Privacy Policy.

Protecting your personal data is important to us, which is why we are providing the information below on what data related to your visit is used for which purposes. If you have any additional questions on how we handle your personal data, please contact our data protection officer.

Tracking settings

You can deactivate or reactivate all services below with the exception of those that are technically necessary (see next paragraph).

You will also find the link to the privacy settings at the end of each page.

Party responsible
for data processing
RATIONAL Aktiengesellschaft
Siegfried-Meister-Straße 1
86899 Landsberg am Lech

E-mail: info@rational-online.com
https://www.rational-online.com
Data protection officer of the controller RATIONAL Aktiengesellschaft Data Protection Officer
Siegfried-Meister-Straße 1
86899 Landsberg am Lech

E-mail: privacy@rational-online.com

Basic information

The term "personal data" is defined in the GDPR as any information pertaining to an identified or identifiable natural person (hereinafter “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by referencing an identifier such as a name, an identification number, location data, or an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. This includes, for example, your legal name, your address, your telephone number or your date of birth.

If you use the website for informational purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary in order for us to display our website to you and to ensure stability and security (the legal basis for this is our legitimate interest pursuant to Art. 6(1) sentence 1 lit. f GDPR)

In context of balancing interests pursuant to Art. 6(1) lit. f GDPR, we have considered and weighed our interest in the provision of your personal data against your interest in its data protection-compliant processing. Since the following data may be technically necessary for the provision of our service in order to be able to offer you our website and also guarantee its stability and security, in particular to protect against misuse, we have concluded that this data can be processed while ensuring state-of-the-art data security, thereby adequately accounting for your interest in data protection-compliant processing.

Data Operating system used
Purpose of processing Evaluation by device to ensure optimized website display
Retention period The data is deleted at the end of the session.
Data Information about browser type and browser version used
Purpose of processing Identification of browser used in order to optimize our website accordingly
Retention period The data is deleted at the end of the session.
Data User's internet service provider
Purpose of processing Identification of the internet service provider
Retention period The data is deleted at the end of the session.
Data IP address
Purpose of processing Display of the website on the corresponding device
Retention period The data is deleted at the end of the session.
Data Date and time of visit
Purpose of processing Ensuring proper website operation.
Retention period The data is deleted at the end of the session.
Data Logfiles
Purpose of processing Ensuring proper website operation.
Retention period The data is deleted at the end of the session.

The collection of data for purposes of website provision and the storage of said data in logfiles are absolutely necessary for website operation. Consequently, the user has no right to object.

Legal basis for data processing

The processing of personal data may occur on different legal bases. If we need your data in order to fulfill a contract with you or to respond to an inquiry of yours regarding a contract, the legal basis for this data processing is Art. 6(1) sentence 1 lit. b GDPR.

If we obtain your consent for a specific instance of data processing, the legal basis is Art. 6(1) sentence 1 lit. a GDPR. We process some data on the basis of our legitimate interest, in which context we always balance our legitimate interests against your protected interests. The legal basis for this is Article 6(1) sentence 1 lit. f GDPR. Insofar as such processing is necessary to fulfill a legal obligation to which we are subject, the legal basis is Art. 6(1) sentence 1 lit. c GDPR.

What follows is an explanation of how we process personal data via our website.

Cookies

Our website uses cookies. Cookies are files stored on your computer by a website that you visit; they enable future re-identification of your browser. Cookies transmit information to the entity that uses the cookie. Cookies can store various types of information, such as your language settings, the length of your visit to our website or any information you enter during your visit. This, for example, prevents you having to re-enter required form data each time you use the website. The information stored in cookies can also be used to identify preferences and tailor content to your areas of interest.

There are different types of cookies: Session cookies are quantities of data that are only stored in the RAM temporarily; they are deleted when you close your browser. Permanent or persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie. The information in this type of cookie can also be stored in text files on your computer. However, you may also delete these cookies at any time through your browser settings.

First-party cookies are set by the website you are currently visiting. Only that website may read information from such cookies. Third-party cookies are set by organizations other than the operators of the website you are visiting. These cookies are used by marketing companies, for example.

The legal basis for potential processing of personal data using cookies may vary, as may the retention period for such data. If you have given us your consent, the legal basis is Art. 6(1) sentence 1 lit. a GDPR. Insofar as the data processing takes place on the basis of our overriding legitimate interests, the legal basis is Article 6(1) sentence 1 lit. f GDPR. The stated purpose then corresponds to our legitimate interest.

We use cookies to ensure the proper operation of the website, to provide basic functionality, to measure reach and – with your consent – to tailor our services to your preferred areas of interest.

You can delete cookies already stored on your device at any time. If you want to prevent cookies from being stored, you can do so by changing your browser settings accordingly. You can find instructions for common browsers here: Internet Explorer, Firefox, Google Chrome, Google Chrome mobile, Microsoft Edge, Safari, Safari mobile. Alternatively, you can install what are known as ad blockers. Please note that some functions of our website may not work if you have deactivated the use of cookies.

We also display an info banner indicating our use of cookies and referring to this data protection policy to all users when they first access our website. As a user, you are also asked for your consent to the use of certain cookies, in particular those relevant to marketing measures and personalization of services. You can withdraw your consent at any time, effective for the future, by clicking on the link at the end of each page (the footer) to access tracking settings and then unchecking the box beside the type of processing you previously consented to. "

Cookie name RationalOnline
Purpose of processing Website framework session cookie
Legal basis for processing Legitimate interest – technically necessary
Retention period  until session ends
Cookie name wantTip
Purpose of processing Session cookie for the Javascript tooltip functionality
Legal basis for processing Legitimate interest – technically necessary
Retention period  until session ends

Usercentrics

We use the Usercentrics service to manage consent on our website. Usercentrics is software by Usercentrics GmbH, Rosental 4, 80331 Munich.

Usercentrics identifies the language used by your browser. A cookie is set in order to check whether you made any selections on our consent tool on a previous visit to our website. This cookie is necessary in order for the website to detect whether you have consented to tracking or not. In addition, a log file is created in order to be able to prove that consent has been given. This file contains your IP address in anonymized form, information about the browser you are using, data on the scope of consent granted, and the date and time of your visit.

The legal basis for such processing is our legitimate interest in accordance with Art. 6(1) sentence 1 lit. f GDPR.

The purpose of such data processing is to allow user-friendly and legally compliant design of our website. We want to make it as easy as possible for you to grant or withdraw consent, and we want to offer increased transparency regarding data processing by means of cookies, pixels, tags, etc. This purpose for data processing also represents a legitimate interest of ours.

Your consent or rejection of the usage / delivery of services that may store cookies will be saved to the local storage of your end device. The consent data (consent granted and revocation of consent) remain stored on your computer until your local storage is cleared. In order to enable comparison, Usercentrics saves this information as hash values for 3 years.

Google Tag Manager

For transparency purposes, we wish to note that we use Google Tag Manager. Google Tag Manager does not collect any personal data itself. Tag Manager makes it easier for us to integrate and manage our tags. Tags are small code elements that are used, among other things, to measure traffic and visitor behavior, to record the impact of online advertising and social channels, to set up remarketing and target group orientation, and to test and optimize websites. We use the Tag Manager for all digital services listed in this Privacy Policy. If you have deactivated it, Google Tag Manager will take this deactivation into account. For more information on Google Tag Manager, see: https://www.google.com/intl/de/tagmanager/use-policy.html .

Website analysis

We use various services for purposes of analyzing and optimizing our websites; these services are described below. We use these services to analyze how many users visit our website, which information is most in demand and how users find our online presence. We also collect data about which websites users come to our site from (referrers), which subpages of our website they access, and how often each subpage is viewed for how long. This helps us to make our online information more user-friendly, identify errors and improve our online presence.

