Data protection
Status January 2025
1. Introduction
With the following information, we would like to provide you, as the “data subject,” an overview of the processing of your personal data by us and your rights under data protection laws. Use of our websites is generally possible without providing personal data. However, if you wish to use special services offered by our company through our website, the processing of personal data may be required. If the processing of personal data is necessary and there is no legal basis for such processing, we will generally obtain your consent.
The processing of personal data, such as your name, address, or email address, is always carried out in accordance with the General Data Protection Regulation (GDPR) and in compliance with the national data protection laws applicable to “ROSE Systemtechnik GmbH.” Through this privacy policy, we aim to inform you about the scope and purpose of the personal data we collect, use, and process.
As the data controller, we have implemented numerous technical and organizational measures to ensure the greatest possible protection of the personal data processed through this website. However, internet-based data transmissions can always have security vulnerabilities, so absolute protection cannot be guaranteed. For this reason, you are free to transmit personal data to us via alternative means, such as by phone or by mail.
You can also take simple and easily implementable measures to protect your data from unauthorized access by third parties. Therefore, we would like to provide you with some tips for securely handling your data:
- Protect your account (login, user, or customer account) and your IT system (computer, laptop, tablet, or mobile device) with secure passwords.
- Only you should have access to the passwords.
- Make sure you use your passwords only for one account (login, user, or customer account).
- Do not use the same password for different websites, applications, or online services.
- Especially when using publicly accessible or shared IT systems, you should always log out after accessing a website, application, or online service.
Passwords should consist of at least 12 characters and be chosen so that they are not easily guessable. Therefore, they should not contain common words from daily life, your own name, or names of relatives, but should include a mix of uppercase and lowercase letters, numbers, and special characters.
2. Data Controller
The data controller within the meaning of the GDPR is:
ROSE Systemtechnik GmbH
Erbeweg 13 – 15, 32457 Porta Westfalica, Germany
Phone: +49 571-50 41-0
Fax: +49 571-50 41-6
Email: rose@rose-pw.de
Representative of the data controller: Dr. Heinz Werner Rixen
7. Technology
7.1 SSL/TLS Encryption
This site uses SSL or TLS encryption to ensure the security of data processing and to protect the transmission of confidential content, such as orders, login data, or contact inquiries that you send to us as the operator. You can recognize an encrypted connection when “http://” changes to “https://” in the browser address bar and when a lock symbol appears in your browser’s bar.
We use this technology to protect the data you transmit.
7.2 Data Collection When Visiting the Website
When you visit our website purely for informational purposes, i.e., when you do not register or otherwise transmit information to us or give consent for data processing, we only collect data that is technically necessary for providing the service. These are typically data transmitted by your browser to our server (“so-called server log files”). Our website collects a range of general data and information with each page view by you or an automated system. These general data and information are stored in the server log files. The following may be collected:
- Browser type and version used,
- Operating system used by the accessing system,
- The website from which the accessing system reaches our website (so-called referrer),
- The subpages accessed through the accessing system on our website,
- The date and time of access to the website,
- A shortened Internet protocol address (anonymized IP address), and
- The Internet service provider of the accessing system.
When using this general data and information, we do not draw conclusions about your identity. This information is needed to:
- Correctly deliver the content of our website,
- Optimize the content of our website and advertising,
- Ensure the long-term functionality of our IT systems and the technology of our website, and
- Provide law enforcement agencies with the necessary information in the event of a cyberattack.
These collected data and information are evaluated by us both statistically and with the aim of increasing data protection and data security within our company, ultimately ensuring an optimal level of protection for the personal data we process. The anonymous data in the server log files are stored separately from any personal data provided by an affected person.
The legal basis for data processing is Article 6(1)(f) GDPR. Our legitimate interest follows from the above-mentioned purposes for data collection.
7.3 Encrypted Payment Transactions
If, after concluding a paid contract, you are required to transmit your payment data (e.g., providing your bank account number when granting a direct debit authorization), this data is required for processing the payment.
