Privacy Policy

§ 1 Information on the Collection of Personal Data and Provider Identification

(1) The following provides information on the collection of personal data when using this website. Personal data includes all information relating to you personally, such as name, address, email address, or user behavior.

(2) The controller in accordance with Art. 4(7) GDPR is Deutsche Recycling Service GmbH, represented by Managing Director Nils Röpke, Bonner Straße 484 – 486, 50968 Cologne, info@deutsche-recycling.de (see our imprint). Our Data Protection Officer is Ms. Nicole Motiee Tehrani, ap-datenschutz GmbH, Hohenstaufenring 8, 50674 Cologne, info@ap-datenschutz.de.

(3) Should we use third-party service providers for certain features of our services or intend to use your data for advertising purposes, we will inform you in detail below. This includes information on the storage periods.

§ 2 Your Rights, Especially Access and Withdrawal

(1) You have the following rights regarding your personal data:

• Right of access
• Right to rectification or deletion
• Right to restriction of processing
• Right to object to processing
• Right to data portability

(2) If you have given consent to data processing, you can withdraw it at any time. Processing based on your consent remains lawful until the withdrawal takes effect.

(3) For any information requests, access requests, or objections to data processing, please contact us by email at info@deutsche-recycling.de or at the address specified in § 1(2).

(4) You may request the deletion of your data at any time. Please note that legal retention obligations may require us to retain certain data until the expiry of the statutory period.

(5) If your data is incorrect, you have the right to request correction, which we will carry out without undue delay.

(6) You have the right to receive your personal data in a readable format, wherever technically feasible, to transmit it to another service provider (right to data portability).

(7) You may lodge a complaint with the competent supervisory authority. A list of data protection authorities and their contact details is available here: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

§ 3 Data Security

(1) We maintain current technical measures to ensure data security, particularly to protect your personal data against risks during data transmission and unauthorized access by third parties. These measures are regularly updated in line with the latest technical standards.

§ 4 Collection of Personal Data During Informational Use and Contact

(1) When using the website for informational purposes only, i.e., without registration or submitting other information, we collect only the personal data that your browser transmits to our server. This includes the following technical data necessary to display our website and ensure its stability and security (legal basis: Art. 6(1)(f) GDPR):

• IP address
• Date and time of the request
• Time zone difference to GMT
• Requested page content
• Access status / HTTP status code
• Data volume transmitted
• Referring website
• Browser type
• Operating system and interface
• Browser language and version

(2) When contacting us via email or contact form, your email address, name, and, if provided, telephone number are stored. This data is used solely for responding to your inquiry.

(3) The legal basis for this processing is your consent, given by submitting the contact form (Art. 6(1)(a) GDPR).

(4) Your data will only be used for advertising within the scope permitted by law. In particular, your email address will only be used for direct advertising of similar products or services. You may object at any time via email to info@deutsche-recycling.de. We rely on either your consent or our legitimate interest (Art. 6(1)(f) GDPR).

(5) Cookies are additionally stored on your device when using our website. Cookies are small text files saved to your device by your browser. They cannot execute programs or transmit viruses and serve to make the website more user-friendly and effective.

§ 5 Cookies

(1) We use cookies on our website. These are necessary for navigation and functionality, including access to secure areas. Cookies also help analyze usage patterns, frequency of visits, and popular sections. Session cookies store information on your activities on our website.

(2) Types of cookies used:

• Transient cookies (temporary)
• Persistent cookies (time-limited)
• Third-party cookies

(3) Transient cookies are deleted automatically when you close your browser. These include session cookies, which store a session ID to link browser requests during a session.

(4) Persistent cookies are deleted automatically after a specified period. You can delete cookies anytime via your browser settings.

(5) You can configure your browser to reject third-party or all cookies. Some website functions may be limited if you do so.

(6) All cookies used are described in our cookie banner.

§ 6 Cookiebot

(1) We use Cookiebot, provided by Usercentrics A/S, Havnegade 39, 1058 Copenhagen, Denmark. Cookiebot allows us to display a comprehensive cookie notice and obtain and document consent for storing cookies.

(2) Cookiebot processes data mentioned in § 4 and stores an encrypted, anonymous key to document consent for 12 months.

(3) Consent management via Cookiebot is legally based on Art. 6(1)(c) GDPR to comply with legal documentation requirements (Art. 5(2) GDPR). Cookie consent is required under § 15(3) TMG and Art. 7 GDPR (see ECJ “Planet49” ECLI:EU:C:2019:801).

§ 7 Telephone Contact

(1) If you contact us by phone, your phone number (if transmitted) will be displayed and stored in our phone system with call duration. Only a small, defined group within our company has access; data is deleted regularly.

(2) Storage is based on our legitimate interest in monitoring communication efficiency.

§ 8 Hosting

(1) We do not share personal data with third parties unless explicitly stated.

