The controller pursuant to the EU General Data Protection Regulation (GDPR) is:
T +49 3874 4240-0
The Data Protection Officer of RATTUNDE AG is:
Data Protection officer
T +49 3874 4240-0
1. Collecting and storing personal data/personally identifiable information (PII) as well as the type and purpose of its use
a) When visiting the website
Neither logs nor statistics are generated when you visit our website.
b) When using our contact form
We offer you the opportunity to contact us if you have questions of any kind via a form provided on the website. This requires you to provide a valid e-mail address and user name so that we know who has sent the inquiry and can answer it. Additional information may be provided on a voluntary basis.
Data processing for the purpose of establishing contact with us is carried out in accordance with article 6 (1) 1 (a) of the General Data Protection Regulation (GDPR) on the basis of voluntary consent given by you.
Personal data that we collect in conjunction with the use of the contact form will be stored for processing your inquiry and for possible follow-up questions.
2. Erasure (deletion) of data and restriction of data processing (blocking)
We comply with the principles of data avoidance and data economy. Accordingly, we store your personal data only as long as it is necessary to achieve the purposes specified here or as provided for by the various storage periods stipulated by law. After completion of the particular purpose or expiration of these deadlines, the data involved will be routinely blocked or deleted in accordance with the statutory provisions.
3. Rights of the data subject (identified or identifiable individual) to information and access to personal data, rectification, restriction of data processing, erasure and objection
You have the right:
in accordance with article 15 of the GDPR, to demand information about personally identifiable information/data that we have processed. You also have the right to rectification, restriction of processing, and erasure (deletion) of your personally identifiable information (PII) (exception: legally required data storage for business transactions.
For data processing restriction to be active at all times, the data involved must be stored in a lock file for monitoring purposes. You can also request the erasure of the data, as long as there is no statutory archiving requirement. To the extent that such an obligation exists, we restrict the processing of your data on request;
- in accordance with article 16 of the GDPR, to demand the rectification of errors in or completion of personally identifiable information stored with us;
- in accordance with article 17 of the GDPR, to demand the erasure of your personal data stored with us, except where the processing enables the exercise of the right to free expression of opinion and information, for the fulfillment of a legal obligation, for reasons of public interest, or for the assertion, exercise or defense of legal claims;
- in accordance with article 18 of the GDPR, to demand restriction of the processing of your personal data, to the extent that you dispute the accuracy of the data or its processing is unlawful, but you reject the erasure thereof and we no longer need the data, but you need it to assert, exercise or defend legal claims or you have objected to processing in accordance with article 21 of the GDPR;
- in accordance with article 20 of the GDPR, to obtain personally identifiable information (personal data) provided to us in a structured, normal and machine-readable format or to request the transfer to another controller;
- in accordance with article 7 (3) of the GDPR, to revoke consent originally granted at any time. As a result, we will not permitted to continue the data processing based on this consent in the future and
- in accordance with article 77 of the GDPR, to complain to a supervisory authority. As a rule, you can contact the supervisory authority responsible for your usual place of residence or place of work or our company headquarters.
4. The right to object
- To the extent that your personal data is being processed on the basis of legitimate interests in accordance with article 6 (1) 1 (f) of the GDPR, in accordance with article 21 of the GDPR you have the right to file an objection against the processing of your personal data, provided that there are reasons for this arising from your particular situation, or the objection is directed against direct mail advertising. In the latter case, you have a general right of objection, which we implement without specification of any special circumstances.
- If you would like to exercise your right of revocation or objection with effect for the future, simply e-mail us at firstname.lastname@example.org.
5. Transfer of data to third parties
No transfer of your personal data to third parties for purposes other than those specified below will occur. Your personal information will be passed on to third parties only if
- you have given your express consent for this in accordance with article 6 (1) 1 (a) of the GDPR
- a legal obligation to transfer such data exists in accordance with article 6 (1) 1 (c) of the GDPR, and this is legally permissible and in accordance with article 6 (1) 1 (b) of the GDPR is necessary for the fulfillment of contractual obligations with you.
6. Data processing by social media networks
We maintain publicly accessible profiles on various social media networks. You’ll find the details of the social media networks we use below.
In general, social networks such as Facebook, Twitter, etc. can comprehensively analyze your user behavior when you visit their website or a website with integrated social media content (e.g. “like” buttons or advertising banners). Visiting our social media profiles triggers numerous processing operations relevant to data protection and privacy. Details of these are given below.
When you are logged into your social media account and visit our social media profile, the operator of the social media portal can associate this visit with your user account. However, your personal data may also be collected under certain circumstances if you are not logged in or do not have an account with the respective social media portal. In this case, this data collection takes place, for example, via cookies that are stored on your end device or by recording your IP address. In this case, this data collection takes place via cookies that are stored on your end device or by recording your IP address, for example.
With the help of the data thus collected, the operators of the social media portals can create user profiles in which your preferences and interests are stored. This enables them to show you interest-based advertising inside and outside the relevant social media profile. Provided you have an account with the respective social media network, the interest-based advertising may be displayed on all devices on which you are or were logged in.
Our social media profiles are intended to ensure the most comprehensive presence possible on the Internet. This is a legitimate interest as defined by article 6, paragraph 1, letter f of the GDPR. The analysis processes initiated by the social media networks are based, where applicable, on divergent legal premises to be specified by the operators of the social media networks (e.g. consent as defined in article 6, paragraph 1, letter a of the GDPR).
