Privacy Policy Notice

We appreciate your visit on our website and your interest in our offer. We want you to feel comfortable and safe with regards to how we process your personal data. Data protection and transparency are very important to us. This Privacy Notice is meant to help you understand our privacy practices, including which Personal Data we collect, why we collect it, what we do with it, and how we protect it, as well as knowing your individual rights. This information will enable you to always be in full control of your personal data.

1.   Controller

Controller legally responsible for data processing:

RTSB GmbH Rail Transportation Service Broker
Industriestr. 24
61381 Friedrichsdorf
Germany
info@rtsb.de

2.   Categories of data, purpose and legal basis

It´s possible to visit our website without disclosing any personal data besides the technical data provided for the operation of the website itself. For transparency reasons, our privacy notice can be found on every page.

Personal data is data about an identified or identifiable person. This means any information about you, information that could be used to identify you or that is directly associated with you. We use personal data like your IP address or technical data of your device (e.g. service provider and operating system), only to run and improve our website. We never save this data beyond the fulfilling of its purpose or legal retention periods.

We need this data to run our website. If you object to processing, you won´t be able to use our online offer. We evaluate this kind of information statistically in order to make using our website ever more comfortable. We don´t connect this information to any other data we have collected previously. It´s only meant to improve the performance and attractiveness of our website and its content. Data collected when using our website will be deleted at the latest after 14 months. In some cases, we might be allowed to save data in order to enforce or defend any legal claims.

In any data processing we strictly adhere to the requirements of the EU General Data Protection Regulation (GDPR). This includes collecting, saving and using your personal data. We will never use your data for marketing purposes, and we will never sell, rent or leave your personal data to third parties.

Art. 6. 1 b and 1 f are legal basis for processing data in order to take care of information and network security. According to these articles processing of personal data is legal if necessary for the performance of a contract or for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject.

According to Art. 13 2 e GDPR you are not obliged to provide us with your personal data when using our website. Nevertheless it´s just not possible to run a website without this kind of data.

3.   Recipients of data

We only share personal data within our organization if and when necessary for the purposes specified in this privacy notice. We don´t share personal data with any third party outside of our organization unless one of the following circumstances applies.

Art 6 1c GDPR

Processing is necessary for compliance with a legal obligation to which the controller is subject.

Recipients of your personal data may be public offices as well as processors, processing the data collected online in our behalf. (Google, Webhosts, etc.)

Data processors are

mailerlite

 

4.   Contact form

Using our contact form, you provide us with your personal data. This includes name, email address. We will use this information only for your particular claims or requests. In order to protect your personal data, the transmission/transfer is coded by a common encryption method. In general, any personal data will be deleted after we have answered your request or clarified your claim.

Legal basis for processing is your prior consent according to Art. 6 1 a GDPR. You may withdraw your consent with effect for the future in case you don’t want your data to be processed any more.

 

5.   Newsletter

If you would like to obtain the newsletter that we offer on our website, we only need an email address. Further data won’t be collected or only on a voluntary basis. We will use this data only for sending the information requested and we won’t give it to third parties.

Legal basis for processing is your consent according to Art. 6 1 a GDPR. You are free to revoke your consent at any time with effect for the future for example by clicking the unsubscribe link in the newsletter.

The data you gave to us in order to receive the newsletter will be stored until you unsubscribe and will be deleted after your unsubscription.

Data stored for other purposes remain unaffected.

6.   Cookies

We use two types of cookies: session cookies and persistent cookies. Cookies are small text files that we place on your computer. Cookies cannot execute any commands and therefore, they pose no security risk.
Session Cookies store information during the visit of our website. They are not stored permanently on your computer since they disappear when the browser is closed. When you visit our website for the first time, we inform you about the use of cookies. We store your perusal in a cookie so that we don’t have to show you this information every time you visit our website. Legal basis for the use of cookies is Art. 6 1 f GDPR. According to this article processing of personal data is legal if necessary for the purpose of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights of the data subject. The controller has a legitimate interest in operating the website.
You can define the handling of cookies by yourself in your browser, you can completely refuse cookies, or you can set your browser to regularly delete cookies. You can find sufficient information concerning this matter on the Internet.

