We are delighted that you have visited our websites. This privacy policy informs users about the nature, scope and purpose of the processing of personal data within our websites, the associated web pages, mobile applications and external online presences, such as social media profiles.

This privacy policy applies to the following websites:

• https://rud.com
• www2.rud.com/ext/Default.asp (extranet)
• https://www.rud-schoettler.de
• https://www.rudlifting.com
• https://slingandlashing.rud.com
• https://slingandlashing.rud.com/acp-turnado
• http://rapido.rud.com
• https://fastlox.rud.com
• https://slingandlashing.rud.com/buddytron
• https://slingandlashing.rud.com/blue-id
• https://slingandlashing.rud.com/en/marineoffshore
• https://digitalworld.rud.com
• https://www.erlau.com
• https://erlau-sanitaer.de
• https://erlau-freiraum.de
• https://shop.erlau.com
• https://rudclick2go.com
• https://schneekettenberater.rud.com
• https://rud.orderfactory.it
• https://www.protrac-chains.com
• https://www.tiretrac.net
• https://moldhandling.rud.com
• https://hoistchains.rud.com
• https://foerdernundantreiben.rud.com/schuttentfernen
• https://drivesystems.rud.com
• conveyorsystems.rud.com

1 Responsible

RUD Ketten Rieger & Dietz GmbH u. Co. KG
Friedensinsel
73432 Aalen

Tel: +49 7361 504-0
Email: rudketten@rud.com

You can contact our data protection officer at: datenschutz@rud.com
 

2 Processing of personal data

2.1 What is personal data?

Personal data is any information relating to an identified or identifiable natural person; A natural person is considered identifiable if they can be identified directly or indirectly, in particular by association with an identifier such as a name, an identification number, location data, an online identifier or one or more special characteristics that express the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person, Art. 4 (1) GDPR.
 

2.2 Legal basis

The processing of personal data on this website is carried out in compliance with the relevant data protection regulations (in particular the GDPR and BDSG) and on the basis of legal permission. 

Personal data is only processed:

• with the consent of the user in accordance with Art. 6 (1) (a) GDPR and § 25 (1) TDDDG, insofar as the consent includes the storage of cookies or access to information on the user's terminal device (e.g. device fingerprinting) within the meaning of the TDDDG,
• for the performance of a contract or in order to take steps prior to entering a contract pursuant to Art. 6 para. 1 sentence 1 lit. b GDPR,
• to fulfil legal obligations pursuant to Art. 6 para. 1 sentence 1 lit. c GDPR or
• to safeguard the legitimate interests of the controller pursuant to Art. 6(1)(f) GDPR.
   

2.3 Transfer of data

If personal data is disclosed to other persons or companies in the course of processing, this is done in compliance with the legal requirements and after conclusion of corresponding contracts or agreements.
 

2.4 Data processing in third countries

If the transfer of personal data to a so-called “third country” (i.e. to a country outside the European Union or the European Economic Area), this will only take place if a recognised level of data protection exists or on the basis of special guarantees, certifications or binding internal data protection regulations within the meaning of Articles 44–49 GDPR.
 

2.5 Storage period

Unless otherwise specified in this privacy policy, personal data will be deleted as soon as the purpose of processing no longer applies or the consent on which the processing is based has been revoked. If statutory retention obligations or limitation periods prevent deletion, the personal data concerned may only be processed for commercial or tax law purposes or for the purpose of asserting, exercising or defending legal claims.
 

2.6 Rights of data subjects

The user has the right to:

• Confirmation as to whether their personal data is being processed and to obtain information about this data, as well as further information and a copy of this data, Art. 15 GDPR.
• Complete their personal data or correct inaccurate personal data, Art. 16 GDPR.
• Deletion of one's own personal data if there is a reason for deletion specified therein, Art. 17 GDPR.
• Restriction of the processing of one's own personal data if there is a reason specified therein, Art. 18 GDPR.
• Transfer of your personal data to another controller, Art. 20 GDPR.
• Lodge a complaint with a supervisory authority if he believes that the processing of personal data concerning him violates applicable laws, Art. 77 GDPR.
• Right to request a copy of the guarantees pursuant to Art. 46(2)(c) GDPR, insofar as the data transfer is based on this; available at datenschutz@rud.com
   

Competent supervisory authority:

The State Commissioner for Data Protection Baden-Württemberg
PO Box 10 29 32
70025 Stuttgart

Telephone: 07 11/61 55 41–0
Fax: 07 11/61 55 41–15

poststelle@lfd.bwl.de
www.baden-wuerttemberg.datenschutz.de
 

The user has the right to revoke any consent given at any time with effect for the future, Art. 7 (3) GDPR.
The user has the right to object to the future processing of data concerning him or her at any time in accordance with Art. 21 GDPR. The objection may be raised in particular against processing for direct marketing purposes.
 

3 Processing of personal data on this website

As a rule, users can use the website without providing personal information. This does not include information that is automatically collected each time the website is accessed (so-called server log files). This includes:

• File name of the requested file
• Device used (mobile device or PC/laptop)
• Browser type/version
• JavaScript activation
• Cookie activation
• Referring URL
• IP address
• Duration of access
• Number of pages viewed
• Click path
   

The legal basis for the processing of personal data in this context is Art. 6 (1) (f) GDPR, as the possibility of technical administration and ensuring the security of the website is in the legitimate interest of the controller. The purposes of processing are to enable the use of the website (connection establishment), system security, technical administration of the network infrastructure and the optimisation of the website. The stored data is deleted after seven days, unless there are specific indications of a justified suspicion of illegal use that requires further investigation. The controller is not able to identify users as data subjects on the basis of the stored information.

In exceptional cases, it may be necessary to provide personal information for individual functions of the website. Further information on this can be found under “Individual functions”.

4 Cookies and local storage

The website uses cookies. Cookies are small files that are stored on the user's device (PC, smartphone, etc.).

“Session cookies” are deleted when the browser session is ended. Other cookies (“persistent cookies”) are automatically deleted after a specified period, which may vary depending on the cookie.

