Data Privacy Statement

Your privacy is very important to us. We would therefore like to inform you in the following about what data is used and for what purpose. If you have any further questions about how we handle your personal data, you can contact our Data Protection Officer.

Tracking settings

In the following, you can deactivate or reactivate all services, with the exception of those that are technically necessary (see next paragraph).

You will also find the link to the privacy settings at the bottom of each page.

Controller
for data processing purposes
RATIONAL Aktiengesellschaft
Siegfried-Meister-Straße 1
86899 Landsberg am Lech

E-Mail: info@rational-online.com
https://www.rational-online.com
Data Protection Officer of the Controller RATIONAL Aktiengesellschaft Data Protection Officer
Siegfried-Meister-Straße 1
86899 Landsberg am Lech

E-Mail: privacy@rational-online.com

General information

The term personal data is defined in the GDPR. Accordingly, means any information relating to an identified or identifiable natural person (hereinafter "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. This includes, for example, your name, your address, your telephone number or your date of birth.

For mere informational use of the website, i.e. if you do not register or otherwise transmit information to us, we will only collect the personal data transmitted by your browser to our server. If you would like to view our website, we will collect the following data, which we require for technical reasons in order to deliver our website to you and to ensure the stability and security thereof (the legal basis is a legitimate interest pursuant to Art. 6 (1) S. 1 lit. f GDPR

Within the framework of the balancing of interests pursuant to Art. 6(1)(f) GDPR, we have taken into account and weighed our interest in providing and your interest in processing your personal data in accordance with data protection guidelines. Since the following data is sometimes technically necessary for the provision of our service in order to be able to offer you our website and also to ensure stability and security, in particular to provide protection against misuse, we have concluded that this data can be processed - with a guarantee of data security taking into account the state of the art - taking due consideration of your interest in data protection-compliant processing.

Data Operating system used
Purpose of processing Analysis according to devices to ensure optimised presentation of the website
Storage duration The data is deleted when the respective session has ended.
Data Information about the browser type and version used
Purpose of processing Analysis of the browsers used in order to optimise our websites for this purpose
Storage duration The data is deleted when the respective session has ended.
Data User's internet service provider
Purpose of processing Analysis of the internet service provider
Storage duration The data is deleted when the respective session has ended.
Data IP address
Purpose of processing Display of the website on the respective device
Storage duration The data is deleted when the respective session has ended.
Data Date and time of access
Purpose of processing Ensuring the proper operation of the website.
Storage duration The data is deleted when the respective session has ended.
Data Log files
Purpose of processing Ensuring the proper operation of the website.
Storage duration The data is deleted when the respective session has ended.

The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility for the user to object.

Legal bases for data processing by us

There are various legal grounds for the processing of personal data. If we need your data to fulfil a contract with you or to respond to enquiries from you regarding a contract, the legal basis for this data processing is Art. 6(1)(b) GDPR.

If we obtain your consent to process specific data, the legal basis is Art. 6(1) (a) GDPR. We process some data for the purposes of pursuing our legitimate interests, whereby a balancing of your interests requiring protection and our legitimate interests is always undertaken. The legal basis for this is point (f) of Article 6(1) GDPR. If processing is necessary to fulfil a legal obligation to which we are subject, the legal basis is Art. 6(1)(c) GDPR.

Below we explain how we process personal data via our website.

Cookies

Our website uses cookies. Cookies are files that are placed on your computer by a website you visit and allow your browser to be recognised. Cookies transmit information to the site that sets the cookie. Cookies can store various information, such as your language setting, the duration of visits on our website or the entries you have made there. This prevents you, for example, from having to re-enter required form data each time you use the site. The information stored in cookies can also be used to recognise preferences and tailor content according to areas of interest.

There are different types of cookies: Session cookies are sets of data that are only temporarily held in the working memory and are deleted when you close your browser. Permanent or persistent cookies are automatically deleted after a predefined period of time, which may differ depending on the cookie. With this type of cookie, the information can also be stored in text files on your computer. However, you can also delete these cookies at any time via your browser settings.

First-party cookies are stored by the website you are currently visiting. Only that website is allowed to read information from these cookies. Third-party cookies are stored by organisations that do not operate the website you are visiting. These cookies are used by marketing companies, for example.

The legal basis for possible processing of personal data by means of cookies and their storage period may vary. If you have given us your consent, the legal basis is point (a) of Article 6(1) GDPR. If the data processing is based on our overriding legitimate interests, the legal basis is point (f) of Article 6(1) GDPR. The stated purpose then corresponds to our legitimate interest.

We use cookies to ensure the proper operation of the website, to provide basic functionality, to measure reach and - with your consent - to tailor our services to preferred areas of interest.

You can delete cookies already stored on your end device at any time. If you want to prevent cookies from being stored, you can do this via the settings in your internet browser. You can find instructions for common browsers here: Internet Explorer, Firefox, Google Chrome, Google Chrome mobile, Microsoft Edge, Safari, Safari mobile. Alternatively, you can also install ad blockers. Please note that individual functions of our website may not work if you have deactivated the use of cookies.

When accessing our website, all users of our website are also informed by an information banner about our use of cookies and referred to this data protection notice. Users will also be asked for their consent to the use of certain cookies, in particular those relevant for the personalisation of services and for marketing measures. Consent can be revoked at any time with future effect by calling up the tracking settings via the link at the end of each page (footer) and removing the tick behind the processing for which consent had been given. "

Name of cookie RationalOnline
Purpose of processing Session cookie of the website framework
Legal basis for processing Legitimate interest – technically necessary
Storage duration  Until session ends
Name of cookie wantTip
Purpose of processing Session cookie of the Javascript functionality “Tooltip”
Legal basis for processing Legitimate interest – technically necessary
Storage duration  Until session ends

Usercentrics

We use the Usercentrics service to manage consents on our website. Usercentrics is software developed by Usercentrics GmbH, Rosental 4, 80331 Munich, Germany.

Usercentrics determines the language used by your browser. A cookie is set to check whether you have already made a selection in our cookie management tool during a previous visit to our website. This cookie is necessary because it allows the website to recognise whether you have consented to tracking or not. In addition, a log file is created in order to be able to prove that consent has been given. This file contains the IP address in anonymised form, information about the browser that was used, data about the scope of the consent, and the date and time of the visit.

The legal basis for the processing is our legitimate interest in accordance with point (f) of Article 6(1) GDPR.

The purpose of data processing is the user-friendly and legally compliant design of our website. We want to make it as easy as possible for you to give or withdraw consent and increase the transparency of data processing by means of cookies, pixels, tags or similar on our website. Our legitimate interest also lies in the purpose of data processing.

Your consent or refusal to use / receive services that may also set cookies is stored on your end device in its local storage. The consent data (consent granted and revocation of consent) remain stored on your computer until the local storage is deleted. To enable matching, Usercentrics stores this as hash values for 3 years.

Google Tag Manager

For reasons of transparency, we would like to point out that we use Google Tag Manager. Google Tag Manager does not collect any personal data itself. Tag Manager makes it easier for us to integrate and manage our tags. Tags are small pieces of code that are used to measure traffic and visitor behaviour, track the impact of online advertising and social channels, set up remarketing and targeting, and test and optimise websites, among other things. We use the Tag Manager for all digital services listed in this data privacy statement. If you have deactivated it, Google Tag Manager will take this deactivation into account. For more information on Google Tag Manager, see: https://www.google.com/intl/de/tagmanager/use-policy.html .

Website analysis

For the purpose of analysing and optimising our websites, we use various services which are described below. We use these services to analyse how many users visit our site, which information is most in demand or how users find the offer. We also collect data on which website a user came to our website from (the referrer), which sub-pages of the website were accessed or how often and for how long a sub-page was viewed. This helps us to design our offers in a user-friendly way, to find errors and to improve our offers.