The payment transactions via common payment methods (Visa/MasterCard or direct debit) are conducted exclusively over an encrypted SSL or TLS connection. You can recognize an encrypted connection when the browser’s address bar changes from “http://” to “https://” and when a lock symbol appears in your browser’s bar.
We use this technology to protect the data you transmit.
7.4 Cloudflare (Content Delivery Network)
Our website uses features from CloudFlare. The provider is CloudFlare, Inc., 665 3rd St. #200, San Francisco, CA 94107, USA.
CloudFlare provides a globally distributed content delivery network with DNS. Technically, the information transfer between your browser and our website is routed through the CloudFlare network. CloudFlare is thus able to analyze the traffic between the user and our websites to detect and fend off attacks on our services. Additionally, CloudFlare may store cookies on your computer for optimization and analysis.
You can configure your browser to be informed about the setting of cookies and to only allow cookies in individual cases, exclude the acceptance of cookies for specific cases or in general, and activate the automatic deletion of cookies when closing the browser. Deactivating cookies may restrict the functionality of this website.
We have entered into a data processing agreement with Cloudflare based on the GDPR or the EU Standard Contractual Clauses. Cloudflare collects statistical data about visits to this website. Access data includes: the name of the retrieved website, file, the date and time of the retrieval, data volume transmitted, the message about successful retrieval, browser type and version, user’s operating system, referrer URL (the previously visited page), IP address, and the requesting provider. Cloudflare uses the log data for statistical evaluations for the operation, security, and optimization of the offer.
If you have consented to the use of Cloudflare, the legal basis for processing personal data is Article 6(1)(a) GDPR. Additionally, we have a legitimate interest in using Cloudflare to optimize and secure our online offer. The corresponding legal basis for this is Article 6(1)(f) GDPR. The personal data will be stored as long as it is necessary for fulfilling the processing purpose. The data will be deleted once it is no longer needed for achieving the purpose.
This U.S. company is certified under the EU-U.S. Data Privacy Framework. Therefore, there is an adequacy decision according to Article 45 GDPR, allowing the transfer of personal data without additional guarantees or measures.
Further information on CloudFlare can be found at: https://www.cloudflare.com/privacypolicy/.
7.5 Hosting by Hetzner
We host our website with Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen (hereafter referred to as Hetzner).
When you visit our website, your personal data (e.g., IP addresses in log files) is processed on Hetzner’s servers.
The use of Hetzner is based on Article 6(1)(f) GDPR. We have a legitimate interest in ensuring a reliable representation, availability, and security of our website.
We have entered into a data processing agreement (DPA) in accordance with Article 28 GDPR with Hetzner. This is a legally required contract that ensures Hetzner processes the personal data of our website visitors only according to our instructions and in compliance with the GDPR.
Further information on Hetzner’s data protection policies can be found at: https://www.hetzner.com/de/rechtliches/datenschutz
7.6 jsDelivr
Our website integrates components from jsDelivr, operated by the provider Prospect One, Królewska 65A/1, PL-30-081 Kraków, Poland.
We use the open-source service jsDelivr on our website to deliver content to users’ various devices as quickly and technically correctly as possible.
jsDelivr is a content delivery network (CDN) that distributes content on our website across multiple servers to ensure optimal global availability. A CDN typically uses servers that are geographically close to the respective website user. Therefore, it is assumed that users within the EU will be served content from servers within the EU. To deliver the content, jsDelivr collects user data such as IP addresses.
According to the provider, jsDelivr does not use cookies or similar tracking technologies but is necessary only for the technical reasons mentioned above.
Data processing is based on your consent according to Article 6(1)(a) GDPR.
You can view the privacy policy of jsDelivr at: https://www.jsdelivr.com/terms/privacy-policy-jsdelivr-net.
8. Cookies
8.1 General Information on Cookies
Cookies are small files that your browser automatically creates and stores on your device (laptop, tablet, smartphone, etc.) when you visit our site.
