Privacy Policy

1. Data protection at a glance

General information

This information provides an overview of what happens to your personal data when you visit this website. Personal data is data that can be used to identify you personally. Detailed information can be found in the following sections.

Data collection on this website
Who is responsible?
Data processing is carried out by the operator of this website. For contact details, see the section ‘Responsible body’.

How do we collect data?
– Through your entries (e.g. contact form).
– Automatically through our IT systems (e.g. IP address, browser, operating system, time, technical log data).

What is the data used for?
– To ensure the website is provided without errors.
– To analyse user behaviour.
– To process enquiries or contracts.
– For competitions (if used).

Your rights
You have the right to information, deletion, correction, restriction of processing, data portability and complaint to the supervisory authority at any time. Details follow below.

2. Hosting

Strato AG
Otto-Ostrowski-Straße 7, 10249 Berlin, Germany
Strato stores log files containing IP addresses, times, browsers, operating systems and similar technical data.

Strato privacy policy:
https://www.strato.de/datenschutz/

Legal basis:
Art. 6 (1) (f) GDPR (legitimate interest in stable and secure provision).
If consent is requested, additionally Art. 6 (1) (a) GDPR & §25 (1) TDDDG.

Order processing:
A contract for order processing has been concluded.

3. General information and mandatory information

Data protection
We treat your data in accordance with the GDPR and this privacy policy. Data transmission over the Internet may be subject to security vulnerabilities.

Responsible body
Katrin Janke
Telephone: +49 15737216952
Email: contact@rg-company.de

Storage period
Personal data will only be stored for as long as the purpose exists or legal obligations require it.

Legal basis
– Consent: Art. 6(1)(a) GDPR
– Contract/pre-contractual measures: Art. 6(1)(b) GDPR
– Legal obligation: Art. 6(1)(c) GDPR
– Legitimate interest: Art. 6(1)(f) GDPR
– Cookies/end device access: Section 25 TDDDG
– Third country transfers: Art. 49 GDPR (if applicable)

Data transfers to third countries
If tools from providers outside the EU are used, data may be transferred to third countries. This applies in particular to US companies. Transfers only take place if sufficient safeguards are in place (DPF, standard contractual clauses or consent).
Recipients of personal data

We only transfer data if:
– it is necessary for contract processing,
– it is required by law,
– there is a legitimate interest,
– we use processors.

Revocation/objection
– Consent that has been given can be revoked at any time.
– Objections can be lodged against processing on the basis of Art. 6 (1) e/f GDPR.
– Direct marketing can be objected to at any time.

Further rights of data subjects
– Complaint to the supervisory authority
– Data portability
– Information, correction, deletion
– Restriction of processing

SSL/TLS encryption
This site uses HTTPS encryption.

Objection to unsolicited advertising
We object to the use of the published contact details for advertising purposes.

4. Data collection on this website

Cookies We use technically necessary cookies and – with your consent – analysis and marketing cookies. Details are listed in the cookie banner. Legal basis: – Necessary cookies: Art. 6(1)(f) GDPR – Analysis/advertising cookies: Art. 6(1)(a) GDPR & Section 25 TDDDG Server log files Automatically collected by Strato: – IP address – Date/time – Browser & version – Operating system – Referrer URL – Host name Legal basis: Art. 6 (1) lit. f GDPR Contact form Data collected: Name, email, telephone number, message. Legal basis: Art. 6 (1) (b) or (f) GDPR or consent. Enquiries by email or telephone The data provided will be processed. Legal basis: Art. 6 (1) (b), (f) or (a) GDPR.

5. Competitions and prize draws

If you participate, we will process your name, user name, address, email address, etc. exclusively for the purpose of conducting the competition.

Legal basis: Art. 6(1)(b) GDPR
Deletion: no later than 30 days after completion.

This competition is not affiliated with Instagram, TikTok, Meta or any other platforms.

6. Plugins & tools used

Akismet (spam detection for comments)
We use Akismet, a service provided by Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA.

When you submit a comment, the following data is transmitted to Automattic and processed there:

• IP address
• User agent
• Comment content
• Name & email (if entered)
Purpose: Protection against spam comments

Legal basis: Art. 6(1)(f) GDPR (legitimate interest)
As data is transferred to the USA, an equivalent level of data protection cannot be guaranteed.