Affected data category IP address (saved anonymously)
Purpose of processing Creation and modification of cookie information.
Legal basis for processing Consent
Storage duration 14 months
Withdrawal You can withdraw your consent by changing your selection in the tracking settings (see above, under Cookies).
Affected data category Device-related data, such as device type, operating system model, browser type and version
Purpose of processing Optimisation of the website and adaptation of content as well as aggregated usage analysis.
Legal basis for processing Consent
Storage duration 14 months
Withdrawal You can withdraw your consent by changing your selection in the tracking settings (see above, under Cookies).
Affected data category Usage-related information, such as time of use, duration, place of origin, pages accessed, clicks and actions on the website
Purpose of processing Optimisation of the website and adaptation of content as well as aggregated usage analysis.
Legal basis for processing Consent
Storage duration 14 months
Withdrawal You can withdraw your consent by changing your selection in the tracking settings (see above, under Cookies).

Matomo

On our website, we use the open source web analytics software Matomo, a service of “InnoCraft Ltd”, a company based at 7 Waterloo Quay PO625 Wellington, New Zealand. Since InnoCraft is based outside the EU, InnoCraft has appointed a representative in the EU: ePrivacy Holding GmbH, Große Bleichen 21, 20354 Hamburg (privacy@innocraft.com). The software is only operated by its own servers.

Cookies are used to analyse the use of the website. For this purpose, the usage information collected in the cookie (including your shortened IP address) is transmitted to our server and stored for usage analysis purposes. With Matomo, no data is transmitted to servers beyond our control. Your IP address is immediately anonymised during this process, so that you as a user are not identifiable to us. The information collected about your use of this website will not be passed on to third parties.

We use the data collected for the statistical analysis of user behaviour for the purpose of optimising the functionality and stability of the website and for marketing purposes. Our interest in and purpose of data processing lies in optimising our website, adapting the content and improving our offer. The interests of the users are sufficiently protected by anonymisation. We only store the analysis data for as long as the purpose of the data processing requires, but for a maximum of 14 months.

The legal basis for the described data processing is your consent, point (a) of Article 6(1) GDPR. Once you have given your consent, you can withdraw it at any time with future effect by changing your selection in the cookie settings (see above, Tracking settings). Alternatively, you can delete your cookies (all or only from this website). The banner with the selection options is then displayed again.

Advertising

We use cookies for marketing purposes to target our users with interest-based advertising. We also use cookies to limit the probability of an advertisement being displayed and to measure the effectiveness of our advertising measures. This information can also be shared with third parties, such as such as ad networks. The legal basis for this is point (a) of Article 6(1) GDPR.

Facebook Custom Audience / Conversion Tracking Pixel

As part of usage-based online advertising, we use the Custom Audiences service of Facebook Inc. (1601 S. California Avenue, Palo Alto, CA 94304, USA). The processor for us (as a company from the EU) is Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

For this purpose, we define target groups of users based on certain characteristics in the Facebook Ads Manager, who will subsequently be shown ads within the Facebook network. Users are selected by Facebook based on the profile information they provide and other data provided through their use of Facebook. If a user clicks on an advertisement and subsequently reaches our website, Facebook receives the information that the user has clicked on the advertising banner via the Facebook pixel integrated on our website.

In principle, a non-reversible and non-personal checksum (hash value) is generated from your usage data, which is transmitted to Facebook for analysis and marketing purposes. A Facebook cookie is set. This collects information about your activities on our website (e.g. browsing behaviour, subpages visited, etc.). Your IP address is also stored and used for the geographical targeting of advertising.

We do not use Facebook Custom Audiences via the customer list or the “advanced comparison” function.

The legal basis for the described data processing is your consent, point (a) of Article 6(1) GDPR. You can withdraw your consent at any time with future effect by changing your selection in the tracking settings (see above, under Cookies). Alternatively, you can delete your local storage from this website. The banner with the selection options is then displayed again.

Further information on the purpose and scope of data collection and the further processing and use of data by Facebook, as well as your setting options for protecting your privacy, can be found in Facebook's privacy policy. You can apply settings regarding which advertisements are displayed to you on Facebook under this link and in the Facebook account settings.

If you consent to the data processing described, Facebook will of course also have access to your data. In particular, it is possible that Facebook Inc, 1601 Willow Road, Menlo Park, California 94025, USA, alongside Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland may have access to your data. Facebook Inc. is located in an insecure third country where the level of data protection is lower.

Facebook has made available online a "Facebook EU Data Transfer Addendum" since 31/08/2020, which is intended to incorporate the standard contractual clauses in cases where Facebook Ireland Limited processes data from the EU/EEA as a processor and transfers it to Facebook Inc. as a sub-processor.

You can find further information on the Custom Audiences service by Facebook at: https://de-de.facebook.com/business/help/449542958510885 .

You can obtain further information on data processing and storage duration from the provider or at https://www.facebook.com/about/privacy .

The deactivation of the “Facebook Custom Audiences” function is possible for logged-in users under https://www.facebook.com/settings/?tab=ads# .

Name of the provider Facebook Inc. ("Facebook") based at 1601 S. California California, Palo Alto, CA 94304, USA.
Provider type Processor
Data transfer to third country Yes
Third country USA
Guarantees in accordance with Article 44ff GDPR Standard contractual clauses
Affected data category HTTP header: An HTTP header contains information about your IP address, web browser information, page location, document, URl reference and web browser user agent.
Purpose of processing Interest-based advertising
Legal basis for processing Consent
Storage duration 180 days
Deactivation/revocation You can withdraw your consent by changing your selection in the tracking settings (see above, under Cookies).
Affected data category Pixel-specific data, such as the pixel ID and Facebook cookie data.
Purpose of processing Interest-based advertising
Legal basis for processing Consent
Storage duration 180 days
Deactivation/revocation You can withdraw your consent by changing your selection in the tracking settings (see above, under Cookies).
Affected data category Optional values, such as information on purchases made, information on the conversion value.
Purpose of processing Interest-based advertising
Legal basis for processing Consent
Storage duration 180 days
Deactivation/revocation You can withdraw your consent by changing your selection in the tracking settings (see above, under Cookies).

LinkedIn Conversion Tracking

We use the LinkedIn Conversion Tracking service of LinkedIn Corporation, 1000 W Maude Ave, Sunnyvale, CA, 94085-2810 USA to evaluate our online advertising. The controller for users in the EU/EEA and Switzerland is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

For this purpose, we define target groups of users based on certain characteristics in the LinkedIn Campaign Manager, who are subsequently shown advertisements within the LinkedIn network. Users are selected by LinkedIn based on the profile information they provide, as well as other data provided when using LinkedIn. If a user clicks on an advertisement and subsequently reaches our website, LinkedIn receives the information that the user has clicked on the advertising banner via the Conversion Tag integrated on our website.

The LinkedIn tag therefore allows the following data to be logged:

  • Website visited, including the URL,
  • Referrers
  • IP address
  • device and browser properties (user agent)
  • and timestamp.

The IP addresses are shortened or (for cross-device use) hashed by LinkedIn. The direct identifiers of the members are removed within 7 days for pseudonymisation of the data. The remaining pseudonymous data is then deleted within 180 days.

LinkedIn does not share the personal data with us, as the website operator, but only provides us with reports and notifications (which do not identify the user) about website visits and ad performance. LinkedIn also offers retargeting, which allows us, as the website operator, to show personalised ads outside of our website using this data without identifying individual members. Data that does not identify you is also used to improve ad relevance and reach LinkedIn members across devices. LinkedIn members can control the use of their personal data for advertising purposes via their account settings. LinkedIn refers to the following link to customise advertising preferences: https://www.linkedin.com/psettings/advertising/actions-that-showed-interest.

We process this data to evaluate our advertising campaigns. The legal basis for the processing is your consent, point (a) of Article 6(1) GDPR. Without your consent via our cookie banner, no data is processed for LinkedIn conversion tracking. You can withdraw your consent at any time with future effect by changing your selection in the tracking settings (see above, under Cookies). Alternatively, you can delete your local storage from this website. That’s it. The banner with the selection options is then displayed again.

