Your memo contains
0 products
Your memo contains
0 products

Data Privacy Statement

We are delighted about your interest in our company. Data protection is particularly important for the management of Roth Elektronik GmbH. Basically, usage of the webpages of Roth Elektronik GmbH is possible without providing any personal data. However, if an affected person would like to use the special services of our company through our website, a processing of personal data could become necessary. If the processing of personal data is necessary and there is no legal foundation for such processing, we will generally obtain consent from the affected person.

The processing of personal data, e.g. of the name, address, e-mail address or telephone number of an affected person is always done in compliance with the General Data Protection Regulation (GDPR) and in accordance with the country-specific data protection regulations that apply to Roth Elektronik GmbH. By means of this Data Privacy Statement, our company would like to inform the general public about the type, scope and purpose of the personal data that we have collected, used and processed. Furthermore, this Data Privacy Statement explains the rights that these affected persons are entitled to.

As the responsible party for the processing, Roth Elektronik GmbH has taken numerous technical and organizational measures to secure the most complete protection possible of the personal data processed through this website. Nonetheless, internet-based data transfers have, in principle, security loopholes, so absolute protection cannot be guaranteed. For this reason, any affected person is also free to provide us the personal data in alternate ways, e.g. telephonically.

1. Definitions

The Data Privacy Statement of Roth Elektronik GmbH is based on the terms that were used by the European authority issuing directives and regulations when the Basic Data Protection Regulation was enacted. Our Data Privacy Statement should be easily readable and understandable both for the general public and our customer and business partners. To ensure this, we would like to explain the terms used beforehand.

In this Data Privacy Statement, we use among other things the following terms:

a) Personal data

Personal data consist of all information that refers to an identified or identifiable natural person (hereinafter “affected person”). A natural person is considered identifiable if he/she can be directly or indirectly, especially through allocation to an identifier such as a name, ID number, location data, and online identifier or to one or several characteristics that express the physical, physiological, genetic, mental, economic, cultural or social identity of this natural person.

b) Affected person

An affected person is any identified or identifiable natural person whose personal data are processed by the party responsible for the processing.

c) Processing

Processing is any procedure or any such series of procedures carried out with or without the help of automated processes related to personal data such as the collection, capture, organization, ordering, storage, adjustment or change, reading, querying, use, disclosure, disclosure through transmission, dissemination or another form of provision, comparison or linking, restriction, deletion or destruction.

d) Restriction of the processing

Restriction of the processing is the marking of stored personal data with the objective of restricting their future processing.

e) Profiling

Profiling is any type of automated processing of personal data aimed at the use of these personal data to evaluate certain personal aspects that refer to the evaluation of a natural person, especially to analyze or predict aspects related to this person’s work performance, economic situation, health, personal preferences, interests, reliability, behavior, whereabouts or change of location.

f) Pseudonymization

Pseudonymization is the processing of personal data in a way that without including additional information with the personal data, it is no longer possible to allocate them to a specific affected person, provided this additional information can be stored separately and is subject to technical and organizational measures that ensure that the personal data cannot be assigned to an identified or identifiable natural person.

g) The responsible party or the party responsible for the processing

The responsible party or the party responsible for the processing is the natural person or legal entity, government authority, institution or another office that decides alone or together with others about the purposes and means of the processing of personal data. If the purposes and means of this processing are prescribed by the laws of the Union or the member states, then the responsible party or the specified criteria of his designation can take place according to the laws of the Union or the member states.

h) Contract processor

Contract processor is a natural person or legal entity, government authority, institution or another office that processes personal data on behalf of the responsible party.

i) Recipient

Recipient is a natural person or legal entity, government authority, institution or other office to which personal data were disclosed, regardless whether it is a third party or not. However, government authorities, which as part of a certain investigation task according to the laws of the Union or of the member states possibly receive personal data, are not considered recipients.

j) Third party

Third party is a natural person or legal entity, government authority, institution or other office except the affected person, responsible party, contract processor and persons who are authorized under the direct responsibility of the responsible party or contract processor to process the personal data.

k) Consent

Consent is any unequivocal and informed declaration of intention given voluntarily by the affected person for the particular case in form of a statement or another clear confirmatory act through which the affected person indicates his/her approval of the processing of his/her personal data.

