Introduction
Data protection has a particularly high priority for Remazing GmBH (hereinafter: “we”, “us”). It is our primary responsibility to maintain the confidentiality of the personal data you provide to us and to protect it from unauthorised access. We, therefore, take the utmost care and apply the latest security standards to ensure maximum protection of your personal data.
With the information presented below, we provide you with an overview of processing your personal data on our website https://remazing.eu/it (hereinafter “website”). In addition, the privacy policy also applies to our presences in the social and professional networks, the newsletter distribution, and the application process.
We also want to inform you about your rights under data protection laws. The processing of your personal data by us is always in accordance with the General Data Protection Regulation (hereinafter “GDPR”), the German Data Protection and Privacy in Telecommunications and Telemedia Act (Gesetz über den Datenschutz und den Schutz der Privatsphäre in der Telekommunikation und bei Telemedien, hereinafter “TTDSG”) and all applicable country-specific data protection regulations.
The controller in the sense of the GDPR is:
Remazing GmbH
Brandstwiete 1
20457 Hamburg
Germany
Telefonnummer: +49 40 421 002 82
E-Mail: privacy@remazing.eu
Remazing GmbH operates the above-mentioned offers and services. Further contact details, contact persons, and mandatory information can be found in the imprint.
You can reach our data protection officers as follows:
SECJUR GmbH
Steinhöft 9
20459 Hamburg
Germany
Telephone number: +49 40 228 599 520
E-mail: dsb@secjur.com
You can contact our data protection officers directly with all questions and suggestions regarding data protection and exercising your rights.
This privacy policy is based on the terminology of the GDPR. For your convenience, we would like to explain some crucial terms in this context in more detail:
We may obtain personal information in the following ways:
You can provide information (e.g., contact details) about yourself on our website.
By using our website, data is automatically collected and generated.
To the extent we maintain presences on social and professional networks, we may receive data from you through them (e.g., if you contact us through a social or professional network or respond to any of our content shared there).
In the following, we provide you with an overview of the personal data we process. For this purpose, we explain to what extent, for what purposes, and on what legal basis we process personal data. We also indicate – if available – which third-party providers we use to receive your data. Finally, we inform you whether a third-country transfer occurs in the third-party provider’s respective processing.
The provision of your personal data information is always voluntary. However, it may be that the respective functionality only works with providing your information (e.g., contact form).
We will not disclose your personal data to third parties without your consent unless this is permitted by law (e.g., because it is necessary for the performance of the contract).
The processing of your personal data may be based in particular on the following legal bases:
If we transfer personal data to a third country for processing, we ensure compliance with Art. 44 et seq. GDPR, i.e., that we check whether an adequate level of protection is ensured before each transfer of personal data to third parties in a country outside the European Union (“EU”) or the European Economic Area (“EEA”).
An adequate level of protection can be ensured, among other things, by the existence of an adequacy decision by the EU Commission, by the fact that we have concluded standard data protection clauses with the recipient and have taken further additional measures, or by the fact that the third-country transfer is subject to other guarantees regulated in Art. 46 et seq. GDPR is permissible. Insofar as the data transfer takes place on the basis of Art. 46, 47, or 49 (1) GDPR, you can obtain a copy of the guarantees for the existence of an adequate level of data protection with regard to the data transfer or a reference to the availability of a copy of the guarantees from us.
Insofar as no specific storage period is specified within this data protection notice, the data processed by us will be erased in accordance with the legal requirements as soon as their consent permitted for processing is revoked or other permissions cease to apply (e.g. if the purpose for processing this data has ceased to apply or it is not required for the purpose). If the data are not deleted because they are required for other and legally permissible purposes, their processing will be limited to these purposes. That is, the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law or whose storage is necessary for the assertion, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person.
We take appropriate technical and organizational measures in accordance with the legal requirements, taking into account state of the art, the implementation costs, and the nature, scope, circumstances, and purposes of the processing, as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, to ensure a level of protection appropriate to the risk.
The measures include safeguarding the confidentiality, integrity, and availability of data by controlling physical and electronic access to the data and access to, the input of, disclosure of, assurance of availability of, and segregation of the data. Furthermore, we have established procedures to ensure the exercise of data subjects’ rights, the deletion of data, and responses to data compromise.
We consider the protection of personal data as early as the development or selection of hardware, software, and processes per the principle of data protection through technology design and data protection-friendly default settings.
During our processing of personal data, the data may be transferred to or disclosed to other bodies, companies, legally independent organizational units, or persons. The recipients of this data may include, for example, service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we observe the legal requirements and, in particular, conclude appropriate contracts or agreements that serve to protect your data with the recipients of your data.