Users can influence the use of cookies. Most browsers have an option that restricts or completely prevents the storage of cookies. In addition, users can delete cookies at any time in their browser’s security settings. Further information on this is available from the Federal Office for Information Security.
 

Necessary cookies

These cookies are essential for websites and their functions to work properly. Without these cookies, certain functionalities cannot be provided.
 

Non-essential cookies

These cookies enable

• improve the convenience and performance of websites, for example by storing language settings,
• collect information about how users use websites, for example to identify particularly popular areas of the website,
• track visits and activities of users on websites, for example to display targeted advertising and adverts.
   

The controller currently uses the following cookies for the following purposes:
 

Necessary

The data processed by necessary cookies is required for the purposes mentioned to safeguard the legitimate interests of the controller in accordance with Art. 6(1)(f) GDPR.
 

Non-necessary

The processing of personal data by non-necessary cookies may only be carried out for the purposes mentioned with the consent of the users in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
 

Local storage

The website stores users’ personal data in so-called local storage, thus utilising the storage capacity of the users' browsers. 
Local storage is used on the website for the following purposes:
 

Necessary

The data processed in local storage is necessary for the purposes mentioned in order to safeguard the legitimate interests of the controller in accordance with Art. 6 (1) (f) GDPR.

Non-necessary

The data processed in local storage may only be used for the purposes mentioned with the consent of the users in accordance with Art. 6 (1) (a) GDPR.

5 Individual functionalities

The functionalities used on the website are operated on the basis of the user's consent in accordance with Art. 6 (1) (a) GDPR or on the basis of the legitimate interest of the controller in accordance with Art. 6 (1) (f) GDPR. Unless otherwise stated, the legitimate interest of the controller lies in ensuring the appropriate design and continuous optimisation of the website. The purpose of data processing and categories of personal data are described in the context of the respective functionality.

5.1 Page-turning catalogue

For the interactive presentation of extensive product catalogues, the controller uses the “page-turning catalogue”, a service provided by COMINTO GmbH, Klosterstraße 49, 40211 Düsseldorf, Germany. The page-turning catalogues are hosted and managed directly by the controller. Within certain page-turning catalogues, the controller uses Google Analytics, a reach analysis service provided by Google Ireland Limited. Further information on data processing by Google Analytics can be found in section 5.7 of this privacy policy. Users have the option of making individual settings and creating bookmarks within the flip catalogues. Both individual settings and bookmarks are stored in the local storage of the end device used by the user.

5.2 Cloudflare

The website uses the CDN and security service provided by Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA (hereinafter referred to as “Cloudflare”).

Cloudflare offers a globally distributed content delivery network with DNS. Technically, this means that the transfer of information between the user’s browser and the website is routed via the Cloudflare network. This enables Cloudflare to analyse the data traffic between the user’s browser and our website and to act as a filter between our servers and potentially malicious data traffic from the Internet. Cloudflare may also use cookies or other technologies to recognise users, but these are used solely for the purpose described here.

The legal basis for the processing is Art. 6 (1) (f) GDPR. The processing serves the legitimate interest of the controller in providing the website as error-free and secure as possible.

Further information on data protection at Cloudflare is available at: www.cloudflare.com/de-de/trust-hub/privacy-and-data-protection/ and www.cloudflare.com/privacypolicy/

5.3 EasyLife 365

The controller uses “EasyLife 365”, a governance tool from EasyLife 365 AG, Schochenmühlestrasse 6, 6340 Baar, Switzerland (hereinafter referred to as “EasyLife”), to implement internal compliance guidelines for collaboration software.
The processing of personal data is based on the controller's legitimate interest pursuant to Art. 6(1)(f) GDPR in secure and location-independent collaboration with business partners or customers.

External users receive an invitation by email to the controller’s necessary internal collaboration options. This invitation contains a link that can be used to confirm the invitation. After confirming the invitation, external users are asked to give their consent to the processing of their profile data (e.g. company, name, business address, telephone number, email address and photo) and their activity data (e.g. data on access, use and content). This data is processed within the scope of the required collaboration options and deleted as soon as the external user’s access is deleted.

Further information on data protection at EasyLife is available at: www.easylife365.cloud/web/privacy/

5.4 Facebook fan page

The controller operates several Facebook fan pages, which can be accessed at:

• https://www.facebook.com/rudketten
• https://www.facebook.com/TyreProtectionChains
• https://www.facebook.com/rudschneeketten
• https://www.facebook.com/forstketten
• https://www.facebook.com/erlau.freiraum
• www.facebook.com/Erlau.BarrierfreiesBad

Facebook is a social media network owned by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (hereinafter referred to as “Meta”).

The controller's own processing of personal data on the Facebook fan page is based on Art. 6 (1) lit. f GDPR, as it is in the legitimate interest of the controller to offer customers, interested parties and users up-to-date information and interaction options.

When accessing the Facebook fan page, Meta's terms and conditions and data policy apply, over which the controller has no influence. In particular, data may also be processed by Meta outside the European Union. Meta’s data policy for Facebook products is available at: de-de.facebook.com/policy.php

When visiting the Facebook fan page, cookies are used to collect statistical information about the use of the Facebook fan page. If the user is logged into their Facebook account when visiting the Facebook fan page, the statistics are collected across devices. Further information is available at de-de.facebook.com/help/pages/insights. The controller has no influence on the generation and display of these so-called “page insights”. The data provided by Meta includes: total number of page views, “likes”, page activity, post interactions, reach, video views, post reach, comments, shared content, replies, proportion of men and women, origin in terms of country and city, language, views and clicks in the shop, clicks on route planners, clicks on telephone numbers. Further information is available at: www.facebook.com/legal/terms/page_controller_addendum

The controller is aware that the data is processed by Meta at least for the purposes of advertising, creating user profiles and market research. 
If users do not want the data processing described above, the connection between the user's Facebook account and the Facebook fan page can be severed using the “Unlike this page” or "Unsubscribe from this page” function.
Objections (so-called opt-outs) can be set at: www.facebook.com/login.php

Meta’s data protection officer responsible for Facebook products can be contacted at: www.facebook.com/help/contact/540977946302970
 

5.5 Font Awesome (local hosting)

The website uses Font Awesome from Fonticons, Inc., 307 S Main St Ste 202 Bentonville, AR, 72712-9214, USA (hereinafter referred to as "Fonticons") for the uniform display of fonts. Font Awesome is installed locally. No connection to Fonticons' servers is established.

