Data Protection

1. The following covers our policy on collecting personal data when you visit our website. The term “personal data” refers to any data that can be used as a reference to you as a person, such as your name, address, e-mail addresses, or user behaviour.
2. The controller applicable to this website and service according to EU General Data Protection Regulation (GDPR) Art. 4 para. 7 is Business Metropole Ruhr GmbH (BMR), Kronprinzenstr. 30, 45128 Essen, Germany; Tel. +49 201 632488 0; e-mail: info@business.ruhr (see our copyright and legal statements). Our Privacy Officer can be reached here: Aulinger Datenschutz & Consulting GmbH, Dr. Ralf Heine, Frankenstraße 348, 45133 Essen; Tel.: +49 201 95986 62‬, E-mail: datenschutz@business.ruhr
3. By sending us an enquiry using the contact form, your data from the form including any contact data you have provided will be stored for processing your enquiry, and kept on store in case we need to contact you again. We will not pass on this data without your consent.
   
   We will only process the data you have entered in the contact form on your consent according to GDPR Art. 6.1 (a). You may withdraw this consent at any time. All you need to do is send us an informal request by e-mail. Remember that the legitimacy of any data processing activities that have taken place before your revocation will remain intact.
   
   We will keep the data from the contact form on file until you request their deletion or withdraw your consent to have the data stored, or until the purpose for storing the data has ceased to apply, such as after we have dealt with your enquiry. Mandatory legal provisions, especially retention periods, shall remain unaffected.
4. Your enquiry, including all resulting personal data (name, enquiry) will be stored and processed for handling your request if you contact us by e-mail, telephone or fax. We will not pass on this data without your consent.
   
   Your data will be processed according to GDPR Art. 6.1 (b) if your enquiry involves fulfilment of a contract or is necessary in fulfilling pre-contractual measures.  In all other cases, your data will be processed on your consent according to GDPR Art. 6.1 (a) and/or our legitimate interest according to GDPR Art. 6.1 (f), as we have a legitimate interest in the effective handling of enquiries addressed to us. 
   
   We will keep the data sent to us from contact enquiries until you request their deletion or withdraw your consent to have the data stored, or until the purpose for storing the data has ceased to apply, such as after we have dealt with your enquiry. Mandatory legal provisions, especially statutory retention periods, shall remain unaffected.
5. You may register on our website to benefit from additional features on the website. We will only use the data entered in order to provide you with the specific offering or service you have registered for. The mandatory information requested during registration must be given in full for you to be able to register.
   
   We will use the e-mail address specified during registration to inform you on any important changes such as in our range of services or necessary technical changes.
   
   We will therefore process the data you have entered on registration as based on your consent according to GDPR Art. 6.1 (a).  You may at any time withdraw any consent you have previously given. All you need to do is send us an informal request by e-mail. Your revocation will not affect the legitimacy of any data processing that has already taken place.
   
   We will store data collected during registration as long as you are registered on our website, and delete the data after that. Statutory retention periods remain unaffected.
6. We will only collect, process and use personal data as necessary for establishing, developing or altering a contractual relationship (inventory data). Your data will be processed according to GDPR Art. 6.1 (b), which allows the data to be processed in the course of contract preparation or fulfilment. We will only collect, process and use personal data on the use of our website (user data) as necessary to enable users to benefit from our services or for billing purposes.
   
   We will delete your customer data that we have collected after fulfilling your order or the end of our business relationship. Statutory retention periods remain unaffected.
7. We will inform you in detail on the respective procedures as described below if we need to involve authorised service providers for individual features of our service or would like to use your data for advertising purposes. We will also state the predefined criteria applicable to storage periods.