As part of LinkedIn conversion tracking, LinkedIn naturally has access to the listed data. In particular, it is possible that in addition to LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland, LinkedIn Corporation, 1000 W Maude Ave, Sunnyvale, CA, 94085-2810 USA may also have access to your data.

The LinkedIn Corporation is located in an insecure third country where the level of data protection is lower. Since a transfer of the data collected by the pixel described here to the LinkedIn Corporation cannot be ruled out, appropriate guarantees are required to ensure an adequate level of data protection.

In this regard, LinkedIn provides, as part of the respective LinkedIn services contract, a Data Processing Agreement with linked standard contractual clauses for customers of its LinkedIn services, which can be found here: https://www.linkedin.com/legal/l/dpa .

Further information on the purpose and scope of data collection and the further processing and use of data by LinkedIn, as well as your setting options for protecting your privacy, can also be found in LinkedIn's privacy policy.

For more information on LinkedIn conversion tracking, please visit: https://business.linkedin.com/de-de/marketing-solutions/conversion-tracking#get-started

You can find further information on data processing and storage duration at https://www.linkedin.com/help/linkedin/answer/65521?lang=de .

Affected data category HTTP header: In an HTTP header there is information about: Visited website, including the URL, referrer, IP address, device and browser properties (user agent), and timestamp.
Purpose of processing Interest-based advertising
Legal basis for processing Consent
Storage duration 180 days
Deactivation/revocation You can withdraw your consent by changing your selection in the tracking settings (see above, under Cookies).
Affected data category Pixel-specific data, such as the pixel ID
Purpose of processing Interest-based advertising
Legal basis for processing Consent
Storage duration 180 days
Deactivation/revocation You can withdraw your consent by changing your selection in the tracking settings (see above, under Cookies).
Affected data category Optional values, such as information on purchases made, information on the conversion value
Purpose of processing Interest-based advertising
Legal basis for processing Consent
Storage duration 180 days
Deactivation/revocation You can withdraw your consent by changing your selection in the tracking settings (see above, under Cookies).
Name of the provider LinkedIn Corporation, 1000 W Maude Ave, Sunnyvale, CA, 94085-2810 USA.
Provider type Processor
Data transfer to third country Yes
Third country USA

X Ads and conversion tracking (with X Pixel).

We run X Ads to drive traffic to our services and use X conversion tracking on our website to analyse our online advertising. The provider is X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. The entity responsible for managing the rights of data subjects within the EU/EEA is Twitter International Unlimited Company, Attn: Data Protection Officer, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 Ireland.

In the X Ads Campaign Manager, we define target groups of users based on certain characteristics and then serve them ads within the X network. Users are selected by X based on the profile information they provide, as well as other data provided when using X. X Custom Audiences is not used by us.

X conversion tracking uses the 'X pixel', which can be used to track the actions of users after they have seen or clicked on an X ad. When you click on an ad, a cookie is placed on your computer. These cookies have a term of up to 13 months in some areas. Further information on the use of cookies on X can be found in the X Help Centre . Click here to visit our website. The pixel on our website provides X, and us as the client, with information that a user has clicked on an ad and been directed to our website. Your browsing behaviour is recorded, such as the website visited, content viewed, time of visit, etc., as well as device-related information such as applications and operating systems used. This includes your IP address.

The information is used to generate reports showing how many users have seen or clicked on an ad. In principle, we only receive reports from X in an aggregated, anonymised form that does not reveal who has seen or clicked on our ads. The statistics provided to us by X include the total number of users who clicked on one of our advertisements and, if applicable, whether they were redirected to a page on our website that was tagged with a conversion tag. We can use these statistics to understand what content is relevant to users and make improvements.

Data that exceptionally allows us to identify a specific user on X will be deleted within 90 days of receipt of the data.

Further information on data processing when using X Ads and conversion tracking can be found at https://legal.x.com/ads-terms/international.html .

You can opt out of interest-based advertising you have requested on X via the YourAdchoice website or the Network Advertising Initiative website . Please note that the advertising settings for your X account are only applied if you are also logged into X. For more information on access, see Personalisation and Data Settings .

Data will only be collected and processed with your express consent in accordance with Section 25 (1) sentence 1 TTDSG, Article 6 (1)(a) GDPR. You may withdraw your consent at any time with future effect.

Data may be transferred to an X Corp. server in the USA as part of the processing. Where data is processed outside the EU/EEA, X Corp. is certified under the EU-US Data Privacy Framework (DPF). Data transfers to the USA are therefore authorised on the basis of the European Commission's adequacy decision pursuant to Article 45 GDPR. For more information on the EU-US Privacy Framework Program, please visit the official website of the ITA: https://www.dataprivacyframework.gov/s/)

For more information about the purpose and scope of data collection, further processing and use of data, and privacy settings, please see X's Privacy Policy: https://x.com/en/privacy

TikTok Lead Ads forms.

We use the TikTok Ads lead forms to offer potential purchasers the opportunity to contact us directly and voluntarily via a contact form displayed there. TikTok Lead Ads is a service provided by the Chinese company ByteDance. The controller for users in the EU/EEA and Switzerland is TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland jointly with TikTok Information Technologies UK Limited, One London Wall 6th floor, London, EC2Y 5EB, United Kingdom (hereinafter “TikTok”)

You can use the TikTok Ads lead forms to register for our RATIONAL Live events or webinars.
We use a double opt-in process for registrations via the TikTok Ads lead form. This means that after you have provided us with your e-mail address, we will send you a confirmation e-mail to the e-mail address you have provided, in which we ask you to confirm your registration. If you do not confirm this within 24 hours, your registration will be automatically deleted from the database. Upon confirmation, you will receive personal access to the event or webinar. Furthermore, we store your IP addresses and the times of registration and confirmation each time you register and confirm. The purpose of the procedure is to be able to prove your registration as part of our accountability obligations and, if necessary, to clarify any possible misuse of your personal data. Due to the fulfilment of accountability, we have a legitimate interest in accordance with Article 6 (1)(f) GDPR in processing the data of the double opt-in procedure.

When you contact us via a TikTok Ads lead form, the data you provide (title, first name, last name, company, street, house number, postcode, city, country, email and phone number) will only be processed by us to respond to your questions and requests and to enable you to participate in our events and features as requested. This also constitutes our legitimate interest in processing as defined by Article 6(1)(f) GDPR. Processing of the data for further purposes is not intended.
Personal data that must be provided is marked as mandatory in the respective registration form; any additional information is voluntary.

Your data, which we have received in the course of contacting you, will be deleted as soon as it is no longer required to achieve the purpose for which it was collected, your request has been fully processed and no further communication with you is necessary or desired by you. You can object to the described processing of your personal data communicated via TikTok Ads lead form at any time with effect for the future. To do this, send us an e-mail at Datenschutzbeauftragter@rational-online.com and express your wish to withdraw with future effect.

TikTok regulates the data processing in connection with the use of TikTok Lead Ads (lead generation) via the Jurisdiction Specific Terms contractually agreed with us under a data processing agreement within the meaning of Article 28 GDPR in accordance with the Data Processing Terms.

Various recipients within and outside the EU/EEA receive the aforementioned personal data. In detail, these are the following recipients:

  • Recipients within the RATIONAL Group ( national subsidiaries ) and partner companies. Only the company responsible for you will contact you. Jurisdiction is determined by the location of your company/place of business.
  • External service providers are TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland ("TikTok") and TikTok Information Technologies UK Limited, One London Wall 6th floor, London, EC2Y 5EB, United Kingdom. In addition, if you use TikTok Lead Ads, we cannot guarantee that your personal data will not be transferred to and processed by other companies within the TikTok group of companies around the world.

Via the Jurisdiction Specific Terms, data transfers to third countries - unless there is an adequacy decision pursuant to Article 45 GDPR of the EU Commission - are governed by standard contractual clauses pursuant to Article 46 (2) GDPR.

