Data Protection Notice

A. General Information

According to Art. 13 of the General Data Protection Regulation (DSGVO) we inform you with the following notice, about the processing of your personal when using our digital offers.

We process your personal data in accordance with the provisions of the GDPR and the German Federal Data Protection Act (BDSG) as well as all other applicable legal provisions.

1. Controller and Contact Details

Controller according to Art. 4 N° 7 GDPR:

REMEX GmbH
Am Fallhammer 1
40221 Düsseldorf

Further information about our company and contact details can be found in our imprint

Contact details of our data protection officer:

Althammer & Kill GmbH & Co. KG
c/o myhive Alto Medienhafen, 1. OG
Kesselstraße 3
40221 Düsseldorf
T + 49 211 936748-0
kontakt-dsb@althammer-kill.de

2. Purposes and Legal Basis of Data Processing

For purposes and legal bases, please refer to the individual data processing in Part B.

3. Data Recipients

We transfer your personal data to the following data recipients:

• The transfer takes place in compliance with a legal requirement according to which we are obliged to report or pass on the data.
• Data is transferred to external companies that act as order processors on our behalf or that will act on our behalf. This concerns for example, courier and logistics companies, call centres, external computer centres, EDP and IT applications, website management, auditing services, credit institutions, data disposal, etc..
• The transfer of data to third parties takes place with your consent.
• The data is transferred for the purpose of processing a contractual relationship with you GDPR, e.g. to an affiliated company within the group, a subcontractor or to a logistic company.
• The transfer of data to subsidiaries or also affiliated companies also takes place for the fulfilment of legal obligations or on the basis of our legitimate interests. This may be for economic, administrative or other internal business purposes; this only applies insofar as your interests or fundamental rights and freedoms that require the protection of personal data do not override.
• The information is transmitted to credit agencies for the purpose of retrieving a credit report.
• The transfer is made for the purpose of checking and asserting claims, e.g. debt collection agencies, legal advisors.
• The transfer is made in order to handle the planning, preparation and/or execution of a (partial) sale of the company or a merger or similar transactions such as acquisition in the course of liquidation, insolvency, dissolution, etc. with another company.

4. Deletion of Data and Duration of Storage

In principle, we process and store your data only for the duration of our business relationship, including the initiation and execution of the contract as well as the statutory retention periods, e.g. from commercial or tax law.

If the data are no longer required for the fulfilment of contractual or legal obligations and rights, they are regularly deleted, unless their - temporary - further processing is required for the fulfilment of the purposes listed above for an overriding legitimate interest.

Insofar as individual processing operations of personal data require other deletion periods, these are mentioned in the description of the individual processing operations under Part B.

5. Processing of Data in a Third Country

Data will only be transferred to third countries (countries outside the European Union (EU) or the European Economic Area (EEA)) if it is necessary for the execution of an order/contract from or with you, if it is required by law and if appropriate data protection levels exist or if you have given us your consent.

The processing of your data in a third country can also take place in connection with the involvement of service providers, e.g. within the framework of commissioned processing. If there is no EU Commission decision on an adequate level of data protection for the country in question, we ensure that your rights and freedoms are adequately protected and guaranteed by means of appropriate guarantees.

Information on the appropriate or adequate safeguards and on the possibility of obtaining a copy from may be obtained on request.

6. Automated Decision-Making incl. Profiling

We do not use automated decision-making/profiling procedures that have a legal effect on you or that significantly affect you in a similar way.

7. Obligation to Provide Data

You only need to provide the data that is necessary for the use of the website and its functions, for the E-Mail communication with us and for the establishment and implementation of a business relationship or for a pre-contractual relationship with us or that we are legally obliged to collect.

Without this data, however, we will not be able to provide you with our website properly and securely, to respond properly to your enquiries to us or even to conclude or execute a contract with you. This may also relate to data required at a later date.

