Privacy Policy

Information on how we collect personal data in the case of use of our website is set out below. Personal data is all data via which you are personally identifiable, e.g. name, address, e-mail addresses or user behaviour.

I. Name and address details of the data controller

The controller within the meaning of Article 4 (7) of the EU General Data Protection Regulation (GDPR) is

recrate e.V.
Kennedyallee 36
53175 Bonn
Tel.: +49 (0)228 227 223 140
E-mail: info [at] recrate.de
Website: www.recrate.de

II. Name and address details of the data protection officer

The statutory prerequisites for the mandatory designation of a data protection officer do not apply.

Please contact info@recrate.de if you have any concerns regarding data privacy.

III. General information on data processing

1. Purpose and scope of processing of personal data

We collect and use personal data from our users on the basis of statutory stipulations insofar as this is necessary for the provision and maintenance of the functions, contents and services offered by the website. Collection and use of the personal data of our users only takes place in the case of use of particular services such as a contact form, and the prior consent of users is always obtained.

2. Legal basis for the processing of personal data

The legal basis for the processing of personal data in circumstances where the consent of the data subject has been obtained is Article 6 Paragraph 1 a). If processing is necessary for the performance of a contract, the lawfulness of such processing is governed by Article 6 Paragraph 1 b). Cases in which processing is required for compliance with a legal obligation or in which processing is necessary in order to protect the vital interests of the data subject or of another natural person are lawful pursuant to Article 6 Paragraph 1 c) and Article 6 Paragraph 1 d) respectively.

Article 6 Paragraph 1 f) serves as the legal basis for processing which is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject.

3. Deletion of data and duration of storage

Personal data concerning the data subject is deleted or blocked as soon as the purpose for processing the data or the legal obligation to store data expires. Storage may continue beyond such a point if required under legal stipulations.

4. Encrypted transmission

For reasons of security and in order to protect the transmission of personal data such as enquiries which you send to us in our capacity as the site operator, this website uses SSL (Secure Socket Layer) encryption in conjunction with the highest respective level of encryption which your browser is able to support. 256-bit encryption is generally used. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead.

IV. Provision of the website and creation of log files

1. Description and scope of data processing

If you merely visit our website for informational purposes, i.e. if you do not register or provide us with any other kind of information, our system automatically collects personal data transmitted by your computer system to our server. If you wish to peruse our website, we collect the following data which is technically necessary in order to enable us to display the website to you and to ensure stability and security.

(1) Information on the browser software, the language of this software and the version used
(2) User’s operating system and interface
(3) IP address of the user
(4) Date and time of access
(5) Content of the request (specific page)
(6) Access status/http status code
(7) Websites from which the system of the user arrives on our Internet site

Such data is also stored in log files on our system. This data is not stored together with other personal data concerning the user.

2. Legal basis for data processing

The legal basis for the temporary storage of data is Article 6 Paragraph 1 f) GDPR.

3. Purpose of data processing

Temporary storage of the IP address by the system is necessary in order to enable the website to be supplied to the user’s computer. In order to facilitate this, the IP address of the user needs to remain stored for the duration of the session.

Storage in log files takes place for the purpose of ensuring functionality of the website. This data also helps us to enhance our website and to safeguard the security of our information technology systems. No evaluation of data for marketing purposes takes place within this context.

These purposes also incorporate our legitimate interest in data processing pursuant to Article 6 Paragraph 1 f) GDPR.

4. Duration of storage

Data will be deleted as soon as no longer required for the purpose of processing. In the case of collection of data for provision of the website, deletion will occur once the respective session has ended.

Deletion takes place after a maximum of seven days if the data is stored in log files. Storage beyond this point is possible. In such a circumstance, the IP addresses of users are deleted or modified so that they can no longer be allocated to the client accessing the website.

5. Right to objection and removal

Objection to the collection and processing of personal data is only possible in respect of information which has been provided consensually and voluntarily. No objection may be made to data stored in log files which is absolutely necessary for the operation of the website.

Use of cookies

1. Description and scope of data processing

Our website uses cookies. Cookies are small text files which are stored in the Internet browser or by the Internet browser on the user’s end device (PC, laptop, tablet, smart phone or similar). A cookie can be stored on your operating system when you access a website. This cookie contains a unique string of characters which enable the browser to be clearly identified when the user calls up the website again. Cookies do not cause any damage to your end device and do not contain any viruses, trojans or other forms of malicious software. The respective information saved in the cookie depends on the specific end device used. This does not mean, however, that we are able to gain direct knowledge of your identity.

We use cookies in order to make our website more user friendly. Some of the elements on our Internet site require identification of the visiting browser after a change of page. The following data is stored and transmitted in the cookies.

(1) Session ID
(2) Consent to the cookie notice

2. Legal basis for data processing

The legal basis for the processing of personal data is Article 6 Paragraph 1 f) GDPR.

3. Purpose of data processing

The purpose of cookies is to make it easier for the user to use the website. Some of the functions on our Internet site cannot be offered without using cookies. These functions require recognition of the browser, even after a change of page.

We need cookies for the following applications.

(1) Prevention/identification of misuse of the website
(2) Storage of acceptance of the cookie notice

Data collected by cookies which are technically necessary is not used to draw up user profiles.   The purposes stated above also incorporate our legitimate interest in data processing pursuant to Article 6 Paragraph 1 f) GDPR.

4. Duration of storage, right to objection and removal

Cookies are stored on the user’s computer, from where they are transmitted to our site. This means that the user also retains full control over the use of cookies. You can deactivate or restrict cookies by changing the settings in your Internet browser. Cookies which are already stored may be deleted at any time. This process can also take place automatically. You may not be able to take advantage of the full range of all functions on our website if cookies are deactivated.