Affected data category IP address (saved anonymously)
Purpose of processing Creation and editing of cookie information.
Legal basis for processing Consent
Retention period 14 months
Withdrawal You can withdraw your consent by changing your tracking settings (see above, under Cookies).
Affected data category Device-related data, such as device type, operating system model, browser type and version
Purpose of processing Website optimization, adaptation of content, aggregated usage analysis.
Legal basis for processing Consent
Retention period 14 months
Withdrawal You can withdraw your consent by changing your tracking settings (see above, under Cookies).
Affected data category Usage-related information, such as time of use, duration, place of origin, pages accessed, clicks and actions on the website
Purpose of processing Website optimization, adaptation of content, aggregated usage analysis.
Legal basis for processing Consent
Retention period 14 months
Withdrawal You can withdraw your consent by changing your tracking settings (see above, under Cookies).

Matomo

Our website uses the open source web analytics software Matomo, a service of InnoCraft Ltd., 7 Waterloo Quay, PO625 Wellington, New Zealand. Since InnoCraft is based outside the EU, InnoCraft has appointed a representative in the EU: ePrivacy Holding GmbH, Große Bleichen 21, 20354 Hamburg (privacy@innocraft.com). The software is only operated on its own servers.

Cookies are used that enable analysis of website usage. For this purpose, the usage information collected via the cookie (including your truncated IP address) is transmitted to our server and stored for usage analysis purposes. No data is transmitted through Matomo to servers beyond our control. As part of this process, your IP address will be anonymized immediately, such that you will not be identifiable to us as a user. The information collected about your use of this website will not be passed on to third parties.

We use the collected data to conduct statistical analysis of user behavior, for purposes of optimizing website functionality and stability as well as marketing purposes. Our interest and purpose in data lies in optimizing our website, adapting content, and improving our products and services. User interests are sufficiently protected by anonymization. We only store analysis data for as long as necessary for data processing purposes, and for no more than 14 months.

The legal basis for the data processing described is your consent, Art. 6(1) sentence 1 lit. a GDPR. You can withdraw previously granted consent at any time, effective for the future, by changing your cookie settings (see above, under Tracking Settings). Alternatively, you can delete your cookies (all of them, or only those linked to this website). The banner with the selection options will then be displayed again.

Advertising

We use cookies for marketing purposes in order to appeal to our users through advertising that fits their interests. We also use cookies to limit the probability of an advertisement being displayed, and to measure the effectiveness of our advertising measures. This information may also be shared with third parties, such as ad networks. The legal basis for this is Art. 6(1) sentence 1 lit. a GDPR.

Facebook Custom Audience/Conversion Tracking Pixels

In context of usage-based online advertising, we use Custom Audiences, a service provided by Facebook Inc. (1601 S. California Avenue, Palo Alto, CA 94304, USA). When we use this service (as a company from the EU), our data processor is Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland.

For this purpose, we define target user groups in the Facebook advertising manager based on specific features; advertisements are then displayed to those users within the Facebook network. Facebook selects users on the basis of the profile information they provide and other data generated through Facebook usage. If a user clicks on an advertisement and then comes to our website, Facebook is notified via the Facebook pixel on our website that the user has clicked on the banner.

Generally speaking, a non-reversible and non-personal checksum (hash value) is generated from your usage data, which is transmitted to Facebook for analysis and marketing purposes. As part of this process, a Facebook cookie is set. The Facebook cookie collects information regarding your activities on our website (e.g., browsing behavior, subpages visited, etc.). Your IP address will also be stored and used for geographical management of advertising.

We do not use Facebook Custom Audiences through our customer list or the “advanced comparison” function.

The legal basis for the data processing described is your consent, Art. 6(1) sentence 1 lit. a GDPR. You can withdraw your consent at any time, effective for the future, by changing your tracking settings (see above, under Cookies). Alternatively, you can delete your local storage from this website. The banner with the selection options will then be displayed again.

For more information on the purpose and scope of Facebook's collection and subsequent processing and usage of data, as well as on the settings options available to you for privacy protection purposes, please consult Facebook’s data protection guidelines. You can change settings on which advertisements are displayed to you on Facebook by clicking this link or adjusting your Facebook account settings.

If you consent to the data processing described, Facebook will, of course, have access to your data as well. Specifically, your data may be made accessible to both Facebook Inc., 1601 Willow Road, Menlo Park, California 94025, USA and Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland. Facebook Inc. is located in a non-EU country with lower standards of data protection and security.

Since August 31, 2020, Facebook has been offering a “Facebook EU Data Transfer Addendum,” under which the standard contractual clauses shall apply in cases where Facebook Ireland Limited processes data from the EU/EEA as a contract processor and transmits it to Facebook Inc. as a sub-processor.

More information on Facebook's Custom Audiences service is available here: https://de-de.facebook.com/business/help/449542958510885 .

For more information on data processing and storage duration, contact the provider or visit https://www.facebook.com/about/privacy .

Logged-in users can deactivate the "Facebook Custom Audiences" function under https://www.facebook.com/settings/?tab=ads# .

Name of the provider Facebook Inc. ("Facebook") with headquarters at 1601 S. California Avenue, Palo Alto, CA 94304, USA.
Service provider type Processor
Data transfer to non-EU countries Yes
Non-EU country USA
Guarantees in accordance with Art. 44 et seq. GDPR Standard contractual clauses
Affected data category HTTP header: HTTP headers contain information about your IP address, web browser, page storage location, document, URL reference, and web browser user agent.
Purpose of processing Interest-based advertising
Legal basis for processing Consent
Retention period 180 days
Deactivation/revocation You can withdraw your consent by changing your tracking settings (see above, under Cookies).
Affected data category Pixel-specific data, e.g., pixel ID and Facebook cookie data.
Purpose of processing Interest-based advertising
Legal basis for processing Consent
Retention period 180 days
Deactivation/revocation You can withdraw your consent by changing your tracking settings (see above, under Cookies).
Affected data category Optional values, e.g., information on purchases made, conversion rate.
Purpose of processing Interest-based advertising
Legal basis for processing Consent
Retention period 180 days
Deactivation/revocation You can withdraw your consent by changing your tracking settings (see above, under Cookies).

LinkedIn Conversion Tracking

In context of evaluating our online advertising, we use the LinkedIn Conversion Tracking service provided by LinkedIn Corporation, 1000 W Maude Ave, Sunnyvale, CA, 94085–2810 USA. The office responsible for users in the EU/EEA and Switzerland is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

For this purpose, we define target user groups in the LinkedIn Campaign Manager based on specific features; advertisements are then displayed to those users within the LinkedIn network. Users are selected by LinkedIn on the basis of the profile information they provide, as well as other data generated through their use of LinkedIn. If a user clicks on an advertisement and then comes to our website, LinkedIn is notified via the Conversion Tag on our website that the user has clicked on the banner.

The LinkedIn tag thereby allows capture of the following data:

  • Website visited, including the URL,
  • Referrers
  • IP address
  • Device and browser properties (user agent)
  • and time stamp.

The IP addresses are shortened or hashed (for cross-device use) by LinkedIn. Information that could be used to identify members directly is removed within seven days in order to pseudonymize the data. The remaining pseudonymous data is then deleted within 180 days.

LinkedIn does not share personal data with us as website operators; it only provides us with reports and notifications (that do not identify users) regarding website traffic and advertising performance. LinkedIn also offers "retargeting," which allows us as website operators to use this data in order to display personalized advertisements outside our website, without identifying individual members. Data that does not identify you is also used to improve advertising relevance and reach LinkedIn members across various devices. LinkedIn members can control the use of their personal data for advertising purposes via their account settings. LinkedIn refers users wishing to adjust their advertising preferences to the following link: https://www.linkedin.com/psettings/advertising/actions-that-showed-interest .

We process this data in order to evaluate our advertising campaigns. The legal basis for the data processing described is your consent, Art. 6(1) lit. a GDPR. Data for LinkedIn Conversion Tracking will not be processed without your consent via our cookie banner. You can withdraw your consent at any time, effective for the future, by changing your tracking settings (see above, under Cookies). Alternatively, you can delete your local storage from this website. . The banner with the selection options will then be displayed again.

As part of LinkedIn Conversion Tracking, LinkedIn naturally has access to the listed data. Specifically, your data may be accessible to both LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland and LinkedIn Corporation, 1000 W Maude Ave, Sunnyvale, CA, 94085–2810 USA.

