Privacy policy Rosenberger Telematics

Rosenberger Telematics GmbH (hereinafter referred to as "we" or "us") is very pleased about your interest in our company. Data protection is a particularly high priority for our management.

With this privacy policy, we would like to inform data subjects (hereinafter referred to as "You") about the type, scope and purpose of the personal data collected, used and processed by us on our website https://www.rosenberger-telematics.com together with all subpages (hereinafter referred to as the "Webpage") will be informed. You will also be informed of your rights.

We always process your personal data, such as your name, address, e-mail address or telephone number, in accordance with Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter referred to as "GDPR for short")."), the Data Protection Act (FADP) and other data protection provisions in laws to which we are subject.

1. Definitions

Our privacy policy is based on the terms of the GDPR. We use the following terms, among others:

a) "personal data" means any information relating to an identified or identifiable natural person (hereinafter referred to as "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

(b) "processing" means any operation or set of operations which is performed on personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination; restriction, deletion or destruction.

c) "restriction of processing" means the marking of stored personal data with the aim of restricting their future processing.

(d) 'profiling' means any form of automated processing of personal data consisting in the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular aspects relating to that natural person's work performance, economic situation, health, personal preferences, interests, reliability, behaviour, location or movement of that natural person. analyze or predict.

(e) 'pseudonymisation' means the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not disclosed to an identified or identifiable person. natural person.

(f) "controller" means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union law or the law of the Member States, the controller or the specific criteria for its designation may be provided for by Union law or the law of the Member States.

(g) "processor" means a natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller.

(h) 'recipient' means a natural or legal person, public authority, agency or other body to which personal data is disclosed, whether or not it is a third party. However, public authorities that may receive personal data in the context of a specific investigative mandate under Union or Member State law are not considered recipients.

(i) "third party" means a natural or legal person, public authority, agency or body other than the data subject, the controller, the processor and the persons who, under the direct authority of the controller or processor, are authorised to process the personal data.

(j) 'consent' means any freely given, informed and unambiguous indication of the data subject's wishes, in the form of a statement or other unambiguous affirmative action, by which the data subject indicates that he or she consents to the processing of personal data concerning him/her.

2. Name and contact details of the controller

The controller for the processing described in this privacy policy is:

Rosenberger Telematics GmbH

Atterseestraße 56

A-4850 Timelkam

Phone: +43 7672 94 429

Fax: +43 7672 94 429 13

E-Mail: office-telematics@rosenberger.com

UID Number: ATU 64507723 | Company registration number: FN 317674 v

Information Security Officer:

If you have any questions or suggestions regarding data protection law, please contact our information security officer by e-mail:

office-telematics@rosenberger.com

3. Presentation of the individual processing operations

In this section, we provide you with information on the respective processing purposes, the personal data processed, the legal bases and, if necessary to ensure fair and transparent processing, the storage period.

a) Processing in connection with accessing our website

When you visit our website, we collect a range of personal data each time you visit it. The following can be recorded:

the type of browser used and the version,
the operating system used by the accessing system,
the website from which an accessing system reaches our website (so-called referrer),
the sub-websites, which are accessed via an accessing system on our website,
the date and time of access to our website,
an Internet Protocol (IP) address;
the Internet service provider of the accessing system; and
other similar data and information necessary to fulfil the purposes set out below.

We process the aforementioned personal data for the following purposes:

Correct delivery of the content of our website;
Ensuring the long-term functionality of our IT systems and the technology of our website; as well as
In the event of a cyber attack, providing the necessary information to law enforcement agencies.

The legal basis for the processing for the aforementioned purposes is our overriding legitimate interest, which lies in being able to achieve the aforementioned purposes, in particular to display our website to you in a functional manner, to maintain the associated IT security and to be able to detect and defend against attacks.

