PRIVACY POLICY

Red Rock Capital AG

The following privacy statement applies to the use of our website www.redrock-capital.ag (hereinafter referred to as "website").

Data protection is very important to us. Your data is collected and processed in consideration of the applicable regulations of data protection law, in particular the General Data Protection Regulation (GDPR). We collect and process your personal data in order to be able to offer you the above portal. This statement describes how and for what purpose your data is collected and used as well as the choices you have in connection with personal data.

In using this website, you agree to the collection, use and transfer of your data in accordance with this privacy statement.

 

1 Responsible party

The party responsible for the collection, processing and use of your personal data in the sense of Art. 4 no. 7 GDPR is

Red Rock Capital AG
Rotekreuzstraße 33
D-30627 Hanover

Phone: +49 (0)511 59108894
Mail: info@redrock-capital.ag

If you wish to object to the collection, processing or use of your data by us as prescribed by these data protection provisions entirely or with respect to individual measures, you can direct your objection to the responsible party.

You can save and print out this privacy statement at any time.


2 General use of the website

2.1 Hosting
The hosting services we use allow us to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, security services as well as technical maintenance services, which we use for the purpose of operating the website.

In this respect, we or our hosting provider process the inventory data, contact data, content data, contractual data, usage data, the meta and communication data of customers, interested parties and visitors to this website on the basis of our legitimate interests in the efficient, secure provision of this website in accordance with Art. 6 para. 1 p. 1 et seq.) GDPR in conjunction with Art. 28 GDPR.

2.2 Cookies
We use so-called session cookies to optimise our website. A session cookie is a small text file, which the respective servers send when a web page is visited and which is stored temporarily on your hard-drive. This file as such contains a so-called session ID that allows various requests from your browser to be allocated to the joint session. This allows your computer to be recognised when you return to our website. These cookies are deleted after you close your browser.

We also use persistent cookies to a limited extent (they are also small text files, which are stored on your device) and which remain on your device and allow us to recognise your browser during your next visit. These cookies are saved on your hard-drive and delete themselves after a prescribed period of time. Their duration ranges from 1 month to 10 years. As a result, we are able to present our website so that it is more user-friendly, effective and secure and, for example, display information for you on the page that is specially tailored to your interests.

Our legitimate interest with respect to the use of cookies in accordance with Art 6 para. 1 p. 1 et seq.) GDPR lies in making our website more user-friendly, effective and secure.

For example, the following data and information are stored in the cookies:

- log-in information
- language settings
- search terms entered
- information on the number of times our website was accessed as well as the use of individual functions of our website.

When the cookie is activated, an identification number is assigned to it. Your personal data will not be assigned to this identification number. Your name, IP address or similar data, which makes the assignment of the cookie possible, will not be saved in the cookie. On the basis of cookie technology, we only receive pseudonymised information, for example, as to which pages of our website were visited.

You can configure your browser so that you are informed about the creation of cookies in advance and can decide in individual cases whether you wish to exclude the acceptance of cookies in certain cases or in general or completely block cookies. This may restrict the functionality of the website.

2.3 Email contact
When you contact us (e.g. using the contact form or email), we save your data in order to process the request and in the event follow-up questions arise.

We also have a legitimate interest in this in accordance with 6 para. 1 p. 1 f) GDPR.

We only save and use further personal data if you consent to this or this is legally permissible without special consent.

2.4 Google Fonts
Our website uses Google Fonts to display external fonts. This is a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 (hereinafter: Google).

Through certification according to the EU-US Privacy Shield

https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Google guarantees that it will follow the EU’s data protection regulations when processing data in the United States.

To enable the display of certain fonts on our website, a connection to the Google server in the USA is established whenever our website is accessed.

The legal basis is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the optimization and economic operation of our site. When you access our site, a connection to Google is established from which Google can identify the site from which your request has been sent and to which IP address the fonts are being transmitted for display.

Google offers detailed information at

https://adssettings.google.com/authenticated

https://policies.google.com/privacy

in particular on options for preventing the use of data.

2.5 Legal framework and duration of storage
The legal basis for data processing in accordance with the above items is Art. 6 para. 1 p. 1 a), b) and f) GDPR. Our interests in data processing are, in particular, the initiation, conclusion and fulfilment of contracts as well as direct advertising and product information.

To the extent not specifically stated, we only save personal data as long as necessary or legally required for the fulfilment of the intended purposes.

 

3 Your rights as a data subject

In accordance with the applicable laws, you have various rights with respect to your personal data. If you wish to exercise these rights, please direct your request via email or mail to the address provided under 1 clearly stating your personal identity.

You will find an overview of your rights below.

3.1 Right to confirmation and information
You have the right to, at any time, receive confirmation from us as to whether you will process the applicable personal data. If this is the case, you have the right to demand that we provide you with information, free of charge, relating to the personal data concerning your person that is saved in addition to a copy of said data. There is also a right to the following information:

  1. the purposes of processing;
  2. the categories of personal data that are processed;
  3. the recipients or categories of recipients, whom the personal data has been or will be disclosed to, particularly in the case of recipients in third countries or with international organisations;
  4. if possible, the planned duration of storage for the personal data or, if this is not possible, the criteria for determining said duration;
  5. the existence of a right to the correction or deletion of the personal data concerning you or to restriction of processing by the responsible party or a right to object to this processing;
  6. the existence of a right of appeal before a regulatory authority;
  7. if the personal data is not collected from you, all available information concerning the origin of the data;
  8. the existence of automated decision-making including profiling in accordance with Article 22 paragraphs 1 and 4 GDPR and – at least in these cases – conclusive information regarding the logic involved, the reach and the intended effects of such processing for you.

