/roto-logo%20EN.jpg?width=256&height=113&name=roto-logo%20EN.jpg "roto-logo EN")
/Stairs/Roto_Marke_Treppe-DE-color.png)
/Stairs/NL-roto-logo-de-trappen-color.png){kind=logo}
/Stairs/PL-roto-logo-schody-color.png){kind=logo}
/Stairs/IT-roto-logo-la-scala-retrattile-color.png){kind=logo}
Privacy policy for our social media pages
Social media has become an integral part of the internet and modern communication. In order to stay in touch with our customers and draw attention to our promotions, we operate our own social media profile pages on selected social networks. To this end, we regularly publish articles, stories, or posts with which you can interact publicly in accordance with the respective functions of the social media platform. In doing so, we only process personal data that has become an obvious part of our social media page through your participation.
We operate the following social media pages and channels:
-
Facebook
-
Instagram
-
LinkedIn
-
TikTok
-
YouTube
As soon as you visit our respective social media page, your browser establishes a connection to the servers of the respective operators. In any case, regardless of whether you are registered with the respective social network or not, your IP address will be transmitted and cookies may be set. The operators of the social media platforms also process your personal data for their own purposes, such as for advertising purposes or for the purpose of creating user profiles. If you are a member of one of the aforementioned social networks and are logged into your user account, the provider can also assign your visit to our social media page to your user account.
If you want to prevent the respective provider from linking the data about your visit to your stored member data, you should log out of the respective account before visiting our social media pages and delete the cookies stored on your device. However, even after taking these steps, the providers may still recognize you through so-called unique identifiers, such as device IDs and other identifiers.
Responsible body:
Roto Frank DST Vertriebs-GmbH
Wilhelm-Frank-Straße 38-40
97980 Bad Mergentheim
Germany
Phone: +49 7931 5490 0
Fax: +49 7931 5490 50
Email: info@roto-dachfenster.de
Data protection officer:
Data protection officer
c/o Roto Frank AG
Wilhelm-Frank-Platz 1
70771 Leinfelden-Echterdingen
Germany
Email: dataprotection.de@rotofrank.com
3. Data processing on our social media pages
As soon as you interact publicly with our social media channels, e.g. by commenting on videos, images, or posts, these interactions are published on our social media pages on the respective platform and are also visible to third parties (so-called user interaction). In addition, you can also contact us via direct message on the respective platforms.
Data processing in this context is based on our legitimate interest in communicating with users who voluntarily interact with us and our social media content. The legal basis for this is Art. 6 (1) lit. f) GDPR.
4. "Insights" and analytics
In addition to the publicly visible functions, all of the social networks mentioned offer the option of viewing anonymous user statistics about how visitors interact with our social media profiles. These insights and analysis functions provide us with anonymized data about visitors and their interactions with our social media pages in the form of statistics, which the providers collect using cookies and other technologies, among other things. We cannot draw any conclusions about your person based on the statistics, even if you are logged in with your respective user account when visiting our social media page.
These statistics show us, in particular, development trends among our followers and visitors, their summarized demographic data (average age, gender, approximate place of residence: country and city), and the reach of our posts (interactions, reactions, comments), in order to determine which content is more interesting to our target group than others.
You can find more information about Insights and Analytics here:
Facebook-Insights
Instagram-Insights
LinkedIn-Insights
TikTok-Insights
YouTube-Analytics
5. Legal basis and purposes
The legal basis for the use of our social media pages and the processing of data for the Insights function is our legitimate interest ( ), Art. 6 (1) (f) GDPR ( ). We consider our legitimate interest in data processing to be the presentation of our public relations work and our campaigns, as well as the provision of modern communication options for and with our donors and interested parties. The Insights feature enables us to better understand the needs and interests of our target groups and to improve our presence on social networks. If you have given your consent to data processing when visiting the social media page (e.g., by using the respective cookie banner), the respective processing is based on your consent (Art. 6 para. 1 lit. a) GDPR), which you can revoke at any time for the future.
6. Storage period
We only store personal data for as long as necessary to fulfill the purpose for which the data was collected. In the context of a business relationship with you, we store your personal data for as long as the business relationship lasts, including the initiation and execution of a contract and the regular statute of limitations. In addition, we store the data if and to the extent that we are subject to statutory retention obligations. These may arise, for example, from the German Commercial Code (HGB) or the German Fiscal Code (AO).
If you have given us your consent for a processing operation, the data related to the granting of consent will be stored until revoked or, at the latest, for the duration of the processing operation and, after its completion, within the scope of the statute of limitations.