Among other things, we store the IP address, the browser used, the time and date and the system used by a site visitor in log files. Insofar as IP addresses are stored, this is done exclusively in anonymized form, whereby the last number of an IP address (e.g. 100.110.120.130) is replaced by a random value between 1 and 254 (thus e.g. 100.110.120.38). It is no longer possible to establish a relationship with a data subject.

b) Registration on our website

You have the option of registering on our website. Which personal data is transmitted to us in the process is determined by the respective input mask used for registration. The purpose of registration is to offer you content or services that, due to the nature of the matter, can only be offered to registered users. The personal data you enter will be processed for the purpose of providing the respective additional services – including their billing. The legal basis for the processing is the fulfilment of a contract, provided that you are a party to the underlying service contract. If you are not a party to the underlying service contract and we do not act as a processor of the contractual partner, the legal basis is our and your overriding legitimate interest, which is to enable you to use the content or services.

By registering on our website, the IP address assigned by your Internet service provider (ISP), the date and time of registration are also stored. The storage of this data takes place against the background that this is the only way to prevent the misuse of our services and, if necessary, to make it possible to solve crimes that have been committed. In this respect, the storage of this data is necessary for our security. As a matter of principle, this data will not be passed on to third parties unless there is a legal obligation to pass it on or the disclosure serves the purposes of criminal prosecution. The legal basis for the processing is our overriding legitimate interest, which is to be able to detect misuse and, if necessary, to prosecute it (criminally) in court.

c) Subscription to our newsletter

On our website, you will be given the opportunity to subscribe to our company's newsletter. Which personal data is transmitted to us when subscribing to the newsletter is determined by the input mask used for this purpose.

In principle, you can only receive the newsletter if (1) you have a valid e-mail address and (2) you have previously registered to receive the newsletter. In the course of registration, a confirmation email will be sent to the e-mail address you have provided in order to verify whether you are the owner of this e-mail address and have authorized the receipt of the newsletter (double opt-in procedure). The legal basis for this processing is your consent, which can be revoked at any time with effect for the future.

The personal data collected from you as part of a subscription to the newsletter will be used exclusively for the purpose of sending our newsletter (including technical messages on the newsletter offer as well as notifications about any changes). The personal data collected as part of the newsletter service will not be passed on to third parties. You can unsubscribe from our newsletter at any time without giving reasons and revoke your consent with effect for the future. Such a revocation is possible (1) by clicking on the link provided in each newsletter, (2) by unsubscribing on our website or (3) by any other communication (e.g. e-mail, letter) to us.

When subscribing to the newsletter, we also store the IP address assigned by the Internet service provider (ISP) of the computer system used by you at the time of registration, as well as the date and time of registration. The collection of this data is necessary in order to be able to trace the (possible) misuse of the e-mail address at a later point in time and therefore serves our legal protection. The legal basis is our overriding legitimate interest, which lies in being able to achieve the aforementioned purpose.

d) Newsletter-Tracking

Our newsletters contain so-called tracking pixels. A web beacon is a miniature graphic that is embedded in such e-mails, which are sent in HTML format to enable log file recording and log file analysis. As a result, a statistical evaluation of the success or failure of online marketing campaigns can be carried out. The embedded tracking pixel allows us to see if and when an email has been opened by you and which links in the email have been accessed by you.

Such personal data collected via the tracking pixels contained in the newsletters will be stored and evaluated by us in order to optimize the newsletter dispatch and to adapt the content of future newsletters even better to your interests. This personal data will not be passed on to third parties.

We rely on your previously given consent for processing. You are entitled at any time to revoke the separate declaration of consent given in this regard via the double opt-in procedure with effect for the future. After a revocation, this personal data will be deleted by us. If you unsubscribe from receiving the newsletter, we will automatically interpret it as a revocation.

e) Contact us via our website or by e-mail

If you contact us via a contact form on our website or by e-mail, we process the personal data that you voluntarily provide to us. The processing is carried out for the purpose of contacting you or answering your enquiry. This personal data will not be passed on to third parties. Depending on the case, the legal basis is the fulfilment or initiation of the contract or our contractual agreement. Your overriding legitimate interest in responding to the request.

f) Data protection for applications and in the application process

If you apply to us (by post, e-mail or via a form provided on our website), we collect and process your personal data for the purpose of handling the application process. The legal basis for this is the implementation of pre-contractual measures that are taken at your request.

