DATA PROTECTION STATEMENT

DATA PROTECTION AT A GLANCE

General notes

The following notes provide a simple overview of what happens to your personal data when you visit our website or Social Media profiles (at Facebook, Instagram, YouTube, Xing or LinkedIn). Personal data include all data that make it possible to identify you in person. Detailed information on the subject of data protection can be taken from our data protection statement listed below this text.

Data collection on our website

Who is the controller for data collection on this website?

Processing activities on this website are performed by the website operator. For its contact details, see the imprint of this website.

How do we record your data?

Your data will be collected when you disclose them to us. These may be data you enter in a contact form, for example.

Other data will be recorded automatically by our IT systems when you visit the website. These are in particular technical data (e.g. web browser, operating system or time at which the page was called up). These data are collected automatically as soon as you enter our website.

What do we use your data for?

Part of the data are collected in order to ensure correct provision of the website. Other data may be used for analysing your user behaviour.

What rights do you have concerning your data?

You have the right to receive information on the origin, recipients and purpose of the personal data concerning you that are stored at all times. You also have the right to demand rectification, blocking or erasure of such data. You may contact us at any time concerning this and any other questions relating to data protection using the address indicated in the imprint. Furthermore, you have a right to lodge a complaint with the relevant supervisory authority.

Analysis tools and tools of third-party providers

Your surfing behaviour may be statistically evaluated when you visit our website. This is done in particular using cookies and analysis programs. Analysis of your surfing behaviour usually takes place anonymously; your surfing behaviour cannot be tracked back to you. You can object to this analysis or prevent it by not using certain tools. For detailed information on this, see the following data protection statement.

GENERAL NOTES AND MANDATORY INFORMATION

Data protection

We as the providers of these pages take protection of your personal data very seriously. We treat your personal data confidentially and comply with the statutory data-protection rules and this data protection statement.

When you use this website, various personal data will be collected. Personal data include data that make it possible to identify you in person. This data protection statement explains which data we collect and what we use them for. It also explains how and for what purpose this is done.

We would like to point out that the data transmission through the internet (e.g. in the case of email communication) may involve gaps in security. Complete protection of the data against third-party access is not possible.

In light of the terms used, such as "processing" or "Controller", we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).

Information on the controller

The controller for processing activities on this website is:

RHODIUS Mineralquellen und Getränke GmbH & Co. KG
Lars Querbach
Data Protection Officer
Brohltalstraße 2
56659 Burgbrohl
Telefon: +49 (0)2636 / 9 20-100
E-Mail: datenschutz@rhodius.de

The controller is the natural or legal person who, alone or together with others, decides about the purposes and means of processing of personal data (e.g. name, email addresses, etc.).

Withdrawal of your consent to processing activities

Many processing activities are only permitted with your explicit consent. You can revoke a consent already granted in accordance with Article 7(3) GDPR at any time, effective for the future. An informal notification by email to us is sufficient for this. The lawfulness of the processing activities performed until the revocation will not be affected by this.

Objection to processing of your data

You may object to future processing of your data according to the proviso of Article 21 GDPR. The objection may be declared in particular against processing for purposes of direct marketing.

Right to complain to a supervisory authority

Without prejudice to any other administrative or judicial remedy, every data subject has the right, subject to Article 77 GDPR, to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement, if the data subject considers that the processing of personal data relating to him or her infringes the GDPR.

Information, blocking, erasure

You have the right to free information concerning your personal data stored by us, their origin and recipients, as well as the purpose of processing activities, and potentially a right to rectification, blocking or erasure of such data at any time in accordance with Articles 15-17 GDPR. You may contact us at any time concerning this and any other questions relating to the subject of personal data using the address indicated in the imprint.

Right to data portability

You have the right to have any data that we process automatically based on your consent, or to perform a contract transferred to you or a third party in a common machine-readable format, in accordance with Article 20 GDPR. If you demand direct transfer of the data to another controller, this shall be done only as far as it is technically feasible.

