RoKe

Nomination of the responsible position

The responsible position for this website's data processing is called:

RoKe entrepreneurial company (limited liability)
i.V. Robert Keiselt
Dr.-Mach-Str. 137
85540 Haar

The responsible position decides alone or with others about the scopes and the instruments of processing prsonal data (names, contact details e.g.).

Revocation of the data processing agreement

Data processing is only possible with your explicit agreement. The revocation of a given agreement is possible at any time. To fulfill a revocation you could communicate with us
by informal mail message. Other communication channels like letter or phone are also accepted. The legitimacy of data processing until your revocation will not be referred.

Filing complaints with the responsible controlling authority

A person concerned of data processing violence has the right to file complaints with the responsible controlling authority. As a responsible controlling authority with regard to data privacy issues the data security officer of the German country (federal state Bavaria) within the company has it's place of business is accepted. The following link provides a list of the data security officials contact details (on German): https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Right of data portability

You or third parties have the right to retrieve data that we procecessed (automatically) based on your agreement. The allocation is carried out in machine-readable code format.
A direct transfer of the data to another responsible position is only possible if it is technically manageable.

Right to be informed, of correction, blocking, deletion

You have the right to get information (in the context of authorized regulations) relating to your stored personal data, the origin, the recipient(s) and the purpose of this data processing
(as well as the right of information, correction, blocking, deletion) free of charge and at any time. Concerning this matter and due to other data-relevant questions you can contact the persons mentioned in the legal details of the company or the responsible person for data privacy issues as per particulars given below directly at any time.

SSL- respectively TLS-encryption

The company website uses SSL- respectively TLS-encryption due to safety reasons and for protecting the confidential content broadcast via our website. For this reason the transferred data is not indecipherable from third parties. You can recognize a cryptographically secured connection with the https:// address bar within your internet browser (and the lock icon).

Data security officer

We do not have nominated a data security official because of the enterprise's size that doesn't comprise employees but consists of a network of self-employees, freelancer, consultants and external experts. The responsible person for all data security topics is:

Robert, Keiselt
Dr.-Mach-Str. 137
85540 Haar

Telefon: 0700-7653-2677
E-Mail: roke@rokecorp.de

Server log data

The website's provider collects and stores browser information (if necessary also automatically) in server logs. These are:

• -type and version ot the browser
• -used operating system
• -so called referrer URL
• -host name of the accessing computer
• -date/ time of the server request
• -(optional) IP address

There is no combination of this information with other (data) sources. Basic principle of the data processing forms art. 6 para.1 lit.b GDPR that authorizes data generation for contract fulfillment or precedent actions.

A (safe) data transfer for coclusion of a contract for the sale and consignment of goods

Personal data could only be transferred to third parties if there exists a necessity for transactions. Third parties are payment provider or logistic companies e.g., but also order processors (as common in the insurance area). Any exceed of the above mentioned data transfer is not allowed and occurs only with your explicit acceptance. You will be informed about every data relevant incident. In either case of data transfer your approval will be obtained. Basic principle of the data processing forms art. 6 para.1 lit.b GDPR that authorizes data generation for contract fulfillment or precedent actions.

Registration on the company website or subsites (landing page, shop or association area etc.)

You can register on the website to use certain functionalities. The data transfer will exclusively suit the purpose of using adequate proposals or services. Mandatory fields are characterized and have to be filled completely within the registration process. Failing this the registration will be declined. In case of important changes (technical reasons e.g.)
we send you a short email message. We use your address you left while registering on the website. Data processing takes place on the basis of your agreement (art. 6 para.1 lit.a GDPR). A revocation of a former given agreement is possible at any time. For your revocation an informal email message is sufficient. The legitimacy of any already happened data processing rests unaffected. The data that were gathered while the registration process will be stored during the period of time while you stay registered with us on the company website. If you cancel your registration your data will be immediately deleted. The legal period for safekeeping rests indeed unaffected.

contact form

The data (inclusive your contact information) transmitted via standard web forms will only be saved for the purpose to handle your request or to stay available for further questions.
A transmission of your data without your permission will not take place. The processing of the data you fill in the contact form occurs only on the basis of your already given agreement (art. 6 para.1 lit.a GDPR). A revocation of this agreement is possible at any time (by informal E-Mail message e.g.). The legitimacy of the data processing until the revocation will remain unaffected. The data filled in and transmitted via contact forms stay with us until you ask us to delete them, you revoke your agreement for a permanent storage or there is no demand for a data storage anymore. Compulsory legal regulations - particularly the retention period - remain unaffected.