The controller and the assertion of rights
When you visit one of our social media profiles (e.g. on Facebook), we are jointly responsible with the operator of the respective social media platform for the data processing operations triggered during this visit within the meaning of article 26 of the GDPR. Fundamentally, you can assert your rights (the right to information pursuant to article 15, the right to rectification pursuant to article 16, the right to erasure (right to be forgotten) pursuant to article 17, the right to restriction of processing pursuant to article 18, the right to data portability pursuant to article 20, and the right to lodge a complaint pursuant to article 77 of the GDPR) both vis-à-vis us and vis-à-vis the operator of the relevant social media portal (e.g., vis-à-vis Facebook).
Please note that, despite our joint responsibility with the social media portal operators pursuant to article 26 of the GDPR, we do not have full control over the data processing operations of the social media portals. Our options depend to a large extent on the corporate policy of the relevant provider.
Social networks are obliged to comply with EU data protection and privacy standards when offering their services to EU citizens. Nevertheless, risks from processing in so-called third countries cannot be excluded.
RATTUNDE AG does not use social media plugins, but so-called social bookmarks. These are integrated on the RATTUNDE AG website only as links to the corresponding services. After clicking on the embedded graphic, the user is redirected to the page of the relevant provider. In addition, when an internet page is forwarded via the "Share this content" button, the corresponding internet page may become visible on Facebook, for example, and can be seen there as activity in the respective profile of the user.
Personal data is neither collected nor processed in our system, so that no storage takes place.
We have no influence on the storage period of your data, which is stored by the operators of the social media networks for their own purposes. For details, please consult the operators of the relevant social media networks directly (e.g., refer to their privacy policies).
Details for the social networks
We have a profile on Facebook. This service is provided by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook, the collected data is also transmitted to the United States and other third countries.
We hereby advise you that you use this Facebook page and its functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g. commenting, sharing, rating). Alternatively, you can also access the information offered via this page on our website at www.rattunde.one.
When you visit our Facebook page, Facebook collects, among other things, your IP address and other information that is present on your PC in the form of cookies. This information is used to provide us, as operators of the Facebook pages, with statistical information about the use of the Facebook pages (so-called insights data). These statistics are generated by Facebook and provided in anonymized form, which means that no personal identification/reference is possible for us. We use this data in accordance with article 6, paragraph 1, letter f of the GDPR. As the operator, we have no influence or access on the generation and provision of this data.
Facebook provides more information on this topic under the following link:
The data collected about you in this context is processed by Facebook Ltd. and may be transmitted to countries outside the European Union. Facebook describes in general terms what information it receives and how it is used in its data use policy. There you will also find information on how to contact Facebook and on the settings options for advertisements. The data use policy is available at the following link:
You’ll find Facebook’s full data use policy here: https://de-de.facebook.com/full_data_use_policy
We do not know how Facebook uses data from visits to Facebook pages for its own purposes, to what extent activities on the Facebook page are assigned to individual users, how long Facebook stores this data and whether data from a visit to the Facebook page is passed on to third parties, and this is not conclusively or clearly stated by Facebook.
If you want to prevent this, you should log out of Facebook and disable the "Stay logged in" feature, delete the cookies present on your device, and exit and restart your browser. This will delete Facebook information through which you can be directly identified. This will enable you to use our Facebook page without revealing your Facebook identifier. When you access interactive features of the page (like, comment, share, message, etc.), a Facebook login screen will appear. After any login, you will again be recognizable to Facebook as a specific user.
You'll find information on how to manage or delete information about you on the following Facebook support pages: https://de-de.facebook.com/about/privacy
Protection of your rights
If the conditions set out in the GDPR are met, you are entitled to all the rights addressed in articles 15-18, 20, 21, and 77 of the GDPR. You can most effectively assert these rights directly vis-à-vis Facebook. You can do this using this form from Facebook https://m.facebook.com/help/contact/367438723733209?_rdr).
Further information on Facebook and other social media networks and how you can protect your data is available on youngdata.de.
Page Controller Addendum - Agreement on joint responsibility for data processing as defined in article 4, number 7 and article 26 of the GDPR
We have concluded a joint processing agreement (Controller Addendum) with Facebook. This agreement specifies the data processing operations for which Rattunde or Facebook is responsible when you visit our Facebook page. You can view this agreement at the following link: You can view this agreement at the following link: https://www.facebook.com/legal/terms/page_controller_addendum.
The controllers as defined in the GDPR and other national data protection and privacy laws of the EU member states as well as other provisions of data protection and privacy law, in particular in article 26 of the GDPR are:
You can independently modify your advertising settings on Facebook in your user account. To do this, click on the following link and log in: https://www.facebook.com/settings?tab=ads.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You’ll find detailed information here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.
We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.
If you wish to disable LinkedIn advertising cookies, please use the following link to do so: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You’ll find detailed information here: https://www.linkedin.com/legal/l/dpaand https://www.linkedin.com/legal/l/eu-sccs.
Functions of the Instagram service are integrated into our site. These functions are provided by Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA. If you are logged into your Instagram account, you can click the Instagram button to link the content of our webpages to your Instagram profile. This will allow Instagram to associate your visit to our website with your user account. Please note that, as the provider of this website, we have no knowledge of the content of the transmitted data or their use by Instagram.
In the event that you are a member of Instagram, but do not want Instagram to receive data about you via our website and connect such data to your membership data, you must log out of Instagram before you access our website.
RATTUNDE AG does not collect or process any personal data via Instagram.
7. SSL encryption
We use the widely deployed SSL (Secure Socket Layer) technology within the website to protect against the transmission of confidential content, such as inquiries. Whether a page of our website is transmitted in encrypted form is indicated by the browser address bar beginning with https:// and a lock icon in the browser bar.
If SSL encryption is enabled, the data that you submit to us as the site operator cannot be read by third parties.
8. Updating and revising this data protection and policy
9. Additional information