1. You may subscribe to our newsletter by your own consent. The newsletter is to inform you about our current services that may be of interest to you. The goods and services advertised will be named in the consent form.
2. We use what is referred to as the double opt-in procedure for new subscriptions to our newsletter. This means that after you register, we will send an e-mail to the e-mail address you have given us asking you to confirm that you do indeed wish to receive our newsletter. Your data will be automatically restricted for processing and deleted after a month if you do not confirm the subscription within 24 hours. Apart from that, we will save IP addresses assigned to you and the times of subscription and your subscription confirmation. The aim of this procedure is to document your subscription and, if applicable, to trace any possible misuse of your personal data.
3. Your e-mail address is all the data you need to provide us with in order to receive our newsletter. You may optionally and voluntarily provide additional data for us to be able to contact you personally. After receiving your confirmation, we will store your e-mail address for the purpose of sending the newsletter on the legal basis of GDPR Art. 6.1 (a).
4. You may at any time withdraw your consent and unsubscribe from our newsletter. To revoke your consent and unsubscribe from our newsletter, you may either click the e-mail link included in every newsletter or use this website form to write an e-mail to newsletter@business.ruhr, or send a message using the contact details quoted in the copyright and legal statements section of this website.

We use the following tracking tools as listed below on the legal basis of GDPR Art. 6.1 (f).  We use these tracking tools in order to ensure continuous design and optimisation for our website according to requirements. Apart from that, we use tracking tools to collect data on how our website is being used for statistical evaluation in order to optimise our service. These interests are to be regarded as justified according to the regulation quoted in the above.

Refer to the corresponding tracking tools for the respective data processing purposes and data categories.

Google Analytics

1. This website uses functions in the Google Analytics service. This is a service provided by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Irland.
   
   Google Analytics uses what are referred to as cookies. These are text files that are stored on your computer to make it possible for us to analyse how you have been using this website. Cookies store information on how you use our website, which is then usually transmitted to Google’s servers in the US for storage. Data sent by us and linked to cookies, user IDs and advertising IDs will be deleted automatically after 14 months. Data will be automatically deleted once a month after reaching the end of the corresponding retention period.
   
   The Google Analytics analysis tool is used and the resulting cookies stored according to GDPR Art. 6.1 (f). The website owner has a legitimate interest in analysing user behaviour towards optimising both website and advertising. In exceptional cases where personal data is transmitted to the US, Google has adopted the EU-US Privacy Shield; see https://www.privacyshield.gov/EU-US-Framework.
2. We have activated the IP anonymisation function on this website. This involves Google truncating the last octet of an IP address from a member state of the European Union or other parties to the Agreement on the European Economic Area before transmission to the US. The full IP address will only be sent to and shortened by Google servers in the USA in exceptional cases. Google will use this information to analyse your use of our website, compile reports on website activities for the webmaster, and provide additional services involving website and Internet use as commissioned by this website's webmaster. Google will not link your IP address in the Google Analytics service with any other data held by Google.
3. You may prevent your browser from storing cookies using the appropriate settings in your web browser software; however, if you should choose to do so, note that you may not be able to use the website’s functionality to its full extent. You may also prevent Google from collecting and using data in the form of cookies and IP addresses by downloading and installing the browser plugin available at http://tools.google.com/dlpage/gaoptout.
4. You may prevent Google from acquiring data using Google Analytics by clicking the following link. This will store an opt-out cookie on your device to prevent your browser from collecting information when you visit this website: Disable Google Analytics.
   
   Refer to the following website for more details on how Google Analytics deals with user data in the Google privacy policy: https://support.google.com/analytics/answer/6004245.
5. We have concluded a data processing contract with Google, and have implemented the strict regulations to their full extent from the German data protection authorities in using Google Analytics.
6. This website uses the demographic characteristics function in Google Analytics. This allows reports to be compiled with information on age, gender and interests of our website visitors. This information originates from Google interest-based advertising as well as visitor information from third parties. None of this data can be assigned to any particular person. You may deactivate this function in your Google Account or prevent Google Analytics from collecting your data as described in Para. 4.