Font Awesome's privacy policy is available at: fontawesome.com/privacy
 

5.6 Google Ads (including DoubleClick advertising network)

The website uses Google Ads from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter referred to as "Google").

Google Ads, which also includes the DoubleClick advertising network, is a Google advertising network for targeted advertising campaigns on the Internet. Cookies are used to create individualised user profiles (e.g. based on characteristics, habits, interests, topics and keywords) for website visitors. Each user is assigned an identification number (ID) so that it is possible to check which ads were displayed and which ads were clicked on. The assignment of cookies and identification numbers (IDs) allows very accurate predictions to be made about the interests of users. This enables advertisers to place interest-based ads in real time.

The information contained in the cookies is transferred to Google servers outside the EU, among other places, and stored there.

Users can prevent the collection of data generated by cookies and the transfer of this data to Google, as well as the processing of this data by Google, by downloading and installing the DoubleClick deactivation extension: www.google.com/settings/ads/onweb

Google's privacy policy is available at: policies.google.com/privacy
 

5.7 Google Analytics

The website uses Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter referred to as "Google").

Google Analytics uses cookies that enable the controller to analyse website users. Among other things, personal data (IP address) is transferred to Google servers outside the EU and stored there. In order to ensure the protection of users' personal data, the controller for the website has activated "IP anonymisation". This means that the IP addresses of users within the EU are only processed by Google in truncated form, i.e. anonymised. Only in exceptional cases is the full IP address transferred to Google servers outside the EU and truncated there. The transmitted IP address is not merged with other Google data.

On behalf of the controller, Google uses the collected data to evaluate the activities of website users, compile reports on website activity and provide other services related to website activity and internet usage to the controller.

The user can prevent Google from collecting and using their data by downloading and installing the following browser plugin: tools.google.com/dlpage/gaoptout

Google's privacy policy is available at: policies.google.com/privacy
 

5.8 Google Conversion Tracking

The website uses Google Conversion Tracking from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as "Google").

With the help of Google Conversion Tracking, both the controller and Google can see whether users have performed certain actions on the website. For example, it is possible to evaluate which buttons on the website are clicked on how often and which products and services are viewed or purchased particularly frequently. This information is used to create so-called conversion statistics.

The controller is not able to identify individual users at any time; Google itself uses cookies or similar recognition technologies to identify users. In this process, personal data is transferred to Google servers outside the EU and stored there.

Google's privacy policy is available at: policies.google.com/privacy
 

5.9 Google Maps

The website uses the Google Maps map service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter referred to as "Google"). This allows interactive maps to be displayed directly on the website, enabling users to conveniently use the map function.

In this context, it is necessary to store the user's IP address. The information obtained in this way is usually transferred to a Google server outside the EU and stored there. This occurs regardless of whether the user is logged into their Google account or not. Google stores user data as usage profiles and uses it for advertising, market research and/or the needs-based design of the website.

If the user is logged into their Google account, the data is assigned to the account. This assignment can be prevented by the user logging out of their Google account beforehand.

Google's privacy policy is available at: policies.google.com/privacy
 

5.10 Google reCAPTCHA

The website uses reCAPTCHA from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter referred to as "Google").

reCAPTCHA is used to check whether data entry on websites (e.g. in a contact form) is done by a human or by an automated programme. To do this, reCAPTCHA analyses the user's behaviour based on various characteristics. This analysis starts automatically as soon as the user enters the website. reCAPTCHA evaluates various information for the analysis (e.g. IP address, length of time spent on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google. The reCAPTCHA analyses run completely in the background. Users are not notified that an analysis is taking place.

Data processing is carried out on the basis of Art. 6 (1) lit. f GDPR. The controller has a legitimate interest in protecting its website from abusive automated spying and SPAM.

Further information on reCAPTCHA and Google's privacy policy is available at: policies.google.com/privacy
 

5.11 Google Tag Manager

The website uses Google Tag Manager from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter referred to as "Google").

Google Tag Manager allows website tags to be managed via an interface. Google Tag Manager itself is a cookie-free domain and does not collect any personal data. It triggers other tags, which may collect personal data.

Google Tag Manager itself does not access this data. If deactivation has been carried out at domain or cookie level, this remains in place for all tracking tags implemented with Google Tag Manager.

Google's privacy policy is available at: policies.google.com/privacy
 

5.12 Google Web Fonts (local hosting)

The website uses Google Web Fonts from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter referred to as "Google") for the uniform display of fonts. Google Web Fonts are installed locally. No connection to Google servers is established.

Further information on Google Web Fonts is available at: developers.google.com/fonts/faq and policies.google.com/privacy
 

5.13 Hubspot Chat

The website uses Hubspot Chat from Hubspot Inc. 25 Street, Cambridge, MA 02141 USA (hereinafter referred to as "Hubspot") to communicate with customers and interested parties.

Users can chat with employees of the controller in real time via live chat. Depending on the course of the conversation, personal data (e.g. first name, surname, address, email address, telephone number, etc.) may be processed. Furthermore, the IP address, log files, location information and other metadata of users are collected. Hubspot uses cookies and other browser technologies to evaluate user behaviour, recognise users and store and transfer data entered. It cannot be ruled out that Hubspot also stores and processes personal data on servers in the USA.

If a user has already made contact requests in the past or has consented to the collection and analysis of their usage behaviour on the website, the data collected via live chat can be assigned to user profiles.

Hubspot's privacy policy is available at: legal.hubspot.com/de/privacy-policy
 

5.14 Hubspot CRM

The website uses Hubspot CRM from Hubspot Inc. 25 Street, Cambridge, MA 02141 USA (hereinafter referred to as "Hubspot").