If we conclude an employment contract with you on the basis of your previous application, we will store and process your personal data for the purpose of processing the employment relationship in compliance with the statutory provisions. In such a case, we will inform you separately in advance of the processing carried out by us.

If we do not conclude an employment contract with you on the basis of your previous application, we will retain your personal data for a period of seven months from the date of rejection of your application in order to be able to counter any legal claims asserted by you due to discrimination in the establishment of an employment relationship under the Equal Treatment Act (GlBG). If you assert such a claim against us within this period, the retention period will be extended until the legally binding conclusion of the underlying proceedings. In doing so, we rely on our overriding legitimate interest, which is to be able to defend against these legal claims.

g) Cookies

We use cookies on our website. To see which cookies are involved and to make individual settings, you can use our cookie settings window. You can reach him at the following link: https://www.rosenberger-telematics.com/datenschutz/#cookiemanager-control.

Cookies are small text files placed on the hard drive of their computer or mobile device by a website through an Internet user's browser. Cookies can be used to collect information generated by a website and stored through an internet user's browser. Websites use cookies to identify users, remember their customers' preferences, and allow users to complete tasks without having to re-enter information when they move to another page or revisit the site later. Cookies can also be used to collect information based on online behavior for targeted advertising and marketing. For example, it is possible to track user behavior and create personal profiles that make it possible to show an Internet user advertisements tailored to their previous searches. There are different types of cookies. A classification can be made based on their lifespan (e.g. session cookies, persistent cookies) or based on the domain to which they belong (e.g. first-party and third-party cookies). When the web server that feeds the website stores cookies on the user's computer or mobile device, they are referred to as "HTTP header cookies". Cookies can also be stored using JavaScript code that is located on the site or integrated from another site.

Detailed explanations of the cookies we use can also be found in points 3.h to 3.j (see below).

h) Application and use of Google Analytics (with anonymization function)

We have integrated the Google Analytics component (with anonymization function) on this website. Google Analytics is a web analytics service operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Ireland.

Web analysis is the collection, collection and evaluation of data about the behaviour of visitors to websites. A web analysis service collects, among other things, data about the website from which a visitor came to our website (so-called referrer), which subpages of our website he or she accessed, or how often and for how long he or she spent viewing a subpage. Web analysis is mainly used for the optimization of a website and for the cost-benefit analysis of Internet advertising.

The purpose of the Google Analytics component is to analyse the flow of visitors to our website. Google uses the data and information obtained, among other things, to evaluate the use of our website, to compile online reports for us that show the activities on our website, and to provide other services related to the use of our website.

Google Analytics places a cookie on your IT system (for the term "cookie" see here [Cookiemanager]). By setting the cookie, Google is enabled to analyse the use of our website. Each time you access one of the individual pages of this website on which a Google Analytics component has been integrated, the Internet browser on your IT system is automatically prompted by the respective Google Analytics component to transmit data to Google for the purpose of online analysis. As part of this technical process, Google receives knowledge of personal data, such as your IP address, which is used, among other things, by Google to trace the origin of visitors and clicks and subsequently to enable commission settlements.

We use the addition "_gat._anonymizeIp" for web analysis via Google Analytics. By means of this addendum, the IP address of your Internet connection will be shortened and anonymized by Google if our website is accessed from a member state of the European Union or from another contracting state of the Agreement on the European Economic Area.

