Privacy policy

The following statements are intended to provide you with transparent and, we believe, comprehensible information about the type, scope and purposes of the collection and use of personal data on our website. If you have any further questions related to data protection in connection with our website, or you want to report any potential data protection breaches, please contact us at:

info@reedmaster.de

The ongoing development of this website and the associated deployment of new technologies may also make it necessary for changes to be made to this privacy policy. We therefore recommend that you reread this privacy policy at regular intervals.

Definitions of the terms used (e.g. ‘personal data’ or ‘processing’) can be found in Art. 4 GDPR.

Controller

The controller of this website is Reedmaster GmbH, Lülsdorfer Straße 38, 53842 Troisdorf, Germany. Further information about our company can be found in our legal notice.

 

Which data is processed?

General

The server on which our website is hosted is located in a data centre in the European Union, namely in Germany. The data centre is operated by a German company.
Our hosting provider is subject in full to the data protection stipulations applicable in Germany. A data processing agreement that complies with the requirements of Art. 28 GDPR has been entered into with the hosting provider.

When you visit our website, personal data is also processed. In order for the website to be displayed in your browser, the IP address of the end device you use needs to be processed. Added to this is further information about the browser on your end device.

We are also obliged under data protection law to guarantee the confidentiality and integrity of the personal data processed using our IT systems.

When visitors access our website, these visitors’ IP addresses are collected and stored in log files. We store the IP addresses of the visitors to our website for a maximum of seven days for purposes of identification and to avert attacks.

Detailed statistics and log files tell us who is visiting our website and how often. Our webserver logs each individual access to an element (e.g. an HTML file or an image) within our website. Failed or rejected access attempts (e.g. due to password protection) are noted. The server writes the domain from which the access attempt occurred, at what time and which element (e.g. which page or image) was accessed to what is termed a ‘log file’. Our server also logs the browser used to access the element.

The hostname or the IP address of the client accessing our website is anonymised in the log files. Only the entries for the host of the client or, if this cannot be identified, the IP address of the client are anonymised. The first 9 bits of the IP address of the entry are converted into a hash value. An anonymised IP address remains valid for a maximum of 24 hours. After this the same initial IP address produces a different ‘anonymous’ IP address.

A maximum of 400 days can be presented in the statistics. Only the data of the log files is processed. The IP addresses are stored in an anonymous form and thus can no longer be allocated to a given data subject.

The data is further also used to rectify errors on our website.

Our website uses session cookies. Session cookies temporarily store the Internet access and are deleted when the browser is closed. This type of cookie stores no information about the user.

The legal basis for the data processing activities performed is Art. 6 (1) (f) GDPR. Our ‘interest’ as defined in Art. 6 (1) (f) is the operation of this website, the implementation of the protective goals, and the confidentiality, integrity and availability of the data.

Contact form
On our websites we offer a contact form that you can use to request information about the products and services we offer or generally to make contact with us. The personal information is provided on a voluntary basis. The only information we request from you is:

  • Name
  • E-mail address
  • Subject
  • Your message to us

We need the information to process your request at all, to address you in the correct manner and to send you a response.

If you contact us via the contact form, your personal data is only collected, processed and used for the purpose of processing your request.

We regularly review whether personal data can be deleted. If data is no longer needed in the context of a relationship with a (prospective) customer, or there is an overriding opposing interest of the customer, we will delete the data in question unless this is precluded by statutory retention obligations.

The legal basis for this data processing is Art. 6 (1) (f) GDPR. Our ‘interest’ as defined in Art. 6 (1) (f) is communication with customers and prospective customers.

 

Webshop

If you use our webshop and submit an order, we process the personal data of yours that is necessary to manage your order and for customer service purposes (name, addresses, e-mail address, order details, payment details, customer number, date of birth, telephone number, IP address) as well as the data that you additionally volunteer to us.

If you place an order with us, we need to ask for your name, e-mail address and shipping address. We require this data for handling the order and payment and it is processed in that context. This enables us to fulfil your order optimally and promptly. The legal basis for this data processing is Art. 6 (1) sent. 1 (b) GDPR, performance of a contract.

If you do not provide us with the data necessary for handling the order (name, addresses, e-mail address, order data, payment data, customer number, date of birth, telephone number), we cannot perform your order.

The data you provide is stored permanently in your customer account. Unless precluded by statutory retention obligations or you make a specific request for erasure, your personal data will be deleted when the data is no longer required to perform the purpose being pursued when the data was saved or if it is legally impermissible to store it for other reasons.

In the course of handling the order, service providers deployed by us (such as transport and logistics companies, banks) will be given the data required for handling the order and assignment. We transfer your e-mail address to the logistics company commissioned by us in order for a parcel notification to be sent. This parcel notification enables you to influence this parcel delivery and change the delivery place or date.