The cookie stores information that is derived from the context of the specific device used. However, this does not mean that we directly gain knowledge of your identity.
The use of cookies is intended to make the use of our services more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited certain pages of our website. These cookies are automatically deleted when you leave our site.
Additionally, we use temporary cookies to optimize user-friendliness. These cookies are stored on your device for a specific, predetermined period of time. When you revisit our site to use our services, we automatically recognize that you have previously visited and remember any entries or settings you made so that you don’t have to input them again.
Furthermore, we use cookies to statistically collect data about the use of our website and to evaluate our offerings for optimization purposes. These cookies allow us to recognize when you visit our website again, ensuring that we can track whether you have visited previously. The cookies set for this purpose are automatically deleted after a defined period. The specific duration of the cookies can be viewed in the settings of the consent tool in use.
9. Contents of Our Website
9.1 Data Processing During Account Creation and Contract Fulfillment
In accordance with Art. 6 Para. 1 lit. b) GDPR, personal data is collected and processed when you provide it to us for the purpose of entering into a contract or creating a customer account. The specific data collected is evident from the respective input forms. You can delete your customer account at any time, including by sending a message to the contact address provided above. We store and use the data you provide to fulfill the contract. After the contract is fully processed or your customer account is deleted, your data will be blocked, taking into account tax and commercial retention periods, and will be deleted after these periods expire, unless you have explicitly consented to further use of your data or a legally permitted further use of your data has been reserved, which we will inform you about below.
9.2 Data Processing for Order Fulfillment
The personal data we collect will be forwarded to the transport company responsible for delivery, to the extent necessary for the delivery of goods. Your payment data will be forwarded to the bank responsible for payment processing, if necessary. If payment service providers are involved, we will inform you of this explicitly below. The legal basis for the data transfer is Art. 6 Para. 1 lit. b) GDPR.
9.3 Contract Conclusion in Online Store, Merchants, and Shipping
We only transmit personal data to third parties when necessary for the contract execution, such as to companies responsible for the delivery of goods or banks responsible for payment processing. No further transmission of your data takes place, unless you have expressly consented to the transfer. We do not share your data with third parties for advertising purposes without your explicit consent.
The legal basis for the data processing is Art. 6 Para. 1 lit. b) GDPR, which allows the processing of data for the fulfillment of a contract or pre-contractual measures.
9.4 Contact / Contact Form
When contacting us (e.g., via a contact form or email), personal data is collected. The data collected when using a contact form is evident from the respective contact form. This data will be stored and used solely for the purpose of responding to your inquiry or for contacting you and the associated technical administration. The legal basis for the data processing is our legitimate interest in answering your inquiry in accordance with Art. 6 Para. 1 lit. f) GDPR. If your contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 Para. 1 lit. b) GDPR. Your data will be deleted once your inquiry has been fully processed, which occurs when it is clear from the circumstances that the matter in question has been resolved and there are no legal retention obligations preventing deletion.
9.5 Recruitment Management / Job Board
We collect and process the personal data of applicants for the purpose of processing the application procedure. The processing may also be carried out electronically, especially when an applicant submits application documents electronically, such as via email or through a web form on the website. If we conclude an employment or service contract with an applicant, the submitted data will be stored for the purpose of managing the employment relationship in compliance with legal requirements. If no contract is concluded, the application documents will be automatically deleted two months after the rejection decision is communicated, unless there are other legitimate interests on our part that prevent deletion. One such legitimate interest may be a proof obligation in proceedings under the General Equal Treatment Act (AGG).
The legal basis for processing your data is Art. 6 Para. 1 lit. b), 88 GDPR in conjunction with § 26 Para. 1 BDSG.