LinkedIn Corporation is located in a non-EU country with lower standards of data protection and security. Since it cannot be ruled out that the data collected by the pixel described here will be transfered to LinkedIn Corporation, appropriate safeguards are required to guarantee an adequate level of data protection.

As part of the applicable LinkedIn service agreement, LinkedIn offers LinkedIn Services customers a data processing agreement with associated standard contractual clauses, which you will find here: https://www.linkedin.com/legal/l/dpa .

For more information on the purpose and scope of LinkedIn's collection and subsequent processing and usage of data, as well as on the settings options available to you for privacy protection purposes, please consult LinkedIn’s data protection guidelines.

You can find more information on LinkedIn Conversion Tracking at: https://business.linkedin.com/de-de/marketing-solutions/conversion-tracking#get-started

You can find more information on data processing and storage duration at https://www.linkedin.com/help/linkedin/answer/65521?lang=de .

Affected data category HTTP header: In an HTTP header there is information about: Visited website, including the URL, referrer, IP address, device and browser properties (user agent), and timestamp.
Purpose of processing Interest-based advertising
Legal basis for processing Consent
Retention period 180 days
Deactivation/revocation You can withdraw your consent by changing your tracking settings (see above, under Cookies).
Affected data category Pixel-specific data, e.g., the pixel ID
Purpose of processing Interest-based advertising
Legal basis for processing Consent
Retention period 180 days
Deactivation/revocation You can withdraw your consent by changing your tracking settings (see above, under Cookies).
Affected data category Optional values, e.g., information on purchases made, conversion rate.
Purpose of processing Interest-based advertising
Legal basis for processing Consent
Retention period 180 days
Deactivation/revocation You can withdraw your consent by changing your tracking settings (see above, under Cookies).
Name of the provider LinkedIn Corporation, 1000 W Maude Ave, Sunnyvale, CA, 94085-2810 USA.
Service provider type Processor
Data transfer to non-EU countries Yes
Non-EU country USA

X ads and conversion tracking (with X pixels).

In order to draw attention to our products and services, we place X Ads and use X Conversion Tracking on our website to evaluate our online advertising. The provider is X Corp., Market 1355 Street, Suite 900, San Francisco, CA 94103, USA. The organization responsible for handling data subject rights within the EU/EEA is Twitter International Unlimited Company, Attn: Data Protection Officer, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 Ireland.

For this purpose, we define target user groups within the X Ads campaign manager based on specific characteristics; advertisements are then displayed to those user groups within the X network. X selects these users based on the profile information they provide and other data generated through their use of X. We do not use X Custom Audiences.

X Conversion Tracking employs the “X pixel”, which can be used to track users' actions after they see or click one of these X advertisements. When you click an advertisement we have placed, a cookie is set on your computer. These cookies persist for up to 13 months in certain areas. For more information about X's use of cookies, visit the X Help Center . Clicking the advertisement will take you to our website. The pixel integrated into our website notifies both X and us as X's customer when a user clicks an ad and is redirected to our website. Your user behavior, such as the website you visit, the content you view, the date and time of your visit, etc., are recorded along with device-related data such as the applications and operating systems you use. Your IP address is logged as well.

This information is used to create reports regarding how many users have seen or clicked an ad. In principle, we only receive reports from X in aggregated, anonymized form, meaning that they do not provide information about who specifically sees or clicks our advertisements. The statistics X provides us include the total number of users who clicked one of our ads and, if applicable, whether those users were forwarded to a page on our website with a conversion tag. These statistics help us determine which content is relevant to users and optimize accordingly.

If, in exceptional cases, data enables us to identify a specific user on X, that data will be deleted within 90 days of its receipt.

Further information on data processing when using X Ads and conversion tracking can be found at https://legal.x.com/ads-terms/international.html .

You can opt-out of interest-based advertising requested by you on X by visiting the YourAdchoice or Network Advertising Initiative websites. Please note that advertising settings for your X account will only be applied while you are logged into X. For more information on access, see Personalization and Data Settings .

Data is collected and processed only with your express consent in accordance with Section 25 para. 1 p. 1 TTDSG, Art. 6 para. 1 p. 1 lit. a GDPR. You can revoke your consent at any time, effective for the future.

The data may be transferred to the USA for purposes of processing on an X Corp. server. Insofar as data is processed outside the EU/EEA, X Corp. is certified in accordance with the EU-US Data Privacy Framework (DPF). Data transfers to the USA are therefore legitimized on the basis of the European Commission's adequacy decision pursuant to Art. 45 GDPR. You can find more information on the EU-US Data Privacy Framework Program on the official ITA website: https://www.dataprivacyframework.gov/s/)

More information on the purpose and scope of data collection, further processing, and usage can be found in the X data protection policy, as can information regarding privacy-related settings options. https://x.com/de/privacy

TikTok Lead Ads forms.

We use TikTok Ads Lead Forms to provide a contact form through which interested users can contact us directly. TikTok Lead Ads is a service provided by ByteDance, a Chinese company. For users in the EU/EEA and Switzerland, the controller is TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland, together with TikTok Information Technologies UK Limited, One London Wall 6th floor, London, EC2Y 5EB, United Kingdom (hereinafter “TikTok”)

You can register for RATIONAL Live Events or webinars using TikTok Ads Lead Forms.
When registering via the TikTok Ads Lead Form, we use the double opt-in process. This means that, after you provide your e-mail address, we will send a confirmation e-mail to the specified address and ask you to confirm your registration. If you do not provide confirmation within 24 hours, your registration will be automatically deleted from the database. Once confirmation has been received, you will receive personal access to the event or webinar. We also save the IP addresses from which you register and confirm registration, as well as the times at which each occur. We do this in order to establish proof of your registration within the framework of our accountability obligations and, if necessary, to be able to clarify any potential misuse of your personal data. These accountability obligations constitute a legitimate interest pursuant to Art. 6(1) sentence 1 lit. f GDPR in processing data associated with the double opt-in procedure.

When you contact us via a TikTok Ads Lead Form, we will only process the data you provide (title, first name, last name, company name, street address, city, state, ZIP, country, email, and phone number) in order to answer your questions, process your requests, and enable you to participate in our events. This also constitutes our legitimate interest in processing as defined in Art. 6(1) sentence 1 lit. f GDPR. Processing of the data for other purposes is not foreseen.
Any required personal data is marked as mandatory on the registration form; any additional information is voluntary.

Any data of yours that we receive in context of such contact will be deleted as soon as it is no longer required to achieve the purpose for which it was collected, your inquiry has been fully processed, and you no longer require or desire further communication. You can object to the described processing of personal data shared with us via the TikTok Ads Lead Form at any time, effective for the future. To do so, email us at Datenschutzbeauftragter@rational-online.com and express your wish to withdraw consent going forward.

Data processing in context of TikTok lead ads (lead generation) is regulated by TikTok via the Jurisdiction Specific Terms concluded with us as order processing within the meaning of Art. 28 GDPR in accordance with the Data Processing Terms.

The personal data specified above is transmitted to various recipients within and outside the EU/EEA. Specifically, the recipients are as follows:

  • Recipients within the RATIONAL Group ( national subsidiaries ) and partner organizations. Only the company responsible for you will contact you. Jurisdiction depends on where your company is officially based/your business activities take place.
  • External service providers are TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland ("TikTok") and TikTok Information Technologies UK Limited, One London Wall 6th floor, London, EC2Y 5EB, United Kingdom. Moreover, when using TikTok Lead Ads, it cannot be ruled out that your personal data will be transferred to other companies worldwide within the TikTok Group and processed there.

According to the Jurisdiction Specific Terms, data transfers to third countries – insofar as no EU Commission adequacy decisions pursuant to Art. 45 GDPR are in place for the EU – are secured by means of standard contractual clauses agreed in accordance with Art. 46 para. 2 GDPR.

According to its own information, TikTok bases internal data transfers on adequacy decisions in accordance with Art. 45 GDPR for third countries that the European Commission has deemed to provide an adequate level of data protection, for example data transfers to corporate groups based in Canada, the UK, Israel, Japan or South Korea. For data transfers to countries for which no adequacy decisions are in place, TikTok (according to its own information) applies EU standard contractual clauses in accordance with Art. 46 para. 2 GDPR.