According to its own information, TikTok bases internal data transfers on adequacy decisions pursuant to Article 45 GDPR (for third countries for which the European Commission considers there to be an adequate level of data protection, e.g. for data transfers to groups of companies based in Canada, the UK, Israel, Japan and South Korea). For data transfers to countries for which there is no adequacy decision, TikTok states that it uses the EU standard contractual clauses pursuant to Article 46 (2) GDPR.

We expressly state that TikTok collects information about users (e.g. IP address, personal interests, behaviour on TikTok pages, personal information stored by TikTok, etc.) and uses it for its own business purposes.

We have no control over the processing and use of this data, as TikTok alone determines the processing. It is not possible for us to fully trace to what extent, where and for what duration the data are stored, to what extent the data are linked and analysed and to whom the data are transferred. We also have no insight or influence with regard to deletion periods, i.e. whether and to what extent deletion periods are adhered to.

For more detailed information about what information TikTok collects, for what purposes and on what legal basis, please see TikTok's Privacy Policy .

The information about TikTok conversion tracking ("TikTok pixel") also applies here.

TikTok Conversion Tracking ("TikTok Pixel").

In order to promote our products and services, we serve ads on TikTok and use the "TikTok Pixel" tracking and conversion tool on our website to analyse our online advertising. TikTok Conversion Tracking is a service provided by the Chinese company ByteDance. The controller for users in the EU/EEA and Switzerland is TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland, together with TikTok Information Technologies UK Limited, One London Wall 6th floor, London, EC2Y 5EB, United Kingdom (hereinafter "TikTok").

The TikTok pixel allows us to track the effectiveness of TikTok ads for statistical and market research purposes by determining whether users were directed to our website after clicking on a TikTok ad (a "conversion"). Pixels are small, invisible image files used to record information about a user's interaction with a website. When the website is visited, a simple code is automatically launched that loads the pixel onto the device and records certain information about the device and the user's actions on the site. This allows us to measure our ad performance and conversions, as well as build audiences for remarketing. It also allows us to serve interest-based advertising to users of our site and to measure and analyse their behaviour on our site for statistical and market research purposes. Information collected by TikTok pixels includes IP address, a device ID, device type and operating system, and information about activity on our site (e.g., browsing patterns, subpages visited, etc.). For more information about the TikTok Pixel, visit TikTok at About TikTok Pixel. The data is transferred to TikTok. TikTok may use this information to associate a user of our website with a TikTok user account. TikTok uses this information to display personalised advertising to its users and to create interest-based user profiles. TikTok regulates the processing of data in the context of the use of conversion tracking (data collection and exchange of event data, display of conversions) through the Jurisdiction Specific Terms , which we have contractually incorporated as joint controllers within the meaning of Article 26 GDPR (Joint Controller Terms).

TikTok does not share the personal data with us, as the website operator, but only provides us with reports and notifications (which do not identify the user) about website visits and ad performance.

Data will only be collected and processed with your express consent in accordance with Section 25 (1) sentence 1 TTDSG, Article 6 (1)(a) GDPR. You can withdraw this consent at any time with future effect by changing your selection in the tracking settings (see above, under Cookies).

Various recipients within and outside the EU/EEA receive the aforementioned personal data. External service providers are TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland ("TikTok") and TikTok Information Technologies UK Limited, One London Wall 6th floor, London, EC2Y 5EB, United Kingdom. In addition, if you use TikTok Lead Ads, we cannot guarantee that your personal data will not be transferred to and processed by other companies within the TikTok group of companies around the world.
Via the Jurisdiction Specific Terms , data transfers to third countries - unless there is an adequacy decision pursuant to Article 45 GDPR by the EU Commission -
will be governed by standard contractual clauses pursuant to Article 46 (2) GDPR. According to its own information, TikTok bases internal data transfers on adequacy decisions pursuant to Article 45 GDPR (for third countries for which the European Commission considers there to be an adequate level of data protection, e.g. for data transfers to groups of companies based in Canada, the UK, Israel, Japan and South Korea). For data transfers to countries for which there is no adequacy decision, TikTok states that it uses the EU standard contractual clauses pursuant to Article 46 (2) GDPR.

For more information about TikTok's data processing and retention practices, please see TikTok's Privacy Policy: https://www.tiktok.com/legal/privacy-policy-eea .

Google Ads, remarketing, conversion tracking and conversion linker

We use the Google Ads service. Google Ads is an online advertising programme of Google LLC, (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). The controller for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

This means that we place Google Ads and also use Google remarketing, conversion tracking and the conversion linker as part of this. The advertisements are displayed on Google’s search results pages and on websites of the Google advertising network. We also use ads remarketing lists for advertisements. This allows us to customise campaigns for users who have previously visited our website. The services allow us to combine our advertisements with certain search terms or to place advertisements for previous visitors promoting, for example, services that visitors have viewed on our website. This means that we can display interest-based advertising to users of our website on other websites within the Google advertising network (as a "Google ad" within Google Search or on other websites).

For interest-based offers, an analysis of online user behaviour is necessary. Google uses cookies to perform this analysis. When clicking on an advertisement or visiting our website, a cookie is set on the user’s computer by Google. These cookies have a duration of 90 days. The information collected by means of the respective cookie is used to target the visitor in a subsequent search query. Further information on the cookie technology used can also be found in Google's notices on website statistics and in the privacy policy. With the conversion linker, we can also store click data to effectively measure conversion tracking information. This allows us to see whether users perform a certain action on the website specified by us (e.g. whether services are ordered) after clicking on an ad placed by us via Google Ads. We therefore use the conversion linker tag on our pages, which you can land on as a visitor if you have clicked on one of our advertisements. With the conversion linker tag, we are then able to record our ad click information in the URLs of the conversion page and store it in our own first-party cookies (instead of third-party cookies) on our domain.

With the help of this technology, Google and we as a customer receive information that a user has clicked on an advertisement and been redirected to our websites. The information obtained in this way is only used for statistical evaluation to optimise the advertisements. We do not receive any information that could personally identify visitors. Your IP address will be transmitted to Google, but since we use Google Analytics IP masking on this website, your IP address will be anonymised.

The log data is anonymised after 9 months and the cookie information is anonymised after 18 months.

The statistics provided to us by Google include the total number of users who clicked on one of our advertisements and, if applicable, whether they were redirected to a page on our website that was tagged with a conversion tag. Based on these statistics, we can trace which search terms were clicked on our advertisement particularly often and which advertisements lead to the user contacting us via the contact form.

You can find more information on data protection in the context of Google Ads at: https://policies.google.com/technologies/ads?hl=de .

Insofar as data is processed outside the EU/EEA, in order to establish a secure level of data protection with the service provider, we must comply with the standard data protection clauses adopted by the EU Commission pursuant to Article 46 GDPR, which allows the transfer of personal data to a third country in individual cases.

The legal basis for the described data processing is your consent, point (a) of Article 6(1) GDPR. You can withdraw your consent at any time with future effect by changing your selection in the tracking settings (see above, under Cookies). Alternatively, you can delete your local storage from this website. The banner with a link to the selections is then displayed again.

You also have the option of changing the display setting ( https://adssettings.google.com/authenticated?hl=de ) to select the types of Google advertisements or to deactivate interest-based advertisements on Google.

Microsoft Advertising (formerly Bing Ads).

Microsoft Advertising is an online advertising service for displaying advertisements of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. The controller for users in the EU, EEA and Switzerland is Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521 Ireland.

We use the Microsoft Advertising service (formerly Bing Ads) to display advertisements via the Microsoft network and the associated search engines (e.g. Bing, Yahoo!, Ecosia, etc.). As part of Microsoft Advertising, we also use the associated conversion tracking. Conversion tracking requires the implementation of the UET tag (Bing Universal Event Tracking), which we have integrated into our website. If you access our website through an advertisement we have placed, a cookie will be placed on your computer. These cookies enable Microsoft and us to recognise that someone has clicked on an advertisement, been directed to our website and taken a predetermined action on the website (conversion). This information helps us to better tailor our website, advertisements and offers to your needs.