VI. E-mail contact

1. Description and scope of data processing

Our website contains an e-mail address which can be used to get in touch with us electronically. If you make use of this opportunity, data entered into the e-mail will be transmitted to and stored by us.

No data is passed on to third parties within this context. Such data is exclusively used for processing the conversation.

2. Legal basis for data processing

The legal basis for the processing of data transmitted during the course of sending an e-mail is Article 6 Paragraph 1 f) GDPR.

Article 6 Paragraph 1 b) GDPR constitutes an additional legal basis if the e-mail contact pursues the further aim of concluding a contract.

3. Purpose of data processing

We use personal data for the sole purpose of the establishment of contact. This purpose also incorporates our legitimate interest in the processing of the data.

4. Duration of storage

Data will be deleted as soon as no longer required for the purpose of processing. In the case of personal data which has been transmitted by e-mail, this will apply once the respective conversation with the user has been concluded. A conversation is deemed to be concluded if circumstances show that the relevant issue has been finally clarified.

5. Right to objection and removal

Users entering into e-mail contact with us may object to the storage of their personal data at any time. The processing of the conversation cannot be continued in such a case.

In order to revoke consent for the processing of personal data transmitted by e-mail, simply send a standard e-mail notifying us of your wishes to info [at] recrate.de.

In this instance, all personal data stored as part of the contact procedure will be deleted.

VII. Registration

1. Description and scope of data processing

Our website offers companies the facility to register with us by using a form. The following data is transmitted to us and stored by us for this purpose.
• Company name, address, post code, place, country, contact partner, telephone contact partner, fax contact partner, e-mail contact partner

2. Legal basis for data processing

Processing of data is necessary for the conclusion of a contract. Article 6 Paragraph 1 b) GDPR therefore applies accordingly as the legal basis for the processing of data.

3. Purpose of data processing

The purpose of collecting the data is the conclusion and fulfilment of the contract.

4. Duration of storage

Data will be deleted as soon as no longer required for the purpose of processing. Personal data will be deleted as soon as the contract is terminated.

5. Right to objection and removal

You may object to the storage of personal data at any time by sending a standard e-mail notifying us of your wishes to info [at] recrate.de. Under certain circumstances, further fulfilment of the contract may then no longer be possible.

X. Rights of the data subject

If personal data concerning you is being processed, you are deemed to be a data subject within the meaning of the GDPR and have the following rights vis-à-vis the data controller. Please contact our data protection officer (see II. above) if you have any questions regarding the issue of data privacy and your own rights as a data subject in particular.

1. Right of access by the data subject (Article 15 GDPR)

You may require the controller to provide confirmation of whether personal data concerning you is being processed by us.

If such processing is taking place, pursuant to Article 15 GDPR you may require the data controller to provide access to the following information regarding personal data concerning you which is being processed by us.

2. Right to rectification (Article 16 GDPR)

Pursuant to Article 16 GDPR, you have the right to obtain from the controller without undue delay the rectification or completion of inaccurate personal data concerning you.

3. Right to restriction of processing (Article 18 GDPR)

You may require restriction of processing of your personal data if the prerequisites set out in Article 18 GDPR apply.

If restriction of processing has been applied on the basis of the prerequisites listed, you will be notified by the controller before the restriction is lifted.

4. Right to erasure (Article 17 GDPR)

Pursuant to Article 17 GDPR, you have the right to obtain the erasure of personal data concerning you which is stored by us.

5. Right to notification of third parties

In the event that you have asserted a right to rectification, deletion or restriction of processing against the data controller, the data controller is required to notify this rectification, deletion or restriction to all recipients to whom personal data concerning you was disclosed unless such a procedure proves impossible or would involve disproportionate effort. You also have the right to be notified of these recipients.

6. Right to data portability

Pursuant to Article 20 DS- GDPR, you have the right to receive the personal data concerning you which you have provided to a controller, in a structured, commonly used and machine-readable format and the right to transmit data to another controller without hindrance.

7. Right to object

Insofar as your personal data is processed on the basis of legitimate interests pursuant to Article 6 Paragraph 1 Clause f) GDPR, you have the right in accordance with Article 21 GDPR to object to the processing of such personal data on grounds relating to your particular situation or to object to the processing of your data for direct marketing purposes. In the latter case, you enjoy a general right to object and we are required to accede without any requirement on your part to state a specific situation. If you wish to avail yourself of your right to withdraw consent or object, the sending of an e-mail to info@recrate.de is sufficient.

8. Right to withdraw a declaration of consent made under data protection law

You have the right at any time to withdraw a declaration of consent made under data protection law. Withdrawal of consent is without prejudice to the lawfulness of the processing that has taken place on the basis of consent until such time this consent was withdrawn.

9. Automated individual decision-making, including profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or else similarly significantly affects you. The above does not apply if the decision is (1) necessary for conclusion or performance of a contract between you and the data controller, (2)  authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests or (3) is based on your explicit consent. Notwithstanding this, such decisions must not be based on special categories of personal data referred to in Article 9 Paragraph 1 GDPR unless Article 9 Paragraph 2 a) or g) applies and suitable measures to safeguard your rights and freedoms and legitimate interests are in place. With regard to the cases (1) and (3) above, the data controller will implement suitable measures to safeguard your rights, freedoms and legitimate interests, whereby these at least comprise the right to obtain human intervention on the part of the controller, the right to express your point of view and the right to contest the decision.

10. Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data concerning you infringes the GDPR. The supervisory authority with which the complaint has been lodged will inform you in your capacity as complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Article 78 GDPR.