We very much appreciate your interest in our company. Data protection is a major priority for the management of Rudolf Hensel GmbH. Where the processing of personal data is required and there is no legal basis for such, we will generally obtain the consent of the user (data subject) in question.
By means of this privacy statement, our company wishes to inform the public of the nature, extent and purpose of the personal data that is collected, used and processed on our part. In addition, this privacy statement also explains the rights afforded to data subjects.
We have implemented numerous technical and organisational measures to ensure the most comprehensive protection possible is applied to personal data processed via this website.
Notwithstanding this, Internet-based data transmissions may be susceptible to security vulnerabilities, with the result that absolute protection cannot be guaranteed. For this reason, any data subject may choose to convey personal data to us using alternative methods such as by telephone.
Server log files
Connection data are stored upon accessing our website. This means that each time a file is retrieved or retrieval is attempted on this server, as a standard procedure for the purpose of system security the following data relating to the process are stored in a log file (server log file):
- Anonymised IP address
- Time and method of retrieval
- URL retrieved
- Version of the HTTP protocol used
- Internet service provider of the accessing system
- Resultant value of retrieval
- Size of retrieval in Kbyte
- Page accessed prior to call up of this page (referrer)
- Information on the browser and operating system used
The collected data serve to enable statistical evaluation, security and improvement of the website and also track rule infringements, information on and reporting of security events and, if relevant, enable examination of civil law claims.
Name and address of the processing controller
The controller within the meaning of GDPR is:
Rudolf Hensel GmbH | Lack- und Farbenfabrik
Lauenburger Landstraße 11
21039 Börnsen / Germany
Phone: +49 40 72 10 62-10
E-Mail: kontakt@rudolf-hensel.de
Directors: Roland Roggon | Volker Thewes
Our data protection officer’s contact details
Mauß Datenschutz GmbH
Neuer Wall 10
20354 Hamburg / Germany
Phone: 040 / 999 99 52-0
E-Mail: datenschutz@datenschutzbeauftragter-hamburg.de
All data subjects are at liberty to contact us directly at any time in the event of questions or issues regarding data protection.
You may contact our data protection officer in writing using the above address with the addition of ‘Data protection officer’.
Detailed information on data processing
Enquiry via email, contact form or telephone
We process your data to deal with your enquiry. Outside of our company, where necessary, service providers may view your data within the scope of providing software support and, depending on the matter at hand, your data may be forwarded to local cooperation partners or retailers. Forwarding of your data to a third country will only occur where your enquiry relates to a third country or stems from a third country. The commensurate legal basis for data processing is Art. 6 (1) (b) and (f) GDPR. We store your data until the response to your enquiry has been ultimately completed and in accordance with statutory retention periods.
Request for invitation to tender documents
We process your data for the purpose of sending the desired documents. The fact cannot be ruled out that service providers may, where necessary, also view your data within the scope of providing software support. We do not forward your data to other recipients or recipients in a third country.
Processing occurs on the basis of Art. 6 (1) (b) GDPR. We store your data until the response to your enquiry has been ultimately completed and in accordance with statutory retention periods.
Contract performance
Processing of your data is necessary to initiate and perform a contract with you. The commensurate legal basis is Art. 6 (1) (b) GDPR. Outside of our company, service providers may view your data within the scope of providing software support where necessary and, depending on the matter at hand, your data may also be forwarded to local cooperation partners or retailers. Forwarding of your data to a third country will only occur where the contract involves a third country (the invoicing or delivery address is in a third country, for example). We generally store your data for 10 years in accordance with the pertinent statutory retention periods.
Training/certification
Processing of your data is necessary within the scope of training and personal certification. The commensurate legal basis is Art. 6 (1) (b) GDPR. Outside of our company, service providers may view your data within the scope of providing software support where necessary. Forwarding of your data to a third country will only occur if you participate in training from a third country. We store your data in accordance with statutory and legal retention periods.