SSL or TLS encryption

This page uses SSL or TLS encryption for reasons of security and to protect the transmission of confidential contents, such as orders or queries that you send to us as the page operator. An encrypted connection can be recognised by the address line of the browser switching from “http://” to “https://” and the lock icon being shown in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by any third parties.

Data protection officer

We have appointed a data protection officer for our company.

Lars Querbach
Data Protection Officer
Brohltalstraße 2
56659 Burgbrohl
Telefon: +49 (0)2636 / 9 20-100
E-Mail: datenschutz@rhodius.de

Data collection on our website

Cookies

The websites partially use cookies. Cookies do not cause any damage to your computer and do not contain any viruses. Cookies serve to make our offer user-friendly, more effective and safe. Cookies are small text files that are stored on your computer and that your browser stores.

Most of the cookies we use are "session cookies". They are deleted automatically after the end of your visit. Other cookies remain stored on your end device until you delete them. These cookies enable us to recognise your browser again on your next visit.

You can set your browser so that you will be informed when cookies are set and only permit cookies in individual cases, prevent acceptance of cookies for certain cases or in general and activate automatic deletion of the cookies when you close the browser. If you deactivate cookies, the function of this website may be limited.

Cookies that are needed to perform electronic communication, or to provide certain functions desired by you (e.g. shopping cart functions), are stored based on point (f) of Article 6(1) GDPR. The website operator has as legitimate interest in storage of cookies for technically correct and optimised provision of its services. As far as any other cookies (e.g. cookies for analysis of your surfing behaviour) are stored, these are treated separately in the data protection statement.

Server log files

The provider of the website will automatically collect and store information in server log files that your browser transmits to us automatically. These are:

  • Browser type and browser version
  • operating system used
  • Referrer URL
  • Host name of the accessing computer
  • Time of the server query
  • Internet protocol address

These data will not be combined with any other data sources.

The basis for processing activities shall be point (f) of Article 6(1) GDPR, which permits processing of data to meet a contract or pre-contractual measures.

Processing activities and data transfer

We collect, process and use personal data only as far as they are required to found, design contents or change the legal relationship. This is done based on point (b) of Article 6(1) GDPR, which permits processing of data to meet a contract or for pre-contractual measures. The collected customer data will be deleted after the end of the order or termination of the business relationship. Legal archiving periods shall remain unaffected.

We collect, process and use personal data concerning the use of our websites (usage data) only as far as this is required in order to enable the user to use the service or to settle fees for use. These processing activities are based on point (f) of Article 6(1) GDPR. This is the legal foundation of processing activities that are not covered by any of the legal foundations named in Article 6 GDPR if processing is required to preserve a legitimate interest of our company or of a third party, provided that the interests, fundamental rights and fundamental freedoms of the data subjects do not take priority.

Data transmission to third parties

For defect-free operation, and in order to ensure comfortable use of our websites, using third-party offers and services is usually unavoidable. For this, we need to grant such subcontractors access to the data needed to provide such services. Transfer shall only take place on the basis of statutory permission in accordance with Article 6 GDPR (e.g. if you have consented, it is necessary for meeting the contract, due to a legal obligation or based on our legitimate interests).

Charging third parties with processing activities take place based on the "Contract for processing activities" in accordance with Article 28 GDPR. The third parties charged in the scope of provision of these websites are listed in the following paragraphs.

Transfer to third countries

If we or one of our subcontractors process any data in a third country (i.e. outside of the European Union or the European Economic Area), or transmit them to such a country, this is done on a suitable legal foundation in accordance with Article 6 GDPR, e.g. to meet our (pre-)contractual obligations, based on your consent, due to a legal obligation or based on our legitimate interests. Processing activities further take place based on suitable guarantees in accordance with Article 44 et seqq. GDPR, such as an adequacy decision of the EU Commission concerning the level of the protection of personal data in a country (incl. the EU-US Privacy Shield), or upon conclusion of officially recognised special contracts with our subcontractors (the "Standard Contractual Clauses").

