3 For what purposes and on what legal basis do we process personal data?
If you surf on our website or otherwise contact us, we receive personal data from you.
In general, we process data on the basis of the following regulations:
If you give us your express consent (Art. 6 (1) a GDPR), e.g. if you want us to contact you directly, to fulfil our contractual obligations (Art. 6 (1) b GDPR), e.g. if you purchase and use a product, we are subject to various legal obligations as a company (Art. 6 (1) c GDPR). For example, we are obliged under tax law and commercial law to retain certain documents. We process data for the purposes of the legitimate interests pursued by us or by a third party (Art. 6 (7) f GDPR). This includes data processing for purposes of IT security and fraud prevention.
3.1 Data processing on our website
3.1.1 Contact
You can use our e-mail address or telephone number to send us questions and messages. We only process your data in order to contact you in the desired way and to process your enquiry. The legal basis is Art. 6 (1) lit a or b GDPR.
3.1.2 Career
You can apply to one of our companies electronically via e-mail or via the career portal. We only collect data that is necessary for the application process and data that you voluntarily send to us. Your details will only be used to process your application. Please note that e-mails sent unencrypted are not transmitted with access protection.
If you have applied for a specific position and this position has already been filled or we consider you to be suitable, or even more suitable, for another position, we would like to forward your application within the company. Please let us know if you do not agree to your application being forwarded.
Your personal data will be deleted immediately after completion of the application process, or after a maximum of 6 months, unless you have expressly given us your consent for a longer storage of your data or a contract has been concluded. The legal basis is Art. 6 (1) a, b and f GDPR as well as § 26 BDSG (Federal Data Protection Act).
3.1.3 How cookies are used on this website?
When you visit our website, cookies are stored on your computer. Cookies are small text files that are stored on your hard drive assigned to the browser you are using and through which certain information flows to the location that sets the cookie. They are necessary in order to display the website and its contents correctly. We also use cookies to identify you for subsequent visits if you have an account with us. Otherwise, you will have to log in again each time you visit our website.
This website uses the following types of cookies, the scope and functionality of which are explained below:
Transient Cookies
These cookies are automatically deleted when you close your browser. These include in particular session cookies. They store a so-called session ID, which can be used to assign various requests from your browser to the shared session. This enables your computer to be recognised when you return to our website. The session cookies are deleted when you log out or close your browser.
Persistent Cookies
These cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can delete the cookies at any time in the security settings of your browser.
Cookies Refusal
You can configure your browser settings according to your wishes and, for example, refuse the acceptance of third-party cookies or all cookies. We would like to point out that you may then not be able to use all the functions of this website.
4 Will my data be transmitted to third parties?
For Riva Stahl to be able to process your data in accordance with the purposes described above, it may be necessary for other recipients to be able to view and process your data as well.
4.1 Recipients within the Riva Group
In special cases it may be necessary for us to process your data group-wide. However, data processing within the Riva Group will only take place if we have legal permission to do so. This is the case, for example, if other companies in the Riva Group act on our behalf within the framework of order processing or if there is a justified interest pursuant to Art. 6 (1) f GDPR.
4.2 External service providers (contract processors)
Your data will be passed on to service partners if they act on our behalf and support Riva Stahl in the provision of its services.
A processing of your personal data by commissioned service providers takes place in the context of order processing according to Art. 28 GDPR.
5 Will my data be processed outside the EU and how will data protection be ensured?
Due to the configuration of the IT infrastructure your data may be communicated to companies contractually linked to Riva Stahl GmbH with registered offices in third countries outside the EU, in accordance with and within the limits provided for by the Applicable Law. In particular, your Personal Data may be transferred to Switzerland, a country in respect of which the EU Commission has taken a decision of adequacy pursuant to art. 45 of the GDPR.
6 How long will my data be stored?
We delete your personal data as soon as the purpose of storage no longer applies and statutory retention periods do not prevent deletion.
7 What rights do I have and how can I exercise them?
You have the following rights against us with regard to your personal data:
7.1 General rights
You have the right of access, rectification, cancellation, limitation of processing, opposition to processing and transfer of data. As far as processing is based on your consent, you have the right to revoke it with effect for the future.
7.2 Rights in data processing according to the legitimate interest
Pursuant to Art. 21 (1) GDPR, you have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data on the basis of Art. 6 (1) e GDPR (data processing in the public interest) or Article 6 (1) f GDPR (data processing to safeguard a legitimate interest). In the event of your objection, we will no longer process your personal data unless we can prove compelling reasons for the processing worthy of protection which outweigh your interests, rights and freedoms, or the processing serves the assertion, exercise or defence of legal claims.
7.3 Direct marketing rights
If we process your personal data for the purpose of direct advertising, you have the right, pursuant to Art. 21 (2) GDPR, to object at any time to the processing of your personal data for the purpose of such advertising.
If you object to the processing for the purpose of direct marketing, we will no longer process your personal data for these purposes.
7.4 Right of appeal to a supervisory authority
You also have the right to complain to a competent data protection supervisory authority about the processing of your personal data by us.
8 Miscellaneous
8.1.1 Changes to the Data protection statement
This data protection declaration is continuously adapted in the course of the further development of the Internet or our offer. Changes will be announced on this page in good time. This page should be called up regularly in order to obtain information on the current status of our data usage regulations.
8.1.2 Links to other websites
Our websites may contain links to websites of other providers. We would like to point out that this data protection declaration applies exclusively to the websites of Riva Stahl. We have no control over and do not check whether other providers comply with the applicable data protection regulations.
