aforementioned purposes, the data may be disclosed to third parties who assist the controller in the pursuit of the mentioned purposes. The passing on takes place in the context of an order processing within the sense of Art. 28 GDPR, a joint responsibility according to Art. 26 GDPR or as data transfer in the context of the order of professional services.
For data transfer to recipients in third countries (see point 7 below).
5. Duration of storage
We store your personal data only as long as it is necessary for the purposes for which it was collected or as long as storage is required by law or within the framework of official regulations. We delete or block your data as soon as they are no longer needed.
Furthermore, we will delete or block your data immediately in the event of a revocation of your consent and in the event of a justified objection to the processing.
6. Planned transfer of data to third countries
We may share your personal information with other REHAU companies for the purposes described in this privacy statement. The other companies may use your personal data in their own interest for the same purposes as we do. In particular, they may process your personal data for the above-mentioned purposes in their own interest.
Within the REHAU Group, employees only have access to your personal data insofar as this is necessary for the performance of their duties.
Data is transferred to branches outside the European Economic Area either on the basis of an adequacy decision of the Commission (Art. 45 Para. 3 GDPR) or on the basis of standard data protection clauses (Art. 46 II c GDPR) which contain appropriate guarantees for the data subject.
The text of the standard data protection clauses is published at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en.
We may also disclose your personal information to third parties outside the REHAU companies to use technical or organizational services that we need to fulfill for the purposes mentioned above or for our other business activities. Our service providers are contractually obliged to process personal data exclusively on our behalf and according to our instructions. We also oblige our service providers to comply with technical and organizational measures that ensure the protection of personal data. If the service providers are located in countries where the applicable laws do not provide for the protection of personal data comparable to European law, we will contractually ensure that the relevant service providers comply with the statutory level of data protection (standard data protection clauses or EU-US Privacy Shield Framework). For more information, please contact our data protection officer.
7. Online data usage/ visit of our websites
In the following, you will learn which information we may collect when you visit our websites and how we deal with it. REHAU’s websites may contain links to websites of other providers which are not covered by this data protection declaration.
When you visit our website, we store information about the browser and operating system you are using, the date and time of your visit and the IP address. These data are required for the web pages to function, in particular to ensure flawless connectivity and to guarantee a reasonable user experience on our website. We cannot associate these data with your person.
We will not collect any personal data via our websites without your consent. You alone decide whether or not you wish to disclose such data to us in the context of a registration, order or survey.
In addition, we use the following technologies on our website:
7.1. SnapEngage Live-Chat-Tool
This website uses SnapEngage, a live chat service provided by SnapEngage, LLC. If you agree to the function on the cookie splash pages or actively use the SnapEngage live chat, cookies that enable analysis of your website use will be stored on your computer. The information generated in this way is only transferred to and stored on a SnapEngage server in the EU to evaluate your use of the chats and provide us with reports. SnapEngage may transfer this information to third parties where required to do so by law, or where such third parties process the information on SnapEngage’s behalf. Under no circumstances will SnapEngage associate your shortened IP address with other SnapEngage data. For more details, please refer to SnapEngage’s data protection notice, which you may retrieve here: http://snapengage.com/privacy-policy/.
SnapEngage will forward these data to us upon request. This is for internal use only, including, where permitted, to contact you.
7.2. Chatbot / DialogFlow
Wenn Sie unseren Dienst "REHAU Chatbot" (beispielsweise über unsere Website www.rehau.com oder innerhalb von Mobile Apps) nutzen wollen, müssen Sie dieser Anwendung auf unseren Cookie-Vorschaltseiten ausdrücklich zustimmen. In diesem Fall werden personenbeziehbare Daten, u. a. Chatverläufe, IP-Adressen und Cookies durch die Dienstleister Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland und Botcopy Inc., a Deleware Corporation based in Santa Monica, CA erhoben und aufbewahrt. Diese Informationen sind zur Bereitstellung des Dienstes „REHAU Chatbot“ notwendig.