memory period of contributions and comments

Contributions and comments as well as linked data like IP addresses etc. can generally be saved. The content remains on our business website until it was completely deleted
or had to be deleted due to legal reasons. The storage of the contributions and comments happen on the basis of your agreement (art. 6 para.1 lit.a GDPR). A revocation
of this agreement is possible at any time (by informal E-Mail message e.g.). The legitimacy of the data processing until the revocation will remain unaffected.

subscribing to comments

As user of our business webpage you are free to subscribe to the comment section after your successful registration. We check With a confirmation E-Mail if you are the owner of the stated E-Mail address. You can unsubscribe from the subscription function for comments by clicking the link in the subscription mail at any time. The data you filled in to constitute your subscription will be deleted in the case of deregistration. However, if this data was transmitted elsewhere or for other purposes it still remains with us.

newsletter data

To send you newsletter information we need a valid E-Mail address. Therefore we need to verify the stated E-mail address after your agreement to receiving our newsletter. Additional data will not be collected or the input is voluntary. The data is only used for the newsletter distribution. The data from your newsletter registration will be exclusively processed on the basis of your agreement (art. 6 para.1 lit.a GDPR). A revocation of your already granted agreement is possible at any time. To meet a successful revocation a formless E-Mail is enough or you can unsubscribe by clicking the "sign off link" in the newsletter. The legality of already realized data processing remains unaffected. The arrangement of the subscription data will be deleted after your deregisteration but if you submitted the data from other areas or for other purposes they remain with us.

CleverReach

For our newsletter distribution (from subwebsites) we use amongst others CleverReach. The provider is called CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede.
With this service we can manage, organize and analyze the newsletter distribution. Your data relating to our newsletter like your E-Mail address will be saved on
the servers of CleverReach which are located in Germany but also in Ireland.

The newsletter distribution with CleverReach allows us to analyze the behaviour of the newsletter acceptor. This anylysis shows us how often newsletterlinks have been clicked. CleverReach supports conversion tracking to analyze if a defined action (something like a purchase etc.) has succeeded after clicking a link. Details for the CleverReach data
analysis can be reached by: https://www.cleverreach.com/en/features/reporting-tracking/.

The data processing occurs on the basis of your agreement (art. 6 para.1 lit.a GDPR). A revocation of this agreement is possible at any time (by informal E-Mail message
or you can unsubscribe by clicking the "sign off link" in the newsletter). The legitimacy of the data processing until the revocation will remain unaffected. If you don't want CleverReach's analysis any more you have to deregister from the newsletter. For your revocation an informal email message is sufficient or you simply unsubscribe by clicking the "sign off link" in the newsletter. The arrangement of the subscription data will be deleted from the CleverReach servers as well as from our server after your deregisteration but if you submitted the data from other areas or for other purposes they remain with us.

Details for the CleverReach data privacy regulations can be reached by: https://www.cleverreach.com/en/privacy-policy/.

order-data processing

For a complete fulfillment of the legal data privacy specifications we concluded a contract with CleverReach about the newsletter data processing.

Information "AV":

A partner overview (in the area IT and Financial Service) can be provided on request.

Cookies

Our business website uses cookies what are small text files saved via webbrowser on your end device and can help us to make our offer more user-friendly, more effective and more secure. Some cookies are so-called "session cookies" that are deleted automatically at the end of the browser session. On the contrary other cookies remain on the end device until you delete them by yourself. Such cookies help us to recognize you returning on our website. With a modern browser you can monitor, restrict or disable cookies and a lot of web browsers can be set up that cookies are deleted automatically by closing the program.

Here you can find some instructions to delete cookies in currently well-established browsers:

Microsoft Explorer

delete Microsoft cookies.

Mozilla Firefox

delete Firefox cookies.

Google Chrome

delete Chrome cookies.

Apple Safari

delete Apple cookies.

Opera

delete Opera cookies.

The cookie deactivation can result in a restricted functionality of websites. The setting of cookies that are necessary for electronic communication processes or providing certain desired functions (shopping cart for instance) happens on the basis of art. 6 para.1 lit.f GDPR. As website provider we have a legitimate interest in saving cookies for a smooth and technically precise allocation of the offered services. Provided that other cookies have to be set (analysis functions e.g.) this will be separately handled in the data privacy statement.