For the provision of our website, we use storage space, computing capacity, and software that we rent from a corresponding server provider (web host). These services also include the sending, receiving, and storage of e-mails. In addition, when you visit our website, data is automatically processed that your browser transmits to our server. This general data and information is stored in the server’s log files (in so-called “server log files”). The following data may be collected:
In the usage of this data and information, we do not draw any conclusions about your person. The purposes we pursue include in particular:
The legal basis for data processing is our legitimate interest within the meaning of Art. 6 (1) f GDPR. We have an overriding legitimate interest in providing a website and being able to offer our services in a technically flawless manner.
The log files are stored for security reasons (e.g., to clarify acts of abuse or fraud) for a maximum of 7 days and then deleted. Data whose further retention is necessary for evidentiary purposes will be retained until the matter has been finally clarified.
We use the server Netifly:
VeraSafe United Kingdom Ltd.
37 Albert Embankment London SE1 7TL
United Kingdom
We use cookies on our website. These are files that your browser automatically creates and that are stored on your IT system when you visit our site. Information is stored in the cookie that is related to the specific end device used.
Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters by which Internet pages and servers can be assigned to the specific Internet browser in which the cookie was stored. This enables the visited Internet pages and servers to distinguish the individual browser of the data subject from other Internet browsers that contain other cookies. A specific internet browser can be recognised and identified via the unique cookie ID.
When you visit our website or a sub-website for the first time, and it contains cookies, you will be shown “data protection settings”. Here, you will be informed about the individual cookies that we use. You can find out about each individual cookie concerning the processing company, the purpose of the data processing, the data collected, the legal basis, and the storage period. In addition, you can allow us to use non-essential cookies and reverse this decision thereon.
If you have closed the cookie banner, you can open it again by clicking on the icon in the lower left-hand area of the website.
In legal terms, a distinction must be made between essential and non-essential cookies.
We use essential cookies. These are cookies that are technically necessary to provide all the functions of our website. The legal basis for data processing is in accordance with Art. 6 (1) f GDPR. We have an overriding legitimate interest in being able to offer our service in a technically flawless manner. The legal basis for using cookies vis-à-vis our contractual partners who use services contractually owed by us via our website is Art. 6 (1) b GDPR, the provision of our contractual services.
We also use non-essential cookies (e.g., analysis and marketing cookies). These are cookies that are not technically necessary. We use them to understand your behaviour on our website and to improve our services. The legal basis for the data processing is your consent, according to Art. 6 (1) a GDPR. The cookies are only set after you have consented via our cookie banner.
Concerning the storage period, a distinction is made between the following types of cookies:
In order to be able to present you with information regarding cookies in the form of the “privacy settings”, we use a cookie banner on our website. With our cookie banner, we inform you about the cookies we specifically use. In addition, we give you the opportunity to decide whether you want to consent to the setting of non-essential cookies. Amongst others, the following can be processed:
We process your personal data for the following purposes:
The legal basis for the use of the cookie banner is Art. 6 (1) f GDPR. We have an overriding legitimate interest in using the cookie banner, which enables us to obtain the legally required consent for the use of non-essential cookies and to comply with our duty to provide information regarding cookies.
The cookie banner stores preferences until you reset or adjust them.
On our website, we use the cookie banner of the provider Cookiebot. The provider is Usercentrics A/S, Havnegade 39, 1058 Copenhagen, Denmark (hereinafter: Cookiebot). Further information on data processing by Cookiebot can be found here: Cookiebot | Privacy Policy
You have the possibility to contact us by e-mail, telephone, chatbot, or other communication channels.
In the course of contacting you and responding to your inquiry, we process the following personal data, among others:
We process your data to respond to your inquiry and other matters arising from it.
If your inquiry is based in connection with pre-contractual measures or with an existing contract with us, the legal basis is the performance of the contract and the implementation of pre-contractual measures according to Art. 6 (1) b GDPR.
If your request is independent of contractual or pre-contractual measures, the legal basis for responding to your request pursuant to Art. 6 (1) f GDPR is our overriding legitimate interest in answering your request and responding to the contact you initiated.
We delete your personal data as soon as it is no longer required to achieve the purpose for which it was collected, and there are no statutory retention obligations to the contrary. In the context of contact inquiries that have not led to a contractual relationship, this is generally the case when the circumstances indicate that the specific matter has been conclusively processed.
We use Netlify to provide our contact form. The provider is Netlify Inc. Within the scope of processing via Netlify, data may be transmitted to the USA (Netlify Inc.). The security of the transmission is secured by standard contractual clauses. Further information on data protection can be found at: Privacy Policy (netlify.com)
We use HubSpot to manage your data, e-mail communication, and address management. The provider is HubSpot Inc. Within the scope of processing via HubSpot, data may be transmitted to the USA (HubSpot Inc.). The security of the transmission is secured by standard contractual clauses. For more information on data protection, see: HubSpot Privacy Policy
We also use Gmail to send emails. Within the scope of processing via Google, data may be transmitted to the USA (Google Inc.). The security of the transmission is secured by standard contractual clauses. Further information on data protection can be found at: Privacy Policy – Privacy Policy & Terms of Use – Google
For contacting us via our chat, we use the solution from Intercom. You can find more information under point 5.5.9.2 in this statement.