Weitere Informationen dazu finden Sie unter: https://policies.google.com/privacy?hl=de sowie unter https://www.botcopy.com/privacy/ und https://www.botcopy.com/gdpr/
7.3. Google Analytics - web analytics service
We would like to point out that, on our website, Google Analytics has been extended by the code “gat._anonymizeIp();” in order to guarantee anonymous IP address recording (so-called IP masking).
7.4. Google Tag Manager
7.5. Google Ads Remarketing
This website will use the functions of Google Ads Remarketing, provided you consent to the use of such on our websites’ cookie splash pages. This allows us to advertise this website in Google’s search engine results page, as well as on third-party websites. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). To this end, Google places a cookie in the browser of your end device, which automatically uses a pseudonymous cookie ID to enable interest-based advertising based on the pages you visit.
Further data processing will only take place if you have agreed to Google linking your internet and app browsing history to your Google account, and using information from your Google account to personalise advertisements you view on the web. In this case, if you are logged in to Google during your visit to our website, Google will use your data together with Google Analytics data to create and define target group lists for cross-device remarketing. Google will temporarily link your personal data to Google Analytics data in order to create target groups. You can permanently disable the setting of ad personalisation cookies by downloading and installing the browser plug-in available at the following link: https://adssettings.google.com/authenticated.
Alternatively, you can visit the Digital Advertising Alliance under www.aboutads.info to obtain information about setting cookies and adjust your cookie settings. Finally, you can adjust your browser settings so that it informs you about cookies that are being stored, allowing you to decide if you want to accept them individually, in certain cases only, or reject them in general. If you do not accept cookies, the functionality of our website may be limited. Further information and the data protection regulations regarding advertising and Google are available here: https://policies.google.com/technologies/ads.
7.6. Use of Google reCAPTCHA
In our contact forms, which you can use to send service and information requests to REHAU, we use the service reCAPTCHA by Google.
The service is used to recognise malicious attacks on our websites by differentiating entries made by a human being from those made by automated machines. The use of this application is necessary for providing the service REHAU offers through its contact form, and is thus based on Art. 6 l b of the GDPR. It is required for providing the services, as otherwise the website would not be adequately protected against automated surveillance, misuse and spam. Hence, using the application is also in the best interest of service recipients. In the process, your entry is transferred to Google and further processed. The data transferred to Google includes your IP address and possibly other data used by Google for the service.
This means you can only use our contact forms if you consent to the use of reCAPTCHA for protection of the site.
During this process, your data may, in exceptional cases, be processed in countries outside of the European Union without an adequate data protection level (so-called third countries).
In order to guarantee an adequate level of data protection even in such cases, we take additional measures according to Art. 44 ff of the GDPR and thereby ensure that the data transfer is generally permissible (e.g. by establishing EU standard contracts).
If the effectiveness of the standard contract clauses is not conclusively clarified, we base the data transfer alternatively on Art. 49 GDPR, in particular based on your explicit consent or our need to provide contact forms in a risk-free way.
The EU considers the USA to be a country without an adequate level of data protection; in particular there is an alleged risk that your data may be processed for monitoring purposes by US authorities without adequate legal protection options.
The entity responsible for this data processing is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
The following data are forwarded to the responsible entity for the independent provision of the service, i.e. defence against malicious attacks: Your web enquiry, the IP address, the browser type, the browser language, the date and time of your enquiry, one or several cookies, which under certain circumstances identify your browser.
If you object to the use of Google reCAPTCHA, you must not fill in the contact forms in which Google reCAPTCHA is used!
If you would like to take advantage of the services offered by REHAU without the use of Google reCAPTCHA, please feel free to write us an e-mail or letter any time. We will then address your enquiry through another channel.
This website will use “visitor action pixel” provided by Facebook Inc., provided you consent to the use of such on our websites’ cookie splash pages. This allows companies to track users’ behaviour after they click on a Facebook ad that redirects them to the vendor’s website. This process is used to evaluate the effectiveness of Facebook ads for statistical and market research purposes and may help optimise future advertising efforts. The data collected is anonymous to us and therefore does not provide us with any information about the identity of the user. However, the data is stored and processed by Facebook to facilitate a connection to the respective user profile and to allow Facebook to use the data for its own advertising purposes in accordance with the Facebook data policy: https://facebook.com/about/privacy/.