We wish to make it expressly clear that TikTok stores user data (e.g., IP address, possibly personal interests, behavior on TikTok pages, personal information on file with TikTok, etc.) and utilizes it for its own business purposes.

We have no control over the processing and further use of this data, as TikTok alone determines whether and how it is processed. It is not entirely possible for us to trace where or for how long data is stored, how extensively the data is linked and analyzed, or to whom the data is forwarded. Similarly, we have no information or influence on deletion deadlines, i.e., whether and to what extent data is deleted after the specified time period.

More detailed information about which data is collected by TikTok for which purposes and on which legal basis can be found in TikTok’s privacy notices .

The information on TikTok conversion tracking ("TikTok pixels") also applies here.

TikTok Conversion Tracking ("TikTok Pixel").

In order to draw attention to our products and services, we display advertisements on TikTok and use the “TikTok Pixel” tracking and conversion tool on our website to evaluate our online advertising. TikTok Conversion Tracking is a service provided by ByteDance, a Chinese company. For users in the EU/EEA and Switzerland, the controller is TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland, together with TikTok Information Technologies UK Limited, One London Wall 6th floor, London, EC2Y 5EB, United Kingdom (hereinafter “TikTok”).

The TikTok Pixel helps us evaluate the effectiveness of TikTok advertisements for statistical and market research purposes by showing us whether users are to our website after clicking on a TikTok advertisement (known as “conversion”). Pixels are small, invisible image files used to collect information about how users interact with a website. Accessing the website automatically activates a simple code that makes it possible to load the pixel to the user’s end device and collect certain information about that device as well as on the user’s actions while on the website. Besides helping us quantify our advertising performance and conversions, this allows us to identify target groups for remarketing. It also enables us to display interest-based advertising to users of our website, and to quantify and analyze their behavior on our website for statistical and market research purposes. Data collected by TikTok Pixel includes, among other things, the user’s IP address, device ID, device type and operating system, as well as information about the user’s activities while on our website (e.g. browsing behavior, subpages visited, etc.). More information about the TikTok Pixel is available under About TikTok Pixel on TikTok. The data collected is transferred to TikTok. TikTok can use this information to associate a user of our website with a TikTok user account. TikTok uses this data to display personalized advertising to its users and create interest-based user profiles. Data processing in the context of the use of conversion tracking (data collection and exchange of event data, presentation of conversions) is regulated by TikTok via the Jurisdiction Specific Terms we have contractually incorporated as joint controllers within the meaning of Art. 26 GDPR (Joint Controller Terms).

TikTok does not share personal data with us as website operators; it only provides us with reports and notifications (that do not identify users) regarding website traffic and advertising performance.

Data is collected and processed only with your express consent in accordance with Section 25 para. 1 p. 1 TTDSG, Art. 6 para. 1 p. 1 lit. a GDPR. You can withdraw this consent at any time, effective for the future, by changing your tracking settings (see above, under Cookies).

The personal data specified above is transmitted to various recipients within and outside the EU/EEA. External service providers are TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland ("TikTok") and TikTok Information Technologies UK Limited, One London Wall 6th floor, London, EC2Y 5EB, United Kingdom. Moreover, when using TikTok Lead Ads, it cannot be ruled out that your personal data will be transferred to other companies worldwide within the TikTok Group and processed there.
According to the Jurisdiction Specific Terms , data transfers to third countries – insofar as no EU Commission adequacy decisions pursuant to Art. 45 GDPR are in place for the EU –
are secured by means of standard contractual clauses agreed in accordance with Art. 46 para. 2 GDPR. According to its own information, TikTok bases internal data transfers on adequacy decisions in accordance with Art. 45 GDPR for third countries that the European Commission has deemed to provide an adequate level of data protection, for example data transfers to corporate groups based in Canada, the UK, Israel, Japan or South Korea. For data transfers to countries for which no adequacy decisions are in place, TikTok (according to its own information) applies EU standard contractual clauses in accordance with Art. 46 para. 2 GDPR.

For more information on TikTok’s data processing and storage period, please refer to TikTok’s privacy policy: https://www.tiktok.com/legal/privacy-policy-eea .

Google Ads, Remarketing, and Conversion Tracking; Conversion Linker

We use the Google Ads service. Google Ads is an online advertising program offered by Google LLC (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland is responsible for users in the EU/EEA and Switzerland.

This means that we place advertisements through Google Ads, and as part of this, we also use Google remarketing and conversion tracking as well as the conversion linker. The advertisements are displayed on Google’s search results pages and on websites that are part of the Google advertising network. We also use Ads remarketing lists for search advertisements. This allows us to tailor advertising campaigns for users who have previously visited our website. The services allow us to combine our advertisements with certain search terms or display advertisements to previous visitors that, for example, advertise services that the visitors have previously viewed on our website. As such, it allows us to show users of our website interest-based advertising on other websites within the Google advertising network (as a “Google ad” within the scope of Google searches or on other websites).

Analyzing online user behavior is required for interest-based advertising. Google uses cookies to perform this analysis. Clicking on an ad or visiting our website results in Google placing a cookie on the user's computer. These cookies expire after 90 days. The information collected through the cookie allows Google to direct targeted offers at the user in later search queries. For more information on the cookie technology used, check the information Google provides regarding website statistics and data protection. The conversion linker also allows us to save click data in order to evaluate conversion tracking information effectively. This allows us to see whether users complete a particular action (e.g., ordering services) after clicking on an advertisement we placed via Google Ads. For this reason, we use the conversion linker tag on pages that users can land on after clicking one of our ads. The conversion linker tag thus allows us to capture ad-clicking information for the conversion page URLs and save it to our own first-party (rather than third-party) cookies on our domain.

This technology gives both Google and us as customers information when a user clicks on an ad and is redirected to our website. Information obtained in this manner is only used in statistical analyses for purposes of advertisement optimization. We do not receive any information that could be used to personally identify visitors. Since we use Google IP masking on this website in context of Google Analytics, your IP address will be transmitted to Google, but in anonymized form.

Log data is anonymized after 9 months and cookie information is anonymized after 18 months.

The statistics Google provides us include the total number of users who clicked on one of our advertisements and, if applicable, whether the users were forwarded to a page on our website with a conversion tag. These statistics help us track which search terms were associated with a particularly high rate of advertisement clicks, and which ads led to users making contact using our contact form.

You can find more information on data protection in context of Google Ads at: https://policies.google.com/technologies/ads?hl=de .

Insofar as data is processed outside the EU/EEA, in order to establish a secure level of data protection, the agreement we have entered into with the service provider incorporates the standard data protection clauses adopted by the EU Commission pursuant to Art. 46 GDPR; these clauses permit the transfer of personal data to a third country in individual cases.

The legal basis for the data processing described is your consent, Art. 6(1) sentence 1 lit. a GDPR. You can withdraw your consent at any time, effective for the future, by changing your tracking settings (see above, under Cookies). Alternatively, you can delete your local storage from this website. The banner linking to the selection options will then be displayed again.

You can also adjust your ad settings ( https://adssettings.google.com/authenticated?hl=de ) to select the types of advertisements you want to see or deactivate interest-based advertisements on Google.

Microsoft Advertising (formerly Bing Ads).

Microsoft Advertising is an online advertising service used by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052–6399, USA, to display advertisements. The controller for users in the EU, EEA and Switzerland is Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521 Ireland.

We use the Microsoft Advertising service (formerly Bing Ads) to display advertisements via the Microsoft network and its associated search engines (e.g. Bing, Yahoo!, Ecosia, etc.). As part of Microsoft Advertising, we also use the associated conversion tracking. One prerequisite for conversion tracking is implementation of the UET tag (Bing Universal Event Tracking), which we have integrated into our website. When you come to our website via an advertisement we placed, a cookie is set on your computer. These cookies allow Microsoft and us to recognize that someone clicked an advertisement, was redirected to our website and took a previously specified action on the website (conversion). This information helps us to tailor our website, advertisements and offers to your needs more effectively.

In addition, we use remarketing lists to present interest-based advertisements to website visitors within the Microsoft advertising network. For detailed information about the data and cookies used, please visit https://help.ads.microsoft.com/#apex/ads/en/53056/2-500 .