Hosting

In order to ensure smooth operation of our websites and to optimise the usage experience for users, we or our hosting provider process content data, usage data, meta data and communication data of interested parties and visitors of this website, based on our legitimate interests in accordance with point (f) of Article 6(1) GDPR, in conjunction with Article 28 GDPR.

Integration of services and third-party contents

We use the offers of third-party providers within our websites in order to integrate their contents and services, such as videos or fonts. This is done based on our legitimate interests in optimisation and operation of our online offer within the meaning of point (f) of Article 6(1) GDPR. The prerequisite for transfer of the contents to the user's browser is transfer of its IP address. The IP address is therefore indispensable for (correct) presentation of such contents.

Web fonts by Typekit

This page uses web fonts for consistent presentation of fonts, which are provided by Adobe Systems Software Ireland Ltd (4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland). When calling up a website, your browser will load the required web fonts into your browser cache in order to properly display texts and fonts. The data protection statement of Adobe can be found here: https://www.adobe.com/de/privacy.html.

For this purpose, the browser you use must connect to the servers of Adobe. This way, Adobe will learn that our website was called up from your internet protocol address. Typekit are used in the interest of consistent and attractive display of our online offers. This is a legitimate interest within the meaning of point (f) of Article 6(1) GDPR.

If your browser does not support Web Fonts, a standard font of your computer will be used.

Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics uses "cookies". These are text files that are stored on your computer and that permit analysis of your use of the website. As a rule, the information generated by the cookie through your use of this website is sent to a Google server in the USA and stored there.

We use Google Analytics for the purpose of analysing use of our website and to continually improve individual functions and offers as well as the usage experience. Google-Analytics cookies are stored based on point (f) of Article 6(1) GDPR. The website operator has a legitimate interest in analysis of the user behaviour in order to optimise both its web offer and its advertisement.

IP anonymisation

We activated the function IP anonymisation on this website. This way, your internet protocol address will be abbreviated first by Google within member states of the European Union or in other contracting states of the convention on the European Economic Area before transfer to the USA. Only in exceptional circumstances will your full Internet Protocol address be transmitted to a server of Google in the USA and abbreviated there. On the order of the provider of this website, Google will use this information to evaluate your use of the website, in order to compile reports on the website activities and to render further services connected to website use and internet use towards the website operator. The Internet Protocol address transmitted by your browser within the context of Google Analytics will not be combined with any other data from Google.

Browser plugin

You may prevent storage of the cookies by making the corresponding settings in your browser software; however, note that you may be unable to fully use all functions of the website in that case. You may furthermore prevent recording of the data generated by the cookie and referring to your use of the website (incl. your Internet Protocol address) and processing of these personal data by Google by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

Objection to data collection

You may prevent recording of your data by Google Analytics by clicking the following link. An opt-out cookie will be set that will permanently prevent recording of your data during future visits to this website: Deactivating Google Analytics.

For more information on handling user data by Google Analytics, see the data protection statement of Google: https://support.google.com/analytics/answer/6004245?hl=de.

Further information on data use by Google, settings and objection options, as well as data protection can be taken from the following websites of Google:

Processing activities based on a contract

We have concluded a contract with Google for contract data processing and implement the strict specifications of the German data protection authorities when using Google Analytics completely.

Demographic features at Google Analytics

This website uses the function "demographic features" of Google Analytics. This permits compilation of reports that contain statements on age, gender and interests of the visitors to the pages. These data originate from interest-related advertising of Google and visitor data of third-party providers. These data cannot be associated with any specific person. You may deactivate this function at any time via the advertisement settings in your Google account or generally forbid collection of your data by Google Analytics as described in the item "Objection to data collection".

Integration of videos

Vimeo

Our website uses plugins of the video portal Vimeo. The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.

