Data Privacy Statement according to GDPR

1. Scope of the processing of personal data

You can rely on the protection and security of your personal data: The protection of your privacy when processing personal data is an important concern for RAG-Stiftung which we take into account in all our business dealings. Therefore, we would like to take this opportunity to explain to you our basic rules of handling your personal data - which, of course, is managed in compliance with the applicable European and national data protection regulations. We only collect and use personal data of our users insofar as this is necessary to provide a functional website with focus on contents and services. The collection and use of personal data of users will regularly occur provided we were given the user's consent. An exception applies in those cases where prior consent cannot be obtained for real reasons and the processing of the data is permitted by law.


2. Legal basis for the processing of personal data

Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a EU Data Protection Regulation (GDPR) serves as the legal basis for the processing of personal data.

In the processing of personal data required for the performance of a contract to which the data subject is a party, Art. 6 para. 1 lit. b, GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.

Insofar as the processing of personal data is required to fulfil a legal obligation to which our company is subject, Art. 6 para. 1 lit. c, GDPR serves as the legal basis.

In the event that the vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d GDPR serves as the legal basis.

If processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 para. 1 lit. f GDPR serves as the legal basis for processing data.


3. Purpose of data processing

When you visit our websites, your browser transmits certain data to our web server due to technical requirements. We use this technical access information to continuously improve the attractiveness and usability of our internet pages and their contents and to identify possible technical problems of our website. In addition, in order to protect our legitimate interests, we store this data for a limited time in order to be able to induce a derivation of personal data in the event of unauthorized access or access attempts to local servers. The following pages will tell you what this information is in detail.

We use so-called "cookies" on some of our websites. Cookies are small text files that are stored in the memory of your terminal via your browser. We use this function-related information (such as your preferred language or page settings) to make your use of our website more convenient. Details can also be found on the following pages.
In addition to automatically collected data, we also process the data that you have voluntarily provided in the context of e.g. newsletter registrations, contacts or other online forms.


4. Description and scope of data processing

Every time you visit our website, our system automatically collects data and information from the computer system of the invoking computer. This data is recorded in the form of logs.

The following data is collected:

  • IP address of the user
  • date and time of access
  • HTTP method
  • HTTP version
  • websites from which the user's system reaches our website
  • websites accessed by the user's system via our website
  • Browser Agent
  • HTTP status code of the server response
  • Size of the response in bytes

As previously described, we also use cookies, to make our website more user-friendly or to allow integrated services to run smoothly. Some elements of our website require that the calling browser can be identified even after a page change. The following data is stored in the cookie and will be transmitted to us by your operating system.


fe_typo_user    Standard TYPO3 session cookie generated by the PHP method SESSION (). The cookie contains the data identifier that is required to assign the session file on the server. The cookie stores the user login or individual configurative settings of the user, if necessary. The session cookie is automatically deleted when the local browser is closed or a certain time (24h) has passed without the user performing any actions on the website. The content of this cookie is a randomly generated string.



The following data is collected:

  • Language settings
  • log-in information
  • first call or recurring use
  • previous website
  • session ID of the user


Use of contact forms

There is a contact form on our website which can be used for electronic contact. If a user accepts this possibility, the data entered in the input mask will be transmitted to us and stored. Apart from the information you enter in the respective input mask, no other data is recorded.


In this context, the data will not be passed on to third parties. The data is used exclusively for processing the conversation, i.e. the processing of the personal data from the input mask serves only for the treatment of the establishment of contact. In the event of contact, this also constitutes the necessary legitimate interest in the processing of the data.

We will delete the data as soon as it is no longer necessary to achieve the purpose for which it was collected. For the personal data from the input mask of the contact form and those that were sent by e-mail. This is the case when the respective conversation with the user is finished. The conversation is terminated when it can be inferred from the circumstances that the concerns in question have finally been clarified.