Hubspot enables the controller to manage existing and potential customers and customer contacts, as well as to record, sort and analyse customer interactions via email, social media or telephone across various channels. The personal data collected can be evaluated and used for communication with the potential customer or for marketing measures (e.g. newsletter mailings). With Hubspot, the controller is also able to record and analyse the user behaviour of contacts on its website.

The legal basis for the processing of personal data via Hubspot is Art. 6 (1) lit. f GDPR, as the most efficient customer management and customer communication possible is in the legitimate interest of the controller.

If consent has been requested, processing is carried out exclusively on the basis of Art. 6 (1) lit. a GDPR and § 25 (1) TDDDG, insofar as the consent includes the storage of cookies or access to information on the user's terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

Hubspot's privacy policy is available at: legal.hubspot.com/de/privacy-policy
 

5.15 imgix

The website uses the image optimisation service imgix from imgix Inc., 423 Tehama St, San Francisco, CA 94103, USA (hereinafter referred to as "imgix").

When using imgix, users' personal data (e.g. IP address, technical details about image retrieval) is stored on imgix servers in the USA.
The legal basis for the processing of personal data via imgix is Art. 6 (1) lit. f GDPR, as optimised image display and improved loading times are in the legitimate interest of the controller.

Users have the option of preventing the transfer of personal data to imgix by using browser extensions or add-ons that block the loading of images from certain domains. Please note that this may affect the quality and display of images on our website.

The imgix privacy policy is available at: www.imgix.com/privacy
 

5.16 Instagram

The controller operates several of its own pages on Instagram, which can be accessed at:

• www.instagram.com/erlau.bad
• www.instagram.com/erlau.freiraum

The pages and their technical functionality are provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (hereinafter referred to as "Meta").
The controller's own processing of personal data on the Instagram pages is based on Art. 6 (1) lit. f GDPR, as it is in the controller's legitimate interest to offer customers, interested parties and users up-to-date information and interaction options.

When accessing the Instagram pages, Meta's terms and conditions and data processing guidelines apply, over which the controller has no influence. Data may also be processed outside the European Union. Meta's privacy policy is available at: help.instagram.com/519522125107875

When visiting Instagram pages, Instagram collects, among other things, the IP address and other information about users (e.g. through the use of cookies). This also applies if users do not have an Instagram account or are not logged in to Instagram. If the user is logged into their Instagram account when visiting Instagram pages, Meta is able to track whether and how users use this website. This data can be used to offer content or advertising tailored to users.

If users do not want the data processing described above, they should log out of Instagram or deactivate the "stay logged in" function, delete the cookies on their device, and close and restart their browser.
 

5.17 jsdelivr. (CDN)

The website uses the Content Delivery Network (CDN) jsDelivr from ProspectOne, Królewska 65A/1, 30-081, Kraków, Poland (hereinafter referred to as "jsDelivr").

A CDN is a service that helps deliver website content, especially large media files, to users faster using regionally distributed servers connected via the internet. To do this, the browser used by the user connects to the CDN servers. In the process, personal data of users (e.g. IP address) is stored on ProspectOne servers.

The legal basis for the processing is Art. 6 (1) (f) GDPR. The processing serves the legitimate interest of the controller in providing the website as quickly and error-free as possible.

The jsDelivr privacy policy is available at: www.jsdelivr.com/terms/privacy-policy
 

5.18 Contact

When contacting the controller (e.g. by e-mail or contact form), the information provided by the user making the enquiry will be processed to the extent necessary to respond to the contact request and any measures requested.

The legal basis for the processing of personal data in this context is Art. 6 para. 1 lit. f GDPR, as it is in the legitimate interest of the controller to respond to enquiries.

The data provided by the requesting user when contacting us will only be passed on with their consent within the meaning of Art. 6 (1) lit. a GDPR.
 

5.19 Leadfeeder

The website uses Leadfeeder, a lead generation and tracking tool provided by Leadfeeder, Keskuskatu 6 E, 00100 Helsinki (hereinafter "Leadfeeder").

Leadfeeder enables the controller to record visits to its website by members of other companies. For this purpose, the user's IP address and, if applicable, other data are compared with the data contained in Leadfeeder's company database. In this context, user behaviour (e.g. duration and time of the website visit, pages visited, etc.) may also be recorded.

Leadfeeder's privacy policy is available at: www.leadfeeder.com/privacy
 

5.20 Leadinfo

The website uses the lead generation service provided by Leadinfo B.V., Rivium Quadrant 141, 2909 LC Capelle aan den IJssel, Netherlands (hereinafter referred to as "Leadinfo").
The service recognises visits to the website based on IP addresses and displays publicly available information to the controller, such as the company name, address data or data from the commercial register, if the user is a company. In individual cases, the correlation also affects personal data of natural persons. In addition, Leadinfo evaluates user behaviour on the website in order to correlate IP addresses with companies and improve the services offered.

Objections (so-called opt-outs) can be set at: www.leadinfo.com/en/opt-out

Leadinfo's privacy policy is available at: www.leadinfo.com/de/datenschutz
 

5.21 LinkedIn

The controller operates the following pages on LinkedIn:

• https://www.linkedin.com/company/rud-ketten-rieger-&-dietz-gmbh-u-co-kg
• https://www.linkedin.com/showcase/mold-handling-solutions-rud
• https://de.linkedin.com/company/erlau-bad
• de.linkedin.com/company/erlau-freiraum

The pages and their technical functionality are provided by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (hereinafter referred to as "LinkedIn").

The processing of personal data on the LinkedIn page is based on the legitimate interests of the controller pursuant to Art. 6 (1) lit. f GDPR in order to provide information about the controller's offerings and to contact customers, interested parties and users who are active there.

When you visit the LinkedIn page, LinkedIn's terms and conditions and data processing guidelines apply, over which the controller has no influence. Data may also be processed outside the European Union. LinkedIn's privacy policy is available at www.linkedin.com/legal/privacy-policy.