We use the information obtained through conversion tracking exclusively in statistical evaluations for purposes of advertising optimization. We cannot identify the visitor personally. The statistics Microsoft provides include the total number of users who clicked one of our advertisements and whether the users were forwarded to a page with a conversion tag. We also learn whether a specific action was taken on the website (e.g. whether and how many registrations were submitted for an event, what you click on our website, how many people visit our website via Microsoft Advertising and how long you stay on our website), as well as the keyword or advertisement through which you came to us.

Microsoft uses the data to optimize its own advertising and other services. If you have a Microsoft account, the collected data may be linked to your account. Microsoft may recognize and store your IP address. The storage period for the data collected by UET is 390 days; Microsoft cookies have an expiry date of 13 months.

You can adjust your ad settings https://account.microsoft.com/privacy/ad-settings/signedout?ru=https:%2F%2Faccount.microsoft.com%2Fprivacy%2Fad-settings to select the types of Microsoft ads you see or to deactivate interest-based advertisements on Microsoft.

The legal basis for the data processing described is your consent, Art. 6(1) sentence 1 lit. a GDPR and Art. 25(1) TTDSG. You can withdraw your consent at any time, effective for the future, by changing your tracking settings or deleting your local storage of this website. The banner linking to the selection options will then be displayed again.

Recipients of the data used in context of Microsoft Advertising may also include Microsoft Corporation, One Microsoft Way, Redmond, WA 98052–6399, USA. Microsoft has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection based on an adequacy decision by the European Commission. Data transfers to the USA are thus protected in accordance with Art. 45 GDPR.

You can find more information on data protection in context of Microsoft Advertising at: https://privacy.microsoft.com/en-us/privacystatement .

Newsletter and promotional telephone contact

When registering for our newsletter on our website or via Advertising Lead Forms (see below), you may also enter your phone number so that we can contact you for marketing purposes; this will enable us to provide information to you via e-mail and telephone/SMS within the scope of the consent you have given, insofar as you have consented expressly (Art. 6(1) sentence 1 lit. a GDPR). By consenting to receive the newsletter and to be contacted by telephone, you agree to receive:

  • Product and service information (such as accessories, cooking system orientation, kitchen consultancy)
  • Invitations to events and scheduled appointments (such as cooking events, expert cooking, Academy events, trade fair events)
  • Customer satisfaction surveys

From RATIONAL AG, Siegfried-Meister-Straße 1,86899 Landsberg am Lech, or its relevant subsidiaries. Only the company responsible for you will contact you. Jurisdiction depends on where your company is officially based/your business activities take place.

We use a double-opt-in procedure with registrations for our newsletters and on any other consent to marketing communication via email. This means that, after you provide your email address, we will send a confirmation email to the specified address and ask you to confirm that you want the newsletter to be sent. If you do not provide confirmation within 24 hours, your registration will be automatically deleted from the database. If you confirm your wish to receive the newsletter, we will store your e-mail address until you unsubscribe from the newsletter. The sole purpose of storing this data is to make it possible for us to send the newsletter. When you register and confirm your registration, we also save and time stamp the IP addresses from which this occurs so that we have evidence of your registration in case of doubt and, if applicable, can trace any misuse of your personal data. The legal basis for logging registrations is our legitimate interest pursuant to Art. 6(1) sentence 1 lit. f GDPR in proof of previously granted consent, see also Art. 7(1) GDPR.

Provision of additional, separately marked information is voluntary; any such information will be used exclusively for personalizing newsletters and/or for marketing telephone calls. The legal basis for this is your consent within the meaning of Art. 6(1) sentence 1 lit. a GDPR.

You can revoke your consent to receiving the newsletter or being contacted by telephone for marketing purposes at any time. You can withdraw your consent by clicking on the link provided in every newsletter email, by emailing privacy@rational-online.com , or during the telephone call.

Name of newsletter provider salesforce.com, inc, Salesforce Tower 415 Mission Street, 3rd Floor San Francisco, CA 94105 USA
Service provider type Processor
Data transfer to non-EU countries Yes
Non-EU country USA
Warranties pursuant to Article 44 et seq. GDPR  EU standard contractual clauses / info:  https://sfdc.co/cakvbB
Name of newsletter provider EQS Group AG, Karlstrasse 47, D-80333 Munich
Service provider type Processor
Data transfer to non-EU countries No
Non-EU country  
Warranties pursuant to Article 44 et seq. GDPR   
Data IP address at registration
Purpose of processing Proof of registration
Legal basis for processing Legitimate interest
Retention period up to 3 years after revocation/objection
Data Time of registration
Purpose of processing Proof of registration
Legal basis for processing Legitimate interest
Retention period up to 3 years after revocation/objection
Data DOI IP address
Purpose of processing Proof of double opt-in
Legal basis for processing Legitimate interest
Retention period up to 3 years after revocation/objection
Data Time of DOI verification
Purpose of processing Proof of double opt-in
Legal basis for processing Legitimate interest
Retention period up to 3 years after revocation/objection
Data Email address
Purpose of processing Sending the newsletter
Legal basis for processing Consent
Retention period Until revocation/objection
Data *Salutation
Purpose of processing Direct address
Legal basis for processing Consent
Retention period Until revocation/objection
Data *First name
Purpose of processing Direct address
Legal basis for processing Consent
Retention period Until revocation/objection
Data *Last name
Purpose of processing Direct address
Legal basis for processing Consent
Retention period Until revocation/objection
Data *Phone number
Purpose of processing Direct address
Legal basis for processing Consent
Retention period Until revocation/objection

Advertising Lead Forms on Facebook and LinkedIn

We use Advertising Lead Forms on Facebook and LinkedIn to provide a contact form through which interested parties can contact us directly at their own initiative. Alternatively, of course, users can always contact us directly through the contact forms on our website or via email.
You can register for events using these Advertising Lead forms. We will then process the data in order to answer your questions, address your concerns, and enable you to participate in our webinars upon request. This also constitutes our legitimate interest in processing as defined in Art. 6(1) sentence 1 lit. f GDPR.

Any data of yours that we receive in context of such contact will be deleted as soon as it is no longer required to achieve the purpose for which it was collected, your inquiry has been fully processed, and you no longer require or desire further communication.

Provision of your personal data is required neither contractually nor statutorily.
No automated decisionmaking, including profiling, occurs on our end.

The personal data specified above is transmitted to various recipients within and outside the EU/EEA.
Specifically, the recipients are as follows:

Recipients within the RATIONAL Group (national subsidiaries) and partner companies
Only the company responsible for you will contact you. Jurisdiction depends on where your company is officially based/your business activities take place.

External service providers in context of order processing pursuant to Art. 28 GDPR:

  • LinkedIn Ireland Unlimited Company
    Wilton Place,
    Dublin 2, Ireland
    LinkedIn's current data processing agreement and standard contractual clauses can be found under: https://legal.linkedin.com/dpa/DE.
  • Facebook Ireland Ltd.
    4 Grand Canal Square
    Grand Canal Harbor
    Dublin 2 Ireland
    Since August 31, 2020, Facebook has been offering a “Facebook EU Data Transfer Addendum,” under which the standard contractual clauses shall apply in cases where Facebook Ireland Limited processes data from the EU/EEA as a contract processor and transmits it to Facebook Inc. as a sub-processor.

We wish to make it expressly clear that LinkedIn and Facebook store user data (e.g., IP address, possibly personal interests, behavior on the two providers' pages, personal information on file within those networks, etc.) and utilize it for business purposes.

We have no control over the processing and further use of this data, as Facebook/LinkedIn alone determines whether and how it is processed. It is not currently possible for us to trace where or for how long data is stored, how extensively the data is linked and analyzed, or to whom the data is forwarded. Similarly, we have no information or influence on deletion deadlines, i.e., whether and to what extent data is deleted after the specified time period.

More information on the purpose and scope of LinkedIn's data collection, further processing, and usage can be found in the LinkedIn data protection policy, as can information regarding privacy-related settings options.