PayPal

Among other things the shop website provides payments via PayPal. Provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg. If you pay with PayPal the necessary payment data will be transmitted to the above mentioned provider. The data transmission to PayPal occurs on the basis of
art. 6 para.1 lit.a GDPR (agreement) and art. 6 para.1 lit.b GDPR (processing data for contract fulfillment). A revocation of this agreement is possible at any time (by informal
E-Mail message or you can unsubscribe by clicking the "sign off link" in the newsletter). The legitimacy of the data processing until the revocation will remain unaffected.

Klarna

Among other things the shop website provides payments via Klarna. Provider of this payment service is Klarna (Bank) AB, Sveavägen 46, 111 34 Stockholm, Schweden.

If you pay with Klarna (so-called Klarna-checkout-solution) the provider collects different individual-related data. You can find all details in Klarna's privacy statement by clicking: https://cdn.klarna.com/1.0/shared/content/legal/terms/0/en_us/privacy.

Klarna uses additional cookies to optimize the above mentioned checkout solution. This optimization represents a legitimate interest in the sense of art. 6 para.1 lit.f GDPR. Cookies are small text files saved via webbrowser on your end device. Klarna cookies remain on this device until you delete them. You can find full details about the use of Klarna cookies here: https://www.klarna.com/uk/cookie-policy/.

The data transmission to Klarna occurs on the basis of art. 6 para.1 lit.a GDPR (agreement) and art. 6 para.1 lit.b GDPR (processing data for contract fulfillment).
A revocation of this agreement is possible at any time.The legitimacy of the data processing until the revocation will remain unaffected.

Instant Bank Transfer

Among other things the shop website provides payments via instant bank transfer. Provider of this payment service is Sofort GmbH, Theresienhöhe 12, 80339 München. With the aid
of this procedure (German “Sofortüberweisung“) we receive a realtime confirmation of payment from Sofort GmbH and so we can start with the completion of our debts. If you pay by instant bank transfer we transmit your PIN and TAN to Sofort GmbH. The payment provider logs in your online banking account, automatically checks your bank balance and transfers the money. Then there is an immedate transaction confirmation generated. Your sales figures, the credit line and the existence of all other accounts will be also checked automatically. Besides PIN and TAN the transmission to Sofort GmbH includes also personal data (like first name, last name, mailing address, telephone number(s) and where appropriate further data that are necessary for the handling of payments.This data transmission is necessary to determine your identity free of doubt and to prevent attempts to defraud. The data transmission to Sofort GmbH occurs on the basis of art. 6 para.1 lit.a GDPR (agreement) and art. 6 para.1 lit.b GDPR (processing data for contract fulfillment). A revocation of this agreement is possible at any time. The legitimacy of the data processing until the revocation will remain unaffected. You can find all details in the privacy statement of Sofort GmbH by clicking: https://www.klarna.com/pay-now/.

Information "PCI-DSS":

PCI-DSS is the data safety standard of the credit card industry to protect end users and dealers from fraudulent intentions. These security standard is obligatory for the acceptance, retention and transmission of payment data in online shops but a certification is not necessary for the website and the shop because only payment modules of certified partners (like PayPal etc.) come into operation. Also (meal) vouchers (of associations) will be implemented with certified partners (like SumUp etc.). A storage on our own systems will not take place.

XING Plugin

To get in contact with potential applicants or to constantly enlarge our expert network we use XING functionality on our website. The provider is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. If you request a website with integrated XING functions there is a connection to a XING server established. A storage of personal data doesn't take place just as well as an examination of the user behaviour (up to today's state of knowledge). IP addresses will not be saved. Full details about the privacy and the XING Share Button you can find here: https://www.xing.com/app/share?op=data_protection.

Twitter Plugin

The business website uses functionality of the Twitter service. Provider is Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. By using Twitter and the function "re-tweet" e.g. visited websites will be connected with your Twitter account and will be published in your Twitter feed. At the same time the data will be transmitted
to Twitter. We don't have any information about the content of this data transfer or about it's usage by Twitter.

Full details about the privacy statement of Twitter you can find here: https://twitter.com/privacy.
You can also change your Twitter data privacy settings: https://twitter.com/account/settings.

Information:

For requesting Twitter you have to be logged-in. So you can prohibit data transmissions of all kind by logging off.
A redirection via button doesn't represent an order-data processing (in our today' s understanding).

