Privacy Policy

With this privacy policy, we would like to inform you about how we process personal data. We are aware of the importance of processing personal data for the user and therefore comply with all relevant legal requirements. The protection of your privacy is of the utmost importance to us. It therefore goes without saying that we comply with the statutory provisions on data protection.
 
Contact person responsible and data protection officer
 
Responsible person:
 
Reactive Robotics GmbH
Landsbergerstr. 234
80687 Munich
Germany
E-Mail: info@reactive-robotics.com.
 
Data protection officer
 
ePrivacy GmbH
represented by Prof. Dr. Christoph Bauer
Burchardstr. 14, 20095 Hamburg
 
For questions and concerns regarding your data, please contact info@reactive-robotics.com
 
If you wish to communicate directly with our data protection officer (e.g. because you have a particularly sensitive request), please contact them by post, as communication by email can always be subject to security vulnerabilities. Please state in your enquiry that your request relates to Reactive Robotics.
 
Personal Data
 
Personal data is any information relating to an identified or identifiable person. This includes information and details as well as the following categories of personal data that we process:

Your name,

your address or other postal address,

your telephone number or

your e-mail address,

your correspondence with us,

log files with information about your visit to our website

Identification numbers (e.g. social security and tax numbers, tax ID, passport or ID card numbers, insurance numbers, etc.),

Payment data (e.g. account data, bank details, etc.),

Customer data (in particular invoice data, user profiles, address, purchase or order history, payment data),

Application documents and documents from the employment relationship (in particular reference data and certificates),

Health data (including data on reintegration, diagnostic and evaluation data).

 
Legal basis
 
Your data is processed on the basis of the following legal bases:

Your consent, if you have given us such consent (Art. 6 para. 1 lit. a) GDPR),

the initiation or execution of a contract with you (Art. 6 para. 1 lit. b) GDPR),

the fulfilment of legal obligations (Art. 6 para. 1 lit. c) GDPR),

the realisation of our legitimate interests (Art. 6 para. 1 lit. f) GDPR).

 
Legitim interest
 
We pursue the following legitimate interests when processing your data:

Improvement of our offer,

protection against misuse (of our systems and facilities),

statistical purposes.

 
Data sources
 
Unless otherwise stated, we receive the data from you (including via the devices you use).
 
Storage duration
 
We store your data,

if you have consented to the processing, at most until you revoke your consent,

if we need the data to fulfil a contract, at most for as long as the contractual relationship with you exists or

if statutory retention periods (in particular under commercial and tax law) exist, until the end of the retention periods,

if we use the data on the basis of a legitimate interest, at most for as long as your interest in erasure or anonymisation does not prevail.

 
Purposes of use
 
We process your data for the following purposes:

For correspondence with you (in particular by post and e-mail)

complaint management

to process contracts with you (including any necessary registration),

to process incoming applications,

to create a data basis for hotlines or emergency services,

to generate individual (pseudonymised) customer profiles as part of product customisation,

for advertising purposes, such as for sending our newsletter

for quality assurance and statistics,

for general information purposes or to improve our information offering (for interested parties or potential customers as well as existing customers),

to update data records,

for the maintenance and upkeep of customer accounts.

 
Data security
 
We have taken extensive technical and organisational measures to protect your data against possible risks, such as unauthorised access, unauthorised disclosure, modification or dissemination, as well as against loss, destruction or misuse.
 
In order to protect your personal data from unauthorised access by third parties during transmission, we secure data transmissions using SSL encryption where necessary. This is a standardised encryption method for online services, especially for the web.
 
Log files
 
Every time our website is accessed, usage data is transmitted by the respective internet browser and stored in log files, the so-called server log files. The stored data records contain the following data:

Domain from which the user accesses the website,

date and time of access,

IP address of the accessing computer,

website(s) visited by the user as part of the offer,

amount of data transferred, browser type and version,

operating system used Name of the internet service provider,

message as to whether the retrieval was successful.

 
These log file data records are analysed in anonymised form in order to improve the service and make it more user-friendly, to find and rectify errors and to control the utilisation of servers.
 
Use of cookies
 
This website uses cookies. Cookies do not harm your computer.