We use the Google Ads Lead Form extensions to provide a contact form through which interested users can contact us directly. Google Ads Lead Form Extensions are a service of Google LLC (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland is responsible for users in the EU/EEA and Switzerland. Alternatively, of course, users can always contact us directly through the contact forms on our website or via email.

You can register for our (cooking) events using the Google Ads Lead Forms.

When you contact us via a Google Ads Lead Form, we will only process the data you provide (your e-mail address, your full name, your telephone number, your city/state and ZIP code, your job title and company name) in context of handling your request to participate in one of our cooking events and enabling you to do so. This also constitutes our legitimate interest in processing as defined in Art. 6(1) sentence 1 lit. f GDPR. Processing of the data for other purposes is not foreseen.

Any required personal data is marked as mandatory on the registration form; any additional information is voluntary.

If you register for one of our cooking events, any of your data that we obtain in the course of contacting you will be deleted after no more than 24 months, provided that you neither initiate nor desire further communication during that period and that no such communication is necessary.

You can object to the described processing of personal data shared with us through a Google Lead Form at any time, effective for the future. To do so, email us at privacy@rational-online.com and express your wish to withdraw consent going forward.

The personal data specified above is transmitted to various recipients within and outside the EU/EEA.

Specifically, the recipients are as follows:

Recipients within the RATIONAL Group (national subsidiaries) and partner companies

Only the company responsible for you will contact you. Jurisdiction depends on where your company is officially based/your business activities take place.

In principle, data transferred outside the European Union is not protected to the same high standard provided within Europe.

To the extent that data is processed outside the European Economic Area/EU, where data protection to the European standard is not guaranteed, Google states that it uses standard contractual clauses. For more information on how user data is handled in such cases, consult the contract data processing conditions for Google advertising products and services: https://business.safety.google/intl/de/adsprocessorterms/

If you interact within the framework of Google services, Google will obviously have access to your data as well. We wish to make it expressly clear that Google stores user data (e.g., IP address, possibly personal interests, behavior on Google pages, personal information on file with Google, etc.) and utilizes it for business purposes.

We have no control over the processing and further use of this data, as Google alone determines whether and how it is processed. It is not currently possible for us to trace where or for how long data is stored, how extensively the data is linked and analyzed, or to whom the data is forwarded. Similarly, we have no information or influence on deletion deadlines, i.e., whether and to what extent data is deleted after the specified time period.

Google's own privacy policy and terms of use are available HERE .

Information on the data processing conditions applicable between data controllers for Google advertising products is available HERE .

Additional information on how Google itself processes data is also available at: https://business.safety.google/ .

You can find more information on Lead Form extensions here:

https://support.google.com/google-ads/answer/9423234?hl=de&ref_topic=9716366

The information on Google Ads, remarketing and conversion tracking apply here as well.

Google Maps

We use the Google Maps map service. Google Maps is a map service provided by Google LLC (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland is responsible for users in the EU/EEA and Switzerland.

Usage of Google Maps functions may entail transmission of information to provider servers, for example the user IP address and the destination address specified in context of the routing function. This information is usually transmitted to a Google server in the USA and stored there.

When visiting a website that contains Google Maps maps, your browser will normally establish a direct connection with Google servers even if you do not use the map, so that the map content can be transmitted to your browser and integrated into your page view. Using our permissions management tool (Usercentrics) will prevent this from happening if you do not consent to the processing of your data for Google Maps-related purposes. In other words, due to how Google Maps is integrated, no data is transmitted without your consent.

The provider of this website has no influence on this data transfer. To the best of our knowledge, the following data is transmitted:

  • date and time visiting the website in question,
  • Internet address or URL of page accessed,
  • IP address in context of the (starting) address entered for route planning purposes

We use Google Maps in the interest of displaying our online services in an appealing way and making the locations we mention on the website easy to find.

By activating it in your tracking settings, you consent to Google placing cookies on your device that can also be used to analyze your usage behavior for market research and marketing purposes. As such, the legal basis for such data processing is your consent, Art. 6(1) sentence 1 lit. a GDPR. You can withdraw this consent at any time, effective for the future, by changing your tracking settings (see above, under Cookies). Alternatively, you can delete your cookies (all of them, or only those linked to this website). The banner linking to the selection options will then be displayed again. If you do not consent, or if you withdraw consent, you will be prohibited from using the service.

More information on how Google handles user data is available in Google’s data privacy policy: https://www.google.de/intl/de/policies/privacy/ .

YouTube (advanced privacy mode)

Our website uses services from YouTube, LLC 901 Cherry Ave., 94066 San Bruno, CA, USA, a company of Google Inc., Amphitheatre Parkway, Mountain View, CA 94043, USA. When you visit a page with an embedded YouTube video, a connection to the YouTube servers is normally established and the content is displayed on the website by sending a message to your browser. Using our permissions management tool (Usercentrics) will prevent this from happening if you do not consent to the processing of your data for YouTube-related purposes. Because YouTube is integrated, no data will be transferred without your consent.

To protect your personal data, we also use the extended data protection option provided by YouTube. According to YouTube, however, data is only transferred to the YouTube server in “advanced data protection mode” if you actively start the video. If you are logged into YouTube at that time, the information on the videos you watch will be associated with your YouTube membership account. You can prevent this by logging out of your member account before visiting our website.

Further information on YouTube’s data protection is provided by Google under the following link: https://policies.google.com/privacy

By activating it in your tracking settings, you consent to YouTube receiving data through your use, which can also be used to analyze your usage behavior for market research and marketing purposes. As such, the legal basis for such data processing is your consent, Art. 6(1) sentence 1 lit. a GDPR. You can withdraw this consent at any time, effective for the future, by changing your tracking settings (see above, under Cookies). Alternatively, you can delete your local storage from this website. The banner linking to the selection options will then be displayed again. If you do not consent, or if you withdraw consent, you will be prohibited from using the service.

Vimeo

We use the services of Vimeo.com, Inc., 330 West 34 Street, 5th Floor, New York NY 10001, USA ("Vimeo") to display and play video content providing product information (keynote presentation for a product launch).

This video content is loaded from or transmitted through Vimeo. Your data may be transmitted to Vimeo as part of this process. Our integration of Vimeo videos serves the purpose of making our website more interesting and appealing to users; it also helps us present content related to the introduction and use of our products more effectively. Vimeo allows us to present information not only as text and images, but also as video content, directly on our website instead of merely linking to it.

Normally when you visit a page of our website that contains an embedded Vimeo video, a connection to the Vimeo servers is established and data is sent to servers in the USA to notify the Vimeo server of the specific website you are visiting.

We wish to make you expressly aware that Vimeo acts as its own controller and collects personal data from you, including through the use of cookies.

We have no control over the processing and further use of this data, as Vimeo alone determines whether and how it is processed. We can only determine where or for how long such data is stored, how extensively that data is linked or analyzed, and to whom the data is forwarded to the extent that such information is given in their Data Protection Policy .

Using our permissions management tool (Usercentrics) will prevent this from happening if you do not consent to the processing of your data for Vimeo-related purposes. As such, no data will be transferred without your consent in connection with Vimeo integration.

By activating Usercentics, you agree that when you watch a video, data about you will be transferred to Vimeo using cookies and similar technologies that Vimeo employs, regardless of whether you have a Vimeo account. Such data includes, but is not limited to, your IP address, technical information about your browser type, your operating system, pages visited, the referrer URL, information users provide on the site, search requests, geographical location, content viewed, and very basic device information. If you are logged into Vimeo at the time of your visit, information about videos you watched may be associated with your Vimeo account. You can prevent this by logging out of your member account before visiting our website.

As the controller, RATIONAL receives the following video-related data from Vimeo: Call-ups (i.e. the number of times the live video is accessed), peak viewers (i.e. the highest number of simultaneous viewers during the stream), dwell time, and average dwell time (i.e. the average dwell time of a viewer during the live event).