When you visit the LinkedIn page, LinkedIn collects personal data from users (e.g. through the use of cookies). This also applies if you do not have a LinkedIn account or are not logged in to LinkedIn. Information about data collection and further processing by LinkedIn is available at www.linkedin.com/legal/privacy-policy.

If the user is logged into their LinkedIn account when they visit the controller's LinkedIn page, LinkedIn is able to track whether and how users use this website. Based on this data, LinkedIn can assign the user's behaviour to a specific LinkedIn account. Only the public profile of users on LinkedIn is visible to the controller. Which information is visible depends on the selected profile settings.

If users do not want the data processing described above, they should log out of LinkedIn or deactivate the "stay logged in" function, delete the cookies on their device, and close and restart their browser.
 

5.22 LinkedIn Insight Tag

The website uses the Insight Tag from LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (hereinafter referred to as "LinkedIn").

The LinkedIn Insight Tag stores a cookie in the user's browser that collects personal data such as the IP address, device and browser characteristics, and interactions on the website (e.g. purchase of goods, submission of a contact form, etc.) across devices. The controller uses this data for statistical and market research purposes.

If users are registered and logged in to LinkedIn, the controller can use the LinkedIn Insight tag to analyse their key professional data (e.g. job title, career level, industry, etc.). The controller uses this data to better tailor the website to the identified target groups.

In addition, the controller can use the so-called "retargeting function" to display targeted advertising to users outside the website. Users can object to the use of their personal data for advertising purposes: www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

The controller is not able to identify users as specific individuals when using the LinkedIn Insight tag. LinkedIn processes users' personal data outside the European Union and also uses it for its own advertising purposes. LinkedIn also collects so-called log files (URL, referrer URL, IP address, device and browser characteristics, and time of access). IP addresses are truncated or (if used to reach LinkedIn members across devices) hashed (pseudonymised). The direct identifiers of LinkedIn members are deleted by LinkedIn after seven days. The remaining pseudonymised data is then deleted within 180 days.

LinkedIn members can control the use of their personal data for advertising purposes in their account settings. To prevent data collected via the LinkedIn Insight Tag from being linked to a LinkedIn account, users must log out of their LinkedIn account before visiting our website.

LinkedIn's privacy policy is available at: de.linkedin.com/legal/privacy-policy

LinkedIn's data protection officer can be contacted at: www.linkedin.com/help/linkedin/ask/TSO-DPO
 

5.23 Microsoft Clarity

The website uses the Clarity analysis tool from Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland (hereinafter "Clarity").

Clarity is a tool for analysing user behaviour on websites. In particular, Clarity records mouse movements and creates a graphical representation of which parts of the website users scroll through most frequently (heat maps). Clarity can also record sessions so that the controller can view page usage in the form of videos. Furthermore, the controller receives information about general user behaviour within the website.

Clarity uses technologies that enable user recognition for the purpose of analysing user behaviour (e.g. cookies or device fingerprinting). Users' personal data is stored on Microsoft servers (Microsoft Azure Cloud Service) in the USA.

Further details on Clarity's data protection and security can be found at: clarity.microsoft.com/privacy
 

5.24 Newsletter distribution

To subscribe to the controller's newsletter, at least the user's email address is required. After successful registration, the user receives a registration notification by email, which they must confirm in order to receive the newsletter (so-called double opt-in). This serves as proof for the controller that the registration was actually initiated by the respective user. Newsletters contain information about the controller, its services, promotions and offers. In addition, newsletters contain so-called "web beacons", i.e. pixel-sized files that transmit technical information (e.g. browser, system, IP address and time of retrieval) to the controller when the newsletter is opened. This technical information is used to improve the offer by determining target groups, reading behaviour, retrieval locations and access times. In doing so, the controller also evaluates whether and when a newsletter is opened and which links within the newsletter are clicked on. No user-related evaluation takes place. The receipt of the newsletter and the measurement/analysis of its reach are based on the consent of the users in accordance with Art. 6 para. 1 lit. a GDPR. Consent to receive the newsletter and the measurement/analysis of its reach can be revoked at any time via a link at the end of each newsletter.

The website uses the following newsletter dispatch tools to send newsletters:

• "Mailchimp" from Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA (Mailchimp's privacy policy is available at https://mailchimp.com/legal/terms),
• "Salesforce" from Salesforce, Inc., Salesforce Tower, 415 Mission Street, 3rd Floor, San Francisco, CA 94105, USA (Salesforce's privacy policy is available at www.salesforce.com/de/company/privacy) and
• "Hubspot" by HubSpot, Inc., 25 First Street, Cambridge, MA 02141 USA (Hubspot's privacy policy is available at legal.hubspot.com/de/privacy-policy).

In this case, personal data of newsletter subscribers is stored and processed on servers in both the EU and the USA.

For the purpose of verifying its proper execution, the controller logs the registration process for the newsletter. The legal basis for the processing is Art. 6 (1) (f) GDPR. The processing serves the legitimate interest of the controller in complying with data protection documentation obligations.

The personal data processed for the purpose of receiving the newsletter will be stored until the subscriber unsubscribes from the newsletter and will be deleted from the newsletter distribution list after unsubscribing. Data stored for other purposes remains unaffected by this.

After unsubscribing from the newsletter distribution list, the relevant email address may be stored in a blacklist by the controller or the newsletter service provider if this is necessary to prevent future mailings. The data from the blacklist is only used for this purpose and is not merged with other data. The legal basis for the processing is Art. 6 para. 1 sentence 1 lit. f GDPR. The processing serves the legitimate interest of the controller in complying with the legal requirements for sending newsletters.
 

5.25 Pinterest

The website uses elements of the social network Pinterest, which is operated by Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland (hereinafter "Pinterest").
When users visit a page that contains such an element, their browser establishes a direct connection to Pinterest's servers. The social media element transmits log data to Pinterest's server in the USA. This log data may contain the following personal data:

• IP address
• Addresses of websites visited that also contain Pinterest functions
• Type and settings of the browser,
• Date and time of the request,
• How Pinterest is used, and
• cookies.