Pinterest Plugin

The business webpage can use functions of the social network Pinterest. Provider is Pinterest Inc., 808 Brannan Street, San Francisco, CA 94103-490, USA. If you call a website
with Pinterest functions your browser directly connects with Pinterest servers and transmits log files that can possibly allow conclusions about your IP address, browser type and configuration, date and time of the request, currently visited websites, Pinterest usage and cookies. Pinterest servers are located in the US. Full details of Pinterest's data privacy
you can find here: https://policy.pinterest.com/en-gb/privacy-policy.

Amazon Partner Program

As provider of this website we take part in the Amazon (EU-) Partner Programm (with different countries). On our websites Amazon advertisements and links can be embedded among others to earn money via refund of advertising expenses in the future. The usage of cookies helps Amazon to recognize that you have clicked the partner link on our website. The storage of Amazon cookies happens on the basis of art. 6 para.1 lit.f GDPR. As website provider we have a legitimate interest in using cookies because
only just like that our refund of advertising expenses can be determined. Full details of the Amazon data privacy statement can be found here: https://www.amazon.de/gp/help/customer/display.html/ref=footer_privacy.

Information:

The collaboration with Google is actually in a build-up phase. With increasing professionalization of our business website we cannot revoke analysis algorithms with Google.

At present we build amongst others:

YouTube

For the integration and presentation of video content the business website can use YouTube plugins (appropriate channels will be established and extended in the future). Provider of the video sharing portal is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you call a website with integrated YouTube plugin there will be a direct connection to a YouTube server and YouTube learns about your currently visited websites. Furthermore, YouTube can build correlations between your browsing behaviour and your personal profile if you are logged-in your account. By logging off you have the possibility to stop this. The usage of YouTube serves the purpose of providing a more attractive online appearance. This represents
a legitimate interest in the sense of art. 6 para.1 lit.f GDPR. Full details in reference to the handling of your user-related data you can find here in YouTube's data privacy statement: https://policies.google.com/privacy?hl=en&gl=en.

Vimeo

For the integration and presentation of video content the business website can alternatively or additionally use Vimeo plugins. Provider of this video sharing portal is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA. If you call a website with integrated Vimeo plugin there will be a direct connection to a Vimeo server and Vimeo learns about your IP address and your currently visited websites (even if you're not logged-in or you don't even have an account there). The transmission of the gathered information takes place to a video sharing server in the US. Vimeo can build correlations between your browsing behaviour and your personal profile. By logging off you have the possibility to stop this. Full details in reference to the handling of your user-related data you can find here in Vimeo's data privacy statement: https://vimeo.com/privacy.

Google AdSense

The business website uses temporarily Google AdSense. Provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google AdSense serves for advertising and sets cookies. Cookies are small text files that your browser saves on your end device for analyzing the website usage. Furthermore, Google AdSense uses so-called Web Beacons what are unvisible graphics that enable an analysis of the website traffic. Due to cookies and web beacons generated information is transmitted and saved to servers that are located in the US. Google can transfer this information to their contract partners but your IP address will not be saved and not be merged with other saved data (up to today' s state of knowledge). The storage of AdSense cookies takes place on the basis of art. 6 para.1 lit.f GDPR. As website provider we have a legitimate interest of analysing user behaviour to optimize both our web offer as well as our advertising. With a modern web browser you can monitor, restrict and prevent the setting of cookies. Disabling cookies can lead to a limited functionality of our website. By using our website you declare your explicit agreement with the handling of your data with the above mentioned manner and purpose.

Google AdWords and Google Conversion Tracking

The business website uses temporarily Google AdWords. Provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. AdWords represents an online advertising program. Within the scope of this advertising program it is worked with conversion tracking. After you clicked a Google advertisment a conversion tracking cookie will
be set. Cookies are small text files that your browser saves on your end device. Google AdWords cookies lose validity after 30 days and don' t serve for your personal user identification. With the cookie information we and Google can recognize that you clicked on our advertising link and you were redirected from there to our website. Every Google AdWords client gets
a different cookie. These cookies are not traceable by websites of AdWords clients. With the help of conversion cookies certain statistics are generated for AdWords clients who use conversion tracking. AdWords clients get to know how many users have clicked their advertisements and were redirected to websites by conversion tracking tag but they don't get
any information about personal user identification etc., but anyhow if you don't want to participate in any tracking activities you can revoke the usage at all. Then you simply have to deactivate the conversion cookie in your browser settings, so there is no admission to conversion tracking statistics. The storage of conversion cookies takes place on the basis of
art. 6 para.1 lit.f GDPR. We as website provider have a legitimate interest in analysing user behaviour to optimize both our web offer as well as our advertising. Full details about
Google AdWords and Google conversion tracking you can find in Google's data privacy statement: https://policies.google.com/privacy?gl=en&hl=en. With a modern web
browser you can monitor, restrict and prevent the setting of cookies. Disabling cookies can lead to a limited functionality of our website.

