Data Protection

I. Name and address of the data controller

The data controller for the purposes of the General Data Protection Regulation and the Federal Data Protection Act is:

Renner Schlachthaustechnik GmbH
Fachsenfelder Strasse 33
D – 73453 Abtsgmünd
Telephone: +49 (0)7366-92096-0
Email: info@renner-sht.de

II. General information on data processing

1. Scope of personal data processing

In principal, we only process the personal data of our users to the extent necessary in order to provide a functioning website with our content and services. Our users’ personal data is collected and used only with the user’s consent or if there a respective underlying principle authorizing us to do so. 

We use SSL or TLS encryption for security reasons and to protect the website as well as the transmission of confidential content, such as enquiries from our users. Encryption is in place when the address bar of the browser changes from “http://” to “https://” and the lock icon appears in the address bar of your browser. When SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.


Our website is hosted by an external service provider (hoster). Personal data collected on this website is stored on the hoster’s servers. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, contract data, contact data, names, website accesses and other data generated by a website. The hoster is used for the purpose of contract fulfilment vis-à-vis our potential and existing users/customers (sec. 6 (1 ) letter b GDPR) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (sec. 6 (1) letter f GDPR). Our hoster will only process the users’ data to the extent that this is necessary for the fulfilment of its service obligations and will follow our instructions with regard to this data. To ensure data-protection-conforming processing, we have concluded a contract on order processing with our hoster.

2. Legal basis for personal data processing 

Insofar as we obtain the consent of the data subject for processing operations involving personal data, sec. 6 (1) letter a of the EU General Data Protection Regulation (GDPR) serves as the legal basis.

Sec. 6 (1) letter b GDPR serves as legal basis for the processing of personal data required for the fulfilment of a contract whose contracting party is the data subject. This also applies to processing procedures required for the implementation of pre-contractual measures. Insofar as the processing of personal data is necessary for the fulfilment of a legal obligation to which our company is subject, sec. 6 (1) letter c GDPR servers as legal basis.

In the event that vital interests of the data subject or another natural person require the processing of personal data, sec. 6 (1) letter d GDPR serves as legal basis.

If the processing of data is necessary to safeguard the legitimate interests of our company or that of a third-party operator, and the fundamental rights and freedoms of the person(s) concerned do not outweigh the interest of the former, sec. 6 (1) letter f GDPR serves as a legal basis for the processing of data.

3. Data deletion and storage duration

The personal data of the data subject will be deleted or blocked as soon as the purpose of storage has been accomplished. In addition, such storage may take place, if the European or national legislator provided for this within EU regulations, laws, or other relevant regulations to which the data controller is subject. Blocking or deletion of the data also takes place when the storage period stipulated by the aforementioned standards expires, unless there is a need to prolong the storage of the data for the purpose of concluding or fulfilling the respective contract.

III. Provision of the website and creation of log files

1. Description and scope of data processing 

When accessing our website, our system automatically collects data and information from the computer system of the accessing computer. 

The following data is thereby collected:

  1. information about the browser type and version used,
  2. the user’s operating system,
  3. the user’s internet service provider,
  4. the user’s IP address,
  5. date and time of access,
  6. websites from which the user’s system accesses our website,
  7. websites that are accessed by the user’s system via our website.

The data is also stored in the log files of our system. This data is not stored together with other personal data of the user.

2. Legal basis for data processing

The legal basis for the temporary storage of data log files is sec. 6 (1) letter f GDPR.

3. Purpose of data processing

The system has to temporarily store the IP address so that the website can be sent to the user’s computer. To this end, the user’s IP address has to be stored for the duration of the session.

The storage in log files takes place to ensure the functionality of the website. Furthermore, we use the data to optimise our website and to ensure the security of our IT systems. The data is not analysed for marketing purposes in this context. Our legitimate interest in data processing pursuant to sec. 6 (1) letter f GDPR also lies in the above-mentioned purposes.

4. Storage duration

The data is deleted as soon as the purpose of storage has been accomplished. This applies to the collection of data for the purpose of providing the website once the respective session has ended.

This applies after seven days at the latest for the storage of data in log files. The data may be stored beyond that period. In this case the users’ IP addresses are deleted or distorted, making it impossible to allocate them to the accessing client.

5. Possibility of objection and deletion

The collection of data for the provision of the website and the storage of data in log files is imperative for the operation of the website. Consequently, the user cannot object thereto.

IV. Cookies

1. Scope and purpose of data processing, legal basis, storage duration

Cookies are small text files that are stored on the user’s hard drive related to the browser they are using, which provide the party that sets the cookie (in this case, us) with certain information. Cookies cannot execute programs or transmit viruses to the user’s computer system. We distinguish between cookies of the functional groups described below:

2. Technical cookies

These cookies are necessary so that we can display the website to our users and provide essential basic functions, e.g. page navigation or a secure login for a protected area. The following data is stored and transmitted in the cookies:

  1. Language settings
  2. Log-in information
  3. Page settings
  4. Other status information

The purpose of using technically necessary cookies is to simplify the use of websites for users. We therefore also use cookies for the purpose of being able to identify the user for subsequent visits. Also, some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognised even after a page change.