We also use remarketing lists to serve interest-based advertisments to website visitors within the Microsoft Advertising Network. Detailed information about the data and cookies used can be found at https://help.ads.microsoft.com/#apex/ads/en/53056/2-500 .

We use the information obtained from conversion tracking solely for statistical purposes to optimise our advertising. We cannot identify the visitor personally. The statistics provided by Microsoft include the total number of users who clicked on one of our advertisements and whether they were redirected to a website with a conversion tag. We may also determine whether a particular action was taken on the website (for example, whether and how many registrations were made for an event, what you clicked on our website, how many people visit our website through Microsoft Advertising, and how long you spend on our website) and the keyword or advertisement you used to reach us.

Microsoft uses the data to optimise its own advertising and other services. If you have a Microsoft account, the data collected may be associated with your account. Microsoft may recognise and store your IP address. The retention period for data collected by UET is 390 days, Microsoft cookies have an expiry date of 13 months.

You can select the types of Microsoft ads you want to see or opt out of interest-based advertising on Microsoft by using the Ads Preferences feature https://account.microsoft.com/privacy/ad-settings/signedout?ru=https:%2F%2Faccount.microsoft.com%2Fprivacy%2Fad-settings .

The legal basis for the described data processing is your consent, point (a) of Article 6(1) GDPR, and Section 25(1) TTDSG (German Telecommunications Telemedia Data Protection Act). You can withdraw your consent at any time with future effect by changing your tracking preferences or deleting your local storage from this website. The banner with a link to the selections is then displayed again.

The recipient of the data used as part of Microsoft Advertising may also be Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. Microsoft has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection based on an adequacy decision by the European Commission. Data transfers to the USA are therefore protected in accordance with Article 45 GDPR.

You can find more information on data protection in the context of Microsoft Advertising at: https://privacy.microsoft.com/en-us/privacystatement .

Newsletter and promotional telephone contact

You have the option on our website or via "Advertising Lead Forms" (see below) to register for our newsletter and also to leave your telephone number for the purpose of advertising contact, so that we can provide you with information by e-mail and telephone/SMS as part of the consent you have given, provided you have expressly consented (point (a) of Article 6(1) GDPR). By agreeing to receive the newsletter and to be contacted by telephone, you consent to receive:

  • Product and service information (such as accessories, cooking system instructions, kitchen advice)
  • Invitations to events and appointments (such as cooking events, expert's kitchen, academy events, trade fair events)
  • Customer satisfaction survey

by RATIONAL AG, Siegfried-Meister-Strasse 1,86899 Landsberg am Lech, or its responsible group companies. Only the company responsible for you will contact you. Jurisdiction is determined by the location of your company/place of business.

We use the double-opt-in procedure to register for our newsletters and for further consent to be contacted by e-mail for advertising purposes. This means that after you have provided us with your e-mail address, we will send you a confirmation e-mail to the e-mail address you have provided, in which we ask you to confirm that you wish to receive the newsletter. If you do not confirm this within 24 hours, your registration will be automatically deleted. If you confirm your wish to receive the newsletter, we will store your email address until you unsubscribe. The sole purpose of storing this data is to be able to send you the newsletter. Furthermore, we store your IP addresses and the times of registration and confirmation in order to be able to prove your registration in case of doubt and to clarify any misuse of your personal data. The legal basis for logging the registration is our legitimate interest pursuant to point (f) of Article 6(1) GDPR on the proof of previously granted consent, see also Article 7(1) GDPR.

The provision of further, separately marked, information is voluntary and will only be used to personalise the newsletter and/or the promotional telephone calls. The legal basis for this is your consent as defined by point (a) of Article 6(1) GDPR.

You can revoke your consent to receive the newsletter or to be contacted by telephone for advertising purposes at any time. You can revoke your consent by clicking on the link provided in every newsletter e-mail or by e-mail to privacy@rational-online.com , as well as during the telephone call.

Name of newsletter provider salesforce.com, inc, Salesforce Tower 415 Mission Street, 3rd Floor San Francisco, CA 94105 USA
Provider type Processor
Data transfer to third country Yes
Third country USA
Guarantees pursuant to Article 44 et seq. GDPR  EU standard contractual clauses / more:  https://sfdc.co/cakvbB
Name of newsletter provider EQS Group AG, Karlstrasse 47, D-80333 Munich
Provider type Processor
Data transfer to third country No
Third country  
Guarantees pursuant to Article 44 et seq. GDPR   
Data IP address upon registration
Purpose of processing Proof of registration
Legal basis for processing Legitimate interest
Storage duration up to 3 years after revocation/objection
Data Time of registration
Purpose of processing Proof of registration
Legal basis for processing Legitimate interest
Storage duration up to 3 years after revocation/objection
Data IP address upon DOI
Purpose of processing Proof of double opt-in
Legal basis for processing Legitimate interest
Storage duration up to 3 years after revocation/objection
Data Time of DOI verification
Purpose of processing Proof of double opt-in
Legal basis for processing Legitimate interest
Storage duration up to 3 years after revocation/objection
Data e-mail address
Purpose of processing Sending the newsletter
Legal basis for processing Consent
Storage duration until revocation/objection
Data *Form of address
Purpose of processing Direct approach
Legal basis for processing Consent
Storage duration until revocation/objection
Data *First name
Purpose of processing Direct approach
Legal basis for processing Consent
Storage duration until revocation/objection
Data *Surname
Purpose of processing Direct approach
Legal basis for processing Consent
Storage duration until revocation/objection
Data *Telephone number
Purpose of processing Direct approach
Legal basis for processing Consent
Storage duration until revocation/objection

Advertising lead forms on Facebook and LinkedIn

We use "Advertising Lead Forms" on Facebook and LinkedIn to offer potential purchasers the opportunity to contact us directly and voluntarily via a contact form displayed there. Alternatively, you can of course also use the contact forms on our website or by e-mail to contact us directly.
You can register for events using the Advertising lead forms. We then process the data in order to answer your questions and process your requests and to enable you to participate in our webinar offers as requested. This also constitutes our legitimate interest in processing as defined by point (f) of Article 6(1) GDPR.

Your data, which we have received in the course of contacting you, will be deleted as soon as it is no longer required to achieve the purpose for which it was collected, your request has been fully processed and no further communication with you is necessary or desired by you.

The provision of your personal data is neither legally nor contractually required.
Automated decision making including profiling by us does not take place.

Various recipients within and outside the EU/EEA receive the aforementioned personal data.
In detail, these are the following recipients:

Recipients within the RATIONAL Group (national subsidiaries) and partner companies
Only the company responsible for you will contact you. Jurisdiction is determined by the location of your company/place of business.

External service providers as part of contract processing pursuant to Article 28 GDPR:

  • LinkedIn Ireland Unlimited Company
    Wilton Place,
    Dublin 2, Ireland
    Here you will find the current data processing agreement and the standard contractual clauses of LinkedIn https://legal.linkedin.com/dpa/DE.
  • Facebook Ireland Ltd.
    4 Grand Canal Square
    Grand Canal Harbour
    Dublin 2 Ireland
    Facebook has made available online a "Facebook EU Data Transfer Addendum" since 31/08/2020, which is intended to incorporate the standard contractual clauses in cases where Facebook Ireland Limited processes data from the EU/EEA as a processor and transfers it to Facebook Inc. as a sub-processor.

We expressly state that LinkedIn and Facebook store the data (e.g. IP address, possibly personal interests, behaviour on the pages of the two providers, personal information stored in the networks, etc.) of users and use it for business purposes.

We have no control over the processing and further use of this data, as Facebook/ LinkedIn alone determine the processing. It is currently not possible for us to trace to what extent, where and for what duration the data are stored, to what extent the data are linked and analysed and to whom the data are transferred. We also have no insight or influence with regard to deletion periods, i.e. whether and to what extent deletion periods are adhered to.