The cookie is used to store personal information, such as the time of access, the location from which the access originated and the frequency of your visits to our website. Each time you visit our website, this personal data, including the IP address of the Internet connection you are using, is transmitted to Google in the United States of America (USA). This personal data is stored by Google in the USA. Google may share this personal data with third parties. In this context, we would like to point out in particular that there is currently no adequacy decision by the European Commission for the USA and that the level of data protection does not correspond to that of the European Union. In particular, data subject rights and data processing principles may not fully exist or be enforced in the United States. In particular, there is a risk that your personal data may be processed by US authorities for control and monitoring purposes, possibly without legal remedies. In this respect, the USA is considered an unsafe third country.

However, we will only process your personal data (including setting the cookie) if you have previously given us your explicit consent in the cookie settings window. A consent given by you shall also be deemed to be explicit consent to the transfer of data in accordance with Article 49 (1) sentence 1 (a) GDPR. You can revoke this consent at any time with effect for the future by deselecting the corresponding field in the cookie settings window (https://www.rosenberger-telematics.com/datenschutz/#cookiemanager-control).

For more information and Google's applicable privacy policy, please visit https://policies.google.com/privacy?hl=de and marketingplatform.google.com/about/analytics/terms/de/ . Google Analytics is https://www.google.com/intl/de_de/analytics/ explained in more detail at this link.

i) Deployment and use of Google AdWords

We have integrated Google AdWords on this website. Google AdWords is an Internet advertising service that allows advertisers to place ads in both Google's search engine results and the Google advertising network. Google AdWords allows an advertiser to pre-define certain keywords that will be used to display an ad in Google's search engine results only when the user uses the search engine to retrieve a keyword-relevant search result. In the Google advertising network, the ads are distributed on websites relevant to the topic by means of an automatic algorithm and taking into account the previously defined keywords.

The operating company of the Google AdWords services is Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Ireland.

The purposes of Google AdWords are:

the promotion of our website by displaying interest-relevant advertisements on the websites of third-party companies and in the search engine results of the Google search engine; and
the insertion of third-party advertising on our website.

If a data subject accesses our website via a Google advertisement, a so-called conversion cookie is stored on the data subject's IT system by Google (for the term "cookie", see here [Cookiemanager]). A conversion cookie expires after thirty days and is not used to identify you. If the cookie has not yet expired, the conversion cookie is used to track whether certain subpages, such as the shopping cart from an online shop system, have been accessed on our website. The conversion cookie allows both us and Google to understand whether you generated a turnover when you came to our website via an AdWords ad, i.e. whether you made or abandoned a purchase of goods.

The data and information collected through the use of the conversion cookie are used by Google to compile visitor statistics for our website. These visitor statistics are in turn used by us to determine the total number of users who have been referred to us via AdWords ads, i.e. to determine the success or failure of the respective AdWords ad and to optimize our AdWords ads for the future. Neither we nor other Google AdWords advertisers receive information from Google that could be used to identify a data subject.

The conversion cookie is used to store personal information, such as the websites you visit. Every time you visit our website, personal data, including the IP address of the Internet connection you are using, will be transmitted to Google in the United States of America and stored there. Google may share this personal data with third parties. In this context, we would like to point out in particular that there is currently no adequacy decision by the European Commission for the USA and that the level of data protection does not correspond to that of the European Union. In particular, data subject rights and data processing principles may not fully exist or be enforced in the United States. In particular, there is a risk that your personal data may be processed by US authorities for control and monitoring purposes, possibly without legal remedies. In this respect, the USA is considered an unsafe third country.

Further information and Google's applicable privacy policy can be found at policies.google.com/privacy.

j) Application and use of YouTube (extended data protection mode)

We have integrated components from YouTube on this website. YouTube is an internet video portal that allows video publishers to post video clips free of charge and other users to view, rate and comment on them free of charge. YouTube allows the publication of all kinds of videos, which is why complete film and TV shows, as well as music videos, trailers or videos made by users themselves, can be accessed via the Internet portal.