(2) IT service providers have access for maintenance and implementing technical-organizational measures, based on legitimate interest (Art. 6(1)(f) GDPR) or legal obligations (Art. 6(1)(c) GDPR).

(3) Hosting provider: Hack Attack-Cremerius, Lang GbR, Gunther-Plüschow-Str. 6, 50829 Cologne.

(4) Providers are contractually bound, regularly monitored, and do not share data externally.

(5) Data is not transferred outside the EU/EEA.

§ 9 Social Media

(1) Our website contains links to social media platforms. These are external links; no personal data is transmitted when clicked. For data handling, consult the respective platform’s privacy policy.

(2) Facebook: facebook.com, operated by Facebook Ireland Limited. Privacy: https://de-de.facebook.com/about/privacy/

(3) Instagram: instagram.com, operated by Instagram Inc., part of Meta Platforms, Inc. Privacy: http://instagram.com/about/legal/privacy/

(4) LinkedIn: linkedin.com, Standard Contractual Clauses ensure compliance. Privacy: http://www.linkedin.com/legal/privacy-policy

(5) Xing: xing.com, New Work SE, Germany / New Work Networking Spain SL, Spain. Privacy: https://privacy.xing.com/de/ihre-sicherheit

§ 10 Newsletter

(1) You may subscribe to our newsletter with your consent. The purpose and topics are specified in the consent form.

(2) We use a double-opt-in process. Your registration is confirmed via email. Unconfirmed registrations are blocked and deleted after 30 days. IP addresses and timestamps are recorded to document consent.

(3) Only your email address is mandatory; additional data is voluntary for personalization. Legal basis: Art. 6(1)(a) GDPR.

(4) Consent may be withdrawn at any time via the unsubscribe link or by contacting the address in our imprint.

(5) Newsletter emails include web beacons to analyze user interaction and optimize content. You may opt-out via the link in each email.

§ 11 Newsletter Provider Hubspot

(1) We use HubSpot (HubSpot Inc., Cambridge, MA, USA) for sending newsletters. Data for subscriptions is stored on HubSpot servers in Germany.

(2) HubSpot processes data within the EU; transfers outside the EU (e.g., support in the US) are secured by contractual protections (Standard Contractual Clauses, EU-US Data Privacy Framework).

(3) HubSpot processes data under GDPR Art. 28 (Data Processing Agreement) and ensures compliance with technical and organizational measures.

(4) Further details: https://legal.hubspot.com/de/privacy-policy?tid=331710151756

(5) HubSpot allows us to analyze newsletter engagement via web beacons; data is anonymized and used only for statistical analysis.

(6) Data is stored until newsletter unsubscription, then deleted from our and HubSpot servers.

§ 12 Webinars / Videoconferences (GoToWebinar)

1.1. Information on the Processing of Your Personal Data for Webinar Participation (via GoToWebinar)

The following privacy information provides an overview of the collection and processing of your data and explains how you can exercise the rights granted to you under the General Data Protection Regulation (GDPR).

The EU General Data Protection Regulation (GDPR), effective from May 25, 2018, obliges us to provide comprehensive information on the processing of your personal data. This includes detailed information on your rights as a “data subject” whose personal data we process.

1.2. Who is responsible for data processing?

DR Deutsche Recycling Service GmbH
Bonner Straße 484–486, 50968 Cologne
info@deutsche-recycling.de

Our Data Protection Officer is:

Nicole Motiee Tehrani
ap-datenschutz GmbH
Hohenstaufenring 8
50674 Cologne, Germany
dsb@ap-datenschutz.de

1.3. Which personal data is processed?

• User info (name, email, phone, etc.
• meeting metadata
• recordings (optional)
• chat entries
• audio/video data during the meeting

1.4. Source of the data:

We process only personal data provided voluntarily by our customers in the context of our business relationships. Additionally, we process personal data received lawfully from other companies if required to provide the service or fulfill the contract with you.

1.5 Purpose & Legal basis:

We process personal data in compliance with the GDPR, the Federal Data Protection Act (BDSG), and other applicable laws.

GoToWebinar is used to facilitate effective communication within our company and fulfill contractual obligations. If webinars are recorded, we will notify you in advance and obtain your consent if required. The recording status is also displayed in the software.

Chat content may be logged for documentation purposes, though this is usually not required. Questions posed by participants may also be processed for recording and follow-up purposes.

Automated decision-making under Art. 22 GDPR does not occur.

1.5.1. Employee data processing (§26 BDSG)

If employee personal data is processed, §26 BDSG is the legal basis. If personal data is not required for employment purposes but is essential for webinar use, Art. 6(1)(f) GDPR applies. Our interest is in conducting webinars effectively.