General information on cookies

Cookies are data records that are stored in the browser’s databases. For example, user identification numbers are stored here, which are transmitted to the user’s computer when the website is used and managed there. The data records are stored there for later access. Typical uses of cookies are, for example, language selection, consent documentation or user authentication.

Session cookies

Session cookies are stored for the duration of a website visit and then automatically deleted when the browser is closed. They ensure, for example, that video and audio files can be played, that your user input is temporarily stored during the input time and thus improve user-friendliness.

Persistent cookies

Persistent cookies remain on your end device even after you close your browser. These cookies can, for example, save your user preferences, such as language settings, and analyse user behaviour on our website. The storage period for persistent cookies is set individually for each cookie. After this period has expired, they are automatically deleted.
 
Information on the individual cookies, including the duration of their function, can be found within the cookie banner, which you can access via the ‘Privacy Settings’ item at the bottom of the website.

Revocation of consent for cookies

You can change your consent or withdraw your consent to the use of cookies under ‘Privacy Settings’ at the bottom of the website.
 
Data protection information in the context of the application process and, if applicable, the employment relationship
 
We use the Personio service from Personio SE & Co. KG (Seidlstraße 3 80335 Munich, Germany) for personnel administration and development, time recording, holiday administration, payroll accounting and for our applicant management. The following data is collected: personnel master data (in particular name, address, date of birth, telephone number), contract master data (in particular information on professional qualifications and schooling, information on further professional training, other documents, employment contracts and certificates concluded or issued between the client and its employees), payroll and performance data (in particular bank details, absences, holiday plans, sick notes, working hours, employee evaluations), payroll data, contract accounting and payment data. Further information about the provider can be found at https://www.personio.de/datenschutzerklaerung.
 
We process the applicant data only for the purpose and in the context of the application process in accordance with the legal requirements. Applicant data is processed to fulfil our (pre-)contractual obligations as part of the application process within the meaning of Art. 6 para. 1 lit. b. GDPR Art. 6 para. 1 lit. f. GDPR if the data processing becomes necessary for us, e.g. in the context of legal proceedings (in Germany, § 26 BDSG also applies).
 
The application procedure requires applicants to provide us with their application data. If we offer an online form, the necessary applicant data is labelled, otherwise it can be found in the job descriptions and generally includes personal details, postal and contact addresses and the documents belonging to the application, such as cover letter, CV and certificates. Applicants can also voluntarily provide us with additional information.
 
By submitting their application to us, applicants consent to the processing of their data for the purposes of the application process (in accordance with the type and scope of processing set out in this privacy policy).
 
Insofar as special categories of personal data within the meaning of Art. 9 para. 1 GDPR are voluntarily communicated as part of the application process, their processing is also carried out in accordance with Art. 9 para. 2 lit. b GDPR (e.g. health data, such as severely disabled status or ethnic origin). Insofar as special categories of personal data within the meaning of Art. 9 para. 1 GDPR are requested from applicants as part of the application process, their processing is also carried out in accordance with Art. 9 para. 2 lit. a GDPR (e.g. health data if this is necessary for the exercise of the profession).
 
Data recipients
 
In addition to using the above recipients, we use the services of the following data recipients or service providers.
 
AWStats
 
We use AWStats (https://awstats.org/) to analyse our website statistically. The programme is a free web analysis software which is used to analyse log files that web servers create on the basis of visitor requests. The software does not use cookies for the analysis. The statistical analysis is carried out via the log files, which also contain IP addresses. This data is not merged with other data sources and the data is deleted after statistical analysis.
 
In contrast to other statistics programmes, AWStats does not transmit any data to a third-party server. The programme is installed on your own hosting package. This also prevents data being transferred abroad, for example, as our server is localised in Germany.
 
DocuSign
 
We use the DocuSign service from DocuSign Germany GmbH (c/o Bird & Bird LLP, Maximiliansplatz 22, 80333 Munich, Germany) to process documents centrally, carry out digital signature processes or verify identities. This involves collecting the data recorded in the documents, such as contract and ID data as well as signatures.
 
Further information about the provider can be found at https://www.docusign.com/privacy.
 
Google Analytics
 
We use the Google Analytics service of Google Ireland Limited, Gordon House Barrow Street Dublin 4, Ireland (hereinafter ‘Google’) to collect and analyse the behaviour of visitors to our website. For this purpose, data is collected in the form of online identifiers, IP addresses, device information and information on interaction with our website.
 