YouTube is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Ireland.

If you access one of the individual pages of this website on which a YouTube component (YouTube video) has been integrated, the Internet browser you are using will automatically be prompted by the respective YouTube component to download a representation of the corresponding YouTube component from YouTube. As part of this technical process, YouTube and Google receive information about which specific sub-page of our website you have visited. More information about YouTube can be found at www.youtube.com/howyoutubeworks/.

If you are logged in to YouTube at the same time, YouTube recognizes which specific subpage of our website you are visiting when you access a subpage that contains a YouTube video. This information is collected by YouTube and Google and assigned to your YouTube account.

YouTube and Google always receive information via the YouTube component that you have visited our website if you are logged in to YouTube at the same time as you access our website; this happens regardless of whether you click on a YouTube video or not. If you do not want this information to be transmitted to YouTube and Google, you can prevent the transmission by logging out of your YouTube account before accessing our website.

The privacy policy published by YouTube, which can be accessed under www.google.de/intl/de/policies/privacy/, provides information on the collection, processing and use of personal data by YouTube and Google.

4. Data recipients

We use processors to achieve the purposes mentioned in point 3. In doing so, we ensure that agreements for order data processing in accordance with Article 28 of the GDPR have been concluded with these processors prior to the commencement of the respective processing. These processors are:

CleverReach GmbH & Co KG, Schafjückenweg 2, 26180 Rastede, Germany (subscription to our newsletter, newsletter tracking);
25, 91710 Gunzenhausen, Germany (hosting).

5. Links to social networks

We do not integrate any social plugins or other services of the following companies on this website, but only provide external links to our profiles set up there. The data policies published by these companies provide information about the collection, processing and use of personal data by these companies. It also explains which setting options are offered to protect the privacy of the data subject.

In detail, this applies to the following companies:

Facebook Inc. or Facebook Ireland Ltd ("Facebook"). The data policy is available at https://www.facebook.com/about/privacy/ .
LinkedIn Inc. or LinkedIn Ireland Unlimited Company. The data policy is available at https://de.linkedin.com/legal/privacy-policy .

6. Legal basis for processing

The legal basis we use depends on the specific purpose of the processing. Insofar as specific legal bases have not already been specified in the description of the processing, we refer to the following legal bases:

Consent: Article 6(1)(a) of the GDPR serves as the legal basis for our company for processing operations where we obtain consent for a specific processing purpose.
Performance or initiation of a contract: If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, as is the case, for example, in the case of processing operations necessary for the delivery of goods or the provision of any other service or consideration, the processing is based on Article 6(1)(b) of the GDPR. The same applies to such processing operations that are necessary for the implementation of pre-contractual measures, for example in cases of enquiries about our products or services.
Legal obligation: If we are subject to a legal obligation that requires the processing of personal data, such as for the fulfilment of tax obligations, the processing is based on Article 6 (1) (c) GDPR.
Protection of vital interests: In rare cases, the processing of personal data may become necessary to protect the vital interests of you or another natural person. This would be the case, for example, if a visitor were to be injured in our business and we would have to pass on his name, age, health insurance details or other vital information to a doctor, hospital or other third party. In that case, the processing would be based on Article 6(1)(d) of the GDPR.
Overriding legitimate interest: Ultimately, processing operations could be based on Article 6(1)(f) of the GDPR. This legal basis is the basis for processing operations that are not covered by any of the aforementioned legal bases where the processing is necessary for the purposes of a legitimate interest pursued by us or a third party, provided that such interests are not overridden by your interests, fundamental rights and freedoms. Such legitimate interests exist in particular if you are our customer (cf. recital 47 sentence 2 GDPR).

