Privacy policy

Rhenus :people! GmbH
Hafenstraße 13
96052 Bamberg
people@de.rhenus.com

If you have any questions regarding the processing of your personal data by us, please contact our data protection officer in writing or by E-mail:

RDP Röhl · Dehm & Partner Rechtsanwälte mbB
Michael Berger and Norbert Geyer
Moritzplatz 6
86150 Augsburg, Germany
dsb.people@rdp-law.de

Personal data is already processed when the page is accessed. This happens automatically, without you having to take any further actions such as filling out and sending a contact form.

These automated processing operations concern:

Processing of the IP address

1. Description and scope of data processing

When you access this website, requests are sent to the server, which must answer them. For this purpose, your IP address must be collected and processed by the server so that the corresponding server requests can be answered.

2. Legal basis for data processing

The legal basis for the processing of this data is art. 6 para. 1 lit. f) GDPR.

3. Purpose of data processing

The purpose of processing your IP address is to establish and secure the functionality of the website and to technically enable the retrievability of the website.

4. Legitimate interest

The legitimate interest in the temporary storage of the IP address is that the functionality and provision of the technical retrievability of the website is not possible without this storage.

5. Duration of storage

The data will be deleted as soon as further storage is no longer necessary due to the fulfillment of its purpose. In the case of data collection for the provision of the website, this is the case when the retrieval process is completed.

6. Recipients of personal data

The IP address is processed by the following hosting provider:

Rhenus Assets & Services GmbH & Co. KG, Rhenus Platz 1, 59439 Holzwickede, Germany.

There also exists administrative access to the data within the context of maintenance and services.

7. Transfer to a third country

There is no intention to transfer the personal data to a third country or to an international organization.

8. Necessity of the provision

The provision of the data is necessary because the website is not accessible otherwise.

9. Automated decision-making / profiling

No automated decision-making or so-called profiling is carried out.

Processing of server log files

1. Description and scope of data processing

The IP addresses collected when this website is accessed are also stored in server log files in order to detect and remedy technical malfunctions and/or attempts to manipulate or break into the server structure.

In addition, the provider of this website automatically collects, stores and processes information in server log files, which are automatically transmitted by your browser.

This information includes:

Browser type and browser version

Operating system

Referrer URL

Host name of the accessing computer

Time of the server request

This information, however, will not be merged with other data sources.

2. Legal basis for data processing

The legal basis for the processing of this data is art. 6 para. 1 lit. f) GDPR.

3. Purpose of data processing

The purpose of processing your IP address and the aforementioned information is to detect malfunctions and attempted intrusions. This serves the security structure of the website and the system integrity of the servers.

4. Legitimate interest

The legitimate interest in processing the IP address and the aforementioned information is to provide a functional and uncompromised technical website environment.

5. Duration of storage

The data will be deleted within 28 days.

6. Recipients of personal data

The IP address and the aforementioned information are processed by the following hosting provider:

Rhenus Assets & Services GmbH & Co. KG, Rhenus Platz 1, 59439 Holzwickede, Germany

7. Transfer to a third country

There is no intention to transfer the personal data to a third country or to an international organization.

8. Necessity of the provision

The provision of the data is necessary because the website cannot be accessed otherwise.

9. Automated decision-making / profiling

No automated decision-making or so-called profiling is carried out.

Use of cookies

1. Description and scope of data processing

The site uses so-called "cookies". Cookies are text files that are stored in the memory and/or on a data carrier of the device used to visit this website and are processed by your web browser in accordance with the browser's settings.

The content of these cookies includes:

Name

PHPSESSID

Host

DOMAINNAME

Duration

Session

Type

Initial provider

Category

Necessary cookies

Description

PHP session cookie associated with embedded content from this domain.

Name

OptanonAlertBoxClosed

Host

DOMAINNAME

Duration

365 days

Type

Initial provider

Category

Necessary cookies

Description

This cookie is set by websites that use particular versions of OneTrust's cookie compliance solution. It is set after visitors see a cookie notification and in some cases only when they actively close the notification. It allows the website not to display the message more than once to a user. The cookie has a lifetime of one year and does not contain any personal information.