Since the operators of Meta (Facebook, Instagram), YouTube, and LinkedIn have their headquarters in the US, data processing outside the European Union cannot be ruled out. These providers have each certified themselves under the Data Privacy Framework (DPF) program and are listed in the Data Privacy Framework list of the International Trade Administration (ITA). This means that the providers have publicly committed to complying with a level of data protection equivalent to that of the EU. In this respect, data transfer to certified US companies is generally unobjectionable based on the current adequacy decision of the European Commission of July 10, 2023.
TikTok is a service provided by the Chinese company ByteDance (Beijing Bytedance Technology Ltd.) and is headquartered in China. When data is transferred to countries outside the European Economic Area that do not have a level of data protection equivalent to the European standard, TikTok states that it uses standard data protection clauses in accordance with Art. 46 (2) (c) GDPR.
We are jointly responsible with the operators of the respective social network for the data processing operations in connection with your visit to our social media pages:
Facebook, Instagram:
Meta Platforms Ireland Limited,
Serpentine Avenue, Block J,
Dublin 4 Ireland
In view of our joint responsibility, we hereby inform you of the essentials of the agreement between us and Meta regarding joint responsibility in accordance with Art. 26 GDPR:
https://www.facebook.com/legal/controller_addendum
LinkedIn:
LinkedIn Irland Unlimited Company,
Wilton Place,
Dublin 2, Ireland
In accordance with Art. 26 GDPR, we hereby inform you of the key points of the joint controller agreement between us and LinkedIn:
https://legal.linkedin.com/pages-joint-controller-addendum
TikTok
TikTok Technology Limited,
10 Earlsfort Terrace,
Dublin, D02 T380, Ireland
In accordance with Art. 26 GDPR, we hereby inform you of the key points of the joint controller agreement between us and TikTok:
https://www.tiktok.com/legal/page/global/tiktok-analytics-joint-controller-addendum/en
YouTube:
Google Ireland Limited,
Gordon House, Barrow Street,
Dublin 4, Ireland
In accordance with Art. 26 GDPR, we hereby inform you of the key points of the joint controller agreement between us and TikTok:
https://business.safety.google/controllerterms/
9. Your rights
Regardless of the details of the respective agreement we have entered into with the platform operators, you can assert your rights both against us and against the respective operators.
Please note that the operators of social networks also process your data for their own purposes, over which we have no control. For more details, please refer to the operators' privacy policies:
Facebook and Instagram
WhatsApp
LinkedIn
X (twitter)
TikTok
Xing
If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:
a) Right toinformation
Pursuant to Art. 15 GDPR, you may request confirmation from us as to whether personal data concerning you is being processed by us. If we process data relating to you, you are entitled to further rights of access as specified in Art. 15 GDPR.
b) Right to rectification
If the data we have collected from you is incorrect or incomplete, you can request that we correct it immediately in accordance with Art. 16 GDPR.
c) Right to restriction of processing
Under the conditions of Art. 18 GDPR, you may also request the restriction of the processing of personal data concerning you under certain circumstances.
After restriction, your data may only be processed with your consent or for the establishment, exercise, or defense of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of important public interest of the Union or a Member State. We will inform you before the restriction is lifted.
d) Right to erasure
If one of the reasons specified in Art. 17 (1) GDPR applies, you may request that we erase your personal data without delay, unless there is an exception to the erasure obligation under Art. 17 (3) GDPR.
e) Right to be informed
If you have asserted your right to rectification, erasure, or restriction of processing against us, we are obliged under Art. 19 GDPR to notify all recipients of your personal data, unless the notification is impossible or involves disproportionate effort. You also have the right to be informed about the recipients. You have the right to be informed about these recipients by the controller.
f) Right to data portability
In addition, pursuant to Art. 20 GDPR, you have the right to obtain from us the personal data concerning you in a machine-readable format and to transmit the data to another controller without hindrance, provided that the requirements of Art. 20 (1) (a) GDPR are met, or to have your personal data transmitted directly from us to another controller, insofar as this is technically feasible and does not affect the freedoms and rights of other persons. This right does not apply to the processing of personal data that is necessary for the performance of a task carried out in the public interest or in the exercise of official authority.
g) Right to object
You have the right to object to Roto Frank DST Vertriebs-GmbH at any time in accordance with Art. 21 GDPR to the processing of personal data concerning you in accordance with Art. 6 (1) (f) GDPR.
We will no longer process your personal data unless there are legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing serves to assert, exercise, or defend legal claims.
Right to revoke the data protection consent form
You have the right to revoke your declaration of consent under data protection law at any time by notifying Roto Frank DST Vertriebs-GmbH. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until revocation.
h) Right to lodge a complaint with the supervisory authority
You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes this Regulation, without prejudice to any other administrative or judicial remedy.