When you visit one of our pages equipped with a Vimeo plugin, a connection to servers of Vimeo will be established. This informs the Vimeo server on which of our pages you have visited. Vimeo will also receive your internet protocol address. This shall also apply if you are not logged in at Vimeo or do not have any account at Vimeo. The information recorded by Vimeo will be transmitted to the Vimeo server in the USA.

If you are logged in to your Vimeo account, you enable Vimeo to assign your surfing behaviour to you personally. You can prevent this by logging out of your Vimeo account first.

For more information on handling user data, see the data protection statement of Vimeo under: https://vimeo.com/privacy.

Social media

We maintain profiles on Social Media platforms (Facebook, Instagram, YouTube, Xing, LinkedIn), to provide information about us there and to engage in exchange with active users. On our social media platforms, we post information that is shown to the users who have actively connected to us on the respective network, and we place ads for target groups relevant to us.

Our websites only link to our profiles on such social media platforms. We do not use any plug-ins that would connect to servers of Facebook & co. simply when calling up our website. When calling up the respective platforms, the terms and conditions and the data protection provisions of the respective provider shall apply. If you follow a link from our website to one of our social media profiles, we prevent disclosure of the URL of origin (referrer) in all supporting browsers. This is done in light of best data economy when handling social networks.

Facebook and Instagram

Please note the following when visiting our profiles on Facebook and Instagram and interacting with us through the contents available there:

The operator company of Facebook and Instagram is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. The controller for processing of personal data if a data subject lives outside of the USA or Canada is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

The data protection directive published by Facebook, available under https://de.facebook.com/about/privacy, provides information on the collection, processing and use of personal data by Facebook.

Furthermore, it explains which setting options Facebook has to protect the privacy of the data subjects. Various applications are also available that make it possible to suppress data transfer to Facebook. Such applications can be used by the data subject in order to suppress data transfer to Facebook.

Facebook has reacted to the jurisdiction of the ECJ concerning the shared responsibility of Facebook and fanpage operators and published a Page Controller Addendum to supplement the usage terms. This supplements can be found in www.facebook.com/legal/terms/page_controller_addendum

Page insights supplement concerning the controller

Facebook provides page insights to us for our Facebook page https://www.facebook.com/business/a/page/page-insights. Page insights are summarised data that inform us about how people interact with our page.

Page insights may be based on personal data that were recorded in connection with a visit, or an interaction of people on, or with, our page and its contents. As an economic operator with permanent place of residence in the European Union / European Economic Area, and as far as the personal data are processed subject to our influence and our control (or that of a third party for whom we create or manage the page) within the scope of the General Data Protection Regulation (Regulation (EU) 2016/679, "GDPR"), ("Insights data"), we recognise in our own name (and as representative for any other third-party controller for whom we create or manage the page) and confirm that this page insights supplement applies concerning the controller ("Page Insights Supplement"):