3. Cookies for user preferences

These cookies are used to recognise our user and the settings they have made when they return to the website. For example, we can greet users by name, save preferences and searches, or display targeted product suggestions.

4. Cookies for performance and statistics

These cookies are used to analyse usage of the website and user behaviour. This allows us to understand how our website is used and where errors have occurred. We can then use this information, for example, to make the website more user-friendly or to better tailor information and services to our users.

5. Marketing cookies

These cookies are used to analyse our users’ visit to the website (e.g. which links were clicked, which sub-pages were visited). We use this information to target advertising on the website more closely to our users’ interests.

6. Cookie management

Technical cookies are mandatory to maintain the functionality of the website. These legitimate interests have priority, the legal basis for this is sec. 6 letter f GDPR.

All other cookies require the user’s consent. The legal basis for this is sec. 6 letter a, sec.7 GDPR. 

The data is deleted as soon as the purpose of storage has been accomplished. This applies to the collection of data for the purpose of providing the website once the respective session has ended.

7. Possibility of objection and deletion

With regard to the technical cookies, there is no possibility to object.

With regard to all other cookies, you have the option to object at any time. In addition to the objection option via a separate window, you can deactivate cookies directly with a cookie provider or prevent the processing of data via browser plug-ins. 

V. Contact form

1. Description and scope of data processing

For the contact form and transmission of the data by email, we store the form entries and thus personal data on the website server. If the user sends us enquiries via the contact form, the information from the enquiry form, including the contact data provided by the user, is stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We do not pass on this data without the user’s consent.

When you enter data in our contact form, our system records this data.

The following data is thereby collected:

1) Name and address as well as contact details (telephone, email),

2) The concern.

2. Legal basis for data processing

The legal basis for this processing data is the implementation of the user relationship established by the registration or for the initiation of further contracts or for contract processing (sec. 6 para. 1letter b GDPR) as well as our legitimate interest in sufficient identification of the user, sec. 6 para. 1 letter f GDPR.

3. Purpose of data processing

 The temporary storage of the data is necessary in order to process the user’s request. For this purpose, the user’s data must remain stored until it is clear whether or not commissioning will take place. 

4. Duration of storage

The personal data of the data subject will be deleted as soon as the purpose of storage has been accomplished. This is within 14 days after it is clear that no order will be placed. If an order is placed, the data shall remain stored until the contract has been completely fulfilled and processed. Statutory storage periods remain unaffected.

5. Possibility of objection and deletion 

The collection of data for processing the request is mandatory for this purpose. Therefore, the user cannot object thereto.

VI. User registration

1. Description and scope of data processing

On our website, the user has the option to register as a user. If the registration is activated by us, the user can use an unlocked area to view current product lines. The type of personal data we collect in this process can be found on the registration form.

For registration and transmission of data, we store the form entries and thus personal data on our server. We will store the information from the registration form including the contact data provided by the user therein for the purpose of processing the contractual relationship with us (contract initiation). We do not pass on this data without the user’s consent.

When you enter the data in our user registration form, our system collects this data.

The following data is thereby collected:

Name and address as well as contact details (telephone, e-mail),

2. Legal basis for data processing

The legal basis for this processing data is the implementation of the user relationship established by the registration or for the initiation of further contracts or for contract processing (sec. 6 para. 1letter b GDPR) as well as our legitimate interest in sufficient identification of the user, sec. 6 para. 1 letter f GDPR.

3. Purpose of data processing

The temporary storage of the data is necessary in order to process the contractual relationship with the user. For this purpose, the user’s data must remain stored until the contractual relationship has been completely settled. 

4. Duration of storage

The data is deleted once they are no longer necessary in relation to achieving the purpose for which they were collected. Statutory storage period remain unaffected.

5. Possibility of objection and deletion 

The collection of data for processing the registration is mandatory for this purpose. Consequently, there is no possibility for the user to object, otherwise the registration/login area cannot be made available. If the user no longer wishes to be registered and wishes to waive access, this is of course possible. The user must then send an objection to us for this purpose.

VII. YouTube

Our website uses plugins from YouTube belonging to Google Inc. based in San Bruno/California, USA.

We use the YouTube function No-Cookies, i.e. we have activated Extended Data Protection , videos are not accessed via youtube.com, but via youtube-nocookie.com .

YouTube provides this itself and thus ensures that YouTube does not initially store any cookies on the user’s device. However, when the pages in question are called up, the IP address and other data identifying the user are transmitted and thus, in particular, information is provided as to which of our Internet pages the user has visited. However, this information cannot be attributed to you if you are permanently logged in to YouTube or another Google service when you access the page.