Name

OptanonConsent

Host

DOMAINNAME

Duration

365 days

Type

Initial provider

Category

Necessary cookies

Description

This cookie is set by OneTrust's cookie compliance solution. It stores information about the cookie categories that the website uses and whether visitors have given or revoked their consent for the use of each category. This allows website owners to prevent cookies from being set in each category in the user's browser if consent is not given. The cookie has a default lifetime of one year, so that returning visitors will remember their preferences. It does not contain any information that could identify the website visitor.

Name

XSRF-TOKEN

Host

media.rhenus.group

Duration

A few seconds

Type

Third party

Category

Necessary cookies

Description

This cookie was written to help website security prevent cross-site request forgery attacks.

Name

laravel_session

Host

media.rhenus.group

Duration

A few seconds

Type

Third party

Category

Necessary cookies

Description

Cookie identifying a session instance for the user.

2. Legal basis for data processing

The legal basis for the processing is art. 6 para. 1 lit. f) GDPR.

3. Purpose of data processing

The cookies contain technical information for the provision of website functionalities within the scope of use. This enables the technical realization of the website.

4. Legitimate interest according to art. 6 para. 1 lit. f) GDPR

The cookies used only contain technical data. The use of these cookies is necessary to provide the user with a functionality of our internet presence that meets their expectations.

5. Duration of storage as well as possibilities of objection and removal

The so-called "session cookies" are automatically deleted from your browser cache/memory at the end of your visit to this website and/or when you close your browser, provided that you have activated this functionality in your browser. The persistent cookies are automatically deleted after a specified duration, which is set depending on each cookie.

You can view which cookies are set and how long they are stored in the settings of your web browser (e.g., Firefox, Internet Explorer, Edge, Chrome, Opera, Safari). Your web browser also gives you the option of regulating the handling of cookies or deactivating them altogether. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it is possible that not all functions of the website can be used to their full extent.

6. Recipients of personal data

The IP address and the aforementioned information are processed by the following hosting provider:

Rhenus Assets & Services GmbH & Co. KG, Rhenus Platz 1, 59439 Holzwickede, Germany.

7. Transfer to a third country

There is no intention to transfer personal data to a third country or to an international organization.

8. Necessity of the provision

The provision of the data is necessary because the website cannot be accessed otherwise.

9. Automated decision-making / profiling

No automated decision-making or so-called profiling is carried out.

In addition, depending on your selection made through the Consent Manager, we process additional cookies that we process only if you consent. You can find information about these cookies in the Consent Manager settings.

1. Description and scope of data processing

A contact form is available on this website for the purpose of contacting you electronically. We process your personal data to respond to your contact request. 
For inquiries made using the contact form, the following data is processed:

First and last name

Company

E-Mail address*

Telephone number

Postal code

Your message*

The fields marked with a "*" symbol are mandatory fields. Without their completion, no inquiry can be sent to us using this contact form.

The indication of your name serves for addressing you personally in the context of the processing of your inquiry.

Please only enter the telephone number if you would like us to contact you by telephone or if you would like us to call you back.

When you enter data in the forms, no data is transmitted to us. This only happens after you click on the "Send message" button.

At the time of sending the message, the following data is also processed:

Date and time of the request

2. Legal basis for data processing

The legal basis for the processing of personal data to handle and respond to your inquiries is art. 6 para. 1 lit. f) GDPR. 

The legal basis for the processing of personal data serving the preparation and/or implementation of a contractual relationship is art. 6 (1) lit. b) GDPR.

3. Purpose of data processing

The processing of personal data through the contact form serves the purpose of contacting and enabling the company to address the customer informatively on the customer's initiative (answering the inquiry).

Depending on the intention and content of your inquiry, the purpose may also be the initiation and/or implementation of a contractual relationship, in which case the purpose is also to nurture the relationship with the customer.

4. Legitimate interest

The legitimate interest in data processing lies in the possibility to process your request and to respond according to that request. The collected data is processed on the basis of a request from you. This processing is also in your interest so that we can respond to your request in accordance with your expectations.
 

5. Duration of storage

The data will be deleted within 6 months after they are no longer required to achieve the purpose of their collection or are not subject to any further legal retention obligations (e.g., 10 years according to AO, 6 years according to HGB). For your data entered in our contact form, this is the case when the respective conversation with the user has ended.