The information may enable Facebook and its partners to show advertisements within and outside of Facebook. A cookie may also be stored on your computer for these purposes.
You can object to the collection of pixels by Facebook and the use of your data to show you Facebook ads. To do so, access the page set up by Facebook and follow the instructions related to settings for use-based advertising: https://www.facebook.com/settings?tab=ads.
Alternatively, you can declare your objection on the website http://www.youronlinechoices.com/. The settings are platform-independent, meaning they apply to all devices, for example desktop computer or mobile devices.
7.8. Facebook Remarketing
Our website will use the remarketing function “custom audiences” offered by Facebook Inc. (1601 S. California Ave, Palo Alto, CA 94304, USA; “Facebook”), provided you consent to the use of such on our websites’ cookie splash pages. This function serves to target visitors to the website with interest-related advertising in the social network Facebook. For this purpose, the remarketing tag of Facebook was implemented on the website. This tag establishes a direct connection to the Facebook servers when you visit our website. It tells the Facebook servers which of our pages you have visited. Facebook associates this information with your personal Facebook user account. When you visit Facebook, you will be shown personalised, interest-based Facebook ads.
You can deactivate the remarketing function “custom audiences” here. Further information on the collection and use of data by Facebook, on your rights in this regard and on ways of protecting your privacy can be found in Facebook’s data policy at https://www.facebook.com/about/privacy/.
7.9. Facebook lead ads
We will use Facebook lead ads in order to obtain the contact data of users who show interest in our products and services on Facebook, provided you consent to the use of such on our websites’ cookie splash pages. This extends our ads on Facebook by further options for interaction, in particular the option for the user to request further information about our products and services through a contact form. When an interested user submits such a form, the data entered by the user are stored by Facebook as a lead and sent to us. We use these data only for the purpose referenced in the lead ad. They may include, for example, a name for personal contact, an e-mail address for sending the desired product information, or a phone number for establishing contact by phone. Further information on lead ads is available directly from Facebook at https://www.facebook.com/about/privacy/.
We will use plug-ins of YouTube LLC (represented by Google Inc.), among others, to integrate videos into our websites, provided you consent to the use of such on our websites’ cookie splash pages. In this case, a connection to the YouTube servers is established and the plug-in is displayed as soon as you use our website. Information on the pages you have visited will be transmitted to the YouTube server. If you are registered as a member of YouTube, YouTube will assign this information to your personal user account. If you use the plug-in, this information will also be assigned to your user account, for example after clicking the start button of a video. You can prevent this assignment by logging out of your YouTube user account and other YouTube LLC and Google Inc. user accounts before using our websites and by deleting the corresponding company cookies. For more information about YouTube (Google) data processing and privacy practices, please visit: https://www.google.de/intl/en-GB/policies/privacy/.
Our website will use conversion tracking by Microsoft Corporation, provided you consent to the use of such on our websites’ cookie splash pages. Microsoft Bing Ads places a cookie on your computer if you have reached our website via a Microsoft Bing display. This allows both us and Microsoft Bing to recognise that someone clicked on an advertisement, was redirected to our website, and reached a previously determined target page (conversion page). We only know the total number of users who clicked on a Bing ad and were redirected to the conversion page. No personal information about the user's identity is shared. If you do not wish to participate in the tracking procedure, you can object to the setting of the cookies that are usually required for this, for example by adjusting your browser settings to deactivate the automatic storing of cookies in general. Further information on data protection and the cookies used by Microsoft Bing can be found on the Microsoft website: https://privacy.microsoft.com/en-gb/privacystatement/.
You can object to tracking by Outbrain for the purpose of displaying interest-based recommendations at any time at https://my.outbrain.com/recommendations-settings/home.