Further information: https://automattic.com/privacy/

Polylang (language switching)
Polylang sets a cookie to store the language selected by the user.
Data stored: Language setting (cookie)

Purpose: Provision of the website in the selected language
Legal basis: Art. 6(1)(f) GDPR

No personal data is transferred to third parties.

Polylang (language switching)
Polylang sets a cookie to store the language selected by the user.
Data stored: Language setting (cookie)

Purpose: Provision of the website in the selected language
Legal basis: Art. 6(1)(f) GDPR

No personal data is transferred to third parties.

CookieYes (cookie consent)

We use CookieYes (CookieYes Ltd., UK) to manage user consent for the use of cookies.
Processed data:
• IP address (anonymised)
• Time of consent
• Consent ID
• Cookie status
Legal basis: Art. 6(1)(c) GDPR (legal obligation)

Further information: https://www.cookieyes.com/privacy-policy/

Jetpack (security, statistics, CDN)

We use Jetpack (Automattic Inc., USA). The following data may be processed:

• IP addresses
• Browser information
• Visitor statistics
• Loading times
• Image optimisation via the Jetpack CDN

Legal basis:
– Technical functions: Art. 6(1)(f) GDPR
– Statistics (if activated): Consent (Art. 6(1)(a) GDPR)

As Jetpack is based in the US, data may be transferred to the US.

Metricool (analysis & social media management)

We use Metricool (Metricool Software S.L., Spain). Metricool collects:

• IP address
• Visitor behaviour
• Referrer
• Social media functions used (if integrated)

Purpose: Analysis of website performance & social media evaluation
Legal basis: Consent (Art. 6(1)(a) GDPR)
Data may be processed via external servers, including outside the EU.

Metricool privacy policy: https://metricool.com/privacy-policy/

Site Kit by Google (Analytics, Search Console, Tag Manager)

Site Kit connects the website to Google services. If GA4 or other tools are active, data is transferred to Google Ireland or, if applicable, Google LLC USA.

The following data is collected (if GA4 is active):

• IP address (truncated)
• User behaviour
• Referrer
• Technical data of the end device
• Interactions

Legal basis: Consent via cookie banner (Art. 6(1)(a) GDPR & Section 25 TDDDG)
I can insert the complete Google Tools passage if required.

YouTube embeds

We embed videos from the YouTube platform on our website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

When you visit a page on which a YouTube video is embedded, a connection to the YouTube servers is established. YouTube is informed which of our pages you have visited. YouTube may also set various cookies or use similar tracking technologies. If you are logged into your YouTube or Google account, your usage behaviour can be assigned to your personal profile. You can prevent this by logging out of YouTube/Google beforehand.

We use YouTube in extended data protection mode, where available. This mode reduces the number of cookies set, but does not completely prevent data transmission to YouTube.

Legal basis: Art. 6(1)(a) GDPR (consent via the cookie banner).

Social media links (Instagram, Facebook, TikTok, YouTube)

Our website only contains statistical icons/buttons that redirect you to our social media profiles on Instagram, Facebook, TikTok and YouTube. These are not social media plugins that transfer data when the page is loaded.

Data is only transferred to the aforementioned providers when you actively click on the respective button and open our social media page. From this point on, the data protection regulations of the respective platform operator apply.

Legal basis: Art. 6 (1) (f) GDPR (legitimate interest in a user-friendly corporate presence).

Yoast SEO

Yoast SEO may set functional cookies, but does not store any personal data from visitors.
Legal basis: Art. 6(1)(f) GDPR

Elementor & Elementor Pro

Elementor sets cookies that are used to display the website (e.g. editor mode, responsive settings).
If you use form widgets, the transmitted data is stored locally.

Processed data for forms:
– Name
– Email address
– IP address (optional/log)
– Message content

Legal basis:
– Art. 6(1)(b) (contract/enquiry processing)
– Art. 6(1)(f) (legitimate interest)

WP Super Cache

WP Super Cache stores cache files locally and sets technically necessary cookies to control caching functions.

Processed data: anonymised technical data
Legal basis: Art. 6(1)(f) GDPR

Limit Login Attempts Reloaded

This plugin stores IP addresses in the event of failed login attempts in order to prevent brute force attacks.

Data:
– IP address
– Login usernames
– Times of attempts

Legal basis: Art. 6(1)(f) GDPR (security interest)

Source

Parts are taken from text templates from e-recht24.de, supplemented and adapted.