The conversation is terminated when the circumstances indicate that the matter in question has been conclusively clarified.
 

6. Recipients of personal data

The data is processed by the following service provider:

Rhenus Assets & Services GmbH & Co. KG, Rhenus Platz 1, 59439 Holzwickede, Germany

Rhenus Office Systems GmbH, Rhenus Platz 1, 59439 Holzwickede, Germany

Rhenus :people! GmbH, Hafenstr. 13, 96052 Bamberg, Germany
 

7. Transfer to a third country

There is no intention to transfer personal data to a third country or to an international organization.
 

8. Necessity of the provision

It is also possible to contact us by telephone or mail. If necessary, this may entail restrictions, especially with regard to response times.
 

9. Automated decision-making / profiling

No automated decision-making or so-called profiling is carried out.

1. Description and scope of data processing

In the course of making contact, handing over business cards or carrying out business and customer relations, we process personal data of the participating individuals. In most cases, this is the contact data of the internal employee provided to us by our customers or suppliers.

This data is fed into our CRM.

This data can be:

Name, first name

Company

E-Mail address

Telephone number, cell phone number

Job title in the company

2. Legal basis for data processing and legitimate interest

The legal basis for processing is art. 6 (1) lit. b) GDPR, insofar as the data is processed for the initiation or implementation of a contractual relationship.

In addition, in the case of employees acting as the contact, the legal basis is art. 6 (1) (f) GDPR, as the processing is carried out in the legitimate interest.

This legitimate interest stems from the fact that the data has been given to us for the purpose of maintaining a business relationship and for contacting you at a later date. In addition, the processing of data of business contacts is necessary to maintain a business relationship.

3. Purpose of data processing

The data listed above and handed over to us are processed exclusively for the purpose for which the data were handed over to us (by handing over the business card, by naming the responsible business contact, etc.). In addition to the implementation of a business relationship, this can also be the initiation of a business relationship, the facilitation of a subsequent contact or the exploration of common and future business interests.

4. Duration of storage

The data will be deleted within 6 months after they are no longer required to achieve the purpose for which they were collected or are not subject to any further legal retention obligations (e.g., 10 years according to AO, 6 years according to HGB).

5. Recipients of personal data

Processing of data in the context of maintenance and services of the CRM system and the IT infrastructure:

Rhenus Assets & Services GmbH & Co. KG, Rhenus-Platz 1, 59439 Holzwickede, Germany.

Processing of data in the context of sales activities:

Rhenus BPO Services GmbH, Rhenus Platz 1, 59439 Holzwickede, Germany.

6. Transfer to a third country

There is no intention to transfer personal data to a third country or to an international organization.

7. Necessity of the provision

The provision of the data is necessary within the framework of an ongoing business relationship, as otherwise it is not possible to address the relevant individuals in a targeted manner.

8. Automated decision-making / profiling

No automated decision-making or so-called profiling is carried out.

1. Description and scope of data processing

In the case of inquiries or a communication via E-Mail, personal data will be processed depending on the content of your E-Mail:

In any case, these will be your E-Mail address, the date and time as well as the content of the message. In addition, depending on the content of your E-Mail, the following personal data may be processed:

First name, last name, telephone number, job title in the company, department, etc.

The data is used for the processing of the conversation and/or the implementation and/or initiation of a contractual relationship.

2. Legal basis for data processing

The legal basis for the processing of data in the context of generic E-Mail communication is art. 6 para. 1 lit. f) GDPR. If the contact by E-Mail also has the objective of concluding and/or executing a contract, the additional legal basis for the processing is art. 6 para. 1 lit. b) GDPR.

3. Purpose of data processing

The processing of personal data of E-Mail communication serves the purpose of maintaining business operations in an appropriate manner. E-Mail communication has become an integral part of business, both for internal corporate communication as well as for communication with customers, suppliers and potential business associates.

4. Legitimate interest

The legitimate interest in communicating via E-Mail is to provide a commonly accepted standard of communication. E-Mail communication enables us to minimize response times and thus to meet the expectations of customers, suppliers and business associates.