We use the following cookies:

To change your cookie preferences for this site please click here:

7.   Google Web Fonts

For a uniform representation of fonts, we use the so-called Google Web Fonts, that are provided by Google. When calling up our webpage, your browser loads the web fonts needed into the browser cache in order to present fonts and texts correctly. Therefore, the browser used has to create a connection with the Google Servers. Hereby Google learns that our website has been called up via your IP-Address. We use Google Web Fonts in order to present our online offers in a uniform and attractive way. This is our legitimate interest (Art. 6 1 f GDPR).

In case your browser doesn’t support web fonts your computer uses a standard font.

More information about Google Web Fonts can be found here:

https://developers.google.com/fonts/faq and in the data protection notice of Google:
https://www.google.com/policies/privacy/.

8.   Google Maps

This Webpage uses the map service Google maps via API. Supplier is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

In order to use the functions of Google maps it is necessary to store your IP-Address. That information usually will be transferred to and stored on a Google server in the US. The provider of this Webpage does not have any influence on this data transfer.

We will only use Google Maps with your prior consent. Legal basis is Art. 6 1 a) GDPR.

You can find more information about the use of user data by Google here:

https://www.google.de/intl/de/policies/privacy/.  

9.   Social Media profiles

Facebook

We have a profile at Facebook. Supplier is Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA- Facebook is certified according to the EU-US-Privacy-Shield. We entered a Joint-Controllership-Agreement with Facebook. This agreement states for which data processing operations we or Facebook are responsible when you visit our Facebook-Fanpage. Facebook-Ireland is primarily responsible according to GDPR for the processing of Insight data. You can view this agreement here:
https://www.facebook.com/legal/terms/page_controller_addendum

You can modify your advertising preferences in your profile by yourself. Therefore, click on the following link and log in.
https://www.facebook.com/settings?tab=ads

You can find detailed information within the data protection notice of Facebook:
https://www.facebook.com/about/privacy/

LinkedIn

We use a LinkedIn account operated by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. In order to modify your settings concerning advertising measures in your profile at LinkedIn, please use the following link:
 https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

The data protection notice of LinkedIn can be found here:

https://www.linkedin.com/legal/privacy-policy

Tencent WeChat

We use a Tencent WeChat Account operated by Tencent International Service Europe B.V., 26.04 on the 26th floor of Amstelplein 54, 1096 BC Amsterdam, Netherlands. The data protection notice of WeChat can be found here:
https://www.wechat.com/de/privacy_policy.html#pp_sharing

Sina Weibo

We use a Weibo account by the Chinese operator Sina Corporation. Currently there is no data protection notice available.

 

10.        Your rights

According to GDPR you have the following rights with regard to your personal data. You can find more detailed information in Art. 15 to 21 GDPR as well as in §§ 32 to 37 German Federal Data Protection Act. 

You have the right to access your personal data. You may also request the rectification of inaccurate data. Under certain conditions you have the right to erasure, the right to restriction and the right to data portability. Further, you have the right to object to processing of personal data which is based on point (e), (f) of Art. 6(1), including profiling based on those provisions. You may withdraw your consent at any time and without giving reasons with effect for the future. 

 

You may assert these rights directly with the controller. Therefore, informal contact is sufficient. You may send an Email or a letter. 

 

You also have the right to lodge a complaint with a supervisory authority if you find our processing of your personal data to be inconsistent with applicable data protection law. A list of federal Data Protection Commissioner and contact data can be found here: 

https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html  

 

In case of any further questions please feel free to contact our officer for data protection: 

David Gabel – Email: david.gabel(at)dsgvo-support.de 

 

General information concerning data protection and processing of personal data can be found at https://www.dsgvo-support.de 

 

 

DATA PROTECTION NOTICE FOR FACEBOOK

 

Welcome to our Facebook page.

 

We want you to feel comfortable and safe with regards to how we process your personal data. Data protection and transparency are very important to us. That’s why we want to inform you accordingly.

 

We entered into a Joint-Controllership-Agreement with Facebook according to Art. 26 GDPR. You can call up this agreement here: https://www.facebook.com/legal/terms/page_controller_addendum]

This agreement states that Facebook comprehensively undertakes the obligations arising from data protection laws.

 

1.   Controller

Joint Controllers for operation of this Facebook page are:

 

a)
Facebook Ireland Ltd.
4 Grand Canal Square
Grand Canal Harbor

Dublin 2 Ireland

 

You can contact Facebook’s data protection officer by using this form:
www.facebook.com/help/contact/540977946302970.