Further information on the purpose and scope of data collection and the further processing and use of data by LinkedIn, as well as your setting options for protecting your privacy, can be found in LinkedIn's privacy policy.

We use the Google Ads lead forms to offer potential purchasers the opportunity to contact us directly and voluntarily via a contact form displayed there. Google Ads lead form extensions are a service of Google LLC, (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). The controller for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. Alternatively, you can of course also use the contact forms on our website or by e-mail to contact us directly.

You can register for our (cooking) events using Google Ads lead forms.

When you contact us via a Google Ads lead form, the data you provide (your e-mail address, your full name, your telephone number, your postcode and place of residence as well as your job title and the company name of your place of employment) will be processed by us solely to process your request to participate in one of our cooking events and to enable you to take part in this requested cooking event. This also constitutes our legitimate interest in processing as defined by Article 6(1)(f) GDPR. Processing of the data for further purposes is not intended.

Personal data that must be provided is marked as mandatory in the respective registration form; any additional information is voluntary.

If you register for one of our cooking events, your data that we have received in the course of our contact will be deleted after 24 months at the latest, provided that no further communication with you is required, requested by you or initiated by you by that time.

You can object to the described processing of your personal data communicated via Google lead form at any time with effect for the future. To do this, send us an e-mail at privacy@rational-online.com and express your wish to withdraw with future effect.

Various recipients within and outside the EU/EEA receive the aforementioned personal data.

In detail, these are the following recipients:

Recipients within the RATIONAL Group (national subsidiaries) and partner companies

Only the company responsible for you will contact you. Jurisdiction is determined by the location of your company/place of business.

In the case of data transfer outside the European Union, the high level of data protection in Europe does not apply.

If data is processed outside the European Economic Area/EU, where there is no level of data protection corresponding to the European standard, Google states that it uses standard contractual clauses. You can find more information on how user data is handled in the order data processing conditions for Google advertising products: https://business.safety.google/intl/de/adsprocessorterms/

If you interact within the scope of Google services, Google in the USA will of course also have access to your data. We expressly state that Google stores the data (e.g. IP address, possibly personal interests, behaviour on Google pages, personal information on file with Google, etc.) of users and uses it for business purposes.

We have no control over the processing and further use of this data, as Google alone determines the processing. It is currently not possible for us to trace to what extent, where and for what duration the data are stored, to what extent the data are linked and analysed and to whom the data are transferred. We also have no insight or influence with regard to deletion periods, i.e. whether and to what extent deletion periods are adhered to.

You can find Google’s privacy policy and terms of use HERE .

Information on the data processing conditions between data controllers for Google advertising products can be viewed HERE .

Further information on how Google’s data is handled can also be found at: https://business.safety.google/ .

You can find information on the lead form extensions here:

https://support.google.com/google-ads/answer/9423234?hl=de&ref_topic=9716366

The information on Google Ads, remarketing and conversion tracking also apply here.

Google Maps

We use the Google Maps service. Google Maps is a mapping service provided by Google LLC, (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). The controller for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

In order to use the functions of Google Maps, information, including the IP address and the address entered as part of the routing function, may be transmitted to the provider's servers. This information is usually transmitted to a Google server in the USA and stored there.

When visiting a website that contains maps from Google Maps, your browser normally establishes a direct connection with Google's servers even without using the map, whereby the map content is sent to your browser and integrated by it. The use of our consent management tool (Usercentrics) will prevent this if you have not consented to data processing with regard to Google Maps. Due to the integration of Google Maps, no data is transferred without your consent.

The provider of this site has no control over this data transfer. As far as we know, this comprises the following data:

  • the date and time of the visit to the website concerned,
  • Internet address or URL of the website accessed,
  • IP address, (start) address entered as part of route planning

Google Maps is used in the interest of an appealing presentation of our online offers and to make it easy to find the places we indicate on the website.

By activating this option in the tracking settings, you consent to Google setting cookies on your device, which may also be used to analyse your usage behaviour for market research and marketing purposes. The legal basis for the described data processing is therefore your consent, point (a) of Article 6(1) GDPR. You can withdraw this consent at any time with future effect by changing your selection in the tracking settings (see above, under Cookies). Alternatively, you can delete your cookies (all or only from this website). The banner with a link to the selections is then displayed again. If you do not consent or withdraw your consent, your use of the service will be restricted.

You can find more information on how user data is handled in Google’s privacy policy: https://www.google.de/intl/de/policies/privacy/ .

YouTube (enhanced data protection mode)

We use services from YouTube, LLC 901 Cherry Ave, 94066 San Bruno, CA, USA, a company of Google Inc., Amphitheatre Parkway, Mountain View, CA 94043, USA, on our website. If you access a page in which a YouTube video is embedded, a connection to the YouTube servers is normally established and the content transmitted to your browser and displayed on the website. The use of our consent management tool (Usercentrics) will prevent this if you have not consented to data processing with regard to YouTube. Due to the integration of YouTube, no data is transferred without your consent.

In this context, we also use the extended data protection option provided by YouTube to protect your personal data. According to YouTube, however, data is only transmitted to the YouTube server in "extended data protection mode" if you actively start the video. If you are logged in to YouTube at this time, the information about the videos you have viewed will be assigned to your YouTube member account. You can prevent this by logging out of your member account before visiting our website.

Further information on YouTube's privacy policy is provided by Google at the following link: https://policies.google.com/privacy

By activating this in the tracking settings, you agree that YouTube receives data through your use, which may also be used to analyse your usage behaviour for market research and marketing purposes. The legal basis for the described data processing is therefore your consent, point (a) of Article 6(1) GDPR. You can withdraw this consent at any time with future effect by changing your selection in the tracking settings (see above, under Cookies). Alternatively, you can delete your local storage from this website. The banner with a link to the selections is then displayed again. If you do not consent or withdraw your consent, your use of the service will be restricted.

Vimeo

We use the service of Vimeo.com, Inc, 330 West 34 Street, 5th Floor, New York NY 10001, USA ("Vimeo") to display and play video content about product information (keynote presentation for a product launch).

These are loaded from Vimeo or transferred via Vimeo. In the process, data may be transferred from you to Vimeo. The purpose of integrating Vimeo videos is to make our website more interesting and attractive for users and to achieve a better presentation of content for the introduction and use of our products. In addition to text and images, Vimeo allows us to present information as video content directly on our website, rather than just providing a link.

When you visit our website that has video embedded via Vimeo, a connection to the Vimeo servers is typically made and data is sent to servers in the USA, which tells the Vimeo server which website you have visited.

We expressly draw your attention to the fact that Vimeo acts as its own data controller and collects personal data from you, including through the use of cookies.

We have no control over the processing and further use of this data, as Vimeo alone determines the processing. The extent to which, where and for what duration the data is stored, the extent to which the data is linked and analysed, and to whom the data is transferred, is only apparent to us from the information in their privacy policy .

The use of our consent management tool (Usercentrics) will prevent this if you have not consented to data processing with regard to Vimeo. Due to the integration of Vimeo, no data will be transferred without your consent.

By opting in to Usercentics, you agree that whether or not you have a Vimeo account, information about you will be transmitted to Vimeo using cookies and similar technologies used by Vimeo when you watch a video. This may include, but is not limited to, your IP address, technical information about your browser type, operating system, pages visited, referrer URL, information provided by users on the site, search queries, geographical location, content viewed or very basic device information. If you are logged in to Vimeo at this time, the information about the videos you have viewed may be assigned to your Vimeo member account. You can prevent this by logging out of your member account before visiting platform.

RATIONAL receives the following video-related data from Vimeo as a controller: Calls, i.e. the number of live video calls, peak viewers, i.e. the highest number of concurrent viewers during the stream, and average dwell time, i.e. the average time a viewer stays with the live event, and dwell time.