5. Duration of storage

The data will be deleted within 6 months after they are no longer required to achieve the purpose for which they were collected or are not subject to any further legal retention obligations (e.g., 10 years according to AO, 6 years according to HGB). For your E-Mail, this is the case when the respective conversation with the user has ended.

The conversation is terminated when the circumstances indicate that the matter in question has been conclusively clarified.

6. Recipients of personal data

Processing of data in the context of maintenance and services of the IT infrastructure:

Rhenus Assets & Services GmbH & Co. KG, Rhenus-Platz 1, 59439 Holzwickede, Germany

Rhenus Office Systems GmbH, Rhenus-Platz 1, 59439 Holzwickede, Germany

Rhenus :people! GmbH, Hafenstr. 13, 96052 Bamberg, Germany

7. Transfer to a third country

There is no intention to transfer personal data to a third country or to an international organization.

8. Necessity of the provision

It is also possible to contact us by telephone or mail. If necessary, this may entail restrictions, especially with regard to response times.

9. Automated decision-making / profiling

No automated decision-making or so-called profiling is carried out.

1. Description and scope of data processing

In the case of telephone inquiries, personal data is processed depending on the content of the conversation:

Depending on the information you provide during the telephone call, this may include the following personal data:

First name, last name

Telephone number

Customer number

Payment data

Contractual data

The data will be used exclusively for the processing of the conversation and/or the implementation and/or initiation of a contractual relationship.

2. Legal basis for data processing

Due to the explicit request of the user via telephone, the legal basis for the processing of the data is art. 6 para. 1 lit. f) GDPR. If the contact via telephone also aims at the conclusion and/or execution of a contract, the additional legal basis for the processing is art. 6 para. 1 lit. b) GDPR.

3. Purpose of data processing

The processing of personal data via telephone calls serves the sole purpose of establishing initial contact and enabling the company to address the customer in an informative manner on the customer's initiative.

Depending on the intention and content of your inquiry, the purpose may also be the initiation and/or implementation of a contractual relationship as well as the maintenance of the customer relationship.

4. Legitimate interest

The legitimate interest in the data processing lies in the possibility to process your request and to be able to answer you according to your request. The collected data is processed on the basis of a request from you. This processing is also in your interest to be able to respond to your request according to your expectation.

5. Duration of storage

The data will be deleted within 6 months after they are no longer required to achieve the purpose for which they were collected or are not subject to any further legal retention obligations (e.g., 10 years according to AO, 6 years according to HGB). For your E-Mail, this is the case when the respective conversation with the user has ended.

The conversation is terminated when the circumstances indicate that the matter in question has been conclusively clarified.

6. Recipients of personal data

The data is processed by the following service provider:

Rhenus Assets & Services GmbH & Co. KG, Rhenus-Platz 1, 59439 Holzwickede, Germany

Rhenus Office Systems GmbH, Rhenus-Platz 1, 59439 Holzwickede, Germany

Rhenus :people! GmbH, Hafenstr. 13, 96052 Bamberg, Germany

IN-telegence GmbH, Oskar-Jäger-Strasse 125, 50825 Cologne, Germany

7. Transfer to a third country

There is no intention to transfer personal data to a third country or to an international organization.

8. Necessity of the provision

The provision of the data is necessary in the context of an ongoing business relationship, as otherwise it is not possible to address the relevant individuals in a targeted manner.

9. Automated decision-making / profiling

No automated decision-making or so-called profiling is carried out.

If you apply for specific job advertisements of Rhenus :people!, you will find the information on the processing of your data in the context of online applications.

The following applies to unsolicited applications:

1. Description and scope of data processing

You can send us your unsolicited application either by regular mail or by E-Mail.

The following personal data may be processed by us in the process:

Name, address and contact information

Curriculum vitae including all further given information

Personal cover letter

Qualifications

Interests

If you send us your data by E-Mail, we also process your E-Mail address, the date and time as well as the content of the message. In addition, depending on the content of your E-Mail, the following personal data may be processed:

First name, last name

Telephone number

The data will be used exclusively within the scope of the application procedure for the decision on filling the respective position.