You can find more information about the provider at https://policies.google.com/privacy?hl=de.
 
Google Ads
 
We use Google Ads, an online advertising programme of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as ‘Google’), which enables us to display advertisements in the Google search engine or on third-party websites when the user enters certain search terms on Google (keyword targeting). Furthermore, targeted adverts can be displayed based on the user data available at Google (e.g. location data and interests) (target group targeting). We can evaluate this data quantitatively, for example by analysing which search terms have led to the display of our advertisements and how many advertisements have led to corresponding clicks.
 
Data processing, in particular the setting of cookies, is carried out with your consent on the basis of Art. 6 para. 1 letter a) GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal. The revocation can be made by deactivating the corresponding selection on our consent management platform, which you can access via the ‘Privacy Settings’ item at the bottom of the website.
 
Google Maps
 
We use the Google Maps (API) service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as “Google”). Google Maps is a web service for displaying interactive (land) maps in order to visualise geographical information. Using this service will show you our location and make it easier for you to find us. When you interact with Google Maps (API), the following data may be collected by Google IP address, which may be used for various purposes, including security, analytics and personalisation; device information: Information such as unique identifiers associated with the browsers, applications or devices you use. If you are logged in to Google, some other types of your data may be collected by Google. If you do not wish to be associated with your profile on Google, you must log out before giving your consent to the use of Google Maps.
 
Further information on Google’s terms of use, data protection provisions and in particular on data transmission by Google to third countries can be found at https://policies.google.com/?hl=de.
 
Information about the joint responsibility with Google can be found at
https://business.safety.google/intl/de/controllerterms/.
 
Trello from Atlassian
 
We use the Trello project management tool from Trello, Inc. (55 Broadway, 25th Floor, New York, NY 10006, USA) for the visualised coordination of projects and work packages in project teams. In particular, project and deadline data is collected and processed.
 
Further information about the provider can be found at
https://www.atlassian.com/legal/privacy-policy#what-this-policy-covers.
 
Jira from Atlassian
 
We use the project management tool Jira from Atlassian Pty Ltd (Level 6, 341 George Street, Sydney NSW 2000, Australia) to organise projects and manage project teams and resources. In particular, registration and profile data is collected and project-related data is processed.
 
Further information about the provider can be found at https://www.atlassian.com/legal/privacy-policy#what-this-policy-covers.
 
Confluence from Atlassian
 
We use the Confluence service from Atlassian Pty Ltd (Level 6, 341 George Street, Sydney NSW 2000, Australia) as an enterprise wiki (knowledge management) as well as for collaboration, communication and networking of teams and for the documentation of projects and associated documents. In particular, contact and project data as well as deadline and content data are collected and processed.
 
Further information about the provider can be found at https://www.atlassian.com/legal/privacy-policy#what-this-policy-covers..
 
Google Workspace and Google Vault
 
We use the Google Workspace service from Google LLC (Google Cloud EMEA Limited, Velasco, Clanwilliam Place, Dublin 2, Ireland) to manage emails, documents, calendars and for real-time collaboration. This service supports us in communication and the organisation of teams as well as in the documentation and management of projects. In particular, contact, content and usage data is collected and processed.
 
We also use Google Vault from Google Cloud EMEA Limited to archive, manage and eDiscovery of emails, chat messages and other relevant data within Google Workspace. Google Vault helps us to secure data, fulfil legal and regulatory requirements and make important information easily accessible.
 
You can find more information about the provider at https://admin.google.com/terms/apps/8/2/en/dpa_terms.html
.
 
Social networks
 
We maintain online presences within social networks and platforms in order to communicate with the customers, interested parties and users active there and to inform them about our services. When accessing the respective networks and platforms, the terms and conditions and data processing guidelines of their respective operators apply.
 
Unless otherwise stated in our privacy policy, we process users’ data if they communicate with us within the social networks and platforms, e.g. write posts on our online presences or send us messages.
 
Facebook fan page
 
We operate a Facebook page (so-called “fan page”) on Facebook, a service of Meta Platforms Ireland Limited, Block J, Serpentine Avenue, Dublin 4, Ireland (“Meta Ireland”).
 