If you would like to receive information about our new products and services, we may inform you via newsletters, provided that you consent to receive newsletters.
You can withdraw your consent to receive our newsletters at any time by clicking on the unsubscribe link in the emails. Your personal data will then be removed from the distribution list.
Our newsletters contain so-called tracking links that enable us to analyse the behaviour of newsletter recipients. For example, we can analyse how many recipients have opened the newsletter message and how often which link in the newsletter was clicked. This enables us to statistically evaluate the success or failure of online marketing campaigns. The personal data collected through the tracking links are stored and analysed by us to optimise the newsletter distribution and to better adapt the content of future newsletters to your interests.
Within the scope of the newsletter distribution, we process the following personal data, among others:
We process your personal data for the following purposes:
The legal basis for sending our newsletter is your consent in accordance with Art. 6 (1) a GDPR. You can revoke your consent at any time with effect for the future. The legal basis for newsletter tracking is, in accordance with Art. 6 (1) f GDPR, our legitimate interest in knowing whether our newsletter meets your interests and expectations.
We use Mailchimp for the purpose of sending newsletters and newsletter tracking. Mailchimp is a company from the USA. Our contractual partner is The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA. Within the scope of processing via Mailchimp, data may be transmitted to the USA (The Rocket Science Group, LLC). The security of transmission is secured via standard contractual clauses. You can find more information here: Global Privacy Statement | Intuit
You can request various marketing documents, such as a case study or a product demonstration, on our website.
In the course of your request, we process the following personal data, among others:
We process your data to provide you with marketing materials and to conduct demonstrations of our product.
If your request is based in connection with pre-contractual measures or with an existing contract with us, the legal basis is the performance of the contract and the implementation of pre-contractual measures according to Art. 6 (1) b GDPR.
The legal basis for sending marketing documents is your given consent, according to Art. 6 (1) a GDPR. You can revoke your consent at any time with effect for the future.
We delete your personal data as soon as it is no longer required to achieve the purpose for which it was collected, and there are no statutory retention obligations to the contrary. In the context of contact inquiries that have not led to a contractual relationship, this is generally the case when the circumstances indicate that the specific matter has been conclusively processed.
We use Netlify to provide our contact form. The provider is Netlify Inc. Within the scope of processing via Netlify, data may be transmitted to the USA (Netlify Inc.). The security of the transmission is secured by standard contractual clauses. Further information on data protection can be found at: Privacy Policy (netlify.com)
We use HubSpot to manage your data, e-mail communication, and address management. The provider is HubSpot Inc. Within the scope of processing via HubSpot, data may be transmitted to the USA (HubSpot Inc.). The security of the transmission is secured by standard contractual clauses. For more information on data protection, see: HubSpot Privacy Policy
We also use Gmail to send emails. Within the scope of processing via Google, data may be transmitted to the USA (Google Inc.). The security of the transmission is secured by standard contractual clauses. Further information on data protection can be found at: Privacy Policy – Privacy Policy & Terms of Use – Google
We also offer you the opportunity to apply for job vacancies and send us your application online.
As part of the application process, we process the following personal data:
The purpose of the processing is to carry out the application procedure.
The legal basis for the processing of personal data is the performance of the contract and the implementation of pre-contractual measures according to Art. 6 para. 1 lit. b, Art. 88 (1) GDPR in conjunction with Section 26 para. 1 Federal Data Protection Act (BDSG).
If we obtain your consent (e.g., for inclusion in our applicant pool), this constitutes the legal basis for data processing in accordance with Art. 6 (1) a GDPR.
If an employment relationship is established after the completion of the application process, the personal data provided may be processed further. Otherwise, we generally retain the data for six months after the end of the application process. We then delete all personal data. Longer storage is possible if we include the personal data in our applicant pool after obtaining your consent.
We use Personio as our personnel management tool. The contractual partner is Personio GmbH & Co. KG, Rundfunkplatz 4, 80335 Munich, Germany. Further information on data protection can be found here: Personio | Privacy Policy
We maintain presences in social networks to communicate with you and to be able to inform you about our services.
If you visit one of our pages maintained there, we may be responsible with the provider of the respective platform within the meaning of Article 26 of the GDPR with regard to the processing operations triggered thereby, which concern personal data.