2. Legal basis for data processing

The legal basis for the processing of data within the scope of the application procedure is art. 6 para. 1 lit. b) GDPR, § 26 para. 1 BDSG.

If you provide us with special categories of personal data within the scope of the application procedure, such as an existing status as a handicapped person or state of health, which are necessary for the assessment of your employability for a specific position, the processing of this data provided on your initiative is carried out in accordance with art. 9 para. 2 lit. b), lit. h) GDPR, § 26 para. 3 BDSG.

3. Purpose of data processing

The processing of personal data in the context of the application procedure serves the sole purpose of staff planning and the establishment of employment relationships.

4. Duration of storage

In the event of an application being rejected, the data will be deleted within 6 months of the rejection. Data of successful applications are subject to the retention obligations resulting from the labor law and social law regulations, the AO and the HGB.

5. Recipients of personal data

Rhenus Assets & Services GmbH & Co. KG, Rhenus-Platz 1, 59439 Holzwickede, Germany

Rhenus Office Systems GmbH, Rhenus-Platz 1, 59439 Holzwickede, Germany

Rhenus :people! GmbH, Hafenstr. 13, 96052 Bamberg, Germany

BITE GmbH, Filchnerstrasse 16, 89231 Neu-Ulm, Germany

6. Transfer to a third country

There is no intention to transfer personal data to a third country or to an international organization.

7. Necessity of the provision

The provision of the data is necessary, otherwise no decision on the application can be made.

8. Automated decision-making / profiling

No automated decision-making or so-called profiling is carried out.

We use Friendly Captcha on our website, a service provided by Friendly Captcha GmbH, Am Anger 3-5, 82237 Wörthsee, Germany. 

Friendly Captcha is a privacy-friendly protection solution to make it more difficult for automated programs and scripts (so-called "bots") to use websites. Friendly Captcha thus protects websites from misuse. For this purpose, we have integrated a program code from Friendly Captcha in certain areas of our website, e.g. in a contact form. This causes the visitor's end device to establish a connection to the Friendly Captcha servers in connection with the protected area (e.g. sending a contact form). The visitor's browser receives a calculation task from Friendly Captcha. The complexity of the calculation task depends on various risk factors. The visitor's end device solves the calculation task, which requires certain system resources, and sends the calculation result to our web server. This contacts the Friendly Captcha server via an interface and receives a response as to whether the puzzle has been solved correctly by the end device. 

In addition, the visitor's browser transmits connection data, environmental data, interaction data and functional data to Friendly Captcha. Friendly Captcha evaluates this data and determines how likely it is that it is a human user or bot and transmits the result to our web server. 

Friendly Captcha does not store any personal data about the visitor. Data that could identify the visitor (such as IP addresses) is anonymized using one-way hashing. Friendly Captcha does not use HTTP cookies and does not store any data in the persistent browser memory. 

The legal basis for the use of Friendly Captcha is Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in protecting the website from abusive, automated crawling and spam.  

Further information can be found at: https://friendlycaptcha.com/legal/privacy-end-users/  

If your personal data are processed, you are the data subject within the meaning of the General Data Protection Regulation. Therefore, you are entitled to the following rights with respect to the processing party (controller).

To exercise your data subject rights against us as the controller, please contact us at the following E-Mail address: dsb.people@rdp-law.de

1. Right to information - art. 15 GDPR

You have the right to request confirmation from the controller as to whether personal data concerning you is being processed.

If such processing does exist, you have the right to obtain information about this personal data and the following information:

• The purposes for which the personal data are processed;

• The categories of personal data that are processed;

• The recipients or categories of recipients to whom the personal data have been or will be disclosed;

• If possible, the planned duration for which the personal data will be stored or, if it is not possible, the criteria for determining the storage period;

• The existence of a right to rectify or erase the personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing;

• The existence of a right of appeal to a supervisory authority;

• All available information about the origin of the data, if the personal data are not collected from the data subject;

• The existence of automated decision-making, including profiling, pursuant to art. 22 (1) and (4) GDPR and - at least in these cases - meaningful information about the logic involved and the scope and intended effects of such processing for the data subject.

In addition, you have the right to request information about whether the personal data concerning you is transferred to a third country or to an international organization. In this context, you may also request to be informed about the appropriate safeguards pursuant to art. 46 GDPR in connection with the transfer.

