Search site...
en EN de DE
Spotlight Manager

Privacy Policy
Policy

Our website is run according to the following principles.
We comply with the legal provisions on data protection and strive to always take into account the principles of data avoidance and minimization.

1. Name and Address of the Person Responsible and the Data Protection Officer

a) The person responsible

The person responsible within the meaning of the General Data Protection Regulation and other national data protection laws of the member states of the European Union as well as other data protection regulations is:

Redlof Medien GmbH & Co.KG
Technologiepark 11
91522 Ansbach
Germany

Tel.: 0981/203 526-50
Fax: 0981/ 203 526-55
E-mail: info@redlof-medien.de
Website: www.redlof-medien.de

b) The data protection officer
The data protection officer of the person responsible can be reached as follows:

SiDIT GmbH
Langgasse 20
97261 Güntersleben
Germany
Tel: 0931/780 877-0
E-mail: info@sidit.de

2. Explanations of Terms

We have designed our data protection declaration according to the principles of clarity and transparency. However, should there be any ambiguity regarding the use of different terms, the corresponding definitions can be viewed here.

3. Legal Basis for Processing Data

a) Processing of personal data according to the GDPR

We process your personal data such as Your surname and first name, e-mail address and IP address, etc., only if there is a legal basis for this. According to the General Data Protection Regulation, the following regulations, in particular, come into consideration here:

  • Art. 6 Para. 1 ll. 1 letter a GDPR: The data subject has given their consent to the processing of their personal data for one or more specific purposes.
  • Art. 6 Para. 1 ll. 1 letter b GDPR: The processing is necessary for the performance of a contract to which the data subject is party or for the implementation of pre-contractual measures taken at the data subject’s request.
  • Art. 6 Para. 1 ll. 1 letter c GDPR: The processing is necessary to fulfill a legal obligation to which the person responsible is subject
  • Art. 6 Para. 1 ll. 1 letter d GDPR: Processing is necessary to protect the vital interests of the data subject or another natural person
  • Art. 6 Para. 1 ll. 1 letter e GDPR: the processing is necessary for the performance of a task that is in the public interest or in the exercise of official authority that has been transferred to the person responsible
  • Art. 6 Para. 1 ll. 1 letter f GDPR: the processing is necessary to safeguard the legitimate interests of the person responsible or a third party, unless the interests or fundamental rights and freedoms of the data subject, which require the protection of personal data, prevail, in particular if the data subject is a child

However, at the relevant points in this data protection declaration, we will always point out the legal basis for processing your personal data.

b) Consent of the legal guardians according to Art. 8 Para.1 ll.2 alt.2 GDPR

A legal guardian must agree to all data processing on this website, for which the consent of a minor who has not yet reached the age of 16 is required.

Information on the individual data processing operations, their purposes, and the data categories affected, for which the consent of the person concerned is required, can be found in the data protection declaration.

You can revoke your consent at any time by sending the declaration of revocation in text form to the contact details of the person responsible. The processing until the revocation remains lawful.

c. Processing of information according to § 25 Para.1 TTDSG

We also process information under Art. § 25 Para.1 TTDSG by storing information on your terminal equipment or accessing information already stored on your terminal equipment. This can be personal information and non-personal data, e.g., cookies, browser fingerprints, advertising IDs, MAC addresses, and IMEI numbers. Terminal equipment is any device connected directly or indirectly to the interface of a public telecommunications network for sending, processing, or receiving messages, § 2 Para.2. Nr.6 TTDSG.

As a rule, we process this information based on your consent, § 25 Para.1 TTDSG.
As far as an exception according to § 25 Para.2 Nr. 1 and Nr.2 TTDSG is given, we do not require consent. One such exception is where we are accessing or storing the information solely to transmit a message over a public telecommunications network or where it is strictly necessary to provide a Telemedia service that you have requested. You can revoke your consent at any time.

We inform you that the revocation of consent does not affect the lawfulness of the process based on the consent up to the point of revocation.

4. Disclosure of Personal Data

The transfer of personal data is also processed within the meaning of the previous paragraph 3. However, at this point, we would like to inform you again separately about the transfer to third parties. The protection of your personal data is essential to us. For this reason, we are cautious when passing on your data to third parties.