2. Name and address of the party responsible for the processing

The responsible party within the meaning of the General Data Protection Regulation, other data protection laws valid in the member states of the European Union and other provisions having legal data protection character is:

Roth Elektronik GmbH
Grevenweg 72
20537 Hamburg
Germany
Tel: +49 (0)40 2533655-0
Fax: +49 (0)40 2533655-10
E-mail: info[at]roth-elektronik.com
Website: www.roth-elektronik.com

3. Collection of general data and information

Every time the website of Roth Elektronik GmbH is accessed by an affected person or automated system, it collects a series of general data and information, which are stored in the server’s log files. The following can be collected: (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (so-called referrer), (4) the sub-sites that are controlled on our website through an accessing system, (5) the data and time of a website access, (6) an internet protocol address (IP address), (7) the internet service provider of the accessing system and (8) other similar data and information that serve as hazard prevention in case of attacks directed against our information technology system.

When these general data and information are used, Roth Elektronik GmbH does not infer the identity of the affected person. Rather, this information is needed to: (1) correctly deliver the contents of our website, (2) to optimize the contents of our website and the advertising for it, (3) to ensure the permanent functionality of our information technology systems and the technology of our website as well as (4) to provide the necessary information to the criminal prosecution authorities in case of a cyberattack. Therefore, these data and information collected anonymously by Roth Elektronik GmbH are collected statistically and also with the aim of increasing data protection and data security in our company in order to ultimately ensure an optimal protection level for the personal data that we process. The anonymous data of the server log files are stored separately from all personal data provided by an affected person.

4. Possibility of contact through the website

Owing to legal regulations, the website of Roth Elektronik GmbH contains information that facilitates fast electronic contact to our company and direct communication with us, which also includes a general address of so-called electronic mail (e-mail address). If an affected person contacts the party responsible for the processing via e-mail or a contact form, the personal data submitted by the affected person are automatically stored. Such personal data submitted voluntarily by the affected person to the party responsible for the processing are stored for processing or contact purposes with the affected person. These personal data are not forwarded to third parties.

5. Routine deletion and blockage of personal data

The party responsible for the processing processes and stores the personal data of the affected person only as long as it is necessary for achieving the storage purpose or as long as this was foreseen by the European authority issuing directives and regulations or another lawmaker in laws or regulations which the party responsible for the processing is subject to.

If the storage purpose ceases to be applicable or a storage period prescribed by the European authority issuing directives and regulations or another competent lawmaker expires, the personal data are routinely blocked or deleted according to legal regulations.

6. Rights of the affected person

a) Right to confirmation

Every affected person has the right granted by the European authority issuing directives and regulations to request a confirmation from the party responsible for the processing whether his/her personal data are being processed. If an affected person would like to make use of this right to confirmation, he/she can contact an employee of the party responsible for the processing at any time.

b) Right to information

The European authority issuing directives and regulations grants the right to any person affected by the processing of personal data to receive at any time information free of charge from the party responsible for the processing about his/her own stored personal data and a copy of this information. Furthermore, the European authority issuing directives and regulations has allowed the affected person to receive information about the following:

  • The processing purposes
  • The categories of personal data that are being processed
  • The recipients or categories of recipients towards whom the personal data have been disclosed or will still be disclosed, especially to recipients in third countries or international organizations
  • If possible, the planned length of storage of the personal data or, if this is not possible, the criteria for the establishment of this length
  • The existence of a right to have the responsible party correct or delete his/her personal data or restrict the processing or to have the right to object to this processing
  • The existence of a right to complain to a supervisory authority
  • In case the personal data are not collected from the affected person: All available information about the origin of the data
  • The existence of a right to automated decision-making, including profiling, acc. to Article 22 Para. 1 and 4 of the GDPR and — at least in these cases — meaningful information about the logic involved as well as the scope and intended effects of such processing for the affected person
    • Furthermore, the affected person has a right to be informed whether the personal data were transmitted to a third country or an international organization. If this is the case, then apart from that, the affected person is entitled to receive information about the suitable guarantees in connection with the transmission.