When you visit our Facebook fan page, personal data is processed not only by us, but also by Meta Ireland, even if you do not have a Facebook profile or are not logged in. User data (such as contact data), content data (such as entries in forms), usage data (such as websites visited, interests in content, access times) and communication data (such as device information, IP addresses) are processed when you use our fan page. On the one hand, this is done for the purpose of informing you and for communication, for example via contact enquiries and feedback forms, as well as for marketing purposes.
 
If you are logged in when you open our fan page, we can view the information contained in your public Facebook profile. Meta Ireland also provides us with statistics and insights that help us learn about the types of actions people take on our pages (“Page Insights”). We use these to improve the user experience. However, we do not have access to the usage data that Meta Ireland uses to compile the statistics, but only to summarised Page Insights.
 
We are jointly responsible with Meta for collecting data from visitors to our fan page and forwarding it to Meta (this includes creating the above-mentioned events and combining them into page insights, which are then made available to us by Meta Ireland). From this, interests can be derived and user profiles created, but we cannot draw any conclusions about individual users. Meta also uses the data to provide “Page Insights”, which can be used to gain insights into the interaction with the pages and the associated content. We have therefore concluded a joint controllership agreement with Meta regarding the processing of your data in accordance with Art. 26 GDPR. The agreement with Meta also sets out the security measures that Meta must observe. The rights of data subjects, such as information or other requests, must also be fulfilled by Meta. You can view the terms of this agreement concluded with Meta here: https://de-de.facebook.com/legal/terms/page_controller_addendum.
 
Further information on which personal data is processed within the scope of joint responsibility can be found at https://www.facebook.com/legal/terms/businesstools_jointprocessing
 
Further processing by Meta is not carried out under our joint responsibility.
 
For more information on Page Insights and how to exercise your data subject rights, please refer to the https://www.facebook.com/legal/terms/information_about_page_insights_data.
 
For more detailed information on how Meta processes personal data, including information on the legal basis and how to exercise your data subject rights against Meta, please refer to Meta’s Data Policy at https://www.facebook.com/about/privacy.
 
Youtube channel
 
In principle, Google Ireland Limited, Gordon House, Barrow Street Dublin 4, Ireland is solely responsible for the processing of personal data when you visit our YouTube channel. Further information about the processing of personal data by YouTube or Google Ireland Limited can be found at
https://policies.google.com/privacy
 
X fan page (formerly Twitter)
 
We operate a fan page on X (formerly Twitter), a service of Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland (“X”), to interact with X members, visitors and followers and to provide information about our company and its products and services (e.g. to promote new products or exclusive offers, obtain feedback from customers and interested parties, answer questions about our products or services, etc.). Data such as user data, payment data, preferences, usage data, purchases and payments, device data, location data, presumed identity and log data may be processed.
 
Further information can be found at https://x.com/de/privacy-twitter-privacy-1.
 
Xing fan page
 
We operate a XING fan page on XING, a service of New Work SE, Am Strandkai 1, 20457 Hamburg, Germany (hereinafter “XING”).
 
We use our company page to contact and communicate with XING members and visitors in order to provide information about our company and its products and services. We also present recruiting information in the context of job postings. If you contact us, we can view the information that you have published in your XING profile (e.g. job title, education, contact details, photo).
 
When you visit our profile or interact with our site, XING processes personal data. XING may also use tracking tools and cookies. Information on your data protection and objection options can be found at https://www.xing.com/settings/privacy.
 
For more detailed information on how XING processes which personal data and how you can exercise your data subject rights vis-à-vis XING, please refer to XING’s privacy policy: https://privacy.xing.com/en/privacy-policy.
 
You can object to data collection by XING here: nats.xing.com/optout.html
 
LinkedIn
 
Functions of the LinkedIn network are integrated on our websites. You can find an overview of the LinkedIn plugins here: https://learn.microsoft.com/de-de/linkedin/consumer/integrations/self-serve/plugins. These functions are offered by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.
 
Each time you visit one of our websites that contains LinkedIn functions, a connection to LinkedIn servers is established. LinkedIn thus learns that you have visited our website with your IP address. If you click on the LinkedIn “Share” button and are logged into your LinkedIn account, LinkedIn is able to associate your visit to our website with you and your user account. We would like to point out that, as the provider of our website, we have no knowledge of the content of the data transmitted or its use by LinkedIn.
 