Vimeo is based in the USA and therefore in an insecure third country where the level of data protection is lower than in the EU/EEA. Vimeo also uses data centres in the USA to provide the service. Your data may therefore also be processed on servers in the USA. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. This may involve various risks to the lawfulness and security of data processing. In order to ensure an adequate level of data protection, Vimeo concludes the EU standard contractual clauses in accordance with Article 46 GDPR, which are provided by the EU Commission to ensure that your data is processed in accordance with the European data protection standard even if it is transferred to and stored in third countries such as the USA. Vimeo is also certified for the EU-US Privacy Framework (DPF), the UK extension of the EU-US DPF, and the Swiss-US DPF. This certification can be viewed here: DPF list

For RATIONAL, the legal basis for the described data processing is your consent, point (a) of Article 6(1) GDPR and Section 25(1) TTDSG.

You can revoke this consent at any time with future effect by accessing the tracking settings via the link at the bottom of each page (footer) and removing the tick behind the processing to which you had consented. If you do not consent or withdraw your consent, your use of the service will be restricted.

Further information on Vimeo's privacy and cookie policy is provided by Vimeo under the following links:

Contact

You have the option of contacting us via our e-mail address or the various contact forms. We will, of course, use the personal data transmitted to us in this way exclusively for the purpose for which you provide it when contacting us.

Where we ask for information in our contact forms that is not required for making contact with you, we have always marked this as optional. This information is used to specify your request and to improve the processing of your request. Any communication of this information is expressly on a voluntary basis and with your consent Insofar as this involves information on communication channels (e.g. e-mail address, telephone number), you also consent to us contacting you via this communication channel, if necessary, in order to respond to your request.

Of course, you can revoke this consent at any time for the future. For this purpose, please contact our data protection officer, whose contact details can be found at the top of this page.

Data IP address upon registration
Purpose of processing Transfer of form content to the web server
Legal basis for processing Consent/initiation /implementation of the contractual relationship
Storage duration Until the end of the connection
Data Subject area
Purpose of processing Improvement of enquiry processing
Legal basis for processing Consent/initiation /implementation of the contractual relationship
Storage duration Until purpose is achieved/end of obligation to provide evidence
Data Message
Purpose of processing Response to the matter
Legal basis for processing Consent/initiation /implementation of the contractual relationship
Storage duration Until purpose is achieved/end of obligation to provide evidence
Data Form of address
Purpose of processing Direct approach
Legal basis for processing Consent/initiation /implementation of the contractual relationship
Storage duration Until purpose is achieved/end of obligation to provide evidence
Data First name
Purpose of processing Direct approach
Legal basis for processing Consent/initiation /implementation of the contractual relationship
Storage duration Until purpose is achieved/end of obligation to provide evidence
Data Surname
Purpose of processing Direct approach
Legal basis for processing Consent/initiation /implementation of the contractual relationship
Storage duration Until purpose is achieved/end of obligation to provide evidence
Data *Function
Purpose of processing Improvement of enquiry processing
Legal basis for processing Consent/initiation /implementation of the contractual relationship
Storage duration Until purpose is achieved/end of obligation to provide evidence
Data *Company
Purpose of processing Improvement of enquiry processing
Legal basis for processing Consent/initiation /implementation of the contractual relationship
Storage duration Until purpose is achieved/end of obligation to provide evidence
Data e-mail address
Purpose of processing Response to the matter
Legal basis for processing Consent/initiation /implementation of the contractual relationship
Storage duration Until purpose is achieved/end of obligation to provide evidence
Data Telephone number
Purpose of processing Response to the matter
Legal basis for processing Consent/initiation /implementation of the contractual relationship
Storage duration Until purpose is achieved/end of obligation to provide evidence
Data *Fax number
Purpose of processing Response to the matter
Legal basis for processing Consent/initiation /implementation of the contractual relationship
Storage duration Until purpose is achieved/end of obligation to provide evidence
Data (Company) address
Purpose of processing Improvement of enquiry processing
Legal basis for processing Consent/initiation /implementation of the contractual relationship
Storage duration Until purpose is achieved/end of obligation to provide evidence

* optional information

Use of the UTM parameter cookies when using our contact forms.

We use a UTM parameter that allows us to add trackable extensions to your URLs. We are the controller for this cookie. The source parameter we use allows us to define the source of the link. These can be Google websites or social media channels. If you access the RATIONAL AG website via a RATIONAL AG link that is tagged with a UTM parameter, this information is stored in the sf_utms cookie and transmitted to RATIONAL AG when you register for an event via our contact form. This serves the purpose of recognising from which page, i.e. from which source, you have reached us.

The legal basis for the described data processing is your consent, point (a) of Article 6(1) GDPR, and Section 25(1) TTDSG (German Telecommunications Telemedia Data Protection Act). You can withdraw this consent at any time with future effect by changing your selection in the tracking settings (see above, under Cookies). Alternatively, you can delete your cookies (all or only from this website). The banner with a link to the selections is then displayed again. If you do not consent, or withdraw your consent, your use of the service will be restricted.

The data transmitted via the UTM parameter is deleted as soon as it is no longer required for the processing purposes and there are no statutory retention obligations to the contrary. The maximum storage period for a contact is three years after the processing purpose has expired.

The data collected may be forwarded to other companies, including the international Group companies of RATIONAL AG. Please note that in the context of this service, data may be transferred to a country that does not have the necessary data protection standards. Below you will find a list of the countries to which the data is transferred.

Download whitepapers and other information

You can obtain various whitepapers, articles and infographics from us on our website. Before downloading, you will be asked to enter your contact details (form of address, first and last name, e-mail address, post code, city, country, company). This data is stored by us and used to contact you by e-mail for advertising purposes. The personal data provided constitute the contractual consideration for the provision of the documents.

To verify your e-mail address, we use the double opt-in procedure. This means that after you have provided us with your e-mail address, we will send you a confirmation e-mail to the e-mail address you have provided, in which we ask you for confirmation. If you do not confirm this within 24 hours, your data will be automatically deleted from the database. Once you have registered, you will receive the materials you require.

Furthermore, we store your IP addresses and the times of registration and confirmation each time you register and confirm. The purpose of the procedure is to be able to prove your registration as part of our accountability obligations and, if necessary, to clarify any possible misuse of your personal data. Due to the fulfilment of accountability, we have a legitimate interest in accordance with point (f) of Article 6(1) GDPR in processing the data of the double opt-in procedure.

You may object to the commercial use of your personal data at any time with future effect. To do this, click on the unsubscribe link at the end of each newsletter e-mail or send us an e-mail to privacy@rational-online.com and express your wish with effect for the future

Name of newsletter provider salesforce.com, inc, Salesforce Tower 415 Mission Street, 3rd Floor San Francisco, CA 94105 USA
Provider type Processor
Data transfer to third country Yes
Third country USA
Guarantees in accordance with Article 44 et seq. GDPR EU standard contractual clauses more: https://sfdc.co/cakvbB

Video conferencing and project work using Microsoft Teams.

We use the Microsoft Teams service to hold video and audio conferences, webinars and exchanges using the messaging function, as well as to work together on documents in different file formats. Microsoft Teams is software produced by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.

In this context, personal data of the participants is processed as part of the communication processes with us and is also stored on Microsoft's servers. These servers are located in the Netherlands (Evert van de Beekstraat 354, 1118 CZ Schiphol, the Netherlands) and Ireland (1, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland).

The data also depends on the scope of communication and the purpose of use. This may include, in particular, login and contact details, visual and audio contributions as well as chat entries, content of shared files and of shared screens. Processed data types are therefore inventory data (such as name, address), contact data (such as e-mail address, telephone number), content data (such as text entries, photo and video files), usage data (such as access times, interest in content), metadata (e.g. device information, IP address).

Microsoft processes usage and metadata for security purposes and to optimise its own service. You can find more information on this in Microsoft’s privacy policy .

