Privacy policy
We are pleased to welcome you to our website and delighted that you are interested in Roto and our products and services. To ensure that you feel safe and comfortable visiting our website, we take the protection of your personal data and the confidential handling of this data extremely seriously.

In this privacy policy, we therefore provide you with information on when we store which data, and the purpose for which we use this data – naturally, in accordance with the applicable data protection regulations.

 

Contact details of the controller
Roto Frank Holding AG
Wilhelm-Frank-Platz 1
70771 Leinfelden-Echterdingen
Germany

represented by the Board of Directors

Dr Eckhard Keill

 

Contact details of the data protection officer
Please direct any enquiries to the above address, addressed to the "Data protection officer".

 

General information
When you visit our website, our web servers automatically collect information. This includes the type of web browser, the operating system used, the domain name of the Internet service provider, the IP address, the website from which you accessed our website, the pages that you visit on our website, and the date and duration of the visit. Some of this information is recorded in cookies that are stored on your client. Sometimes this is technically required and sometimes we request your consent in advance.

 

Legal bases for the processing of personal data
When you use this website, your personal data is processed on the basis of various legal bases.

The legal basis for the processing of required personal data, such as your IP address, is our legitimate interest in accordance with Article 6(1f) GDPR. Our interest lies in being able to display the content of this website to you. The purpose of the processing is to be able to display this website to you and ensure that the website is displayed correctly without any errors. This also includes giving you a choice as to which cookies are set and which information we collect concerning you.

 

Cookiebot
We use the services provided by Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (Cookiebot) for this purpose. Further information on the handling of transmitted data is provided in the Cookiebot Data Privacy Statement.

You can prevent Cookiebot from processing your data by disabling JavaScript in your browser or installing a script blocker, such as noscript.net, in your browser. However, if you disable JavaScript then we will no longer be able to log your preferences.

 

Google Analytics
We shall process any personal data based on your consent in accordance with Art 6 (1a) GDPR insofar as you provide such consent. The purpose is to obtain information about how you visit our website and the website's reach.

For this, we use Google Analytics, a web analytics service provided by Google LLC (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). The controller for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.
Google Analytics uses cookies that allow us to analyse your use of the website. The data generated by the cookie about your use of this website is normally sent to a Google server in the USA, where it is stored. However, because IP anonymisation is activated on this website, Google truncates your IP address in advance within member states of the European Union or in other states that are signatories to the Agreement on the European Economic Area. Only in exceptional cases is your full IP address transmitted to a Google server in the USA and truncated there.
If such a transfer of personal data outside the European Economic Area should occur, this is always encrypted and on the basis of appropriate guarantees to ensure an adequate level of data protection within the meaning of Article 44 ff. GDPR.

The IP address transmitted by your browser within the scope of Google Analytics is not combined with other data held by Google. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports about the website activities and to provide other services associated with website use and Internet use for the website operator. We also have a legitimate interest in data processing via Google Analytics for this purpose.
The data that we send and is linked to cookies or user IDs is erased automatically after 14 months. The erasure of data that has reached the end of its respective storage period is carried out automatically once a month.

You can prevent cookies being stored by configuring your browser software accordingly, but please note that, if you do so, you may not be able to use all of this website's functions in full. In addition, you can prevent the recording of the data generated by the cookie and relating to your use of the website (including your IP address), as well as the processing of this data by Google, by downloading and installing(https://tools.google.com/dlpage/gaoptout?hl=en-GB).
Opt-out cookies prevent your data from being collected in the future when visiting this website. To prevent data being collected by Universal Analytics across different devices, you will need to opt out on all systems that you use. Click here to set the opt-out cookie:

Disable Google Analytics.

You can find more details about the Terms of Use of Google Analytics and about data protection at Google at https://marketingplatform.google.com/about/analytics/terms/us/ or at https://policies.google.com/?hl=en .

 

Data transfer to other companies within and outside the Roto Group
Certain data processing operations are undertaken by companies within the Roto Group. It is possible that your data will be transferred for this purpose. As a rule, this transfer is based on an agreement on commissioned data processing. In individual cases, it is also possible that the legal basis for the transfer is our legitimate interest in accordance with Article 6 (1f) GDPR, whereby our legitimate interest lies in the efficient organisation of our internal processes.

As a general rule, your data is not transmitted to third parties outside of the Roto Group unless we are legally obligated to do so or the data transfer is required to perform the contract or you have expressly given your prior consent to the transfer of your data.

 

Data transfer to external service providers (processors)
Your data will be passed on to service partners to the extent that they are acting on our behalf and supporting Roto in the provision of its services.

Any processing of your personal data by commissioned service providers is carried out within the scope of commissioned data processing in accordance with Article 28 GDPR. Insofar as external service providers come into contact with your personal data, we have taken legal, technical and organisational measures and perform regular checks to ensure that these service providers also comply with the applicable data protection regulations.

The website itself is hosted on a processor's servers.

 

Data erasure and storage period
The personal data of data subjects is erased or blocked as soon the purpose of storage no longer applies. The data may continue to be stored beyond this period if stipulated by European or national legislators in regulations or legislation under Union law or other regulations to which the controller is subject. The data will likewise then be blocked or erased once a storage period prescribed by the specified regulations expires, unless the data needs to be retained further for the purposes of concluding or executing a contract.

 

Rights of the data subject
If personal data concerning you is processed, you are a data subject as defined in the GDPR and you have the following rights with respect to the above-mentioned controller:

 

Right of access by the data subject
You can request confirmation from us on whether we are processing personal data that concerns you. If we have processed data relating to you, you are entitled to other rights of access as specified in Article 15 GDPR.

 

Right to rectification
If the data that we have collected relating to you is incorrect or incomplete, you can request that we promptly rectify it in accordance with Article 16 GDPR.

 

Right to restriction of processing
In accordance with the requirements of Article 18 GDPR, you can, under certain circumstances, also request that the processing of your personal data is restricted.

Once processing has been restricted, your data must only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person, or for reasons of important public interest of the Union or of a Member State. We will notify you before lifting the restriction.

 

Right to erasure
You have the right to ask us to erase the personal data concerning you without undue delay where one of the grounds defined in Article 17(1) GDPR applies, unless there is an exemption to the erasure obligation in accordance with Article 17(3) GDPR.

 

Right to data portability
Furthermore, in accordance with Article 20 GDPR, you have the right to receive the personal data concerning you in a machine-readable format and to transmit the data to another controller without hindrance, provided that the requirements defined in Article 20(1a) GDPR are met, or to have your personal data transmitted directly by us to another controller, where this is technically feasible and does not impair the rights and freedoms of others. This right does not apply to the processing of personal data that is necessary for the performance of a task carried out in the public interest or in the exercise of official authority.

 

Right to object
You have the right to object to the processing of the personal data concerning you by the above-mentioned controller at any time in accordance with Article 6(1a) or 6(f) GDPR.

We will then cease processing your personal data unless there are compelling legitimate reasons for doing so which outweigh your interests, rights and freedoms, or unless the processing is used to establish, exercise or defend legal claims

 

Right to lodge a complaint with a supervisory authority
If you consider that the processing of the personal data concerning you infringes the GDPR, you have the right – without prejudice to any other administrative or legal remedy – to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place of the alleged infringement at any time.

 

Changes to the privacy policy
This privacy policy will be updated on an ongoing basis as the Internet and our website evolves. We will announce any changes on this page in good time. For information on our current data protection regulations, you should check this page on a regular basis.