7. Legal or contractual requirements for the provision of personal data; necessity for the conclusion of the contract; obligation of the data subject to provide the personal data; possible consequences of non-provision

We would like to inform you that the provision of personal data is partly required by law (e.g. tax regulations) or may also result from contractual regulations (e.g. information on the contractual partner). From time to time, it may be necessary for you to provide us with personal data in order to conclude a contract, which must subsequently be processed by us. Failure to provide the personal data would therefore mean that we may not be able to conclude a contract with you. If you have any questions in individual cases as to whether the provision of data is required by law or contract or is necessary for the conclusion of the contract, please contact us (see point 2 for contact details).

In all other cases, you are not obliged to provide us with your personal data; however, failure to do so may result in us not being able to provide some of our services.

8. Storage period, routine deletion of personal data

Insofar as no separate storage period has been specified in the presentation of the processing in individual cases, we will only store your personal data for as long as it is necessary for the respective purpose to be achieved. In addition, we store your data at least as long as there are statutory retention obligations or the statute of limitations for potential legal claims has not yet expired. After that, the corresponding data is routinely deleted.

9. No existence of automated decision-making

There is no automatic decision-making, including profiling.

10. Your rights in relation to the processing of personal data

In the following, we would like to draw your attention to your rights in connection with the processing of personal data by us. You can exercise your rights under letters a) to g) by sending us a post or e-mail (see the contact details in point 2).

a) Right to confirmation and information: You are entitled, subject to the conditions and limitations of applicable law, in particular those of Article 15 of the GDPR, to obtain confirmation from us as to whether we are processing personal data concerning you. If this is the case, you have the right to access this personal data, to obtain further information and to receive a copy of this data.

b) Right to rectification and completion: You are entitled, subject to the conditions and limitations of applicable law, in particular those of Article 16 of the GDPR, to obtain from us the correction and/or completion of your personal data.

c) Right to erasure (right to be forgotten): You are entitled, subject to the conditions and limitations of applicable law, in particular those of Article 17 of the GDPR, to request that we erase your personal data. If the personal data has been made public by us and we are required to delete the personal data, we will take reasonable measures, including technical measures, taking into account the available technology and the costs of implementation, to inform other data controllers who process the published personal data that you have received from these other data controllers the have requested deletion of all links to, or copies or replications of, such personal data.

d) Right to restriction of processing: You are entitled, subject to the conditions and limitations of applicable law, in particular those of Article 18 of the GDPR, to request that we restrict the processing of your personal data.

e) Right to data portability: You are entitled, subject to the conditions and limitations of the applicable law, in particular those of Article 20 of the GDPR, to:

receive from us the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format;
transmit such data to another controller; as well as
where technically feasible, require us to transfer such personal data to that other controller.

f) Right to object: You are entitled, subject to the conditions and limitations of applicable law, in particular those of Article 21 of the GDPR, to object to processing processing that:

for purposes based on Article 6(1)(e) or (f) of the GDPR (including related profiling), for reasons relating to your particular situation;
for scientific or historical research purposes or for statistical purposes as referred to in Article 89(1), for reasons relating to your particular situation; or
for direct marketing purposes (including related profiling).

g) Right to withdraw consent under data protection law: To the extent that we rely on the legal basis of consent to process your personal data, you have the right to withdraw this consent at any time without giving reasons, without affecting the lawfulness of the processing carried out on the basis of the consent before its withdrawal.

h) Right to lodge a complaint with the supervisory authority: You have the right to lodge dsb@dsb.gv.at complaint with the competent supervisory authority, namely the Austrian Data Protection Authority, Barichgasse 40-42, 1030 Vienna. You have this right to lodge a complaint in particular if you are of the opinion that we have not complied with data protection regulations or have not complied with the exercise of your rights as a data subject in due time.

If you have any further questions, suggestions or complaints, you can contact the contact persons listed in point 2 directly using the contact options provided there.

Valid from: 1^st of May 2024

(Copyright note: This privacy policy was created in part by the privacy policy generator of the DGD Deutsche Gesellschaft für Datenschutz GmbH.)