As soon as the user starts the playback of an embedded video by clicking on it, YouTube only stores cookies on the user’s device through the extended data protection mode, which do not contain any personally identifiable data, unless the user is currently logged in to a Google service. These cookies can be prevented by appropriate browser settings and extensions.

Google/YouTube: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland – Privacy Policy:  https://policies.google.com/privacy, Opt-Out: https://adssettings.google.com/authenticated, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.

This website uses the Youtube embedding function to display and play videos from Youtube. We use the extended data protection mode, which, according to the provider, only initiates the storage of user information when the video is played. At the moment when the embedded videos are played, YouTube uses cookies to collect information about user behaviour.

According to information provided by YouTube, these cookies collect video statistics, improve user-friendliness and prevent improper actions, among other things.

Separately from playing the embedded videos, a connection to the Google network “DoubleClick” is established with every visit of the website, which may trigger further data processing procedures without our influence.

You can find further information about data protection on YouTube in the provider’s data privacy statement at: https://www.google.de/intl/de/policies/privacy/

VIII. Google Web Fonts

1. Description and scope of data processing

We use the “Google Web Fonts” service on our website. The service allows us to use external fonts. For this purpose, the required font is loaded into the browser cache by the user’s browser when our website is accessed. This is necessary so that the browser can display a visually improved representation of our texts. The service is provided through local integration and not via the Google interface (Google Fonts API). Consequently, the IP address of the user’s browser is not transmitted to Google. If data is transmitted, this is done on the basis of an independent consent by means of cookie management. In this case, the integration of these fonts is carried out by a server call at a server of the provider. This transmits to the server that the user has visited our website. The IP address of the browser of the user’s terminal device is also stored by the provider. We have no influence on the scope and further use of the data collected and processed by the provider through the use of the service. 

We use the service for optimisation purposes, in particular to improve the use of our website for the user and to make its design more user-friendly. The legal basis is sec. 6 (1) (1) letter f GDPR.

Provider:
Google Ireland Limited
Google Building Gordon House
Barrow St, 4 Dublin
Irland
Tel. +353 1 543 1000
Fax +353 1 686 5660
https://www.google.de/

https://fonts.google.com/

2. Duration of storage

The data is deleted as soon as the purpose of storage has been accomplished.

3. Possibility of objection and deletion 

There is a right of objection at any time, to be addressed to us. If this is exercised, it may be possible that the presentation of our website is not optimal for this user. 

IX. Open Street Map

1. Description and scope of data usage

We use the open source map service “OpenStreetMaps” (also called “OSM”) of the company OpenStreetMap Foundation, 132 Maney Hill Road, Sutton Coldfield, West Midlands, B72 1JU, United Kingdom. 

OSM is used to provide an interactive map on our website that shows users how to find and reach us. This service enables us to present our website in an attractive way by loading map material from an external server. 

The following data is transferred to the OSM servers during display: the website visited by the user and the IP address of the user’s terminal device.

The legal basis for the processing of the user’s data in relation to the “OSM” service is sec. 6 (1) (1) letter f GDPR (legitimate interest in data processing). The legitimate interest arises from our need for an attractive presentation of our website and the easy location of the locations indicated on our homepage.

More information on the handling of user data can be found in OSM’s privacy policy: https://wiki.osmfoundation.org/wiki/Privacy_Policy

2. Duration of storage

The data is deleted as soon as the purpose of storage has been accomplished.

3. Possibility of objection and deletion 

There is a right of objection at any time, to be addressed to us. If this is exercised, it may be possible that the presentation of our website is not optimal for this user. 

X. Rights of data subjects

If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights towards the data controller:

1. Right to information

You may obtain confirmation from the data controller about whether your personal data is being processed by us. If this is the case, you may obtain access to the following information from the data controller:

  1. the purposes for which the personal data is processed,
  2. the categories of the personal data concerned,
  3. the recipients and/or the categories of recipients to whom your personal data is or was disclosed,
  4. the planned duration of storage of your personal data or, if no specific information can be provided hereto, the criteria used to determine that period,
  5. the existence of the right to objection or deletion of your personal data, the right to restriction of the processing by the data controller or the right to object against this processing,
  6. the existence of the right to lodge a complaint with a supervisory authority,
  7. any and all available information about the origin of the data if the personal data is not collected from the data subject,
  8. the existence of automated decision-making, including profiling, referred to in sec 22 (1) and (4) GDPR and– at least in those cases– meaningful information about the logic involved, as well as the significance and the intended consequences of such processing for the data subject.

You have the right to obtain information about whether your personal data is transferred to a third country or to an international organisation. In this context, you may obtain information about the appropriate guarantees pursuant to sec. 46 GDPR in connection with the transfer.