11. Web Analytics
11.1 Google Analytics Universal
We use Google Analytics, a web analysis service provided by Google Ireland Limited (https://www.google.de/intl/de/about/), Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). In this context, pseudonymized user profiles are created, and cookies (see “Cookies” section) are used. The information generated by the cookie regarding your use of this website, such as:
- Browser type/version
- Operating system used
- Referrer URL (the previously visited page)
- Hostname of the accessing computer (IP address)
- Time of server request
is transmitted to a Google server in the USA and stored there. The information is used to evaluate the use of the website, generate reports on website activities, and provide additional services related to website and internet use for market research and design purposes. This information may also be shared with third parties if legally required or if third parties process this data on behalf of Google. In no case will your IP address be merged with other data from Google. The IP addresses are anonymized, so they cannot be assigned to a specific person (IP masking).
You can prevent the installation of cookies by adjusting your browser settings; however, please note that in such a case, some features of the website may not be fully usable.
These processing activities occur only with your explicit consent in accordance with Art. 6 Para. 1 lit. a) GDPR.
You can further prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de).
The parent company, Google LLC, is certified under the EU-US Data Privacy Framework. Therefore, there is an adequacy decision pursuant to Art. 45 GDPR, meaning that the transfer of personal data may take place without further guarantees or additional measures.
You can read the privacy policy for Google Analytics at: Google Analytics Privacy Policy.
11.2 HubSpot
We use HubSpot features on this website. The provider is HubSpot, Inc., 25 First Street, Cambridge, MA 02141, USA.
HubSpot tracks visitors to our website using browser cookies. Each time you access our website, HubSpot checks whether a HubSpot tracking cookie is set. If no such cookie is set in your browser, and provided you give consent, a HubSpot cookie is placed, which records all pages on our website that you access later.
Important points regarding HubSpot’s handling of tracking cookies:
- Your visit to our website is only tracked by HubSpot cookies if you have consented to the use of HubSpot cookies or all tracking cookies.
- If you fill out and submit a form on our website (e.g., a contact form), and you have consented to the setting of HubSpot cookies, HubSpot associates your previous page visits (tracked by the cookie) with the form submission.
- If you have already been in contact with us, your email address submitted via the form will be matched to information we have already stored.
- If you delete all cookies or specifically HubSpot cookies, you will be considered a new visitor on our website, and a new cookie will be set. HubSpot, however, duplicates all form submissions made with the same email address, even if different browser cookies are associated with them.
- Since cookies are set only once per browser, submissions by two people sharing the same computer will be linked to the same contact record. This deduplication by cookie ensures that submissions from different email addresses but from the same person are assigned to a single contact record.
These processing activities occur only with your explicit consent according to Art. 6 Para. 1 lit. a) GDPR. Your data will be stored until you withdraw your consent.
You can configure your browser to notify you when cookies are being set and allow cookies only in individual cases, exclude the acceptance of cookies for specific situations, or automatically delete cookies when closing the browser. Deactivating cookies may limit the functionality of this website.
The transfer of your personal data to the USA is based on Standard Contractual Clauses.
For more information about HubSpot, visit: HubSpot Privacy Policy.
11.3 LinkedIn Analytics
We use LinkedIn’s retargeting tool and conversion tracking on this website, provided by LinkedIn Ireland, Wilton Plaza, Wilton Place, Dublin 2, Ireland (LinkedIn).
For this purpose, the LinkedIn Insight Tag is integrated into our website, allowing LinkedIn to collect statistical data about your visit and use of our website. Based on this, LinkedIn provides us with aggregated statistics. The service also enables LinkedIn to display interest-specific and relevant offers after you have viewed certain services, information, and offers on our website. This information is stored in a cookie.
Typically, the following data is collected and processed:
- IP address
- Device information
- Browser information
- Referrer URL
- Timestamp
These processing activities occur only with your explicit consent in accordance with Art. 6 Para. 1 lit. a) GDPR. Your data will be stored until you withdraw your consent.
Data may be transferred to the USA and Singapore during processing via LinkedIn. This US company is certified under the EU-US Data Privacy Framework, which provides an adequacy decision pursuant to Art. 45 GDPR, so the transfer of personal data can occur without further guarantees or additional measures. The transfer is also secured through Standard Contractual Clauses, ensuring that the processing of personal data is at a level of security that complies with the GDPR. If the Standard Contractual Clauses are not sufficient to ensure an adequate level of security, consent will be obtained from you in accordance with Art. 49 Para. 1 lit. a) GDPR.