1.5.2. Processing based on your consent (Art. 6(1)(a) GDPR)

Where you have voluntarily consented to data processing for specific purposes, consent forms the legal basis. Consent can be revoked at any time, effective for future processing only.

1.5.3. Processing based on contractual obligations (Art. 6(1)(b) GDPR)

Data processing for webinar participation is also justified under Art. 6(1)(b) GDPR when necessary to fulfill contractual obligations.

1.5.4. Processing for legitimate interests (Art. 6(1)(f) GDPR)

We may process your data to safeguard legitimate interests, e.g., checking EU anti-terror lists in compliance with EU regulations (EC) 2580/2001 and 881/2002.

1.6. Data sharing

Your data is processed by GoToWebinar, operated on servers by GoTo Technologies Ireland Unlimited Company, which complies with EU law.

1.7. Data transfer:

GoToWebinar may process your data within the EU. No transfer of personal data to third countries occurs.

1.8. Data retention:

Data is retained only as long as necessary or required by law, depending on the purpose, legal basis, or legitimate interest. Webinar reports may be stored by GoTo for up to 24 months, unless shorter periods apply under technical/organizational measures.

1.9. Data usage for participation:

You can register for webinars via our website by providing your name, phone number, and email. You will receive a personal invitation link by email.

GoTo account users: Join the webinar via the app with provided meeting credentials; entry from the waiting room requires confirmed registration.

External users without a GoTo account: Join via the web app link; entry from the waiting room requires confirmed registration.

The webinar runs via GoToWebinar, GoTo Technologies Ireland Unlimited Company. See their privacy policy for details.

1.10. Your rights regarding data processing:

You have the right to access (Art. 15 GDPR), rectify (Art. 16), erase (Art. 17), restrict (Art. 18), object (Art. 21), and data portability (Art. 20). Limitations per §§34, 35 BDSG apply.

§ 13 Web Tracking – Google Analytics

(1) With consent, Google Analytics is used. Cookies track website usage and transmit anonymized data to Google servers. IP addresses are anonymized (Art. 6(1)(a) GDPR).

(2) Cookies may be blocked in your browser; see http://tools.google.com/dlpage/gaoptout?hl=de.

(3) Analytics is used to improve website functionality and content.

(4) Data may be processed outside the EU under EU-US Data Privacy Framework (Art. 45 GDPR).

(5) Further information: https://privacy.google.com/businesses/compliance/#!#gdpr

§ 14 Google Ads

(1) We use Google Ads and remarketing to display ads. Provider: Google Ireland Limited.

(2) Ads may be targeted based on parameters and include ad cookies. Cookies generally expire after 30 days and are used for campaign analysis.

(3) Data processing outside the EU is secured under EU-US Data Privacy Framework (Art. 45 GDPR).

(4) Users can prevent ad cookies via browser settings or opt-out links: http://www.google.de/ads/preferences, http://www.aboutads.info/choices, http://www.google.com/settings/ads/plugin

§ 15 Google Tag Manager

(1) Tool to manage website tags, store cookies, anonymize IPs, centralize tracking.

(2) Legal basis: legitimate interest (Art. 6(1)(f) GDPR).

(3) Data may be processed outside EU under EU-US Data Privacy Framework.

Further info: https://www.google.de/analytics/terms/tag-manager/

§ 16 Google Fonts

(1) Web fonts from Google Ireland Limited for uniform font display. Fonts are cached locally; no data is sent to Google.

(2) If fonts are unsupported, default system fonts are used.

More info: https://developers.google.com/fonts/faq, https://policies.google.com/privacy

§ 17 Google reCAPTCHA

(1) Used to distinguish humans from bots. Personal data (IP, OS, input) may be transmitted.

(2) Legal basis: legitimate interest in spam protection (Art. 6(1)(f) GDPR).

(3) Data may be processed outside EU under EU-US Data Privacy Framework.

More info: https://policies.google.com/privacy?hl=de

§ 18 jQuery

(1) Uses jQuery libraries from code.jquery.com via StackPath servers, OpenJS Foundation, USA.

(2) Legal basis: legitimate interest (Art. 6(1)(f) GDPR) for optimized website display.

(3) Standard Contractual Clauses (SCC) ensure data protection in transfers to the USA.

More info: www.jquery.com

§ 19 WP Activity Log

(1) Security plugin to monitor user activities and prevent unauthorized access.

(2) Logs events including date, time, user, IP, and affected objects.

(3) Legal basis: legitimate interest in website security (Art. 6(1)(f) GDPR).

§ 20 Microsoft Advertising (formerly Bing Tracking)

(1) Tracks website activity following ad clicks.

(2) Uses cookies to measure ad engagement.

(3) Legal basis: consent (Art. 6(1)(a) GDPR) and legitimate interest (Art. 6(1)(f) GDPR).

(4) Data may be transferred outside EU under EU-US Data Privacy Framework.