1. Responsible Party
Responsible for data processing on this website is:
ROX Klimatechnik GmbH
Langenbacher Str. 25
57586 Weitefeld
Germany
Phone: +49 (0) 27 43 80 71 73
Email: info@rox-online.de
Contact our data protection officer: datenschutz@rox-online.de
2. Collection and Storage of Personal Data and Nature and Purpose of Their Use
a) When visiting the website
When you access our website, information is automatically sent to the server of our website by the browser on your device. This information is temporarily stored in so called log files. The following information is collected without your intervention: browser type and version, operating system used, referrer URL, host name of the accessing computer and the time of the server request. These data cannot be associated with specific persons and are not merged with other data sources. They are used to ensure a smooth connection setup, system security and stability, and for administrative purposes. The legal basis for this data processing is our legitimate interest (Art. 6 para. 1 lit. f GDPR).
b) Use of cookies
We use cookies to make our website more user friendly. Most of the cookies we use are so called “session cookies”. They are automatically deleted at the end of your visit. Other cookies remain stored on your device until you delete them. These cookies allow us to recognise your browser the next time you visit. You can set your browser to inform you about the setting of cookies and to allow cookies only in individual cases, to refuse acceptance of cookies in certain cases or in general, and to activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be limited. Technically necessary cookies (e.g. for the session) are set on the basis of Art. 6 para. 1 lit. f GDPR; cookies for analysis purposes require your consent (Art. 6 para. 1 lit. a GDPR) and are managed via our cookie banner.
c) Analysis service “Matomo”
Our website uses Matomo, an open source web analytics tool. Matomo uses cookies that allow an analysis of the use of our website. The information generated by the cookies about the use of this website is stored on our server. The IP address is anonymised before it is stored, so that you as a user remain anonymous to us. The information generated by the cookies will not be passed on to third parties. You can prevent the storage and use of your data by deactivating statistical cookies in the cookie settings; an opt out cookie will then be stored in your browser. If you delete your cookies, the opt out cookie will also be deleted and must be reactivated. The legal basis for this processing is your consent (Art. 6 para. 1 lit. a GDPR).
d) Contact form and email contact
If you send us enquiries using the contact form, we store your details from the form, including the contact data you provide, for the purpose of processing the enquiry and in case of follow up questions. When you contact us by email, we will store the information you provide (e.g. name, email address, content of the message) to process your request. We do not pass on these data without your consent. Processing is based on Art. 6 para. 1 lit. b GDPR (pre contractual measures or performance of a contract) or on Art. 6 para. 1 lit. f GDPR (legitimate interest in effective processing of requests).
e) Newsletter
If you would like to receive our newsletter, we require your email address and information that enables us to verify that you are the owner of the email address provided and agree to receive the newsletter (double opt in procedure). Additional data are collected only on a voluntary basis. We use these data exclusively for sending the requested information and do not pass them on to third parties. The legal basis is your consent (Art. 6 para. 1 lit. a GDPR). You can revoke your consent to the storage of the data and its use for sending the newsletter at any time via the “Unsubscribe” link in the newsletter. Our newsletters may contain tracking pixels to enable statistical evaluation of newsletter campaigns (e.g. open and click rates). The legal basis for this reach measurement is also your consent (Art. 6 para. 1 lit. a GDPR). We do not conduct individual profiling.
f) Shop/Service portal
Through our shop or service portal, customers can order products, request spare parts or access service features. When using the portal, we process data you provide in the course of registration or ordering:
• Registration data: When creating a customer account, we collect salutation, first and last name, company name (if applicable), address, telephone number, email address and a password chosen by you. These data are necessary to grant you access to the portal and to process your orders.
• Order data: When placing an order, we process product information, quantities, prices, delivery and billing addresses, payment information and the time of the order. The data serve to fulfil the contract, to comply with legal obligations (e.g. tax and retention periods) and, if necessary, to handle warranty claims (Art. 6 para. 1 lit. b and c GDPR).
• Payment processing: During payment, data may be transmitted to payment service providers (e.g. banks, credit card companies, PayPal). These providers receive only the data necessary to carry out the payment and process your data under their own responsibility.
• Customer service: When you use our service offerings, we store the data you provide and previous orders in order to document the services rendered and to provide support.
Data in the customer account remain stored as long as you use the account. You can delete your account at any time; statutory retention periods (e.g. under commercial or tax law) remain unaffected.
3. Disclosure of Data
Data will only be transferred to third parties for the purposes listed below. We will pass on your personal data to third parties only if:
• you have given your explicit consent,
• the transfer is necessary for the performance of contractual obligations or legal requirements, or
• there is a legitimate interest on our part and no reason to assume that you have an overriding legitimate interest in not having your data passed on.
This includes service providers such as logistics companies (for delivery of goods) and payment service providers.
4. Rights of Data Subjects
You have the right to:
• request information about your personal data stored by us (Art. 15 GDPR),
• request the rectification of inaccurate or incomplete data (Art. 16 GDPR),
• request the deletion of your data stored with us (Art. 17 GDPR),
• request the restriction of processing (Art. 18 GDPR),
• request data portability (Art. 20 GDPR),
• object to the processing of your data (Art. 21 GDPR) if the data processing is based on legitimate interests.
To exercise these rights, please contact the responsible party listed above.
5. Right of Withdrawal for Consents
If you have consented to the processing of your data, you may revoke this consent at any time with effect for the future (Art. 7 para. 3 GDPR). The legality of the data processing based on the consent until revocation remains unaffected.
6. Data Security
We use the widely employed SSL (Secure Socket Layer) encryption method to protect your data. We also employ technical and organisational security measures to protect your data against accidental or intentional manipulation, loss, destruction or unauthorised access by third parties.
7. Changes to This Privacy Policy
We reserve the right to adapt this privacy policy occasionally so that it always complies with the current legal requirements. For your renewed visit, the new privacy policy will apply.