Video conferences/online training
To implement online training we use BigBlueButton, an open source software provided by our service provider in a certified data centre in Germany.
The following data is processed upon using the software:
your email address, the date and time, meeting ID and text, audio and video data. The video conference or online training session is not recorded and stored. The fact cannot be ruled out that our service provider may acquire knowledge of this data within the scope of technical implementation. To ensure your data is protected, we have concluded a commensurate contract processing agreement with our service provider in accordance with Art. 28 GDPR. The commensurate legal basis for data processing is Art. 6 (1) (b) GDPR.
Insofar as you participate in online training, the data regarding your participation in the training is further processed in accordance with the Training/certification section above.
Newsletter/updates
Personal data you provided us with when ordering the service are duly processed for the purpose of delivering the newsletter or product information. The commensurate legal basis is the consent you provided upon ordering (Art. 6 (1) (b) GDPR). Having commissioned a service provider in Germany to implement delivery, we consequently forward your data to this service provider. Insofar as you withdraw your consent and cancel the newsletter, your data will be promptly erased.
Job applications
Purpose: implementation of the application process
Legal basis: Art. 6 (1) (b) GDPR, S.26 BDSG [German Data Protection Act]
Potential recipients outside Rudolf Hensel GmbH: none
Forwarding of data to a third country: no
Retention period: where an employment relationship is not concluded, the data will be archived after a period of two months from the employment rejection decision and subsequently erased. When you submit a job application to us, we process the data provided by you to implement the application process. The commensurate legal basis is S.26 BDSG and Art. 6 (1) (b) GDPR. Any processing of such data is exclusively implemented in-house. No information is forwarded to third parties. Where an employment relationship is not concluded, the data will be archived two months after notification of the rejection and subsequently erased.
Recommendation
You may, for example, recommend our products to your business partners. If you provide us with the email address of the recipient via the form on our homepage, you are assuring us that you have permission to forward the email address. As a consequence, we presume that the recipient is expecting to receive a product recommendation from us. The product information is dispatched by an appointed service provider. Product recommendations are sent once-only by way of direct marketing. The recommendation, including sender IP address, is stored by us for a period of up to one year.
Chats via Tidio
On our homepage, we offer you the opportunity to contact us via chat. To enable this service we use the Tidio program, which transfers all data in encrypted form. We only process your name and email address if you share these with us during a chat. Such data, including your chat messages, are only used by us to process your enquiry. To enable technical implementation of the chat service, your IP address is stored on the Tidio application for the duration of the chat. Data evaluation is not performed either by ourselves or our service provider. Insofar as not subject to a retention obligation, your data are promptly erased upon conclusion of the chat. To protect your data, we have concluded a GDPR-compliant agreement with the service provider, Tidio. Information regarding the respective data processing is provided at the beginning of the chat and we therefore presume you consent to the processing of your data as specified above. Processing consequently occurs on the basis of Art. 6 (1) (a) GDPR. You may also contact us via alternative channels at any time. Further details of data processing by Tidio are also available at:
https://www.tidio.com/privacy-policy
Product selector
We offer you the opportunity to register for our Product selector on a dedicated part of our website. Details of specific data processing required for the registration and use of the Product selector are provided during the registration process.
Cookies
Our website only uses technically necessary cookies. Technically necessary cookies ensure that a website functions. According to the DSGVO, no user consent is required for them. Cookies are text files that are placed and stored on a computer system by an Internet browser. The use of cookies allows us to provide users of our website with more user-friendly services, which would not be possible without the placement of cookies. The purpose of cookies is to simplify use of our website for users. We only use a technically required session cookie, which is automatically deleted upon closing the browser. Any further cookies will only be activated if you have consented to such, e.g. when viewing videos hosted by external providers.
Statistics/use of Webalizer
This website uses the ‘Webalizer’ tool – web analysis software for statistical evaluation of user access to the website. Based on the server log file data, ‘Webalizer’ creates overviews, for example, of the number of hits, file/page requests, visits, etc.