For more information on LinkedIn’s privacy policy, visit: LinkedIn Privacy Policy.
11.4 Microsoft Clarity
We use Microsoft Clarity (“Clarity”), a web analysis service provided by Microsoft Corp., One Microsoft Way, Redmond, Washington, USA, on our website.
Pseudonymized user profiles are created, and cookies are set on your device.
Processed data includes, among others:
- Browser type/version
- Operating system used
- Referrer URL (the previously visited page)
- Hostname of the accessing computer (IP address)
- User behavior on the visited webpage,
- Mouse movements and clicks
The information is used to evaluate the use of the website, generate reports on website activities, and provide services related to website and internet use for market research and designing our websites.
These processing activities occur only with your explicit consent in accordance with Art. 6 Para. 1 lit. a) GDPR.
This US company is certified under the EU-US Data Privacy Framework. Therefore, an adequacy decision pursuant to Art. 45 GDPR exists, and the transfer of personal data may occur without further guarantees or additional measures.
For more information on Microsoft’s privacy policy, visit: Microsoft Privacy Statement.
11.5 WiredMinds
We have integrated components from WiredMinds on this website. WiredMinds components automatically recognize and qualify users who visit the website. This allows the website operator to generate leads, qualifying potential new customers.
The operator of WiredMinds is WiredMinds GmbH, Lindenspürstraße 32, 70176 Stuttgart, Germany.
We use a WiredMinds tracking pixel. A tracking pixel is a small graphic embedded in a website to enable log file recording and analysis, which is then statistically evaluated.
WiredMinds also sets a cookie on your IT system. By setting the cookie, we are enabled to analyze how our website is being used.
Using the data obtained, pseudonymized usage profiles are created. These profiles are used to analyze visitor behavior and improve our online offering. The data collected by the WiredMinds component will not be used to identify you without your separate, explicit consent. This data will not be merged with personal data or other data containing the same pseudonym.
Each time one of the individual pages of this website is accessed, the Internet browser on your IT system automatically causes the WiredMinds component to transmit data for online analysis. As part of this technical procedure, WiredMinds becomes aware of personal data such as the IP address, which helps trace the origin of the visitors and clicks.
Personal data such as access time, the location of access, and frequency of visits is stored. Each visit to our website results in this personal data, including the IP address of your internet connection, being transferred to the WiredMinds server. These personal data are stored by WiredMinds but not shared with third parties.
These processing activities occur only with your explicit consent in accordance with Art. 6 Para. 1 lit. a) GDPR.
For further information and applicable privacy policies of WiredMinds, visit: WiredMinds Privacy.
13. Partner and Affiliate Programs
13.1 DoubleClick
This website contains components from DoubleClick by Google. DoubleClick is a brand of Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland), under which special online marketing solutions are marketed to advertising agencies and publishers.
DoubleClick by Google transmits data with each impression as well as with clicks or other activities to the DoubleClick server. Each of these data transfers triggers a cookie request to your browser. If the browser accepts this request, DoubleClick sets a cookie on your IT system. The purpose of the cookie is to optimize and display advertisements. The cookie is used, among other things, to serve user-relevant ads and display them, as well as to generate reports on advertising campaigns or improve them. Additionally, the cookie is used to avoid multiple displays of the same advertisement.
DoubleClick uses a cookie ID, which is necessary for the execution of the technical procedure. For example, the cookie ID is needed to display an advertisement in a browser. Through the cookie ID, DoubleClick can also track which advertisements have already been displayed in a browser to avoid duplicate ad appearances. Furthermore, DoubleClick can use the cookie ID to capture conversions.
A DoubleClick cookie does not contain any personal data. However, a DoubleClick cookie may contain additional campaign identifiers. A campaign identifier is used to identify the campaigns with which you have already interacted.