  • Facebook Ireland Limited ("Facebook Ireland"), and we are the shared controllers for processing of Insights data. The page supplement specifies the respective responsibilities of Facebook Ireland and us concerning the processing of Insights data.
  • Facebook Ireland agrees to take primary responsibility for processing of Insights data in accordance with the GDPR and to perform all obligations from the GDPR concerning the processing of Insights data (among others, Articles 12 and 13 GDPR, Articles 15 to 22 GDPR and Articles 32 to 34 GDPR). Additionally, Facebook Ireland shall provide the essential content of this page insights supplement to the data subjects.
  • We ensure that we have a legal foundation for processing of insights data in accordance with the GDPR, designate the controller for processing activities of the page, and meet all other applicable legal obligations.
  • We agree that only Facebook Ireland may make and implement decisions concerning the processing of Insights data. Facebook Ireland decides, subject to its sole discretion, how it meets its obligations under this page insights supplement. We agree that Facebook Ireland is main establishment for all controllers in the EU for processing of insights data. We also accept that the Irish data protection commission is the responsible supervisory authority for such processing.
  • Facebook Ireland remains solely responsible for processing of such personal data in connection with page insights not subject to this page insights supplement. The page insights supplement does not give us the right to demand disclosure of personal data of Facebook users processed in connection with Facebook products, including for page insights provided to us by Facebook.
  • If a data subject or a supervisory authority, in accordance with the GDPR, contacts us concerning the processing of insights data and the obligations accepted by Facebook Ireland within the scope of this page insights supplement (each a "Query"), we are obligated to forward all relevant information to Facebook without undue delay, but no later than within 7 calendar days. We may submit the following form for this purpose https://www.facebook.com/help/contact/308592359910928.
    Facebook Ireland will answer queries in correspondence with its obligations under this page insights supplement. We agree to make all appropriate efforts in a timely manner in order to cooperate with Facebook in answering any such queries. We do not have the right to act or respond in the name of Facebook Ireland.
  • If we use a page for any business or commercial purpose or access it, we agree that any claim, object of a claim or dispute that we have towards Facebook, and that results from this page insights supplement, or that is connected to it is to be determined solely by the courts in Ireland, that we submit to the jurisdiction of the Irish courts irrevocably for proceedings concerning any such claims, and that this page insights supplement is subject to Irish law.
  • Facebook may need to update this page insights supplement from time to time. Therefore, Facebook recommends that we regularly review it for updates. Our continued access to pages, or our further use of these after notification of any update to this page insights supplement, means that we agree to be bound to these. If we do not agree to the updated page insights supplement, we must cease any use of the pages. Since we are a commercial company with permanent domicile in a member state of the European Union, only 4.1 of the Facebook usage terms for updates to this page insights supplement shall apply.
  • If any part of this page insights supplement is considered non-enforceable, the remaining provisions remain fully valid and in force. Non-enforcement of any part of this page insights supplement by Facebook shall not constitute waiver of rights. Any change to these usage terms, or waiver of these, shall require written form and must be signed by Facebook.
  • In this page insights supplement, "personal data", "data subject" and "controller" have the meanings assigned to these terms in the GDPR.
  • Youtube

    YouTube is an internet video portal that enables video publishers to publish video clips free of charge and other users to view, evaluate and comment on them free of charge as well. The operator company of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland.

    The provisions on data protection published by YouTube that can be called up at https://www.google.de/intl/de/policies/privacy/ provide information on the collection, processing and use of personal data by YouTube and Google.

    Xing

    Xing is an internet-based social network that permits connection of the users to existing business contacts, and establishing of new business contacts. The individual users can set up a personal profile of themselves at Xing. The operating company of Xing is XING SE, Dammtorstraße 30, D-20354 Hamburg, Germany. The provisions on data protection published by Xing that can be called up at https://www.xing.com/privacy provide information on the collection, processing and use of personal data by Xing. Furthermore, Xing has published data protection notes for the XING share button at https://www.xing.com/app/share?op=data_protection.

    LinkedIn

    LinkedIn is an internet-based social network that permits connection of the users to existing business contacts and establishing of new business contacts. The operating company of LinkedIn is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is responsible for data protection matters outside of the USA.

    Under https://www.linkedin.com/psettings/guest-controls, LinkedIn offers the option of unsubscribing from email messages, text messages and targeted ads, as well as to manage ad settings. The applicable data protection provisions of LinkedIn are available at https://www.linkedin.com/legal/privacy-policy. The cookie directive of LinkedIn is available at https://www.linkedin.com/legal/cookie-policy.

Contact

RHODIUS Mineralquellen und Getränke
GmbH & Co. KG

Brohltalstraße 2
D-56659 Burgbrohl
Germany

Fon.: +49 (0)2636 / 9 20-100
Fax: +49 (0)2636 / 9 20-116
info@rhodius-mineralquellen.de

Imprint & Liability notice
Privacy
General Terms and Conditions

 

 

Media library

You can download our logos and product images here.

To media library