According to our knowledge, the following data, among others, are processed within the scope of the processing operations:
This usage data is often processed in social and professional networks for advertising purposes or to analyse user behaviour by the providers without us being able to influence this. In addition, the providers often create usage profiles based on which user-based advertising can subsequently be placed inside and outside the network. Cookies are often used for this purpose, or the usage behaviour is directly assigned to your own member profile of the network (if you are logged in here). In addition, we use the user data to communicate with you via the respective network and to provide you with information. If you interact with our company profile in the respective network (e.g., visit our company profile, comment, or “like” something), there is a possibility that your user profile, including the personal data, will be made public.
Information on processing your data in social and professional networks and the possibility of using your right of objection or revocation (opt-out) are listed below.
We process your personal data for the following purposes:
Public relations and marketing purposes, i.e., we inform you about our services and offers, among other things, and communicate with you.
The legal basis for our public relations work, and the marketing purposes pursued with it is your consent in accordance with Art. 6 (1) a GDPR.
In principle, your data will be stored by the respective provider of the network and not directly by us. We store your activities and personal data published on our website until the purpose of the processing no longer applies, or your consent has been revoked, provided that there are no storage obligations to the contrary.
We maintain presences in the following social and professional networks.
Network | Provider | Third Country | Gurantees | More Information |
Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland | USA | Standard Contractual Clauses | Privacy Policy Opt Out Settings Contract Joint Controllership | |
Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland | USA | Standard Contractual Clauses | Terms of Usage Instagram Privacy Policy Instagram Contract Joint Controllership | |
LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Irland | USA | Standard Contractual Clauses | Privacy Policy Opt-out and advertising settings Contract Joint Controllership | |
New Work SEAm Strandkai 120457 HamburgDeutschland | – | – | Privacy Policy | |
Youtube | Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland | USA | Standard Contractual Clauses | Privacy Policy Advertising Settings |
Within our online offer, we use content or service offers of third parties based on your consent within the meaning of Art. 6 (1) a. GDPR content or service offers from third-party providers to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as “content”).
This always requires that the third-party providers of this content are aware of the user’s IP address, as without the IP address, they would not be able to send the content to their browser. The IP address is, therefore, necessary to display this content. We endeavour only to use content whose respective providers only use the IP address to deliver the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and may contain, among other things, technical information on the browser and operating system, referring websites, time of visit, and other information on the usage of our online offer, as well as being linked to such information from other sources.
We use Intercom, a messenger and communication platform, on our website. The provider is Intercom Inc, 55 2nd Street, 4th Floor, San Francisco, California 94105, USA (hereinafter: Intercom). With Intercom, users can send messages via live chat, email, SMS, or even push messages. For this to be possible, contact information about users must be synchronised with Intercom via an interface. We use Intercom on the basis of legitimate interests (Art. 6 (1) f GDPR). Our legitimate interest is to optimally tailor our website to the interests of our clients. Further information on data processing by Intercom can be found here: Intercom | Privacy Policy
In this section, we inform you about your rights with regard to the processing of your data. The exact scope of the right mentioned in each case can be found in the corresponding article of the GDPR. If you wish to exercise any of your rights, please contact us via email (dsb@secjur.com).
You have the right to request confirmation from us as to whether personal data concerning you is being processed by us.
You have the right to access the personal data we have stored about you free of charge at any time and to receive a copy of this data in accordance with the statutory provisions.
You have the right to request that inaccurate personal data concerning you be rectified. Furthermore, taking into account the processing’s purposes, you have the right to request the completion of incomplete personal data.
You have the right to demand that personal data concerning you be erased immediately if one of the reasons provided for by law applies and insofar as the processing or storage is not required.
You have the right to demand that we restrict processing if one of the legal requirements is met.
You have the right to receive the personal data concerning you that you have provided to us in a structured, common, and machine-readable format. Furthermore, you have the right to transfer this data to another controller without hindrance by us, to whom the personal data was provided, provided that the processing is based on consent according to Art. 6 (1) a GDPR or Art. 9 (2) a GDPR or on a contract according to Art. 6 (1) b GDPR and the processing is carried out with the aid of automated procedures unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.
In addition, when exercising your right to data portability according to Art. 20 (1) GDPR, you have the right to obtain that the personal data be transferred directly from one controller to another controller to the extent that this is technically feasible and provided that this does not adversely affect the rights and freedoms of other individuals.
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you, which is carried out based on data processing in the public interest according to Article 6 (1) e GDPR or based on our legitimate interest according to Article 6 (1) f GDPR.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms or the processing serves the assertion, exercise, or defense of legal claims.
You have the right to withdraw your consent to the processing of personal data at any time with effect for the future.
You have the right to complain about our processing of personal data to a supervisory authority responsible for data protection.
This privacy notice is currently valid and has the following status: July 2023.
If we further develop our website and our offers or if legal or regulatory requirements change, it may be necessary to amend this data protection notice. You can access the current data protection information at any time here.
Remazing GmbH
Brandstwiete 1
20457 Hamburg
©Remazing GmbH