It will, therefore, only be passed on to third parties if there is a legal basis for processing. For example, we pass on personal data to persons or companies working for us as processors per Art. 28 GDPR. Processor is anyone who processes personal data on our behalf – i.e. in particular in an instruction and control relationship with us

Under the requirements of the GDPR, we conclude a contract with each of our processors to oblige them to comply with data protection regulations and thus to provide your data with comprehensive protection.

5. Duration of Storage and Deletion

We will delete your personal data if they are no longer necessary for the purposes for which they were collected or otherwise processed; the processing is not required to exercise the right to freedom of expression and information, to fulfill legal obligation reasons of public interest or to assert, exercise or defend legal claims.

6. SSL or TLS Encryption

For security reasons and to protect the transmission of confidential content, such as inquiries that you send to us as the website operator, this website uses an SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from ‘http://’ to ‘https://’ and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, third parties cannot read the data you transmit to us.

7. Cookies

We use cookies on our website. Cookies are small data packages your browser automatically creates and are stored on your end device when you visit our website. These cookies are used to store information related to the end device used.

A distinction between “strictly necessary” and “non-necessary” cookies is made when using cookies. Strictly necessary cookies are given if required to provide an information society service you have expressly requested.

a) Strictly necessary cookies

To make our offer more pleasant for you, we use strictly necessary cookies: so-called session cookies (e.g., language and font selection, shopping cart, etc.), consent cookies, cookies to ensure server stability and security, or similar. Act. The legal basis for the cookies results from Article 6 Paragraph 1 Sentence 1 Letter f) GDPR, our legitimate interest in the error-free operation of the website, and the interest in making our services available to you in an optimized way.

b) Non-necessary cookies

Non-necessary cookies are for statistical, analysis, marketing, and retargeting purposes.
We set these cookies based on your consent under Art. 6 Para. 1 ll. 1 letter a) GDPR for you.

You can revoke your consent to the use of cookies at any time.

We inform you that the revocation of consent does not affect the lawfulness of the process based on the consent up to the point of revocation.
To do this, you can either edit your cookie settings on our website, deactivate the cookies in your browser settings (which can also limit the functionality of the online offer), or set an opt-out for the corresponding service in individual cases.
We will point out the legal basis on which this data is processed for the respective services within the data protection declaration.

Change cookie settings

8. Cookie-Banner

To obtain consent for the cookies we use, we use the Cookie-Banner Klaro! Cookie consent from the service provider KIProtect GmbH, Bismarckstraße 10-12, 10625 Berlin. This sets a so-called consent cookie to query and process the respective consent status. This consent cookie is necessary technically and is therefore used based on our legitimate interest in accordance with Art. 6 Para.1 ll.1 letter. f GDPR, § 25 Para. 1 TTDSG.

9. Collection and Storage of Personal Data and their Type and Purpose of Use

a) External hosting

Our website is hosted by IONOS SE, Elgendorfer Straße 57, 56410 Montabaur. For this reason, all personal data recorded on our website is stored on the servers of our host unless an external service from a third party is involved. This can be your IP address, e-mail address, communication data, or similar. You can find out which specific personal data is involved in the following with the individual functions and services we have explained. If we use an external service from a third party, this will be clarified in the description of the respective service or tool.

The host only processes your data on our instructions and insofar as this is necessary to fulfill the services on the website. The host does not process the data for its own purposes. We have an order processing contract with them.

b) When visiting the website

When you visit our website, the browser used on your device automatically sends information to our website server. This information is temporarily stored in a so-called log file. The following information is recorded without your intervention and stored until it is automatically deleted:

  • IP address of the requesting computer
  • Date and time of access
  • Name and URL of the retrieved file
  • Website accessed from (referer URL)
  • Browser used and, if applicable, the operating system of your computer and the name of your access provider

The data mentioned are processed by us for the following purposes:

  • evaluation of security and stability of the system
  • error analysis
  • for other administrative purposes

Data that allow conclusions to be drawn about your person, such as the IP address, will be deleted after seven days at the latest. If we store the data beyond this period, it will be pseudonymized so that it can no longer be assigned to you.