Online presences on Social Media, external services and content on our website

We keep online presences on Social Media platforms to communicate with interested persons and users and to inform this target group about events and news. In this context, we integrate external services or content on our website via links. If you use such a service (by clicking on the link and opening the platform) or if third party content is displayed to you, communication data (e.g. IP adresses or general information on your system) will be exchanged between you and the respective provider for technical reasons.

In addition, the provider of the respective external services or content may collect personal related data about you - e.g. via the relevant cookies -  and process them thereafter for further or own purposes. We have configured the services or content of providers who are known to process data for their own purposes to the best of our knowledge and belief in such a way that either communication for purposes other than the presentation of the content or services on our website is omitted, or communication only takes place when you actively decide to use the service. However, since we usually/ to a large extent have no influence on the data collected from third parties and processing by them, we cannot provide any binding information on the purpose and scope of processing your data.

Further information on the purpose and scope of the collection and processing of your data by the provider of the relevant external services can be taken from the data protection information provided by the providers of the services or content integrated by us:


Use of Matomo

The web-analysing tool Matomo is used for collecting statistical data on the use of our internet offering. In this respect, Matomo sets a recognition cookie for seven days. Unless not objected by you the following information will be collected:

  • Two Bytes of the IP address of the calling user system (anonymised IP address)
  • The current website accessed
  • The website previously accessed by the user prior to landing on the current website (referrer)
  • The sub-pages accessed from current website
  • The duration spent on the website
  • The frequency of website visits

Collected and anonymised data are automatically deleted after 30 days.

No personal data will be collected by transferring the statistical data. Nonetheless, you can opt-out to the collection of your – already anonymised – usage pattern. Please use the following link here to de- or reactivate the Matomo web-analysing service. By doing so, a deactivation cookie will be set respectively deleted by Matomo.

Please note that this Matomo deactivation cookie will be deleted once you clear your browser cookie cache. Additionally, you will have to redo the deactivation process if you use another computer or web-browser.


5. Data deletion and storage time

Personal data will be deleted or blocked as soon as the purpose of storage ceases to apply. Storage may also be necessary if the European or national legislator has provided EU regulations, laws or other provisions to which the person responsible is subject. The data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract. We automatically delete data stored for technical reasons after 90 days and session cookies are deleted immediately after the end of the session.

Cookies are stored on the user's computer and transmitted to our site. Therefore, you, as a user, also have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website in full.


6. Possibility of opposition and elimination

The user has the possibility to revoke his consent regarding the processing of personal data at any time (see also rights of the persons concerned). If the user contacts us by e-mail, he can object to the storage of his personal data at any time. However, in such a case, the conversation cannot be continued.

The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user.


7. Rights of data subjects

If personal data are processed by you, you are affected within the meaning of the GDPR and you have the following rights vis-à-vis the person responsible:

  • right to information about your personal data stored by us;
  • the right to correct, delete or limit the processing of your personal data;
  • the right to object to processing which serves our legitimate interest, a public interest or profiling, unless we can prove compelling grounds for processing which outweigh your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims;
  • right to data transferability;
  • right to complain to a supervisory authority;
  • right to revoke your consens to the collection, processing and use of your personal data at any time with effect for the future. You will find more detailed information on this in the respective sections above, where data processing is described on the basis of your consent.

If you wish to exercise your rights, you may either address your request to the data protection officer listed below, fill in our contact form on our website or mail to info(at)rag-stiftung.de.


Name and address of the person responsible

The person responsible within the meaning of the Basic Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:

RAG-Stiftung
Im Welterbe 10
45141 Essen
Germany

Phone: +49 (201) 378 3333
E-mail: info(at)rag-stiftung.de
Website: www.rag-stiftung.de


Name and address of the data protection officer

The data protection officer or the person responsible is:

Herr
K. Rieger
Karlstraße 37-39
45661 Recklinghausen
Germany
E-Mail: datenschutz(at)rag.de