 

 

and

 

b)

RTSB Group 
Industriestr. 24 
61381 Friedrichsdorf 

info@rtsb.de 

 

Our external data protection officer can be contacted via E-Mail:
david.gabel@dsgvo-support.de

 

2.   Categories of Data, purpose and legal basis

Concerning the data processing by Facebook we refer to their data protection notice:

https://www.facebook.com/privacy/explanation

 

In the following we explain to you the data processing operations carried out by us.

a)   Statistical Data

We can retrieve statistical data of different categories via the so-called “Insights” (https://www.facebook.com/business/a/page/page-insights).

These statistics are created and provided by Facebook. We as operator cannot influence creation and display. We can neither deactivate this function nor prevent the creation and processing of the data. Facebook provides us with the following data for a definable period of time for the categories, respectively, fans, subscribers, people reached, people interacting: Total number of call ups, “Likes”, page activity, post interactions, range of the posts, comments, shared content, answers, share of men and women, origin concerning country and city, language, call ups and clicks in the shop, clicks on the route planner, clicks on phone numbers. Also, in doing so, data of the Facebook Groups connected with our Facebook page are provided.

As a result of the continuous development of Facebook, the availability and processing of data changes, wherefore we refer to the data protection notice of Facebook for more detailed information.

 

Legal basis for processing is Art. 6 1 f GDPR. Making our posts and activities more attractive for the users is our legitimate interest. For example, we use the distribution of age and gender for addressing our users in an adjusted way and the preferred visiting hours of the users for timely optimized planning of our posts. Information about the user’s device help us adjusting our posts in appearance.

 

b)   Interactions with our account

Also, you can interact with our account. For example, you can do that by pressing the “Like” button, share or comment on a post or by directly writing to us.

 

In case of you interacting with us, we inevitably process your data as we then can see your account and therefore have access to your personal data; this includes your username, profile picture or date or time of your interaction. According to Facebook’s terms of use, that every user has agreed to when creating a Facebook profile, we can identify subscribers and fans of the page and view their profile as well as their shared content.

 

These data are information that are only provided through an interaction with our profile. Legal basis for processing is Art. 6 1 b GDPR.

 

3.   Recipient of data

We would like to point out that Facebook might transmit your data to third parties. We cannot influence this, though. You can find more detailed information within the data protection notice of Facebook: www.facebook.com/privacy/explanation

 

We only share personal data within our organization if and when necessary for the purposes specified in this privacy notice. We don´t share personal data with any third party outside of our organization unless one of the following circumstances applies.

 

Art 6 (1) c GDPR

Processing is necessary for compliance with a legal obligation to which the controller is subject.

 

Recipients of your personal data may be public offices as well as processors, processing the data collected online in our behalf (Webhosts, designer etc.)

 

4.   Storage period and erasure

You can find information about data storage by Facebook in their data protection notice: www.facebook.com/privacy/explanation.

 

We store the personal data transmitted to us by you only for the period of time that is necessary to fulfil the purposes for which the data have been transmitted or as long as we are obligated by law to store them. After fulfilment of the purpose and/or after the legal retention period has expired, we either delete or block the data.

 

5.   Your rights

According to GDPR you have the following rights with regard to your personal data. You can find more detailed information in Art. 15 to 21 GDPR as well as in §§ 32 to 37 German Federal Data Protection Act. 

You have the right to access your personal data. You may also request the rectification of inaccurate data. Under certain conditions you have the right to erasure, the right to restriction and the right to data portability. Further, you have the right to object to processing of personal data which is based on point (e), (f) of Art. 6(1), including profiling based on those provisions. You may withdraw your consent at any time and without giving reasons with effect for the future. 

 

You may assert these rights directly with the controller. Therefore, informal contact is sufficient. You may send an Email or a letter. 

 

You also have the right to lodge a complaint with a supervisory authority if you find our processing of your personal data to be inconsistent with applicable data protection law. A list of federal Data Protection Commissioner and contact data can be found here: 

https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html  

 

If processing by Facebook is involved, you can directly contact Facebook. In particular this is the case when it’s about processing in the scope of the “Insights”.

You can contact Facebook via this form: https://www.facebook.com/help/contact/2061665240770586.

 

Furthermore, you might send a letter to:

Facebook Ireland Ltd.
4 Grand Canal Square
Grand Canal Harbour
Dublin 2 Ireland

 

As an alternative you might also contact us, and we transmit your request – according to our agreement with Facebook as per Art. 26 GDPR – to Facebook.