The legal basis for data processing is Art. 6 para. 1 ll. 1 letter f GDPR. Our legitimate interest follows from the data collection purposes listed above. Under no circumstances do we use the collected data for the purpose of drawing conclusions about your person.

c) Contact form / email contact

We provide you with a form on our website so that you can contact us anytime. To use the contact form, it is necessary to provide a name for a personal salutation and a valid e-mail address to contact you so that we know who sent the request and can also process it.

If you send us inquiries via the contact form, your details from the inquiry form, including the contact data you provided there and your IP address, are in accordance with the Art. 6 Para. 1 ll. 1 letter b and f GDPR to carry out pre-contractual measures that are carried out at your request or to exercise our legitimate interest, namely to carry out our business activities.

You are also welcome to send us an e-mail instead using the e-mail address given on our website. In this case, we store and process your e-mail address and the information you provided in the e-mail under Art. 6 para. 1 ll. 1 letter b and f GDPR to process your message.

The inquiries and the associated data will be deleted no later than three months after receipt, provided they are not required for a different contractual relationship.

d) Use of Google Maps

Our website uses the Google Maps API. By using Google Maps, information about your use of this website (including your IP address) can be sent to a Google server (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) in the USA and stored there.

Google may transfer the information obtained through Maps to third parties if this is required by law or if third parties process this data on behalf of Google. Under no circumstances will your IP address be associated with other data held by Google. Nevertheless, we have to point out that it would be technically possible for Google to identify individual users based on the data received.

We have no control over whether Google processes your data and personality profiles for other purposes. If you want to avoid this at all costs, you can deactivate the Google Maps service and thus prevent data transfer to Google. All you have to do is deactivate JavaScript in your browser. In this case, no data will be transmitted, but you will no longer be able to use the map display on our website.
The Google privacy policy can be found here.

The use of Google Maps represents a service for you so that you can recognize our location precisely and, if necessary, plan your visit with us better. Google Maps is used on the basis of your consent in accordance with Art. 6 Para. 1 ll. 1 letter a GDPR.

10. Analysis and Tracking Tools

We use the analysis and tracking tools listed below on our website. These ensure the continuous optimization of our website and design it in line with requirements.

We use these tools on the basis of the consent you have given in accordance with Art. 6 Para. 1 ll. 1 letter a GDPR. You can withdraw your consent at any time by changing the cookie settings. The processing until the revocation remains lawful.

The respective data processing purposes and categories can be found in the corresponding tools. We want to point out that we do not influence whether and to what extent the service providers carry out further data processing.

a) Matomo (formerly “Piwik”)

We use the analysis service Matomo (InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand), which uses cookies. These are stored on your computer and enable us to analyze the use of our website.
The cookies contain usage information and transmit this to our server, where it is stored for usage analysis purposes and helps us to optimize our website. Your IP address is also included in the usage information, but this is shortened so that it is anonymized and you, as a user, remain anonymous.
We do not pass on the information generated by the cookies to third parties.

b) Use of Google reCaptcha

We use the reCAPTCHA service from Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) on our website for our contact form to be able to distinguish between input by a human and automated, abusive, machine processing. We are interested in protecting our website from abusive automated spying and SPAM.
When querying through the reCAPTCHA service, both your IP address and any other data required by Google for the reCAPTCHA service will be forwarded to Google and processed there.

You must accept the Google Terms of Service when using reCAPTCHA. There is a separate field for this. We have activated IP anonymization on this website so that your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there.
On our behalf, Google will use this information to evaluate your use of this service. The IP address transmitted by your browser as part of reCaptcha will not be merged with other Google data. The deviating data protection regulations of the company Google apply to this data.
For more information about Google’s privacy policy, visit https://www.google.com/intl/de/policies/privacy/.

a) Information

Under Art. 15 GDPR, you have the right to request information about your data processed by us. This right to information includes information about