With each visit to one of the individual pages of this website, which we operate and where a DoubleClick component is integrated, the browser on your IT system is automatically prompted by the respective DoubleClick component to transmit data for the purpose of online advertising and commission billing to Google. As part of this technical process, Google gains knowledge of data, which is also used to generate commission statements. Google can, among other things, track that you clicked on specific links on our website.
These processing activities occur exclusively upon granting explicit consent according to Art. 6 (1) lit. a) GDPR.
The parent company, Google LLC, is certified as a U.S. company under the EU-US Data Privacy Framework. This is an adequacy decision according to Art. 45 GDPR, meaning that personal data may be transferred without additional guarantees or further measures.
You can view the privacy policies of DoubleClick by Google at: https://www.google.com/intl/de/policies/
14. Plugins and Other Services
14.1 Google Photos
We use the Google Photos service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, for storing images embedded on our website.
Embedding refers to the integration of specific external content (text, video, or image data) provided by another website (Google Photos) and displayed on our own website (our web presence). To embed, a so-called embedding code is used. If we have integrated an embedding code, the external content from Google Photos will be displayed automatically as soon as one of our pages is visited.
Through the technical implementation of the embedding code, which enables the image display from Google Photos, your IP address will be transmitted to Google Photos. Additionally, Google Photos captures data such as our website, the browser type used, the browser language, the time and duration of access. Google Photos can also collect information about which of our subpages you visited and which links were clicked, as well as other interactions you performed while visiting our site. This data may be stored and analyzed by Google Photos.
These processing activities only occur with your explicit consent in accordance with Art. 6 (1) lit. a) GDPR.
This US company is certified under the EU-US Data Privacy Framework. An adequacy decision under Art. 45 GDPR is in place, allowing the transfer of personal data without additional guarantees or measures.
You can view the privacy policy of Google at: https://www.google.com/policies/privacy/.
14.2 Google Tag Manager
We use the Google Tag Manager service on this website. The operator of Google Tag Manager is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Ireland Limited is part of the Google group, headquartered at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
This tool allows “website tags” (i.e., keywords embedded in HTML elements) to be implemented and managed via an interface. By using the Google Tag Manager, we can automatically track which button, link, or personalized image you clicked and can identify which content of our website is of particular interest to you.
The tool also triggers other tags, which may collect data. Google Tag Manager does not access this data. If you deactivate it at the domain or cookie level, this will apply to all tracking tags implemented with Google Tag Manager.
These processing activities only occur with your explicit consent in accordance with Art. 6 (1) lit. a) GDPR.
The parent company Google LLC is certified under the EU-US Data Privacy Framework. An adequacy decision under Art. 45 GDPR is in place, allowing the transfer of personal data without additional guarantees or measures.
Further information about the Google Tag Manager and Google’s privacy policy can be found at: https://www.google.com/intl/de/policies/privacy/.
14.3 Google WebFonts
Our website uses so-called web fonts for a consistent display of fonts. The Google WebFonts are provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Ireland Limited is part of the Google group, headquartered at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
These processing activities only occur with your explicit consent in accordance with Art. 6 (1) lit. a) GDPR.
The parent company Google LLC is certified under the EU-US Data Privacy Framework. An adequacy decision under Art. 45 GDPR is in place, allowing the transfer of personal data without additional guarantees or measures.
Further information about Google WebFonts and Google’s privacy policy can be found at: https://developers.google.com/fonts/faq; https://www.google.com/policies/privacy/.
14.4 HubSpot CRM System
We use the CRM software of HubSpot, Inc., 25 First Street, Cambridge, MA 02141, USA (“HubSpot”).
HubSpot is a CRM solution for managing customer relationships and includes, among other things, the following features:
- Deal management, lead management, and task management
- Email tracking and notifications
- Email templates and scheduling
- Document sharing
- Online booking system for appointments
- Telephony solutions like automatic call recording and logging
All departments (including, for example, marketing, sales, customer service, and both online and offline retail) work collaboratively with the described software.