Pinterest's privacy policy and privacy options are available at: policy.pinterest.com/de/privacy-policy
 

5.26 Salesforce Sales Cloud

The controller uses the Salesforce Sales Cloud from salesforce.com Germany GmbH, Erika-Mann-Str. 31, 80636 Munich (hereinafter referred to as "Salesforce") to manage customer data.

Salesforce Sales Cloud is a CRM system that enables the controller to manage existing and potential customers and customer contacts and to organise sales and communication processes. Furthermore, the use of the CRM system enables the analysis of customer-related processes. For this purpose, customer data is stored on Salesforce's servers and, if necessary, also transferred to Salesforce's parent company in the USA. Details on the functions of Salesforce Sales Cloud are available at: www.salesforce.com/de/products/sales-cloud/overview

The processing of personal data is based on the legitimate interest of the controller pursuant to Art. 6 (1) lit. f GDPR in the most efficient customer management and customer communication possible.

If consent has been requested, processing is carried out exclusively on the basis of Art. 6 (1) lit. a GDPR and § 25 (1) TDDDG, insofar as the consent includes the storage of cookies or access to information on the user's terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

Salesforce's privacy policy is available at: www.salesforce.com/de/company/privacy
 

5.27 Survey Monkey 

The controller uses the services of SurveyMonkey Europe UC, 2 Shelbourne Buildings, Second Floor, Shelbourne Road, Dublin 4, Ireland (hereinafter referred to as "SurveyMonkey") to conduct surveys.

Participation in surveys is voluntary and takes place via a link that customers receive by email. When customers click on the link, they are redirected to the external SurveyMonkey website.

When accessing the external SurveyMonkey website, SurveyMonkey's terms of use and privacy policy apply, over which the controller has no influence. Data may also be processed outside the European Union. SurveyMonkey's privacy policy is available at: de.surveymonkey.com/mp/legal/privacy-basics/ and de.surveymonkey.com/mp/legal/privacy/

When participating in surveys, participants' responses and entries are processed. Depending on the survey, users can submit a rating, select from predefined answer options or formulate their own answers. Participants are asked not to submit any sensitive data. The survey results are used solely to optimise our offering and are not linked to other data.
 

5.28 TeamViewer

For support and remote maintenance purposes, the controller uses "TeamViewer", a service provided by TeamViewer Germany GmbH, Bahnhofsplatz 2, 73033 Göppingen, Germany (hereinafter referred to as "TeamViewer").

The processing of personal data is based on the legitimate interest of the controller pursuant to Art. 6 (1) lit. f GDPR in the effective performance of IT support and remote maintenance work. Insofar as personal data of employees of the controller is processed, Art. 6 (1) lit. b, f GDPR is the legal basis for data processing.

When using TeamViewer, a connection to TeamViewer's servers is established. In addition to the IP address, the user's location and MAC address as well as the start and end of the TeamViewer session are transmitted to TeamViewer. In the course of IT support and remote maintenance work, the controller is generally able to view the content accessed by the user on their computer. It is therefore recommended that you close all programmes and windows that are not required for IT support or remote maintenance before using TeamViewer.

Further information on data protection at TeamViewer is available at: www.teamviewer.com/de/privacy-policy
 

5.29 Telephone conferences, online meetings, video conferences and/or webinars

For telephone conferences, online meetings, video conferences and/or webinars, the controller uses "Microsoft Teams", a service provided by Microsoft Ireland, South County Business Park, One Microsoft Place, Carmanhall and Leopardstown, Dublin, D18 P521, Ireland (hereinafter referred to as "Microsoft").

The processing of personal data is based on the legitimate interest of the controller pursuant to Art. 6 (1) lit. f GDPR in the effective implementation of telephone conferences, online meetings, video conferences and/or webinars. Insofar as personal data of employees of the controller is processed, Art. 6 (1) lit. b, f GDPR is the legal basis for data processing.

Telephone conferences, online meetings, video conferences and/or webinars can be attended via the respective app or via the respective browser-based version. We would like to point out that the use of browser-based versions is generally more privacy-friendly than the use of app-based versions. The scope of the personal data processed depends on the information you provide before or during your participation in a telephone conference, online meeting, video conference and/or webinar.

The following personal data may be processed:

• User details: display name, email address (optional), profile picture (optional), preferred language.
• Meeting metadata: title, date, time, location, meeting details (if applicable), meeting ID, device/hardware information.
• Text, audio and video data: Users may have the option of using the chat function during telephone conferences, online meetings, video conferences and/or webinars. In this respect, the text entries made by the user are processed in order to display them and, if necessary, to log them. To enable the display of video and the playback of audio, data from the microphone of the end device and from any video camera of the end device is processed for the duration of the meeting. Users can switch off or mute the camera or microphone themselves at any time.

Microsoft Teams is part of Microsoft 365. If users have a Microsoft 365 account and are logged in to it, personal data may be stored by Microsoft in the context of conference calls, online meetings, video conferences and/or webinars. The scope and duration of storage depends on the respective settings in the user account, over which the controller has no influence.

Telephone conferences, online meetings, video conferences and/or webinars are not recorded. Chat content is not logged.

An adequate level of data protection is guaranteed, on the one hand, by the conclusion of the so-called EU standard contractual clauses. As supplementary protective measures, we have configured the respective applications as strictly as possible from a data protection perspective.

Further information on data protection and data security is available at:

• privacy.microsoft.com/de-de/privacystatement
• docs.microsoft.com/de-de/microsoftteams/teams-privacy
   

5.30 tawk.to

The controller uses the services of tawk.to, inc., 187 E Warm Springs Rd, SB298, Las Vegas, Nevada 89119, USA (hereinafter referred to as "tawk.to") to process user enquiries via its support channels or live chat systems.

Messages that users send to us may be stored in the tawk.to ticket system or answered by our employees in live chat. Depending on the course of the conversation, personal data (e.g. first name, surname, address, email address, telephone number, etc.) may be processed. With the help of tawk.to, it is also possible to determine the region from which the user comes, how long they communicate with us and how satisfied they are with the communication process. It cannot be ruled out that tawk.to also stores and processes personal data on servers in the USA.