Vimeo is based in the USA and thus in a non-secure third country, where the level of data protection is lower than that of the EU/EEA. Vimeo also uses data centers in the USA to provide their services. Your data may therefore also be processed on servers in the USA. Please be aware that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This may involve various risks to the lawfulness and security of data processing. In order to ensure an appropriate level of data protection, Vimeo concludes the EU standard contractual clauses pursuant to Art. 46 GDPR, which are provided by the EU Commission to ensure that its data is also processed in accordance with the European data protection standard if it is transferred to third countries such as the USA and stored there. In addition, Vimeo is certified according to the EU-U.S. Data Privacy Framework (DPF), the UK extension of the EU-U.S. DPF, and the Swiss-U.S. DPF. This certification can be viewed here: DPF list

For RATIONAL, the legal basis for the data processing described is your consent, Art. 6(1) sentence 1 lit. a GDPR and Art. 25(1) TTDSG.

You can revoke this consent at any time with future effect by accessing the tracking settings via the link at the bottom of each page (called a footer) and unchecking the box next to the processing you had consented to. If you do not consent, or if you withdraw consent, you will be prohibited from using the service.

Vimeo has provided additional information on data protection and the Vimeo cookie policy under the following links:

Contact

You have the option of contacting us through our e-mail address or using the various contact forms. We will of course only use any personal data transmitted to us in this way for the purpose for which you provide it when contacting us.

Any entries on a contact form that are not necessary in order to make contact with you have always been marked as optional. This information helps give us a more concrete understanding of your query and respond to it more effectively. Such information is provided on an expressly voluntary basis and with your consent. Insofar as this involves information concerning communication channels (e.g. e-mail address, telephone number), you also consent to us contacting you via those communication channels in order to answer your inquiry.

You can of course withdraw this consent at any time, effective for the future. To do this, please contact our Data Protection Officer, whose contact details you will find at the beginning of this page.

Data IP address at registration
Purpose of processing Transferring form content to the web server
Legal basis for processing Consent/initiation/fulfillment of the contractual relationship
Retention period Until the end of the connection
Data Subject area
Purpose of processing More efficient query response
Legal basis for processing Consent/initiation/fulfillment of the contractual relationship
Retention period Until purpose is achieved/conclusion of evidentiary obligations
Data Message
Purpose of processing Responding to the query
Legal basis for processing Consent/initiation/fulfillment of the contractual relationship
Retention period Until purpose is achieved/conclusion of evidentiary obligations
Data Salutation
Purpose of processing Direct address
Legal basis for processing Consent/initiation/fulfillment of the contractual relationship
Retention period Until purpose is achieved/conclusion of evidentiary obligations
Data First name
Purpose of processing Direct address
Legal basis for processing Consent/initiation/fulfillment of the contractual relationship
Retention period Until purpose is achieved/conclusion of evidentiary obligations
Data Surname
Purpose of processing Direct address
Legal basis for processing Consent/initiation/fulfillment of the contractual relationship
Retention period Until purpose is achieved/conclusion of evidentiary obligations
Data *Function
Purpose of processing More efficient query response
Legal basis for processing Consent/initiation/fulfillment of the contractual relationship
Retention period Until purpose is achieved/conclusion of evidentiary obligations
Data *Company
Purpose of processing More efficient query response
Legal basis for processing Consent/initiation/fulfillment of the contractual relationship
Retention period Until purpose is achieved/conclusion of evidentiary obligations
Data Email address
Purpose of processing Responding to the query
Legal basis for processing Consent/initiation/fulfillment of the contractual relationship
Retention period Until purpose is achieved/conclusion of evidentiary obligations
Data Phone number
Purpose of processing Responding to the query
Legal basis for processing Consent/initiation/fulfillment of the contractual relationship
Retention period Until purpose is achieved/conclusion of evidentiary obligations
Data *Fax number
Purpose of processing Responding to the query
Legal basis for processing Consent/initiation/fulfillment of the contractual relationship
Retention period Until purpose is achieved/conclusion of evidentiary obligations
Data (Company) Address
Purpose of processing More efficient query response
Legal basis for processing Consent/initiation/fulfillment of the contractual relationship
Retention period Until purpose is achieved/conclusion of evidentiary obligations

* optional

Use of UTM parameter cookies when using our contact forms.

We use a UTM parameter that allows us to add trackable extensions to your URLs. We are responsible for this cookie. The "source parameter" we use allows us to define the source of the link, such as a Google website or a social media channel. When you access the RATIONAL AG page via a RATIONAL AG link tagged with a UTM parameter, this information is stored to the cookie sf_utms; when you register for an event via our contact form, this information is transmitted to RATIONAL AG. This allows us to identify the source (e.g., the page) from which you came to us.

The legal basis for the data processing described is your consent, Art. 6(1) sentence 1 lit. a GDPR, Art. 25(1) TTDSG. You can withdraw this consent at any time, effective for the future, by changing your tracking settings (see above, under Cookies). Alternatively, you can delete your cookies (all of them, or only those linked to this website). The banner linking to the selection options will then be displayed again. If you do not consent, or if you withdraw consent, you will be prohibited from using the service.

The data transmitted via the UTM parameter is deleted as soon as it is no longer required for processing purposes, barring statutory archival requirements to the contrary. The storage period for contact in such situations is a maximum of three years after the expiration of the processing purpose.

The collected data may be forwarded to other companies, including international members of the RATIONAL AG corporate group. Please note that as part of this service, the data may be transferred to a country without the required data protection standards in place. The countries to which the data will be transferred are listed below.

Downloading white papers and other information

Various white papers, articles, and infographics are available for download on our website. Before downloading, you will be asked to enter your contact details (salutation, first and last name, email address, ZIP code, city, country, company). We store this data and use it for purposes of addressing you in marketing emails. The personal data you provide constitutes your contractual consideration in return for the provision of the documents.

We use a double-opt-in procedure to verify your email address. This means that, after you provide your email address, we will send a confirmation email to the specified address and ask you for confirmation. If you do not provide confirmation within 24 hours, your registration will be automatically deleted from the database. Once you have registered, you will receive the materials you have requested.

We also save the IP addresses from which you register and confirm registration, as well as the times at which each occur. We do this in order to establish proof of your registration within the framework of our accountability obligations and, if necessary, to be able to clarify any potential misuse of your personal data. These accountability obligations constitute a legitimate interest pursuant to Art. 6(1) sentence 1 lit. f GDPR in processing data associated with the double opt-in procedure.

You may object to the use of your personal data for marketing purposes at any time, effective for the future. To do this, click on the unsubscribe link found at the end of each newsletter email or email us directly at privacy@rational-online.com and express your request to withdraw consent going forward

Name of newsletter provider salesforce.com, inc, Salesforce Tower 415 Mission Street, 3rd Floor San Francisco, CA 94105 USA
Service provider type Processor
Data transfer to non-EU countries Yes
Non-EU country USA
Warranties pursuant to Art. 44 et seq. GDPR EU standard contractual clauses info: https://sfdc.co/cakvbB

Video conferencing and project work using Microsoft Teams.

We use the Microsoft Teams service to conduct video and audio conferences and webinars, to interact via the message function, and to collaborate on documents in different file formats. Microsoft Teams is software by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052–6399, USA.

In this context, participants' personal data is processed as part of communication processes with us, and it is also stored on Microsoft’s servers. These servers are located in the Netherlands (Evert van de Beekstraat 354, 1118 CZ Schiphol, Netherlands) and Ireland (1, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland).

The data processed also depends on the scope of communication and the purpose of use. It may include, in particular, login and contact details, visual and auditory contributions, chat messages, and the contents of shared files and screens. Types of processed data therefore include contract data (e.g., name, address), contact data (e.g., e-mail address, telephone number), content data (e.g., text entries, photo and video files), usage data (e.g., access times, interest in content), and metadata (e.g. device information, IP address).

Microsoft processes usage and metadata for security purposes and the optimization of its own service. More information on this can be found in the Microsoft privacy policy .

If we ask for your consent to the use of certain functions – e.g., regarding a recording of the video conference – your consent is the legal basis for data processing (Art. 6 para. 1 p. 1 lit. a GDPR). Otherwise, your data will be processed on the basis of our legitimate interests (Art. 6 para. 1 p. 1 lit. f GDPR) to ensure efficient, secure communication with our partners. We have a legitimate (economic) interest in providing our employees, customers, and partners with many different communication channels in order to promote user-friendliness and make interaction as easy and convenient as possible. These interests are to be weighed against the interests of data subjects not to have their data captured through data processing and to refuse the processing of their personal data by certain providers or using certain techniques. Since everyone is free to use other means of communication to make contact (e.g. e-mail or telephone), Microsoft Teams gives users the choice to opt out of the processing of their data. These alternatives are also common and reasonable, so no pressure or force can be assumed. Consequently, no interests of data subjects are evident that outweigh our interests as the controller in processing. As a result, the use of Microsoft Teams is considered necessary as an additional means of contacting us to protect our legitimate interests.