2. Right to rectification - art. 16 GDPR

You have the right to obtain rectification and/or integration of the data concerning you from the controller without undue delay if the personal data processed are inaccurate or incomplete.

3. Right to erasure - art. 17 GDPR

Obligation to delete:

You have the right to request the immediate erasure of your personal data at any time, provided that one of the following reasons is given:

• The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed;

• You have withdrawn your consent on which the processing was based in accordance with art. 6 (1) (a) or art. 9 (2) (a) GDPR and there is no other legal basis for the processing;

• You have objected to the processing in accordance with art. 21 (1) and there are no overriding legitimate grounds for the processing, or you have objected to the processing in accordance with art. 21 (2) GDPR;

• The personal data concerning you have been processed unlawfully;

• The erasure of the personal data concerning you is necessary for compliance with a legal obligation under Union or Member State law to which the controller is subject;

• The personal data concerning you has been collected in relation to information services offered in accordance with art. 8 (1) of the GDPR.

Exceptions:

There is no right to erasure insofar as the processing is necessary

• For the exercise of the right to freedom of expression and information;

• For compliance with a legal obligation which requires processing under Union or Member State law to which the controller is subject; or

• For the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;

• For reasons of public interest in the field of public health in accordance with art. 9 (2) (h) and (i) and art. 9 (3);

• For archiving, scientific or historical research purposes in the public interest or for statistical purposes pursuant to art. 89 (1) GDPR, insofar as the right referred to in section a) is likely to render impossible or seriously prejudice the achievement of the purposes of such processing; or

• For the assertion, exercise or defense of legal claims.

4. Right to restriction of processing - art. 18 GDPR

You have the right to request the restriction of the personal data concerning you under the following conditions:

• If you contest the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data;

• If the processing is unlawful and you object to the erasure of the personal data and request instead the restriction of the use of the personal data;

• If the controller no longer needs the personal data for the purposes of processing, but you need them for the assertion, exercise or defense of legal claims; or

• If you have objected to the processing in accordance with art. 21 (1) GDPR and it has not yet been determined whether the legitimate grounds of the controller override your grounds.

If the processing of personal data concerning you has been restricted, such data may - apart from storage - only be processed with your consent or for the assertion, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State.

If the restriction of processing has been restricted on the basis of the above conditions, you will be informed by the controller before the restriction is lifted.

5. Right to information - art. 19 GDPR

If you have exercised one of your rights to rectification, erasure or restriction of processing, we are obligated to inform all recipients to whom the personal data concerning you has been disclosed of the rectification, erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort.

In addition, you have the right to be informed about these recipients.

6. Right to data portability - art. 20 GDPR

You have the right to receive the personal data concerning you that you have provided to the person responsible in a structured, common and machine-readable format. In addition, you have the right to transmit this data to another controller without hindrance by the controller to whom the personal data was provided, provided that

a) the processing is based on consent pursuant to art. 6 (1) a) GDPR or art. 9 (2) a) GDPR or on a contract pursuant to art. 6 (1) b) GDPR and

b) the processing is carried out with the help of automated procedures.

In exercising this right to data portability, you also have the right to obtain that the personal data concerning you is transferred directly from one controller to another controller, insofar as this is technically feasible.

7. Right of objection - art. 21 GDPR

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of art. 6 (1) (e) or (f) GDPR; this also applies to profiling based on these provisions.

The controller will no longer process the personal data relating to you unless it can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

If personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling, insofar as it is related to such direct marketing.

If you object to the processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.

You have the possibility, in connection with the use of information services - irrespective of Directive 2002/58/EC - to exercise your right of objection by means of automated procedures using technical specifications.

8. Right to revoke the declaration of consent under data protection law

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

9. Right to complain to a supervisory authority - art. 77 GDPR

Without prejudice to any other administrative or judicial remedy, you have the right to file a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or the place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.

The supervisory authority to which you file a complaint shall inform you, as the complainant, of the status and outcome of the complaint, including the possibility of a judicial remedy pursuant to art. 78 of the GDPR.

This privacy notice will be updated on a regular basis.