      If an affected person would like to make use of this right to information, he/she can contact an employee of the party responsible for the processing at any time.

      c) Right to correction

      Every person affected by the processing of personal data has the right granted by the European authority issuing directives and regulations to request the immediate correction of his/her incorrect personal data. Furthermore, the affected person is entitled to request, taking the processing purposes into account, the completion of incomplete personal data — also by means of a supplementary explanation. If an affected person would like to make use of this right to correction, he/she can contact an employee of the party responsible for the processing at any time.

      d) Right to deletion (right to become forgotten)

      Every person affected by the processing of personal data has the right granted by the European authority issuing directives and regulations to request the immediate deletion of his/her personal data, provided one of the following reasons applies and the processing is not necessary:

      • The personal data were collected for such purposes or processed in another way for which they are no longer needed.
      • The affected person revokes his/her consent on which acc. to Art. 6 Para. 1 Letter a of the GDPR or Art. 9 Para. 2 Letter a of the GDPR the processing was based, and there is no other legal foundation for the processing.
      • The affected person files an objection against the processing acc. to Art. 21 Para. 1 of the GDPR, and there are no justified, high-priority reasons for the processing, or the affected person files an objection against the processing acc. to Art. 21 Para. 2 of the GDPR.
      • The personal data were unlawfully processed.
      • The deletion of the personal data is necessary to comply with a legal obligation according to the laws of the Union or member states which the responsible party is subject to.
      • The personal data were collected in relation to offered services of the information society acc. to Art. 8 Para. 1 of the GDPR.

      If one of the aforementioned reasons applies and an affected person would like to arrange for the deletion of personal data stored at Roth Elektronik GmbH, he/she can contact an employee of the party responsible for the processing for this. The employee of Roth Elektronik GmbH will see to it that the deletion request is immediately complied with.

      If Roth Elektronik GmbH made the personal data public and our company, as the responsible party acc. to Art. 17 Para. 1 of the GDPR, is obligated to delete the personal data, then Roth Elektronik GmbH – taking the available technology and implementation costs into account – will take reasonable measures, also technical ones, to inform the other parties responsible for the data processing, which process the published personal data, that the affected person has requested from these other parties responsible for the data processing the deletion of all links to these personal data or of copies or replications of these personal data, provided the processing is not necessary. The employees of Roth Elektronik GmbH will arrange for the necessary measures in the individual case.

      e) Right to restrict the processing

      Every person affected by the processing of personal data has the right granted by the European authority issuing directives and regulations to request the restriction of the processing if one of the following prerequisites exists:

      • The accuracy of the personal data is disputed by the affected person, specifically for a time period that gives the responsible party time to verify the accuracy of the personal data.
      • The processing is unlawful, the affected person rejects the deletion of the personal data and instead requests the usage of the personal data to be restricted.
      • The responsible party no longer needs the personal data for the purposes of the processing, but the affected person nonetheless needs them to assert, exercise or defend legal claims.
      • The affected person has filed an objection against the7 processing in acc. with Art. 21 Para. 1 of the GDPR and it is still not certain whether the justified interests of the responsible party outweigh those of the affected person.

