As a service provider, we are responsible for our own content on these pages in accordance with § 7 Abs. 1 TMG. However, in accordance with §§ 8 to 10 TMG, service providers are not obliged to continuously monitor information transmitted or stored by third parties or to look for evidence of illegal activity. The linked pages have been checked for possible violations of the law at the time of linking. The illegal content was not recognizable at the time of linking. Permanent monitoring of the content of the linked pages is not possible without sufficient evidence of an infringement. Illegal links will be removed immediately after becoming known. A third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data. When registering for the newsletter, we also store the IP address of the information technology system assigned by the Internet service provider (ISP) and used by the data subject at the time of registration, as well as the date and time of registration.
The collection of this data is necessary to be able to understand the (possible) misuse of the e-mail address of a data subject at a later date, and therefore serves the legal protection of the controller. ROFA Deutschland GmbH regularly informs its customers and business partners via a newsletter about the company`s offers. The company newsletter can only be received by the data subject if (1) the data subject has a valid e-mail address and (2) the data subject registers for sending the newsletter. For legal reasons, a confirmation e-mail will be sent to the e-mail address registered for the first time by a data subject for sending the newsletter as part of the double opt-in procedure. This confirmation e-mail checks whether the owner of the e-mail address as the data subject has the right to receive the newsletter. The controller or controller is the natural or legal person, public authority, agency or any other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; Where the purposes and means of such processing are determined by Union or Member State law, Union or Member State law may provide for the controller or the specific criteria for its designation. If a data subject leaves a comment on the blog published on this website, the comments of the data subject are also stored and published, as well as information at the time of entering the comment and about the user chosen by the data subject (pseudonym). In addition, the IP address that the Internet Service Provider (ISP) assigns to the data subject is also stored. This storage of the IP address takes place for security reasons and in the event that the data subject violates the rights of third parties or publishes illegal content by means of a comment.
The retention of this personal data is therefore in the personal interest of the controller, so that it can relieve it in the event of a breach. This collected personal data will not be disclosed to third parties, unless such disclosure is required by law or serves the defense of the controller. Each data subject shall have the right granted by the European legislator not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her, or similarly significantly affects him or her, as long as the decision (1) is not necessary for the conclusion or performance of a contract between the data subject and the controller, or (2) is not authorised by Union or Member State law to which the controller is subject and which also provides for appropriate measures to safeguard the rights and freedoms and legitimate interests of the data subject, or (3) is not based on the data subject`s explicit consent. If the storage purpose no longer applies or if a storage period prescribed by the European legislator or another competent legislator expires, the personal data will be systematically blocked or deleted in accordance with the legal provisions. The processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller. ROFA Deutschland GmbH will no longer process personal data in the event of an objection, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or for the establishment, exercise or defence of legal claims. Legal obligations to delete information or block the use of information remain unaffected. In this case, liability is only possible from the moment a specific infringement becomes known. Illegal content will be removed immediately upon becoming aware of it. The legal basis for processing operations is Article 6(1)(a) GDPR, for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, as is the case, for example, where the processing operations are necessary for the delivery of goods or the provision of another service, the processing is based on Article 6(1)(b) GDPR. The same applies to processing operations necessary for the execution of pre-contractual measures, such as requests for information about our products or services.
If our company is subject to a legal obligation that requires the processing of personal data, for example to fulfill tax obligations, the processing is based on Art.