If you have given us your consent to the use of certain functions, you can also revoke this at any time by sending an e-mail to privacy@rational-online.com .

In accordance with the legal requirements for processing your data in the Microsoft Cloud, you can notify us of your objections.

The data will be deleted after the expiry of the following periods:

  • Contract data (e.g., name, address): after 180 days
  • Contact details (e.g., e-mail address, telephone number): after 180 days
  • Content data (e.g., text entries, photo and video files): after two years
  • Usage data (e.g., access times, interest in content): after 180 days
  • Metadata (e.g. device information, IP address): after 180 days

Furthermore, an agreement on order processing has been concluded with Microsoft.

Further information on data processing can be found in Microsoft’s privacy policy . If Microsoft processes personal data in the USA, we refer you to the EU-SCC concluded with the Microsoft Group.

Data protection information for the RATIONAL AG internal reporting system.

The following types of personal data, among others, are processed in context of entering and processing reports in the internal reporting system:

  • Information that identifies the reporting party personally, such as first and last name, address, telephone number, and email address;
  • Employment status;
  • Information about data subjects, i.e. natural persons identified in a report as having committed the breach or being associated with that person. Such information includes, for example, first and last name, gender, address, telephone number, and e-mail address or other information that enables identification;
  • Information about violations that may allow conclusions to be drawn concerning the identity of a natural person.

Such personal data will be processed for the purpose of investigating the reports. In addition, the data will be processed to detect, prevent, and/or respond to violations of statutory or company regulations (such as actions to verify the validity of the allegations made in the report and, where applicable, to address the reported breach, including internal investigations, investigations, prosecution, actions to (recover) funds or close the proceedings).

Any personal data processed as part of such a report is processed by lawcode GmbH, Universitätsstraße 3, 56070 Koblenz, Germany, on behalf of RATIONAL AG and in accordance with its instructions. Personal data is generally only transferred to third parties if there is a legal basis for this. This is particularly the case if such transfer serves to fulfil legal requirements obliging us to provide information on, report, or forward data; if you have given us your consent to such transfer; or if a balance of interests justifies this. In addition, external service providers, such as external data centers or telecommunications providers, process personal data on our behalf on a contract basis. Depending on the area of responsibility under which the report falls and its relevance to the effective initiation of follow-up measures, the personal data may be forwarded to our specialist departments with corresponding responsibilities.

Compliance-relevant information shall be archived for three years after conclusion of the proceedings in accordance with Section 11 para. 5 HinSchG. Reports without compliance relevance shall be archived for up to 1 year for reporting purposes.

Euroland key figure tool

On our website, we use the Euroland key figure tool, a service of Euroland.com, Sweden, as an iFrame. RATIONAL AG uses Euroland for presenting animated financial information on its website for investors.,

When you visit a page with an embedded key figure tool, a connection to the Euroland servers is normally established and the content is displayed on the website by sending a message to your browser. Using our permissions management tool (Usercentrics) will prevent this from happening if you do not consent to the processing of your data for Euroland-related purposes. This means no data will be transferred without your consent. Only a preview image is displayed.

The legal basis for the data processing described is your consent, Art. 6 para. 1 lit. a, GDPR and Section 25 para. 1 TDDDG.

You can revoke this consent at any time with future effect by accessing the tracking settings via the link at the bottom of each page (called a footer) and unchecking the box next to the processing you had consented to. If you do not consent, or if you withdraw consent, you will be prohibited from using the service.

Alternatively, you can delete your local storage from this website. The banner linking to the selection options will then be displayed again. If you do not consent, or if you withdraw consent, you will be prohibited from using the service.

More information about Euroland can be found at https://www.euroland.com/cookiepolicy/en-gb.html .

Forwarding of data

Your personal data will not be forwarded to third parties for purposes other than those listed.

We will only share your personal data with third parties if:

  • you have given your explicit consent for us to do so;
  • disclosure is necessary for purposes of establishing, exercising or defending legal claims, and there is no reason to assume that you have an overriding legitimate interest in the non-disclosure of your data;
  • we are legally obligated to such disclosure; or
  • such disclosure is legally permissible and necessary for purposes of processing contractual relationships with you.

In principle, data transferred outside the European Union is not protected to the same high standard provided within Europe. In the event that such a transfer occurs, there is a possibility that no adequacy decision has been reached by the EU Commission within the meaning of Art. 45(1) and (3) GDPR. This means that the EU Commission has not yet positively established that the country-specific level of data protection corresponds to the level of data protection in the European Union on the basis of the GDPR, which is why we have created the aforementioned suitable guarantees. Potential risks that may not be completely excluded in connection with the transfer of data include, but are not limited to, the following:

Your personal data may be processed beyond the actual purpose.

There is also a possibility that you may not be able to sustainably assert and enforce your rights under data protection law, such as your right to information, rectification, erasure or data portability.

There may also be a higher probability that incorrect data processing may occur and that the protection of personal data does not fully meet the requirements of the GDPR in terms of quantity and quality.

Data security

We have taken extensive technical and operational preventative measures to protect your data against accidental or intentional manipulation, loss, destruction or access by unauthorized persons. Our security procedures are regularly reviewed and adapted to technological progress.

Integration of third-party content

Third-party content like YouTube videos and map information from Google Maps is integrated into our online presence on the basis of Art. 6(1) sentence 1 lit. f GDPR. This is always contingent on the providers of this content (hereinafter referred to as “third-party providers”) being able to detect the user's IP address. Without the IP address, they would not be able to transmit the content to that user's browser. As such, IP address information is required in order to display this content. We strive only to use content whose providers do not require any additional information beyond the IP address for delivery purposes. However, we have no influence on whether third-party providers store IP addresses, for example for statistical purposes. To the extent that we are aware of such instances, we provide that information to users.

Information on rights of data subjects

Every data subject has the right to information pursuant to Art. 15 GDPR, the right to rectification pursuant to Art. 16 GDPR, the right to erasure pursuant to Article 17 GDPR, the right to restriction of processing pursuant to Article 18 GDPR, the right to object pursuant to Article 21 GDPR and the right to data portability pursuant to Art. 20 GDPR. The restrictions pursuant to Sections 34 and 35 of the German Federal Data Protection Act (BDSG) apply to the right of access and the right to erasure.

Information on lodging complaints

You also have the right to complain to the competent data protection supervisory authority about the processing of your personal data by us.

Information on withdrawal of consent

You can withdraw your consent to the processing of your personal data at any time. This also applies to the revocation of declarations of consent that were issued to us prior to the application of the General Data Protection Regulation, aka before 25 May 2018. Please note that such revocation will only apply going forward. Processing that took place before consent was withdrawn will not be affected.

Rights concerning data processing for direct marketing purposes

Pursuant to Art. 21(2) GDPR, you have the right to object to the processing of your personal data at any time. In the event that you object to processing of your personal data for direct marketing purposes, we will no longer process your personal data for these purposes. Please note that such objection will only apply going forward. Processing that took place before said objection will not be affected.

Information on right to object concerning balance of interests

If we base the processing of your personal data on a balance of interests, you may object to such processing. When exercising such an objection, we ask that you explain the reasons why we should not process your personal data as we have described. In the event that your objection is justified, we will evaluate the situation and either modify or cease data processing or explain our compelling legitimate reasons to you.

Links to other websites

Our websites may contain links to other providers' websites. Please note that this privacy policy applies exclusively to the RATIONAL AG websites. We have no influence on this and do not monitor whether other providers comply with the applicable data protection regulations.

Changes to the Privacy Policy

We reserve the right to amend or adapt this privacy policy at any time in compliance with the applicable data protection regulations.

Version: July 2022