We currently only transfer the data to the following company:
DHL Paket GmbH

Sträßchenweg 10

53113 Bonn

Germany

The legal basis for this data processing is Art. 6 (1) sent. 1 (b) GDPR, performance of a contract.

SSL or TLS encryption
Our website deploys SSL or TLS encryption for security reasons and to protect the transfer of confidential content that you transmit to us as the operator of the website. This means that data that you transmit via our website cannot be read by third parties. You can identify an encrypted connection via the ‘https://’ address bar in your browser and the padlock symbol in the browser bar.

Cookies
Our website uses cookies. Cookies are small items of text information that are stored as a file on your end device via your browser. You can block cookies by making a setting in your browser that prevents our website (reedmaster.de) from setting cookies. Please note that this will result in a restriction of the functionality of our website.

WordPress and plug-ins
We create and manage our website using a content management system (CMS), namely WordPress. This also entails the deployment of plug-ins, i.e. enhancements, that provide additional WordPress functions.

We use such plug-ins for example for the technical optimisation of the website (e.g. load times), for search engine optimisation, for forms, for the implementation of our protective objectives or to make users aware of the use of cookies.

To operate our website we only use editable plug-ins (which enable settings to be made that prevent the saving and/or transfer of personal data to third parties – corresponding settings have been made by us) or plug-ins that do not pass personal data to third parties at all.

Vimeo and notes on the integration of videos
We like to use videos on our website. Videos are a great opportunity for conveying content and making it more understandable. Because local hosting of videos does not permit sufficiently high performance, we use the opportunities afforded by an external video provider, namely Vimeo.

For technical reasons, integration of the videos results in the servers of the service provider Vimeo being accessed. As regards the associated use of data of your browser or end device, we refer to the service provider’s respective privacy policy because they are responsible for how that data is processed. Vimeo’s privacy policy can be found here, for example: https://vimeo.com/privacy.
According to its own information, Vimeo further guarantees an adequate data protection level by complying with the Privacy Shield requirements.

WebFonts and jQuery libraries
Our website uses Ajax/jQuery libraries. Both have been integrated locally on our servers. This prevents the personal data of the visitors to our website being transferred to third parties.

Purpose of processing personal data
We process the data provided by you in order to manage our website and to fulfil contractual duties towards our customers.

If you make any inquiries outside an active customer relationship, we process the data for the purposes of selling our goods.

If you voluntarily provide data to us e.g. in forms and this is not necessary for the fulfilment of our contractual duties, we process this data on the basis that we assume that the processing and use of this data is in your interest.

Recipients/forwarding of data
Personal data that you provide to us is never forwarded to third parties. In particular, your data is not forwarded to third parties for their promotional purposes.

However, we may use service providers to operate this website or for further products of ours. A service provider may obtain knowledge of personal data as a result.
We carefully select our service providers, with particular focus on data protection and data security, and take all steps required under data protection law to ensure that data is processed in a permissible manner.

Data processing outside the European Union
Data processing takes place primarily within the EU. We do not process your personal data in what are termed third countries outside the European Union.

At the same time we integrate videos via Vimeo, a service provider from the USA, as there is no comparable alternative for us from the EU.

Data protection officer

Our data protection officer is Thomas Filipczyk, Auf dem Sand 35, 40721 Hilden, Germany. You can contact him at dsb@prodsb.de for all questions around data protection associated with reedmaster.de as well as to report any data protection breaches.

Your rights as a data subject

You have a right to information about the personal data related to you. You can contact us for information directly at any time.

In the case of requests for information that are not made in writing, please understand that we may ask you for evidence that you are the person you are holding yourself out to be.

Additionally, you have a right to rectification or erasure or restriction of the processing to the extent provided for by law.

You also have a right to object to the processing to as provided for under the legal stipulations. The same applies to the right of data portability. For further information, please send us an e-mail at info@reedmaster.de.

 

Consent
Where we process your personal data on the basis of consent, you have the right to revoke the consent at any time without affecting the lawfulness of the processing performed on the basis of the consent up to its revocation.

Right to complain to a supervisory authority

You have the right to make a complaint about our processing of personal data to a supervisory authority for data protection.

You can do so for example via the supervisory authority responsible for Reedmaster GmbH, Lülsdorfer Straße 38, 53842 Troisdorf, Germany:

Landesbeauftragte für Datenschutz und Informationsfreiheit
Nordrhein-Westfalen
PO box 20 04 44
40102 Düsseldorf, Germany

Tel.: +49 211 38424-0
Fax: +49 211 38424-10
E-mail: poststelle@ldi.nrw.de

Changes to the privacy policy

We will revise this privacy policy in the event of changes to this website or other circumstances that render this necessary.

As of 20 January 2019