These evaluations are not combined with any other data sources, especially personal data, and no user profiles are created. In the version we use, the tool operates with IP address anonymisation. Prior to any application for user behaviour analysis, the last three digits of IP addresses are truncated so that a personal reference can no longer be established and you as a user remain anonymous. The information generated is stored at the service provider www.bytecamp.net in Germany.
Matomo
We use the tool “Matomo” to analyse the use of our website and to detect errors on the site, such as pages that cannot be called up. The version of Matomo installed locally by us works with anonymised IP addresses, so that a personal reference cannot be established. In addition, the location, date, time, URL of the page displayed, URL of the page of origin, screen resolution, files clicked and downloaded, use of links, country, region, city and main language of the browser are used. The data is not passed on or merged or user profiles are created. The data is deleted after three months. The processing is based on our legitimate interest (Art. 6 para. 1 lit. f DSGVO) to provide a functional and user-oriented website.
Social media
Use of Shariff
Shariff components have been integrated into this website. The Shariff components provide social media buttons that comply with data protection provisions. Shariff was developed for the German computer magazine c’t and is published via GitHub, Inc.
Button solutions provided by the social networks generally transfer personal data to the respective social network when a user visits a website in which a social media button has been integrated. Through application of the Shariff components, personal data is only first transferred to social networks when the website visitor actively clicks on one of the social media buttons. Shariff components are used for the purpose of protecting the personal data of visitors to our website, while at the same time enabling us to integrate a button solution for social networks on this website.
Further information and the applicable data privacy provisions of GitHub are available at https://help.github.com/articles/github-privacy-policy/.
Use of LinkedIn
Components of the LinkedIn Corporation have been integrated within this website.
The operating company of LinkedIn is LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA. Responsible for data privacy issues outside the USA is LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland.
If you are simultaneously logged on to LinkedIn when you click on the LinkedIn button, LinkedIn will recognise you and also any specific website pages you visit over the course of your visit to our website. This information is collected by the LinkedIn components and allocated by LinkedIn to the respective LinkedIn account. If you click on a LinkedIn button integrated within our website, LinkedIn will allocate this information to your personal LinkedIn user account and store this personal data.
Google Web Fonts
This website uses so-called Web Fonts provided by Google to uniformly display fonts. When you view a page, your browser loads the required Web Fonts into your browser cache in order to display text and fonts correctly. The font library is stored locally on our server. No link is established to Google servers. Data processed for this purpose are not linked to any other data and are not used for any other purpose. The use of Google Web Fonts in offline mode occurs in the interest of ensuring a uniform and appealing presentation of our online services and represents a legitimate interest within the meaning of Art. 6 (1) (f) GDPR.
Use of service providers for data processing/contract processing
Insofar as we use service providers to process data or cannot rule out the fact that, for example, service providers may view personal data within the scope of providing software support, all such service providers are carefully selected and the commensurate contract processing agreements concluded in accordance with Art. 28 GDPR. We regularly obtain proof of implemented data privacy measures from our service providers or carry out on-site inspections.
Your rights
You have the statutory right of access, rectification, objection, erasure and restriction with regard to the processing and use of your personal data as well as the right to data portability. You may assert these rights vis-à-vis Rudolf Hensel GmbH free of charge using the email address datenschutz@rudolf-hensel.de or the contact details provided in the legal notice. Our external data protection officer, Mauß Datenschutz GmbH, can also be contacted by telephone on +49 (0)40 999 99 52-0 or by email on datenschutz@datenschutzbeauftragter-hamburg.de.
You also have the right to lodge a complaint with a supervisory authority if you consider that the processing of personal data relating to you infringes the General Data Protection Regulation. The responsible supervisory authority is the Independent Centre for Privacy Protection (ULD), Holstenstrasse 98, 24103 Kiel, Germany, email:
mail@datenschutzzentrum.de, Tel: 0049 (0)431 9881200
This privacy statement was last updated: February 2022