8. Your Rights as a Data Subject

You are entitled to the following rights as a data subject, which you can assert against us, subject to the legal requirements:

• Right of access: You are entitled to request confirmation from us at any time within the scope of Art. 15 of the GDPR as to whether we are processing personal data relating to you; if this is the case, you are also entitled within the scope of Art. 15 of the GDPR to receive information about this personal data as well as certain other information, including processing purposes, categories of personal data, categories of recipients, planned storage period, the origin of the data, the use of automated decision-making and, in the case of third country transfers, the appropriate safeguards, and a copy of your data.
• Right to rectification: In accordance with Art. 16 GDPR, you are entitled to demand that we rectify the personal data we hold about you if it is inaccurate or incorrect.
• Right to erasure: You have the right to request, that we erase personal data relating to you without undue delay, subject to the conditions set out in Article 17 of the GDPR. The right to erasure does not apply, inter alia, if the processing of the personal data is necessary for (i) the exercise of the right to freedom of expression and information, (ii) compliance with a legal obligation to which we are subject (e.g. legal obligations to retain records) or (iii) the assertion, exercise or defence of legal claims.
• Right to restrict processing: You are entitled to demand that we restrict the processing of your personal data under the conditions of Art. 18 GDPR.
• Right to data portability: You are entitled, under the conditions of Art. 20 GDPR, to demand that we hand over to you the personal data concerning you that you have provided to us in a structured, common and machine-readable format.
• Right of withdrawal: You have the right to withdraw your consent to the processing of personal data at any time with effect for the future.
• Right to object: You have the right to object to the processing of your personal data under the conditions of Art. 21 GDPR, so that we have to stop processing your personal data. The right to object only exists within the limits provided for in Art. 21 GDPR. In addition, our interests may conflict with the termination of processing, so that we are entitled to process your personal data despite your objection.
• Right to lodge a complaint with a supervisory authority: You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your place of residence, place of work or place of the alleged infringement, under the conditions set out in Article 77 of the GDPR, if you consider that the processing of personal data concerning you infringes the GDPR. The right of appeal is without prejudice to any other administrative or judicial remedy.

9. Amendments

We may amend this data protection information at any time, e.g. in the event of changes in data processing or the legal framework.

Any changes will be announced by publishing the amended data protection information on the website. Unless otherwise specified, such changes will take effect immediately. Therefore, please check this data protection information regularly to view the most current version.

B. Individual Data Processing

1. Logging

When using the website, certain connection data and data provided by your internet browser are temporarily stored. For the operation of the website, the following data is logged and stored in log files:

• (Anonymised) IP address of the calling computer
• Operating system of the calling computer
• Browser version of the calling computer
• Name of the retrieved file
• Date and time of the retrieval
• Referring URL
• Type of end device (e.g. desktop/smartphone)
• Connection logging

The logging of data is technically necessary for the proper and secure operation of the website. The data is stored anonymously after the session has ended.

The legal basis is our legitimate interest according to Art. 6 Para. 1 lit. f GDPR. Our legitimate interest lies in the provision of a functionally reliable website.

2. Contact Form

We process your personal data in order to process your enquiry, to address you correctly and to send you a reply.

If your data is no longer required in the context of the customer or interested party relationship or if your conflicting interest outweighs this, we delete the data after 180 days at the latest, provided that there are no statutory retention obligations to the contrary.

The legal basis is our legitimate interest according to Art. 6 Para. 1 lit. f GDPR. Our legitimate interest lies in the provision of simple and direct communication channels for our customers and interested parties. The legal basis is, insofar as your contact is made to initiate contractual relations, the fulfilment of a contract or the implementation of pre-contractual measures in accordance with Art. 6 para. 1 lit. b GDPR.

3. Newsletter

Your registration for the newsletter is carried out using the so-called double opt-in procedure. After registration, you will receive an e-mail in which you are asked to confirm your registration.