You can revoke your consent at any time. To do so, please use this link: https://site.adform.com/privacy-policy-opt-out. This stores a so-called opt-out cookie on your device, which signals to the technical systems that they are not permitted to measure further data or set further cookies.
7.14. REHAU Account / cidaas
When using our service “REHAU Account” (e.g. on https://accounts.rehau.com or within mobile apps), we will ask you for a minimal set of personal data which is needed and stored for providing the service. The underlying service – product name “cidaas” – is provided by our data processor Widas ID GmbH, Maybachstraße 2, 71299 Wimsheim, Germany.
For further information, please visit: https://www.cidaas.com/privacy-policy/.
When using our service “REHAU Account” (e.g. on https://accounts.rehau.com or within mobile apps), the service provider Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA will collect and store personal information, e.g. your anonymised IP addresses and cookies, for up to 7 days. This information is needed to increase the security level of the service and is collected for this purpose only.
For further information, please visit: https://support.cloudflare.com/hc/en-us/articles/200170156-Understanding-the-Cloudflare-Cookies or: https://www.cloudflare.com/privacypolicy/.
Cookies are small text files that websites usually place on the end user’s PC. Cookies are used for a variety of purposes. However, they are never technologically risky because they lack any “active” ability. They cannot therefore execute any malicious applications. They contain almost exclusively information which is necessary for convenient Internet use. In addition, we have set ourselves a deadline for deleting cookies. Without your renewed permission, these are stored for a maximum of 12 months from the date of collection. To this end, we take technical steps to ensure automatic deletion.
Classic examples of cookie tasks include saving login data, shopping cart items, user analysis, form fields. Information that can be stored in cookies include the lifetime, server name, Unique ID or content data.
- Session cookies
Session cookies are only technical cookies that are necessary for the proper functioning of our website.
All other cookies are only used if you consented to them on our cookie consent manager splash pages. We have structured these cookies as follows:
- Tracking cookies
Tracking cookies are used - of course in a completely anonymous form - to evaluate user behavior when visiting our website. REHAU and, if necessary, the responsible body receive valuable information on how the website is used, which helps REHAU and, if necessary, the responsible body to better focus on the interests of visitors.
- Commercial cookies
In addition to our own cookies, we use third-party cookies to display personalized advertising on our and other websites. This process is called "Retargeting". It is based on your activity on our website.
- Third-party cookies
The plugins used on our website also use their own cookies. You can find out about the types and purposes of cookies on the pages provided by the third party providers.
8. Data security
We have technical and organizational security procedures in place to protect the security of your personal data and to protect your personal data against unauthorized or unlawful processing and/or against accidental loss, alteration, disclosure or access.
9. Your rights
Compliance with data protection regulations is monitored by the following bodies, to which anyone can turn:
Data protection officer of the REHAU Automotive SE & Co. KG (Head office within the meaning of Art. 4 Nr. 16 GDPR):
Dr. Alexander Walter
REHAU Industries SE & Co. KG
Phone: +49 9283-770
Lead supervisory authority within the meaning of Art. 56 GDPR:
Bavarian State Office for Data Protection
You also have the possibility to check REHAU's compliance with data protection regulations yourself. You are entitled to the following rights:
- Information Law
- Right to access your processed data
- Right to object
For all processing operations based on Art. 6 I f GDPR (see above), you can object the processing on grounds relating to your particular situation.
- Right for disagreement against direct advertising
You have the right to object at any time against the processing of your data for the purpose of direct marketing. This also applies to profiling in connection with such direct marketing.
- Right of correction, deletion and limitation
- Right of data portability
- Right to lodge a complaint with a supervisory authority
If you have any questions about these rights with regarding the processing of your personal data, you can contact our data protection officer, who is also available in the event of requests for information suggestions or complaints. Upon request, REHAU will inform you as soon as possible in writing if and which of your personal data we have stored in accordance with applicable law. Should incorrect information be stored despite our efforts to ensure that the data is correct and up-to-date, we will correct it at your request.