The privacy policy of tawk.to is available at: www.tawk.to/privacy-policy and www.tawk.to/data-protection/gdpr
 

5.31 X (formerly Twitter)

The controller operates its own channel on the short message service X, which can be accessed at x.com/RUDKetten. The site and its technical functionality are provided by X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA (hereinafter referred to as "X").

The processing of personal data on X by the controller is based on Art. 6 (1) lit. f GDPR, as it is in the legitimate interest of the controller to offer customers, interested parties and users up-to-date information and interaction options.

When accessing X, the General Terms and Conditions and the Privacy Policy of X apply, over which the controller has no influence. The Privacy Policy of X is available at: x.com/en/privacy

The controller advises users that they use the short message service and its functions at their own risk. This applies in particular to the use of interactive functions (e.g. sharing, rating).

The data collected when using the service is processed by X and may be transferred to countries outside the European Union. This includes, among other things, the IP address, the application used, information about the device used (including device ID and application ID), information about websites visited, location and mobile phone provider. This data is assigned to the user's X account or X profile. The controller has no influence on the type and scope of data processed by X, the type of processing and use, or the transfer of this data to third parties. Information about what data is processed by Twitter and for what purposes it is used is available at: x.com/de/privacy and help.x.com/de/managing-your-account/accessing-your-x-data

The controller does not collect or process any other data from the use of the short message service.

Users can restrict the processing of data in the general settings of their X account and under "Privacy and Security". In addition, users of mobile devices (smartphones, tablet computers) can restrict X's access to contact and calendar data, photos, location data, etc. in the settings options available on those devices. However, this depends on the operating system used. Further information on this is available at: help.x.com/de/rules-and-policies/data-processing-legal-bases
 

5.32 XING

The controller operates its own page on Xing, which can be accessed at: www.xing.com/pages/rudkettenrieger-dietzgmbhu-co-kg. The page and its technical functionality are provided by XING SE, Dammtorstraße 30, 20354 Hamburg, Germany (hereinafter referred to as "Xing").

The processing of personal data on the Xing page is based on the legitimate interests of the controller pursuant to Art. 6 (1) lit. f GDPR in order to provide information about the offer and to contact customers, interested parties and users who are active there.

When visiting the Xing page, the terms and conditions and data processing guidelines of Xing apply, over which the controller has no influence. Data may also be processed outside the European Union. Xing's privacy policy is available at: privacy.xing.com/de/datenschutzerklaerung

When visiting the controller's Xing page, Xing collects personal data from users (e.g. through the use of cookies). This also applies if the user does not have a Xing account or is not logged in to Xing. Information about data collection and further processing by Xing is available at: privacy.xing.com/de/datenschutzerklaerung

If the user is logged into their Xing account when they visit the Xing page, Xing is able to track whether and how users use this website. Based on this data, Xing can assign the user's behaviour to a specific Xing account. Only the user's public profile on Xing is visible to the controller. The information that is visible depends on the profile settings selected.

If users do not want the data processing described above, they should log out of Xing or deactivate the "stay logged in" function, delete the cookies on their device, and close and restart their browser.
 

5.33 YouTube

The website uses YouTube, an internet video portal operated by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter referred to as "Google").

The controller operates the following channels on YouTube:

• https://www.youtube.com/user/rudketten
• https://www.youtube.com/user/RUDLiftingAndLashing
• https://www.youtube.com/user/TyreProtectionChains
• https://www.youtube.com/c/RUDSchneeketten1875
• https://www.youtube.com/user/RUDKetten1
• https://www.youtube.com/@RUD_Conveyor_DriveSystems
• https://www.youtube.com/RUDChainInc
• www.youtube.com/@rud-schottler9652  
• www.youtube.com/user/ErlauAG1

YouTube allows video publishers to upload video clips free of charge and other users to view, rate and comment on these video clips free of charge. When users visit a website that has YouTube integrated, a connection to the YouTube servers is established. This tells the YouTube server which website users have visited. If users are logged into their YouTube account, they enable YouTube to assign their surfing behaviour directly to their personal profile. Users can prevent this by logging out of their YouTube account.

The controller integrates YouTube exclusively in extended data protection mode.  According to YouTube, videos played in extended data protection mode are not used to personalise browsing on YouTube. Advertisements played in extended data protection mode are also not personalised. No cookies are set in extended data protection mode. Instead, however, so-called local storage elements are stored in the user's browser, which, similar to cookies, contain personal data and can be used for recognition purposes.

Details on enhanced privacy mode are available at: support.google.com/youtube/answer/171780

After activating a YouTube video, further data processing operations may be triggered over which we have no control.

Google's privacy policy is available at: policies.google.com/privacy
 

6 Further data processing

6.1 Contractual relationships

The processing of personal master data, contract data and payment data is necessary for the establishment and/or performance of contractual relationships with customers. The legal basis for the processing is Art. 6 (1) (b) GDPR.

The controller processes customer and prospect data for evaluation and marketing purposes. The legal basis for processing is Art. 6 (1) (f) GDPR. The processing of serves the legitimate interest of the controller in further developing its range of services and providing targeted information about them.

Further processing of personal data takes place only on the basis of consent within the meaning of Art. 6 para. 1 sentence 1 lit. a GDPR or within the framework of the fulfilment of legal obligations within the meaning of Art. 6 para. 1 sentence 1 lit. c GDPR.
 

6.2 Erlau online shop

The controller operates a web shop for high-quality outdoor furniture at shop.erlau.com. The legal basis for the processing of personal data in the context of the web shop is Art. 6 (1) (b) GDPR. The controller uses the data collected exclusively for the purpose of processing the contract or order and for associated measures and obligations, to safeguard its own rights and for purposes related to administrative tasks and business organisation.

Users can register in the web shop or "order as a guest".

During registration, the email address, password, company name, mobile number and address are collected. The first name and surname can be provided on a voluntary basis. Following registration, the user receives a confirmation email. The customer account can be deleted at any time by sending a message to the controller at the above address.