Your registration for the newsletter is logged in order to be able to prove the registration process in accordance with the legal requirements. This includes the storage of the registration and confirmation time, as well as the IP address. In addition, we record which e-mails were delivered by newsletter or whether the delivery was not successful (so-called "bounces" = returned e-mails). You can revoke your consent to receive our newsletter at any time. You will find a link to unsubscribe at the end of each newsletter. We may store unsubscribed email addresses for up to three years on the basis of our legitimate interests before deleting them in order to be able to prove consent previously given.

The legal basis is your consent in accordance with Art. 6 Para. 1 lit. a GDPR.

The legal basis for logging the registration process is our fulfilment of a legal obligation pursuant to Art. 6 para. 1 lit. c GDPR in connection with proof and documentation obligations as well as on the basis of our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR. Our legitimate interest is to use a user-friendly and secure newsletter system that serves our business interests as well as the expectations of the users and also allows us to prove consent.

4. MEB user accounts

For certain services that we offer on our website, you must register and create a user account in order to use these services. Registration is free of charge.

Orders placed and online courses completed are stored in your user account. When you register, you will receive emails for verification and for purchases or bookings made. Most of these emails are sent automatically via a server located in Germany.

You can have your user account deleted by sending an email to meb-wissen@remex.de with the corresponding deletion request. In some cases, the contents of your user account, e.g. orders placed, may be subject to a retention obligation. In these cases, the data will be stored for the legally prescribed period.

The legal basis for the processing of registered user data is Art. 6 para. 1 lit. b) GDPR. You will receive information that is the subject of our contractual services.

5. MEB Apps

In principle, it is possible to use our MEB apps without providing personal data. We only process your personal data if you use a service via the apps that requires the processing of your personal data and there is a legal reason or your consent for this.

In addition, the store operators may collect and process personal data in accordance with their own data protection notices. In particular, this may include the following data:

• Data that is generally collected when using the MEB apps natively (including technical identification features, installation ID, page views)
• Data required for technical troubleshooting (including anonymized IP address, device type, time)
• Data about your location (if you have allowed the collection of location data in your device settings)
• Data from the use of the app feedbacks (selected area, selected topic, email address entered, feedback free text from the feedback provider, device ID (iOS)).

These services and technologies are necessary to ensure central functions of the apps as well as the fulfillment of the contract with customers and cooperation partners. The legal basis for their use is § 25 para. 2 no. 2 TTDSG in conjunction with Art. 6 para. 1 sentence 1 lit. b) GDPR for contract initiation or fulfillment or lit. c) for the fulfillment of legal obligations and/or lit f) for overriding legitimate interests..

For more information, please refer to the store operators' data protection notices.

Push messages

We are interested in informing you about news related to our services, even if you have not opened our app. For this purpose, we use so-called push messages, which we send via a delivery service. This service only sends the push messages if you have expressly consented to the delivery. For this purpose, you will be asked the first time you start the app whether you want to receive push messages on your mobile device. For iOS versions, a dialog box appears the first time you open the app. For Android versions, the release takes place after confirmation and when downloading the app. For this purpose, the login time as well as your browser ID or your device ID are documented and stored. The collection of this data is necessary so that we can trace the processes in the event of misuse and therefore serves as our legal protection.

In order to be able to display push notifications to you, your browser ID and, in the case of mobile access, your device ID are collected and processed. The legal basis for the use of the push service is Art. 6 Para. 1 lit. a) GDPR. You can revoke or deactivate your consent to receive push messages at any time in the app settings or in the device settings.

Your data will be deleted as soon as it is no longer required for the purpose for which it was collected.

6. REMEX PRO customer portal

Links on our websites take you to the login/registration or inquiry page of the REMEX PRO customer portal. The data protection information provided there at https://remex-pro.de/policy applies.

7. Google Maps

Where we have integrated "Google Maps" into our websites, you will be asked for your consent before you can use “Google Maps”.

The "Google Maps" services are hosted on Google servers. When "Google Maps" is used, information about the user is processed by Google so that the requested content can be sent to the browser.