If we ask for your consent to use certain functions, such as regarding a recording of the video conference, the legal basis for the processing is your consent (Article 6 (1)(a) GDPR). Otherwise, your data will be processed on the basis of our legitimate interests (Article 6 (1)(f) GDPR) to ensure efficient and secure communication with our communication partners. We have a legitimate (economic) interest in providing our employees, customers and partners with many different communication channels in order to promote user-friendliness and to make the exchange as simple and convenient as possible. On the other hand, data subjects have an interest in not being recorded by data processing and in refusing the processing of their personal data by certain techniques and service providers. Due to the fact that everyone is free to use other means of communication to make contact (e.g. email or phone), users are given the choice to opt out of having their data processed by Microsoft Teams. These alternatives are also common and reasonable, so that a situation of pressure or constraint cannot be assumed. Therefore, there are no apparent interests of the data subjects which outweigh our interests as data controllers in the processing. As a result, the use of Microsoft Teams as an additional means of contacting us is deemed necessary to safeguard our legitimate interests.

If you have given us your consent to the use of certain functions, you can also revoke this at any time by sending an e-mail to privacy@rational-online.com .

You can object to the processing of your data in the Microsoft Cloud in accordance with legal requirements.

The data will be deleted after the expiry of the following periods:

  • Master data (such as name, address), after 180 days
  • Contact details (such as e-mail address, telephone number), after 180 days
  • Content data (such as text entries, photo and video files), after two years
  • Usage data (such as access times, interest in content), after 180 days
  • Metadata (e.g. device information, IP address), after 180 days

In addition, an order processing agreement has been concluded with Microsoft.

Further information on data processing can be found in Microsoft’s privacy policy . Insofar as Microsoft processes personal data in the USA, we refer to the EU SCC concluded with the Microsoft Group.

RATIONAL AG privacy policy for the internal reporting system.

The following types of personal data are processed as part of the entry and processing of reports in the internal reporting system:

  • Information that identifies the whistleblower, such as first and last name, address, telephone number and e-mail address;
  • Employee status;
  • Information on data subjects, i.e. natural persons designated in a report as a person who committed the offence or with whom the designated person is associated. Such information includes, for example, first and last name, gender, address, telephone number and e-mail address or other information that enables identification;
  • Information about offences that may allow the identification of a natural person.

The personal data will be processed for the purpose of investigating the reports. In addition, the data will be processed to prevent, detect and/or follow up on violations of applicable law or company policies (such as measures to verify the validity of the allegations made in the report and, where appropriate, to address the reported violation, including through internal enquiries, investigations, prosecutions, measures to (re-)recover funds or close the case).

The personal data processed as part of a notification is processed by lawcode GmbH, Universitätsstraße 3, 56070 Koblenz, Germany, on behalf of and in accordance with instructions. Personal data will only be transferred to third parties if there is a legal basis for this. This is the case in particular if the transfer serves to fulfil legal requirements according to which we are obliged to provide information, report or pass on data, if you have given us your consent to do so or if a weighing of interests justifies this. In addition, external service providers, such as external data centres or telecommunications providers, process personal data on our behalf as processors. Depending on the area of responsibility of the report and for the effective initiation of follow-up measures, the personal data may be passed on to our relevant specialist departments.

Compliance-relevant information is stored for 3 years after completion in accordance with Section 11(5) Whistleblower Protection Act (Hinweisgeberschutzgesetz – HinSchG). Reports with no relevanec to compliance are stored for up to 1 year for reporting purposes.

Euroland key figure tool

We use the Euroland key figures tool, a service provided by Euroland.com, Sweden, as an iFrame on our website. RATIONAL AG uses Euroland for the presentation of animated financial information on its website for investors.

If you access a page in which the key figure tool is embedded, a connection to the Euroland servers is normally established and the content transmitted to your browser and displayed on the website. The use of our consent management tool (Usercentrics) will prevent this if you have not consented to data processing with regard to Euroland. This means that no data will be transferred without your consent. Only a preview image is displayed.

The legal basis for the described data processing is your consent, point (a) of Article 6(1) GDPR, and Section 25(1) TTDSG (German Telecommunications Telemedia Data Protection Act).

You can revoke this consent at any time with future effect by accessing the tracking settings via the link at the bottom of each page (footer) and removing the tick behind the processing to which you had consented. If you do not consent or withdraw your consent, your use of the service will be restricted.

Alternatively, you can delete your local storage from this website. The banner with a link to the selections is then displayed again. If you do not consent or withdraw your consent, your use of the service will be restricted.

More information about Euroland can be found at https://www.euroland.com/cookiepolicy/en-gb.html .

Data transfer

Your personal data will not be transferred to third parties for purposes other than those listed.

We will only share your personal information with third parties if:

  • You have given your express consent to do so,
  • The disclosure is necessary for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest requiring protection in the non-disclosure of your data,
  • In the event that there is a statutory obligation for the transfer, and
  • this is legally permissible and necessary for the processing of contractual relationships with you.

In the case of data transfer outside the European Union, the high level of data protection in Europe does not apply. Where data is transferred, it is possible that there is no adequacy decision by the EU Commission as defined in Article 45(1), (3) GDPR. This means that the EU Commission has not yet decided that this country ensures an adequate level of protection in accordance with the data protection standards of the European Union on the basis of the EU GDPR, and we have therefore made the above-mentioned appropriate guarantees. Possible risks that may not be completely excluded in connection with the transfer of data are in particular:

There is a possibility that your personal data could be processed outside the scope of the actual purpose.

In addition, there is the possibility that you may not be able to sustainably assert and enforce your data protection rights, such as your right of access, to rectification, erasure or data portability.

There could also be a higher probability that your data is not correctly processed and that the protection of your personal data does not fully meet the requirements of the EU GDPR in terms of quantity and quality.

Data security

We have taken extensive technical and operational precautions to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorised persons. Our security procedures are regularly reviewed and adapted to technological progress.

Integration of third-party content

Third-party content such as YouTube videos or map material from Google Maps is used within our online presence on the basis of point (f) of Article 6(1) GDPR. This always requires that the providers of this content (hereinafter referred to as "third-party providers") perceive the IP address of the users. Without the IP address, they would not be able to send the content to the browser of the respective user. The IP address is therefore required to display this content. We endeavour to only use content whose respective providers only use the IP address to deliver the content. However, we have no influence if the third-party providers store the IP address, e.g. for statistical purposes. As far as we are aware, we will inform the users of this.

Your rights as the data subject

Every data subject has a right of access pursuant to Article 15 GDPR, the right to rectification pursuant to Article 16 GDPR, the right to erasure pursuant to Article 17 GDPR, the right to restriction of processing pursuant to Article 18 GDPR, the right to object pursuant to Article 21 GDPR and the right to data portability pursuant to Article 20 GDPR. With regard to the right of access and the right to erasure, the restrictions according to Sections 34 and 35 BDSG (Federal Data Protection Act) apply.

Right to lodge a complaint

You also have the right to lodge a complaint with the competent data protection supervisory authority about our processing of your personal data.

Revocation of consent

You can revoke your consent to the processing of personal data at any time. This also applies to the revocation of declarations of consent given to us before the applicability of the General Data Protection Regulation, i.e. before 25 May 2018. Please note that the revocation is only effective for the future. Processing that took place before the revocation is not affected by this.

Rights in the event of data processing for direct marketing purposes

Pursuant to Article 21(2) GDPR, you have the right to object to processing of personal data concerning you at any time. In the event of your objection to processing for the purpose of direct marketing, we will no longer process your personal data for these purposes. Please note that the objection is only effective for the future. Processing that took place before the objection is not affected by this.

Note on the right to object in the event of overriding interests

Insofar as we base the processing of your personal data on a balancing of interests, you can object to the processing. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as we have described. In the event of your justified objection, we will review the situation and either discontinue or adapt the data processing or explain to you our compelling reasons worthy of protection.

Links to other websites

Our websites may contain links to websites of other providers. We would like to point out that this data privacy statement applies exclusively to the websites of RATIONAL AG. We have no influence on and do not check whether other providers comply with the applicable data protection regulations.

Modifications to the data privacy statement

We reserve the right to change or adapt this data privacy statement at any time in compliance with the applicable data protection regulations.

Last revised: July 2022