Facebook Pixel

1. Our website uses the Facebook pixel, Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (hereinafter referred to as Facebook) to measure user conversion.
   
   This allows us to track visitors to our website after clicking on a Facebook advertisement referring them to the provider’s website. We use this service to assess the effectiveness of Facebook advertising for statistical and market research purposes and optimise future advertising campaigns.
2. The information collected is anonymous to us as operators of this website, and we cannot use it to draw any conclusions as to the identity of any user. However, the data will be stored and processed by Facebook; this may allow Facebook to link the data to your user profile, which Facebook may use for advertising purposes according to Facebook’s Data Policy. This allows Facebook to display advertisements on its own pages and outside the Facebook domain. We as a website operator have no influence on this use of data.
   
   We use the Facebook pixel service according to GDPR Art. 6.1 (f).  The website owner has a legitimate interest in effective promotional activities, including social media.
3. Refer to the following website for more details on the Facebook privacy policy: https://www.facebook.com/about/privacy/.
   
   You may also disable the Custom Audiences function in settings for advertising on https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. This requires you to be signed in on Facebook.
   
   You can also deactivate use-based advertising on Facebook using the European Interactive Digital Advertising Alliance website if you do not have a Facebook account: http://www.youronlinechoices.com/de/praferenzmanagement/.

Google reCAPTCHA

1. We use the Google reCAPTCHA service (referred to as reCAPTCHA) on our websites. This a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (referred to as Google).
2. The aim of reCAPTCHA is to check whether data entered on our website, such as in a contact form, has been entered by an actual person or an automated program. This involves reCAPTCHA analysing website visitor behaviour based on various characteristics. Analysis begins automatically as soon as you visit our website. To analyse the data, reCAPTCHA evaluates various items of information such as your IP address, how long you stayed on the website, and your mouse movements. The data collected during the analysis will be transmitted to Google.
3. All reCAPTCHA analyses take place in the background. As a visitor to our website, you will not be informed that an analysis is taking place.
4. This data will be processed according to GDPR Art. 6.1 (f). The website owner has a legitimate interest in protecting the website service from abusive automated spying and SPAM.
5. Refer to the following website for more information on Google reCAPTCHA and the Google privacy policy: policies.google.com/privacy and https://www.google.com/recaptcha/intro/android.html.

1. Our website uses YouTube website plugins. This is a service provided by YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
2. We use YouTube in privacy-enhanced mode. According to YouTube, this mode prevents YouTube from storing data on visitors to this website before they watch the video. However, this privacy-enhanced mode cannot be guaranteed to prevent data from being transmitted to YouTube partners. YouTube connects to the Google DoubleClick network regardless of whether you are watching a video.
3. As soon as you start playing a YouTube video on our website, a connection will be made to the YouTube servers informing the respective server as to which page you visited. YouTube will be able to assign your surfing habits directly to your personal profile if you are logged in to your YouTube account. You can prevent this by logging out of your YouTube account.
4. Apart from that, YouTube may store a variety of cookies on your device after your start playing a YouTube video. These cookies provide YouTube with information on visitors to our website. This information is used for collecting video statistics towards improving user-friendliness and preventing fraud, among other things. The cookies will remain on your device until you delete them.
5. Other data processing operations may also be triggered once you start playing a YouTube video; we have no control over this.
6. We use YouTube with the aim of presenting our online services in an appealing and accessible fashion. This represents a legitimate interest according to GDPR Art. 6.1 (f).
7. Refer to the following website for more details about privacy on YouTube and the YouTube privacy policy: https://policies.google.com/privacy.

1. This website uses the Google Maps API. This a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
2. Using this feature will require storing your IP address. This information is usually transmitted to a server in the US and stored there. The provider of our website has no control on this data transmission.
3. The use of Google Maps also serves the appealing presentation of our online services and ease of finding locations named on our website. This represents a legitimate interest according to GDPR Art. 6.1 (f).
4. See the Google privacy policy for details on how this service handles user data: https://policies.google.com/privacy.