Google Maps may also use so-called web beacons (invisible graphics). These web beacons can be used to collect and analyse information such as visitor traffic on websites or information about the user's device. The information generated in this way is transferred to a Google server, possibly in the USA or other third countries, and stored there. This information may be passed on by Google to contractual partners of Google.

Detailed information on Google Maps can be found on the corresponding Google websites.

The legal basis for the use of Google Maps is your consent in accordance with Art. 6 para. 1 lit. a GDPR.

8. Matomo

On our websites, we use a version of Matomo implemented on our own servers. This is an open source analysis software for the purpose of statistical evaluation of visitor access. With the help of this analysis, we would like to understand in particular which of our pages are accessed how often and for how long and are therefore of interest, but not by whom they are accessed.

The version of Matomo implemented on our server does not use cookies. We only store anonymised user data to collect general statistical values without comprehensively analysing user behaviour.

A comprehensive analysis of user behaviour is also not possible due to the anonymised data collected. The IP address transmitted in the server log-in is anonymised on our server before it is transmitted to the Matomo installation and replaced by a random IP address. In addition, a user ID is created by means of a random HASH value. It is not possible for us to track the data automatically transmitted by your terminal device, such as the IP-address, as well as the User-ID on the basis of the anonymised and randomly generated data, as temporal entries are randomised at the Matomo installation and the real IP address is immediately anonymised in our log files. After the session ends (i.e. usually when the browser is closed), the random IP address and user ID are deleted by Matomo.

The purpose of the processing is the statistical analysis of user behaviour to optimise the functionality of our websites. Our legitimate interest lies in the improvement of our websites and our online offer.

The legal basis for the use of Matomo is Art. 6 para. 1 lit. f GDPR.

9. Compliance with Legal Requirements

We also process your data to comply with legal requirements. We are subject to a variety of legal obligations. These are primarily legal requirements (e.g. from commercial and tax laws), but also other official requirements where applicable. These include, in particular, the fulfilment of control and reporting obligations under tax law as well as archiving and documentation obligations.

The legal basis for the processing is Art. 6 par 1 lit. c GDPR.

10. Enforcement and Defence of Rights

We may also process your personal data in order to be able to assert our rights and enforce our legal claims and/or to be able to defend ourselves against legal claims and/or insofar as this is necessary for the defence or prosecution of criminal offences.

The legal basis for the processing is Art. 6 par 1 lit. f GDPR. Our legitimate interest is the enforcement and defence of rights.

11. Sale of Companies, Mergers, etc.

We may also process your personal data processed through the websites in order to complete a (partial) business sale or merger or similar process such as acquisition in liquidation, insolvency, dissolution, etc. with another company. In the event that another company acquires or intends to acquire the assets/capital, which may include your personal data, from us or we enter into or seek to enter into a merger with another company, we may need to provide that company with access to or transfer your personal data held by us for the purpose of reviewing and implementing the sale of the company/merger, e.g. to determine the value of the company.

We process your personal data for this purpose to protect our legitimate interests pursuant to Art. 6 par 1 lit. f GDPR in order to be able to plan and implement a planned sale of a company or a planned merger.

C. Cookies

Cookies are small text files that are stored on your hard drive by your browser. We also use so-called session cookies. These are used to establish a unique connection between you and our website. Only a random number is stored for this purpose. The session cookie is automatically removed when you close your browser.

If you do not wish to allow cookies on your computer (or other device), you can disable them in your internet browser. However, this may affect the usability and functionality of the website. The cookies we use are technically absolutely necessary in order to be able to offer the website and its functions or the functions you want (e.g. language settings). The legal basis for the (initial) storage and/or reading of data from your terminal device is § 25 para. 2 no. 1 TTDSG.

Our website uses the following cookie:

Fe_typo_user
Session cookie for Typo3 user management
This cookie is only relevant for the web administrators. No personal data is processed.