      If one of the above-mentioned prerequisites exists and an affected person would like to request the Restriction of personal data stored at Roth Elektronik GmbH, the person can contact an employee of the party responsible for the processing about this at any time. The employee of Roth Elektronik GmbH will arrange for the restriction of the processing.

      f) Right to data portability

      Every person affected by the processing of personal data has the right granted by the European authority issuing directives and regulations to receive his/her personal data that he/she provided to a responsible party in a structured, common and machine-readable format. The person is also entitled to transmit these data to another responsible party without obstruction from the responsible party to whom the personal data were provided if the processing is based on the consent acc. to Art. 6 Para. 1 Letter a of the GDPR or Art. 9 Para. 2 Letter a of the GDPR or on a contract acc. to Art. 6 Para. 1 Letter b of the GDPR and the processing takes place with the help of automated methods, provided the processing is not necessary for performing a task that lies in the public interest or in the exercise of public authority, which was transferred to the responsible party.

      Furthermore, when exercising his/her right to data portability acc. to Art. 20 Para. 1 of the GDPR, the affected person has the right to see to it that the personal data are directly transmitted from a responsible party to another responsible party if this is feasible and as long as the rights and freedoms of other persons are not affected.

      To assert the right to data portability, the affected person can contact an employee of Roth Elektronik GmbH at any time.

      g) Right to object

      For reasons resulting from your special situation, every person affected by the processing of personal data has the right granted by the European authority issuing directives and regulations to file an objection at any time against the processing of his/her personal data that takes place owing to Art. 6 Para. 1 Letters e or f of the GDPR. This also applies to a profiling based on these provisions. If the objection takes place, Roth Elektronik GmbH no longer processes the personal data unless we can prove compelling reasons for the processing with protecting that outweigh the interests, rights and freedoms of the affected person, or the processing serves to assert or defend legal claims.

      If Roth Elektronik GmbH processes personal data to engage in direct advertising, then the affected person is entitled to file an objection at any time against the processing of the personal data for the purposes of such advertising. This also applies to the profiling if it is related to such direct advertising. If the affected person disagrees with Roth Elektronik GmbH regarding the processing for direct advertising purposes, then Roth Elektronik GmbH will no longer process the personal data for these purposes. In addition, the affected person has the right to file an objection against the processing of his/her personal data that took place at Roth Elektronik GmbH for scientific or historic research purposes or for statistical purposes acc. to Art. 89 Para. 1 of the GDPR, unless such processing is necessary to perform a task that lies in the public interest.

      To exercise the right to an objection, the affected person can directly contact each employee of Elektronik GmbH or another employee. Moreover, in connection with the usage of services of the information society and irrespective of Directive 2002/58/EC, the affected person is free to exercise the right to object by means of automated processes that use technical specifications.

      h) Automated decisions in the individual case, including profiling

      Every person affected by the processing of personal data has the right granted by the European authority issuing directives and regulations not to be subject to a decision based exclusively on an automated processing — including profiling — that develops a legal effect towards him/her or similarly affects him/her if the decision (1) is not necessary for concluding or fulfilling a contract between the affected person and the responsible party, or (2) is permissible due to legal regulations of the Union or member states which the responsible party is subject to, and these legal regulations contain reasonable measures to safeguard the rights, freedoms and legitimate interests of the affected person or (3) is made with the express consent of the affected person. If the decision (1) is necessary for concluding or fulfilling a contract between the affected person and the responsible party, or (2) is made with the express consent of the affected person, Roth Elektronik GmbH takes reasonable measures to safeguard the rights, freedoms and legitimate interests of the affected person, for which at least the right to bring about the intervention of a person on the part of the responsible party, to present the own position and to challenge the decision are part of this. If the affected person would like to assert rights related to automated decisions, he/she can contact at any time an employee of the party responsible for the processing.

      i) Right to revocation of a data protection consent

      Every person affected by the processing of personal data has the right granted by the European authority issuing directives and regulations to revoke a consent to the processing of personal data at any time. If the affected person would like to assert his/her right to revoke a consent, he/she can contact at any time an employee of the party responsible for the processing.