Google Analytics

The business website uses temporarily functions of the web analysing service Google Analytics. Provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043,
USA. Google Analytics uses cookies. Cookies are small text files that your browser saves on your end device for analysing the website usage. The information about the website
usage generated with cookies is transmitted and saved to servers that are located normally in the US. The setting of cookies takes place on the basis of art. 6 para.1 lit.f GDPR.
We as website provider have a legitimate interest in analysing user behaviour to optimize both our web offer as well as our advertising.

IP Anonymization

We use Google Analytics in combination with the function of IP anonymization. This ensures that Google truncates your IP address within member states of the European Union or in other contracting states of the European Economic Area before transmitting it to the US. There can be exceptions e.g. that Google transmits the complete IP address to a US server
and truncates it there. In our order Google uses this information to analyze your website user behaviour, to generate reports about website activities and to provide further services connected with the website usage with us.There is no merge of the IP address transmitted from Google Analytics and other Google data.

Browser Plugin

The setting of cookies can be prevented. Some website functions could then be restricted. Just as well you can restrict the data collection of your website usage
including your IP address and the following processing by Google. That is possible if you download and install the browser plugin you can find here:
https://tools.google.com/dlpage/gaoptout?hl=en-GB.

Revocation of data processing

You can prevent data collection by Google Analytics if you click the particular links so there is set a so-called opt-out-cookie that deactivates Google Analytics. Full details
about the handling with your user data you can find here in the Google Analytics data privacy statement: https://support.google.com/analytics/answer/6004245?hl=en.

Order-data processing

Before the real usage we will have concluded a contract with Google about order-data processing to completely fulfill the legal data privacy specifications.

Demographical characteristics from Google Analytics

The business website can use the Google Analytics function demographical characteristics to generate reports that include statements about age, gender and interest of the website visitor. This information derives from interest-related advertising of Google as well as from visitor information of third party developers. A mapping of certain personal data is not possible and you can deactivate this function at any time. You can do this in your Google account settings for the display or you generally revoke Google Analytics data collection as mentioned in section revocation of data processing.

Matomo (Piwik in former times)

Until the complete implementation of web analysis with Google (where required also afterwards) the website can use the Open Source web analysis service Matomo. Matomo uses cookies what are small text files saved via webbrowser on your end device and make an analysis of website usage possible. The cookie information about the website usage will be saved on our servers but we anonymize the IP address. Matomo cookies remain on the end device until you delete them. The setting of Matomo cookies takes place on the basis of
art. 6 para.1 lit.f GDPR. As website provider we have a legitimate interest of user behaviour analysis in an anonymized manner so we can optimize both our web offer and also our advertising. There is no data transfer of Matomo cookie information about the usage of this website. The setting of cookies in your web browser can be avoided but then some website functionality or offers could be restricted. You can deactivate the storage and usage of your data. Your browser can set so-called opt-out-cookies which disable the storage of Matomo' s user-related data. If you delete your cookies also the Matomo opt-out-cookie will be removed, but if you revisit our website this opt-out-cookie for the prevention of any storage or usage of your data has to be set again.

[Matomo's iframe code will be presented here from the actual application]. Until then we refer to https://matomo.org/docs/privacy/.

Information:

A collaboration with Facebook will be stopped due to the data affair within the year 2018 until further notice. This affects all Facebook business websites
but forwarding per button will not be bothered (as already mentioned).

Mediation

The European Commission provides a platform for online dispute resolution (ODR) that can be reached here:
https://ec.europa.eu/consumers/odr/main/index.cfm?event=main.home2.show&lng=EN.
All consumers have the possibility to use this platform for the settlement of their disputes. We distinguish between the IT- (B2B)
and the insurance- or other end user business (shop e.g.). The company RoKe (limited liability) is willing to participate in dispute resolutions
if it's all about end user business. Relevant for the insurance scope is also the conciliation committee under https://www.versicherungsombudsmann.de/welcome/.
In addition you can call the responsible surveillance authority (IHK für München und Oberbayern, Max-Joseph-Str. 2, 80333 München, www.ihk-muenchen.de).
In the IT scope the company RoKe UG (limited liability) is neither legally obligated nor willing to participate in the above mentioned dispute resolution
because in this field there predominantly exists B2B-business.