The provider of HubSpot will necessarily become aware of the above data as part of our data processing agreement (Art. 28 GDPR) with HubSpot. These may include names, addresses, email addresses, and phone numbers. Therefore, the processing of personal data also takes place in a third country (outside the EU and EEA).
If consent has been requested, processing will occur solely based on Art. 6 (1) lit. a) GDPR. The legal basis for using HubSpot in the context of contractual relationships is Art. 6 (1) lit. b) GDPR. In all other cases, the legal basis for processing your personal data is Art. 6 (1) lit. f) GDPR. Our interest here is in effectively coordinating internal and external communication and managing customer relationships.
To the extent that HubSpot processes personal data in connection with its own legitimate business activities, HubSpot is an independent data controller for such use and is responsible for complying with applicable laws and obligations of a data controller.
This US company is certified under the EU-US Data Privacy Framework. An adequacy decision under Art. 45 GDPR is in place, allowing the transfer of personal data without additional guarantees or measures.
You can view HubSpot’s privacy policy at: https://legal.hubspot.com/de/privacy-policy.
14.5 YouTube (Videos)
We have integrated components from YouTube on this website. The operating company of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
YouTube is an internet video portal that allows video publishers to upload video clips for free and enables other users to view, rate, and comment on them for free. YouTube allows the publication of all kinds of videos, so complete films and TV shows, music videos, trailers, or user-created videos can be accessed via the portal. Each time one of the individual pages of our website, which we operate and where a YouTube component (YouTube video) is integrated, is visited, the browser on your IT system will automatically be prompted by the respective YouTube component to download the corresponding YouTube component from YouTube. Additionally, YouTube may load Google WebFonts, Google Video, and Google Photos services. More information about YouTube can be found at https://www.youtube.com/yt/about/de/. As part of this technical process, YouTube and Google will be informed about which specific page of our website you visit.
If you are logged into YouTube at the same time, YouTube will recognize which specific page of our website you visit when you access a page containing a YouTube video. This information is collected by YouTube and Google and associated with your YouTube account.
YouTube and Google will always receive information that you visited our website when you are logged into YouTube at the time of accessing our website, regardless of whether you click on a YouTube video or not. If you do not want this information to be transmitted to YouTube and Google, you can prevent it by logging out of your YouTube account before visiting our website.
These processing activities only occur with your explicit consent in accordance with Art. 6 (1) lit. a) GDPR.
The parent company Google LLC is certified under the EU-US Data Privacy Framework. An adequacy decision under Art. 45 GDPR is in place, allowing the transfer of personal data without additional guarantees or measures.
You can view YouTube’s privacy policy at: https://www.google.de/intl/de/policies/privacy/.
14.6 YouTube Videos in Extended Privacy Mode (YouTube-NoCookies)
Some pages of our website contain links or connections to YouTube’s services. As a general rule, we are not responsible for the content of external websites. However, if you follow a link to YouTube, please note that YouTube will store user data (e.g., personal information, IP address) according to their own data usage policies and use it for business purposes.
The operating company of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
We embed YouTube videos stored on YouTube directly on some pages of our website. In this embedding, parts of the browser window display content from the YouTube website. When you visit a page on our site where YouTube videos are embedded, a connection to YouTube’s servers is established, and the content is displayed on your browser.
The embedding of YouTube content is done only in “extended privacy mode.” This mode is provided by YouTube and ensures that YouTube does not store cookies on your device initially. However, when visiting the relevant pages, your IP address and possibly other data are transmitted, indicating which of our pages you have visited. This information cannot be linked to you unless you are logged in to YouTube or another Google service at the time of visiting the page. Once you start playing an embedded video by clicking on it, YouTube will store cookies on your device in the extended privacy mode, which do not contain personally identifiable data, unless you are currently logged into a Google service. These cookies can be prevented through corresponding browser settings and extensions.
The request for the video constitutes your consent to the placement of the corresponding cookie (Art. 6 (1) S. 1 lit. a) GDPR).