The selected products are placed in the shopping basket; from there, the user proceeds to the checkout process. This involves the following steps:

• For registered users: Selection of a billing or delivery address from the data entered during the registration process or entry of a new billing or delivery address.
• For guest users: Enter country, company name, address, email address and, if applicable, a different delivery address. The first name, surname and mobile number can be provided on a voluntary basis.
• Select shipping method, add special shipping instructions, select partial or complete delivery, enter desired shipping date.
• Select payment method (credit card, direct debit, PayPal, invoice) and enter promotional code if applicable.
• Review order details / submit order.

The controller integrates payment services from third-party companies into its online shop. When users make a purchase, their payment details (e.g. first name/surname, payment amount, account details, credit card number, validity, CVC) are processed by the payment service provider for the purpose of payment processing. The respective contractual and data protection provisions of the respective provider apply to these transactions. The use of payment service providers is based on Art. 6 (1) lit. b GDPR and Art. 6 (1) lit. f GDPR, as it is in the legitimate interest of the controller to ensure that the payment process is as smooth, convenient and secure as possible.

The parent provider of our payment services is Computop Paygate GmbH, Schwarzenbergstr. 4, 96050 Bamberg (hereinafter referred to as "Computop"). Computop's privacy policy is available at computop.com/de/datenschutz. The controller integrates the following payment services via Computop:
 

Mastercard

The provider of this payment service is Mastercard Europe SA, Chaussée de Tervuren 198A, B-1410 Waterloo, Belgium (hereinafter referred to as "Mastercard").

Details on payment with Mastercard are available at:

• www.mastercard.de/de-de/datenschutz.html
• www.mastercard.us/content/dam/mccom/global/documents/mastercard-bcrs.pdf
   

VISA

This payment service is provided by Visa Europe Services Inc., London Branch, 1 Sheldon Square, London W2 6TT, United Kingdom (hereinafter referred to as "VISA").

VISA's privacy policy is available at: www.visa.de/nutzungsbedingungen/visa-privacy-center.html
 

PayPal

The payment service is provided by PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as "PayPal").

Details on payment with PayPal are available at: www.paypal.com/de/webapps/mpp/ua/pocpsa-full

PayPal's privacy policy is available at: www.paypal.com/de/webapps/mpp/ua/privacy-full

When purchasing on account or using another payment method where we make an advance payment, we may carry out a credit check (scoring).  For this purpose, we transmit address data of users to PAYONE GmbH, Lyoner Straße 15, 60528 Frankfurt/Main (hereinafter referred to as "PAYONE"). Based on this data, the probability of a payment default is determined. If the risk of payment default is excessive, we may refuse the relevant payment method.

The credit check is carried out for the purpose of fulfilling the contract within the meaning of Art. 6 (1) (b) GDPR and on the basis of our legitimate interest pursuant to Art. 6 (1) (f) GDPR in order to avoid payment defaults.

Further information on data protection at PAYONE is available at: www.payone.com/DE-de/dsgvo
 

6.3 Snow chain advisor and online shop (B2C)

The website offers users the opportunity to configure and order snow chains for a specific vehicle via the snow chain advisor (schneekettenberater.rud.com).

This involves the processing of personal data related to the order, e.g. company/first name, surname, street, house number, postcode, town, country, email address, different delivery address if applicable, and payment details. For payment by credit card, it is necessary to enter the complete credit card details, i.e. name of the cardholder, credit card number, expiry date and CVC code. For payment by direct debit, it is necessary to provide the account holder's name, account number, bank code and bank name.

The controller processes personal data for the purpose of processing the order in the online shop on the basis of Art. 6 (1) (b) GDPR.

In the case of a purchase on account or any other payment method where we make advance payments, we may carry out a credit check (scoring).  For this purpose, we transfer address data of users to informa HIS GmbH, Kreuzberger Ring 68, 65205 Wiesbaden (hereinafter referred to as "informa"). Based on this data, the probability of a payment default is determined. If the risk of payment default is excessive, we may refuse the relevant payment method.

The credit check is carried out for the purpose of fulfilling the contract within the meaning of Art. 6 (1) (b) GDPR and on the basis of our legitimate interest pursuant to Art. 6 (1) (f) GDPR in avoiding payment defaults.

Further information on the activities of informa is available at: www.informa-his.de/haeufige-fragen

6.4 Extranet

The extranet is used for the exchange of information between the controller and its customers. The information exchanged is usually technical and not personal data. The legal basis for the processing is Art. 6 (1) (b) GDPR.

A user account is created for each user of the extranet. Users can log in to the extranet after entering their user name and password and have access to applications relevant to them. If a user has forgotten their password, they can reset it using a corresponding function. The following personal data is processed in connection with a user account for the extranet: user name, password, email address, customer number, department/cost unit. The controller may pass on data for the purpose of technical support for the extranet to carefully selected service providers. It is ensured that all service providers comply with data protection and data security requirements. If a user account is terminated, the data contained therein will be deleted, subject to any legal retention obligations.

The controller currently uses the following cookies on the extranet for the following purposes:
 

Necessary

Name of cookie                Purpose and function of cookies             Expiry date

HASH_ASPSESSIONIDSCWSACBA       User authentication      Session

ASPSESSIONIDSCWSACBA      User authentication      Session

HASH_co_Sid   User authentication      Session

co_Lang                The language selected by the user is stored in the language cookie. The ISO code for the selected language (de, en, fr, etc.) is stored as the value. This first-party cookie does not contain any user-related information.         Session

co_Layout           The layout cookie stores the user's selected layout for the respective portal and is a "first party" cookie. The cookie value contains the responsible party, but no personal data about the user. The GUID appended to the cookie name is used to identify the layout (each layout in the extranet has a unique identifier in the form of a GUID).               1 year

co_Sid  A session ID is assigned to uniquely identify a user's session (guest or authenticated). This is generated randomly on the server side and stored there for the duration of the session . To ensure that this session can also be assigned to the client (browser), the session ID is stored in a cookie. The cookie only contains the session ID and no other personal information. The cookie is only valid for the duration of the session and is not stored permanently. The cookie is also only sent back to the extranet page that was visited.                Session