If personal data is transferred to a third country or an international organisation, you have the right to be notified of the corresponding guarantees in accordance with Art. 46 GDPR in connection with the transfer.

3.2 Right to correction
You have the right to demand the immediate correction of incorrect personal data that concerns you. In consideration of the purposes of processing, you have the right to demand the completion of incomplete personal data – also by means of a supplementary declaration.

3.3 Right to deletion ("Right to be forgotten")
In accordance with Art. 17 para. 1 GDPR, you have the right to demand from us that personal data concerning you is immediately deleted and we are obligated to immediately delete personal data to the extent one of the following reasons applies:

  1. The personal data is no longer required for the purposes, for which it was collected or otherwise processed.
  2. You revoke your consent, which the processing is based on in accordance with Art. 6 para. 1 p. 1 a) GDPR or Art. 9 para. 2 a) GDPR and another legal basis for processing is lacking.
  3. In accordance with Art. 21 para. 1 GDPR, you object to processing and there are no overriding legitimate reasons for processing at hand or you object to processing in accordance with Art. 21 para. 2 GDPR.
  4. The personal data was unlawfully processed.
  5. The deletion of the personal data is necessary in order to fulfil a legal obligation in accordance with Union law or the law of the member states, which we are subject to.
  6. The personal data was collected in relation to the services of the information society as per Art. 8 para. 1 GDPR.

If we have published the personal data and are, in accordance with Art. 17 para. 1 GDPR, obligated to delete it, we will, in consideration of the available technology and the costs of implementation, take appropriate measures, also of a technical nature, in order to inform the parties responsible for data processing, who process the personal data, that you have demanded the deletion of all links to said personal data or copies or replications of said personal data.

3.4 Right to the restriction of processing
You have the right to demand that we restrict processing if one of the following prerequisites is at hand:

  1. you contest the correctness of the personal data, that is, for a period of time that allows us to evaluate the correctness of the personal data,
  2. the processing is unlawful and you have rejected the deletion of the personal data and instead demanded that the use of the personal data be restricted;
  3. we no longer require the personal data for the purposes of processing, however, you require the data to assert, exercise or defend legal claims or
  4. you have appealed the processing in accordance with Art. 21 para. 1 GDPR as long as it is not yet certain whether the legitimate reasons of our company outweigh yours.

3.5 Right to data transferability
You have the right to receive the personal data concerning you, which you have provided to us, in a structured, conventional and machine-readable format and have the right to transfer this data to another responsible person without being impaired by us in the process to the extent

  1. the processing is based on consent in accordance with Art. 6 para. 1 p. 1 a) GDPR or Art. 9 para. 2 a) GDPR or a contract in accordance with Art. 6 para. 1 p. 1 b) GDPR and
  2. processing occurs using automatic procedures.

If your right to data transferability is exercised as per paragraph 1, you have the right to effect that the personal data is transferred directly by us to another responsible party to the extent this is technically feasible.

3.6 Right of objection
You have the right, for reasons attributed to your particular situation, to file an objection against the processing of personal data concerning you, which occurs on the basis of Art. 6 para. 1 p. 1 e) or f) GDPR. We no longer process the personal data unless we can prove the existence of compelling legitimate grounds for processing, which outweigh your interests, rights and freedoms or processing is necessary for the establishment, exercise or defence of legal claims.

If we process personal data for the purpose of direct advertising, you have the right to object at any time to the processing of personal data concerning your person for the purpose of such advertising.

You have the right, for reasons attributed to your particular situation, to object to the processing of personal data concerning you, which occurs for the purpose of scientific or historical research or for statistical purposes in accordance with Art. 89 para. 1 GDPR unless processing is required to fulfil a task in the general public interest.

3.7 Right to revoke consent under data protection law
You have the right to revoke your consent to the processing of personal data at any time.

3.8 Right of complaint before a regulatory authority
You have a right of complaint before a regulatory authority, in particular in the member state where your domicile or workplace is located or the place of the suspected infringement, if you believe that the processing of the personal data concerning you is unlawful.

 

4 Data security
We are committed to the security of your data in connection with applicable data protection laws and technical possibilities.

With us, your personal data is transferred in encrypted form. We use SSL (Secure Socket Layer) cryptographic protocol, but wish to point out that data transfer via the Internet (e.g. when communicating via email) may contain security loopholes. It is therefore not possible to seamlessly protect data against access by third parties.

To secure your data, we take security measures of a technical and organisational nature in accordance with Art. 32 GDPR, which we continually adapt to the state of the art.

Furthermore, we do not guarantee that our offer is available at certain times; disturbances, interruptions or failures cannot be ruled out. The servers we use are regularly secured in a careful manner.

 

5 Forwarding of data to third parties, non-occurrence of data transfer to a non-EU country
In general, we only use your personal data within our company.

If and to the extent we engage third parties in connection with the fulfilment of contracts, they shall only receive personal data to the extent the transfer is necessary for the corresponding service.

In the event we outsource certain aspects of data processing ("Contract Processing"), we will contractually obligate the contract processor to only use personal data in compliance with the requirements of the data protection laws and to guarantee the protection of the rights of the applicable person.

The transfer of data to bodies or persons outside of the EU beyond the scope of the cases described under 2 of this statement will not occur and is not planned.

 

6 Data protection office
If you have any questions or concerns regarding data protection, please contact our data protection officer. You can reach him via email at datenschutz@redrock-capital.ag.