This US company is certified under the EU-US Data Privacy Framework. An adequacy decision under Art. 45 GDPR is in place, allowing the transfer of personal data without additional guarantees or measures.
You can view YouTube’s privacy policy at: https://www.google.de/intl/de/policies/privacy/.
15. Your rights as a data subject
15.1 Right to Confirmation
You have the right to request confirmation from us as to whether personal data concerning you is being processed.
15.2 Right of Access Art. 15 GDPR
You have the right to obtain, free of charge, information about the personal data stored about you, as well as a copy of this data, in accordance with the statutory provisions.
15.3 Right to Rectification Art. 16 GDPR
You have the right to request the correction of inaccurate personal data concerning you. Furthermore, you have the right, considering the purposes of processing, to request the completion of incomplete personal data.
15.4 Right to Erasure Art. 17 GDPR
You have the right to request that personal data concerning you be erased immediately, provided one of the legally specified grounds applies and the processing or storage is not required.
15.5 Right to Restriction of Processing Art. 18 GDPR
You have the right to request the restriction of processing by us if one of the legal conditions is met.
15.6 Right to Data Portability Art. 20 GDPR
You have the right to receive personal data concerning you that has been provided to us in a structured, commonly used, and machine-readable format. You also have the right to transmit this data to another controller without hindrance from us, the controller to whom the personal data was provided, provided the processing is based on consent under Art. 6 (1) (a) GDPR or Art. 9 (2) (a) GDPR or on a contract under Art. 6 (1) (b) GDPR and the processing is carried out by automated means, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.
Furthermore, when exercising your right to data portability under Art. 20 (1) GDPR, you have the right to request that personal data be transmitted directly from one controller to another, where technically feasible, and provided this does not affect the rights and freedoms of other persons.
15.7 Right to Object Art. 21 GDPR
You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you, which is carried out based on Art. 6 (1) (e) (processing in the public interest) or (f) (processing based on balancing of interests) GDPR.
This also applies to profiling based on these provisions in the sense of Art. 4 No. 4 GDPR.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or unless the processing is necessary for the establishment, exercise, or defense of legal claims.
In certain cases, we process personal data for direct marketing purposes. You may object at any time to the processing of your personal data for such marketing purposes. This also applies to profiling, insofar as it is related to such direct marketing. If you object to the processing for direct marketing purposes, we will no longer process your personal data for such purposes.
Additionally, you have the right to object, on grounds relating to your particular situation, to the processing of personal data concerning you, which is carried out for scientific or historical research purposes or for statistical purposes in accordance with Art. 89 (1) GDPR, unless such processing is necessary for the performance of a task carried out in the public interest.
You are free to exercise your right to object in connection with the use of information society services, irrespective of Directive 2002/58/EC, through automated procedures involving technical specifications.
15.8 Withdrawal of Consent for Data Processing
You have the right to withdraw consent to the processing of personal data at any time with effect for the future.
15.9 Complaint to a Supervisory Authority
You have the right to lodge a complaint with a supervisory authority responsible for data protection regarding our processing of personal data.
16. Routine Storage, Deletion, and Blocking of Personal Data
We process and store your personal data only for the period necessary to achieve the storage purpose, or if required by the legal regulations to which our company is subject.
If the storage purpose no longer applies or a statutory retention period expires, the personal data will be routinely blocked or deleted in accordance with the legal requirements.
17. Duration of Storage of Personal Data
The criterion for the duration of the storage of personal data is the respective statutory retention period. Once this period expires, the corresponding data will be routinely deleted, provided it is no longer required for contract fulfillment or the initiation of a contract.
18. Currency and Changes to the Privacy Policy
This privacy policy is currently valid and has the status: January 2025.
Due to the further development of our websites and services or due to changed legal or regulatory requirements, it may be necessary to modify this privacy policy. The current privacy policy can be accessed and printed at any time on the website at “https://www.rose-systemtechnik.com/datenschutz/“.
This privacy policy was created with the support of the data protection software: audatis MANAGER.