  • the processing purposes
  • the categories of personal data
  • the recipients or categories of recipients to whom your data has been or will be disclosed
  • the planned storage period or at least the criteria for determining the storage period
  • the existence of a right to rectification, erasure, restriction of processing or objection
  • the existence of a right of appeal to a supervisory authority
  • the origin of your personal data, if they were not collected from us
  • the existence of automated decision-making, including profiling and, where appropriate, meaningful information on its details

You have the following rights:

11. Rights of the Data Subject

b) Rectification

According to Art. 16 GDPR, you have the right to immediately correct any incorrect or incomplete personal data stored by us.

c) Deletion

According to Art. 17 GDPR, you have the right to request the immediate deletion of your data from us, provided that further processing is not necessary for one of the following reasons:

  • the personal data are still necessary for the purposes for which they were collected or otherwise processed
  • to exercise the right to freedom of expression and information
  • to fulfill a legal obligation that requires processing under European Union or Member State law to which the controller is subject, or to perform a task that is in the public interest or in the exercise of official authority that has been delegated to the controller
  • for reasons of public interest in public health under Art. 9 Para. 2 letter h and i, as well as Art. 9 Para. 3 GDPR
  • for archiving purposes in the public interest, scientific or historical research purposes, or for statistical purposes acc. Art. 89 Para. 1 GDPR, insofar as the right mentioned under section a) is likely to make it impossible or seriously impair the achievement of the objectives of this processing
  • to assert, exercise or defend legal claims

d) Restriction of processing

In accordance with Art. 18 GDPR, you can request the restriction of the processing of your personal data for one of the following reasons:

  • You contest the accuracy of your personal data.
  • The processing is unlawful, and you oppose the erasure of personal data.
  • We no longer need the personal data for processing, but you need them to assert, exercise, or defend legal claims.
  • You object to the processing under Art. 21 Para. 1 GDPR.

e) Notification

If you have requested the correction or deletion of your data or a restriction of processing under Art. 16, Art. 17, or Art. 18 GDPR, we will inform all recipients to whom your data have been disclosed unless this proves to be impossible or involves a disproportionate effort. You can request that we inform you of these recipients.

f) Transmission

You have the right to receive the personal data you provided to us in a structured, standard, and machine-readable format.
You also have the right to request this data transfer to a third party, provided that the processing was carried out using automated procedures and is based on consent under Art. 6 Para. 1 ll. 1 letter a or Art. 9 Para. 2 letter a or on a contract according to Art. 6 Para. 1 ll. 1 letter b DSGVO is based.

g) Revocation

You have under Art. 7 Para. 3 GDPR, you can revoke your consent to us at any time. The revocation of the consent does not affect the legality of the process based on the consent up to the point of cancellation. In the future, we may no longer continue the data processing based on your revoked consent.

h) Complaints

According to Art. 77 GDPR, you have the right to complain to a supervisory authority if you believe that processing your personal data violates the GDPR.

i) Contradiction

If your data is based on legitimate interests under Art. 6 Para. 1 ll. 1 letter f GDPR are processed, you have the right to object to the processing of your data in accordance with Art. 21 GDPR, provided that there are reasons for this that arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which we will implement without specifying the situation. If you would like to make use of your right of revocation or objection, an e-mail to info@redlof-medien.de is sufficient.

j) Automated individual decision-making including profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision

  1. is necessary for entering into, or the performance of, a contract between you and us
  2. is permitted based on legal regulations of the European Union or the member states to which we are subject, and these legal regulations contain appropriate measures to protect your rights and freedoms as well as your legitimate interests
  3. takes place with your expressed consent

However, these decisions must not be based on special categories of personal data according to Art. 9 Para. 1 GDPR, unless Art. 9 Para. 2 letter a or g GDPR applies, and appropriate measures have been taken to protect your rights, freedoms, and legitimate interests.

Concerning the cases referred to in 1) and 3), we take appropriate measures to protect your rights and freedoms and your legitimate interests, including at least the right to obtain human intervention on our part, to express your point of view, and to contest the decision heard.

12. Changes to the Privacy Policy

Should we change the data protection declaration, this will be indicated on the website.

Status 29.09.2022