      7. Legal foundation of the processing

      In our company, Art. 6 I Letter a of the GDPR serves as legal foundation for processing procedures in which we obtain a consent for a certain processing purpose. If the processing of personal data is necessary for the fulfillment of a contract in which the contractual party is the affected person, as is the case, for example, in processing procedures that are necessary for delivering goods or rendering another such service or service in return, then the processing is based on Art. 6 I Letter b of the GDPR. The same applies to such processing procedures necessary for implementing pre-contractual measures, when there are inquiries about our products or services, for example. If our company is subject to a legal obligation through which a processing of personal data becomes necessary, such as is the case for complying with tax obligations, for example, then the processing is based on Art. 6 I Letter c of the GDPR. In rare cases, the processing of personal data could become necessary to protect the vital interests of the affected person or another natural person. This would be the case, for example, when a visitor would be injured in our plant and thereupon his name, age, health insurance information or other vital information must be forwarded to a physician, hospital or other third parties. In this case, the processing would be based on Art. 6 I Letter d of the GDPR. Ultimately, processing procedures can be based on Art. 6 I Letter f of the GDPR. Processing procedures based on this legal foundation that are not covered by any of the aforementioned legal foundations when the processing is necessary for safeguarding a legitimate interest of our company or third party, if the interests, basic rights and basic freedoms of the affected person do not outweigh. Such processing procedures are especially allowed to us because they were especially mentioned by European legislative authority, which in this case took the view that a legitimate interest could be accepted when the affected person is a customer of the responsible party (Recital 47 Sentence 2 of the GDPR).

      8. Justified interests on the processing that are pursued by the responsible party or a third party

      If the processing of personal data is based on Article 6 I Letter f of the GDPR, our legitimate interest is conducting our business activities for the benefit of the well-being of all our employees and shareholders.

      9. Length of storage of the personal data

      The criterion for the length of storage of personal data is the respective legal storage period. Once the period expires, the corresponding data are routinely deleted if they are no longer needed to fulfill or initiate a contract.

      10. Legal or contractual provisions for the provision of the personal data; necessity for the contractual conclusion; obligation towards the affected person to provide the personal data; possible consequences for not providing them

      We clarify to you that the provision of personal data is in part legally prescribed (e.g. tax regulations) or can result from contractual provisions (e.g. details about the contractual partner). Sometimes, it can be necessary for an affected person to provide us with personal data to conclude a contract, which we subsequently have to process. The affected person is, for example, obligated to provide us with personal data when our company concludes a contract with him/her. Not providing the personal data would result in not being able to conclude the contract with the affected person. Before the affected person provides the personal data, he/she must contact one of our employees, who will clarify to him/her on a case-by-case basis whether the provision of personal data is legally or contractually prescribed or necessary for the contractual conclusion, whether there is an obligation to provide the personal data, and what consequences their non-provision would have.

      11. Existence of automated decision-making

      As responsible-minded company, we dispense with an automatic decision-making or profiling.

      If different interpretations result from the translation, the German original version of the Data Privacy Statement will always apply.

      This Data Privacy Statement was drawn up by the Data Privacy Statement generator of the DGD Deutsche Gesellschaft for Data protection GmbH, as external data protection appointee working in Munich and in cooperation with Cologne-based IT and data protection attorney Christian Solmecke.

Roth Elektronik GmbH
Grevenweg 72
20537 Hamburg
Germany

phone: +49 (0)40 2533655-0
fax: +49 (0)40 2533655-10
email: info[at]roth-elektronik.com
web page: www.roth-elektronik.com

Office hours:
Mo - Th 8:00 - 17:00 CET
Fr 8:00 - 15:00 CET

Business card download (vcf)

Roth Elektronik prototyping cards are manufactured according to the current RoHS and REACH specifications of ISO-certified production partners in compliance with the UL norm.