We currently use social media plugins as described in more detail below and what is referred to as a two-click solution. No personal data will be passed on to the plugin vendor when you initially visit our site. The plugin vendor is identifiable by its initial letter or logo on the marking on the field. You have the option of communicating directly with the plugin vendor by clicking the corresponding button. The vendor will only register that you have accessed the page on our website if you click the selected field and therefore activate it. This will also result in data as described in point 2 of this Privacy Policy being transmitted. In Facebook’s case, your IP address will be anonymised immediately after collection according to the respective provider in Germany. Activating the plugin will result in transmitting personal data on your person to the respective plugin vendor for storage at US-based vendors located in the USA. The plugin provider especially uses cookies to collect data, so we recommend that you delete all cookies in your browser’s privacy settings before clicking in the greyed-out field.

We have no influence on the data collection or processing, nor do we have any knowledge as to the full scope of data collection, purposes of processing the data, or the retention periods that apply. We also have no knowledge on the vendor’s deletion policy.

Facebook-Plugins (Like & Share-Button)

1. Our website has integrated plugins from the Facebook social network provided by Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. Facebook plugins can be identified by a Facebook logo or “Like” button on the website. Refer to the following website for a summary of Facebook plugins: http://developers.facebook.com/docs/plugins/.
2. The plugin will form a direct connection between your browser and the Facebook server whenever you visit this website. This will inform Facebook that you have visited our website by your IP address. Clicking the Facebook Like button while logged in to Facebook will link the contents of the page on our website to your Facebook profile. Facebook will then be able to link your visit to our website to your user account. Note that as a website provider, we do not have any access to the content of the data transmitted or how Facebook will use the data. Refer to the following Facebook data policy for details: https://www.facebook.com/privacy/explanation.
3. If you object to having Facebook linking your visit on our website to your Facebook account, then please log out of your Facebook account.
4. We use the Facebook plugin service according to GDPR Art. 6.1 (f). The website owner has a legitimate interest in the maximum possible degree of outreach using social media.

 Twitter Plugin

1. This website has integrated Twitter functions provided by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. The web pages you have seen will be linked to your Twitter account and disclosed to other users if you use Twitter and the “re-tweet” feature. This data will also by transmitted to Twitter. Note that as a website provider, we do not have any access to the content of the data transmitted or how Twitter will use the data. Refer to the following Twitter privacy policy for details: https://twitter.com/privacy.
2. We use the Twitter plugin service according to GDPR Art. 6.1 (f). The website owner has a legitimate interest in the maximum possible degree of outreach using social media.
3. You may alter your privacy settings on Twitter in account settings under https://twitter.com/settings/account.

Instagram Plugin

1. This website has integrated Instagram functions provided by Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA.
2. You may link content from our website to your Instagram profile by clicking the Instagram button if you are logged into your Instagram account. Instagram will then be able to link your visit to our website to your user account. Note that as a website provider, we do not have any access to the content of the data transmitted or how Instagram will use the data.
3. We use the Instagram plugin service according to GDPR Art. 6.1 (f). The website owner has a legitimate interest in the maximum possible degree of outreach using social media.
4. Refer to the following Instagram privacy policy for details: https://instagram.com/about/legal/privacy/.

LinkedIn Plugin

1. Our site uses LinkedIn network service functions provided by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.
2. A connection to LinkedIn servers will be made every time one of our pages containing LinkedIn functions is accessed. This will inform LinkedIn that you have visited our website by your IP address. Clicking the LinkedIn Recommend button while logged in to your LinkedIn account will enable LinkedIn to link your visit on our website to your user account. Note that as a website provider, we do not have any access to the content of the data transmitted or how LinkedIn will use the data.
3. We use the LinkedIn plugin service according to GDPR Art. 6.1 (f). The website owner has a legitimate interest in the maximum possible degree of outreach using social media.
4. Refer to the following LinkedIn privacy policy for details: https://www.linkedin.com/legal/privacy-policy.