2. Right to rectification

You have the right to rectification and/or completion towards the controller if your personal data processed is inaccurate or incomplete. The controller must effect the rectification without undue delay.

3. Right to restriction of processing

You may demand the restriction of processing of your personal data under the following conditions:

  1. if you contest the accuracy of your personal data for a duration which enables the data controller to review the accuracy of the personal data,
  2. the processing is unlawful and you oppose the deletion of the personal data and request the restriction of the use of the personal data instead,
  3. if the data controller does no longer require the personal data for processing purposes; however, you require them for the establishment, exercise or defence of legal claims; or
  4. if you have lodged a complaint against the processing pursuant to sec. 21 (1) GDPR and it is not yet decided whether the legitimate grounds of the data controller override yours.

If the processing of your personal data was restricted, these data – besides their storage – may only be processed with your consent or for the establishment, exercise or defence of legal claims or the protection of the rights of another natural person or legal entity or for reasons of important public interest of the Union or a Member State. If the restriction of processing was restricted pursuant to the above-mentioned conditions, you will be notified by the data controller before the restriction is lifted.

4. Right to deletion

a) Obligation to delete

You may demand the deletion of your personal data without undue delay from the data controller and the data controller is obligated to erase this data without undue delay if any of the following reasons apply:

  1. Your personal data is no longer required for the purposes for which it was collected or processed in any way.
  2. You revoke your consent on which the processing was based pursuant to sec. 6 (1) letter a or sec. 9 (2) letter a GDPR and there is no other legal basis for the processing.
  3. You lodge a complaint against the processing pursuant to sec. 21 (1) GDPR and there are no overriding legitimate grounds for the processing or you lodge a complaint against the processing pursuant to sec. 21 (2) GDPR.
  4. Your personal data was unlawfully processed.
  5. The deletion of your personal data is necessary for the compliance with a legal obligation pursuant to the law of the Union or the law of the Member States to which the controller is subject.
  6. Your personal data was collected with regard to information society services offered pursuant to sec. 8 (1) GDPR.

b) Disclosure to third parties

If the data controller has made your personal data public and is obligated to delete it pursuant to sec. 17 (1) GDPR, the data controller shall take appropriate measures – also of a technological nature – under consideration of available technology and the costs of implementation to inform the data controllers who process the personal data that you, as the data subject, demanded the deletion of any and all links to this personal data or of copies or replications of this personal data.

c) Exceptions

The right to deletion does not apply if the processing is required,

  1. for exercising the right to freedom of expression and information,
  • for compliance with a legal obligation which requires processing by law of the Union or the Member States to which the data controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller,
  • for reasons of public interest in the area of public health pursuant to sec. 9 (2) letter h and i as well as sec. 9 (3) GDPR;
  • for the establishment, exercise or defence of legal claims.

5. Right to information

If you have asserted the right to rectification, deletion or restriction of processing towards the data controller, the data controller is obliged to inform each recipient to whom your personal data has been disclosed about this rectification or deletion of the data or restriction of processing; unless this proves impossible or involves disproportionate effort. You have the right towards the data controller to be informed about these recipients.

6. Right to data portability

You have the right to receive your personal data given to the data controller in a structured, standard and machine-readable format. In addition, you have the right to transfer this data to another person without hindrance by the data controller who was initially given the data, given that

  1. the processing is based on a consent pursuant to sec. 6 (1) letter a GDPR or sec. 9 (2) letter a GDPR or on a contract pursuant to sec. 6 (1) letter b GDPR and 
  2. the processing is carried out via automated procedures.

In exercising this right, you also have the right to maintain that your personal data relating to you are transmitted directly from one data controller to another, insofar as this is technically feasible.  Freedoms and rights of other persons shall not be affected. The right to data portability does not apply to the processing of personal data necessary for the performance of a task in the public interest or in the exercise of official authority vested in the data controller.

7. Right to object

Subjective to your situation, you have, at any time, the right to object against the processing of your personal data pursuant to sec. 6 (1) (1) letter e or f GDPR.

The person responsible will no longer process the personal data concerning you unless he can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is for the purpose of enforcing, exercising or defending legal claims.

If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing; this also applies to profiling insofar as it is associated with direct advertising. If you object to processing for direct advertising purposes, your personal data will no longer be processed for this purpose. Regardless of Directive 2002/58/EG, you have the option, in the context of the use of information society services, to exercise your right to object to automated procedures that use technical specifications.

8. Right to revoke the data protection consent declaration

You have the right to revoke your data protection consent declaration at any time.  The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until revocation.

9. Right to complain to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to complain to a supervisory authority, in particular in the Member State of your residence, place of work or place of alleged infringement, if you believe that the processing of the personal data concerning you violates the GDPR.

The supervisory authority to which the complaint has been submitted shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy pursuant to sec. 78 GDPR.