ROKKU DESIGNSTUDIO GMBHtakes the protection of your personal data very seriously and complies with the statutory provisions in the General Data Protection Regulation (“GDPR”) and in the current version of the German Federal Data Protection Act (“BDSG”) for the processing of personal data. In the following and in accordance with the GDPR, we would like to inform you of when and for what purposes personal data are processed on our websites.



1. WHAT ARE PERSONAL DATA?

Pursuant to Art. 4 Para. 1 of the GDPR, ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.



2. WHO IS RESPONSIBLE FOR YOUR DATA?

Responsibility for processing your personal data on our websites lies with ROKKU DESIGNSTUDIO GMBH, Schrammsweg 11, 20249 Hamburg. [email protected]



3. YOUR RIGHTS

You can assert the following rights concerning us with regard to the processing of your personal data:

  • Right of access (Art. 15 GDPR),
  • Right to rectification (Art. 16 GDPR) and/or erasure including the ‘right to be forgotten’ (Art. 17 GDPR),
  • Right to restriction of processing (Art. 18 GDPR),
  • Right to object to the processing (Art. 21 Para. 1 GDPR) and the right to object to processing for direct marketing purposes (Art. 21 Para. 2 GDPR),
  • Right to data portability (Art. 20 Para. 1 GDPR).

In addition, you shall also be able to lodge a complaint to a supervisory authority for data protection. To the extent that we base the procesing of your personal data on the balancing of interests, you shall be able to object to the processing (Art. 21 Para. 1 GDPR). This is the case if the processing is not necessary for the performance of a contract with you, which is outlined by us in the following description. When exercising such an objection, we ask you to provide the reasons why we should not process your personal data, as carried out by us. In the event of your reasoned objection, we shall examine the situation and shall either end or adapt the data processing, or demonstrate our compelling legitimate grounds for continuing the processing. Irrespective of this, you may object at any time and without providing reasons to the processing of your personal data for marketing and data analysis purposes (Art. 21 Para. 2 GDPR).



4. PROCESSING PERSONAL DATA WHEN OUR WEBSITES ARE ACCESSED

a) Documenting the access When using the internet services provided by ROKKU DESIGNSTUDIO GMBH, certain data are automatically stored on our servers for system administration purposes and for statistical or security purposes, particulalry for protection against attacks on our IT infrastructure. Provided the data are personal data as defined in Art. 4 Para. 1 of the GDPR, they shall be processed on the basis of Art. 6 Para. 1 lit. f of the GDPR.

  • IP address
  • Accessed page/name of the accessed file
  • Date and time of the access
  • Transferred amount of data
  • Report if the access was successful
  • The referring site, if access was made via an external link, and the search term, if access was made via an external search engine
  • The browser software used for the access (language, version and configuration)
  • Details on your device’s operating system and interface
  • The data are only used in anonymized form for evaluating the general user behaviour. These statistical evaluations help us to improve our websites for you and adapt them to your needs. There is no other usage, least of all a link to personal data.

    The afore-mentioned documentation data shall be stored on our servers for a standard 7 days and then erased, provided we are not legally obliged to store the data for longer. In such cases, storing data for longer periods shall be based on Art. 6 Para. 1 lit. c of the GDPR.

    b) Use of cookies on our websites

    What are cookies?

    Cookies are small files that are stored on your hard drive and save certain settings and data for exchange with our systems or our service providers’ systems via your web browser. A distinction is made between two different types of cookies. There are so-called session ID cookies, which are erased as soon as you close your browser, and persistent cookies, which are stored on your hard drive for a long time. You can remove stored cookies in your browser settings and deactivate the future storage of cookies. We would like to point out that not all the features of the websites may be used if the cookies are deactivated.

    Our websites use the following cookies:

    • Long-term cookies


    5. PROCESSING PERSONAL DATA WHEN MAKING CONTACT VIA THE WEBSITES

    Personal data are always processed on our websites if you enter personal details on one of the provided contact forms. This data and the content in your contact form are forwarded to the respective contact persons who use your data exclusively to process your request within the given purpose (for example, to our customer service for queries regarding our products). In this case, your personal data are processed in connection with the performance of a contract concluded with you or in order to take steps upon request prior to entering into a contract (Art. 6 Para. 1 lit. b of the GDPR). There is no processing of personal data that goes beyond this. Provided nothing different is stipulated below, your data will be stored until the respective purpose of processing them has been achieved.



    6. WILL YOUR DATA BE TRANSFERRED TO THIRD PARTIES?

    As a rule, personal data are not transferred to third parties. In exceptional cases, the transfer of personal data to third parties is considered if this is necessary for the purpose of answering your enquiry. Personal data may also be forwarded based on the GDPR, the current version of the German Federal Data Protection Act (BDSG) and, where applicable, other relevant statutory regulations, provided we are legally obliged to do so (Art. 6 Para. 1 lit. c of the GDPR).



    7. HOW ARE YOUR DATA SECURED?

    We take technical and organisational measures to protect your data from unauthorised access or loss. Our security measures are continuously improved in line with technological developments.



    8. DO YOU HAVE ANY FURTHER QUESTIONS?

    If you have any further questions on the collection, processing and use of your personal data, please contact [email protected] or write to us at the address given in section 2.