1. We provide the option of sending you news about our activities using the WhatsApp news ticker function. This will entail you giving your mobile phone number and sending us a message using WhatsApp. We will not disclose your mobile phone number to any third parties, and will only use it for the WhatsApp news ticker. We will not send you any advertising or spam, and we will not call you for advertising purposes. We act on the consent you have voluntarily provided to us according to GDPR Art. 6.1 (a).
2. However, remember that you need to agree to the terms and conditions of WhatsApp to install and use WhatsApp on your mobile device; these terms and conditions are beyond our control. These terms and conditions include WhatsApp Inc. gaining access to telephone numbers and contacts stored on the mobile device.  Similarly, data will be stored on WhatsApp Inc. servers, which are not subject to European data protection law. Click here for details on data protection at WhatsApp Inc.

You have the following rights regarding your personal data:

• You may at any time without charge request information on your personal data that we have stored, its origin and recipient and purpose of processing, and you may have the data corrected, blocked or erased within the scope of the statutory regulations. If you have any questions about this or other topics concerning data privacy and protection, please do not hesitate to contact us at the address provided in the copyright and legal statements.
  
  You may demand a restriction on processing your personal data. Please do not hesitate to contact us at the address provided in the copyright and legal statements on this matter. You have a right to processing restriction in the following scenarios:
• We will usually need some time to verify an objection you might lodge as to the accuracy of your personal data we have stored. You may demand a restriction on processing your personal data during this period.
• You may also demand a restriction on processing your personal data instead of having it deleted if it has been or is being processed illicitly.
• You may demand a restriction on processing your personal data instead of erasure if we no longer need the data except for asserting or defending legal claims.
• Objection according to GDPR Art. 21.1 will require a balance of interests. You may demand a restriction on processing your personal data during this period before a decision is reached as to whose interests should prevail.
• Personal data you have had restricted for processing will only be processed on your consent (except for storage purposes), or to establish, assert or defend legal claims or to protect the rights of another natural or legal person, or for reasons of important public interest of the European Union or a member state.
• You have the right to have your personal data that we have automatically processed with your consent towards fulfilling a contract sent to you or any third party named by you in a common electronically readable format (data portability). We can only transmit your data to another data controller named by you as requested as long as it is technically feasible for us to do so.

You may also lodge an objection to any data protection authority regarding the processing of your personal data.

You may at any time object to our processing of your personal data according to GDPR Art. 6.1 (e) or (f) on grounds relating to your particular situation; this includes profiling based on those provisions. Please refer to this Privacy Policy for the respective legal basis for processing your personal data. If you should lodge an objection, we will no longer process your personal data unless we can document compelling legitimate grounds for processing that prevail over your interests, rights and freedoms, or to establish, assert or defend legal claims (objection according to GDPR Art. 21.1).

If we are processing your personal data for the purposes of direct marketing, you may at any time object to our processing of your personal data for the purpose of such advertising; this also applies to any profiling in connection with direct marketing. If you object, we will no longer use your personal data for direct marketing purposes (objection according to GDPR Art. 21.2).

We use the commonplace SSL (secure socket layer) protocol in connection with the highest level of encryption supported by your browser when you visit our website. SSL usually uses 256-bit encryption. Our website will use 128-bit v3 technology instead if your browser does not support 256-bit encryption. You will be able to see whether an individual page on our website uses encryption by the key or lock symbol in your browser’s status bar.

We otherwise use the appropriate technical and organisational measures to protect your data against inadvertent or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. We constantly improve our security measures in step with technological development.

This Privacy Policy is current as of October 2018.

This Privacy Policy is subject to change to keep in line with changes and developments in our website and services in response to changes and developments in statutory or regulatory requirements. Our current Privacy Policy will always be available for downloading and printing at business.ruhr/datenschutz/.