Further information can be found in LinkedIn’s privacy policy at: https://www.linkedin.com/legal/privacy-policy.
 
Instagram Business Account
 
We operate an Instagram Business Account (hereinafter “Instagram”), a product of Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (“Meta”), with whom we share technologies, systems, insights (“Insights”) and information.
 
During your visit, personal data is processed not only by us, but also by Meta, even if you do not have a profile on Instagram or are not logged in. When you visit our Instagram profile, user data (e.g. contact data), content data, usage data (such as websites visited, interests in content, access times) and communication data (such as device information, IP addresses) are processed. On the one hand, this is done for your information and for communication purposes, for example via contact requests and feedback forms, as well as for marketing purposes.
 
If you are logged in and if you open our Instagram profile, we can view the information contained in your public Instagram profile. Meta also provides us with anonymous usage statistics (“Page Insights”). We use these to improve the user experience. However, we do not have access to the usage data that Meta uses to compile the statistics.
 
We are jointly responsible with Meta for collecting data from visitors to our Instagram page and forwarding it to Meta (this includes information on the types of content viewed, interactions with content, actions taken, technical information such as IP address, operating system, browser type, language settings, cookie data). Interests can be derived from this and user profiles can be created, but we cannot draw any conclusions about individual users. Meta also uses the data to provide “Page Insights”, which can be used to gain insights into the interaction with the pages and the associated content. We have therefore concluded a joint controllership agreement with Meta regarding the processing of your data in accordance with Art. 26 GDPR. The agreement with Meta also sets out the security measures that Meta must observe. The rights of data subjects, such as information or other requests, must also be fulfilled by Meta. You can view the terms of this agreement concluded with Meta at: https://www.facebook.com/legal/terms/page_controller_addendum. Further processing by Meta is not our joint responsibility.
 
Meta also stores cookies on your device when you visit our Instagram profile, even if you do not have an Instagram profile or are not logged in to it. This enables Meta to create user profiles based on your preferences and interests and to display adverts tailored to these interests inside and outside Instagram. Cookies remain on your device until you delete them. Details can be found in Meta’s privacy policy (see below).
 
Data processing is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time with effect for the future via our Consent Management Platform (CMP), which you can access at the bottom of our website, without affecting the lawfulness of processing based on consent before its withdrawal. In addition, you can revoke your consent by making the appropriate setting in your browser or as a logged-in Instagram user under the privacy and security settings. You can also opt out of user-based advertising via the opt-out page of the Network Advertising Initiative (http://optout.networkadvertising.org/), via http://www.youronlinechoices.com/de/praferenzmanagement/, or the US website http://www.aboutads.info/choices.
 
As a logged-in Instagram user, you can make an objection and other settings in the privacy and security settings in the https://www.instagram.com/accounts/login/next=/accounts/privacy_and_security/
 
It cannot be ruled out that Meta will transfer data to the USA for the purpose of storage and further processing. If such a data transfer to the USA takes place, it is based on the standard contractual clauses or the adequacy decision of the EU Commission: https://www.facebook.com/legal/EU_data_transfer_addendum and https://facebook.com/help/566994660333381.
 
For more information about Page Insights, please refer to https://www.facebook.com/help/instagram/788388387972460?helpref=faq_content. For more detailed information on how Meta processes which personal data and how you can exercise your data subject rights vis-à-vis Meta, please refer to Meta’s Data Policy at https://www.facebook.com/about/privacy and
https://help.instagram.com
 
You can find the cookie policy at: https://help.instagram.com/1896641480634370/?helpref=uf_share.
 
Other third-party services
 
We transfer personal data to third parties in order to fulfil our contractual or legal obligations and to be able to offer our services. We are legally obliged to transfer data to state authorities, e.g. tax authorities, supervisory authorities and law enforcement agencies.
 
When processing your data, we also work with the following service providers who have access to your data:

Web hosting and web development provider,

Service provider for IT development services,

Marketing and advertising agencies,

Distribution service provider,

Payment service provider,

Logistics service provider,

Email and newsletter provider,

Service provider for proofreading and translations,

CRM system service provider,

Cloud services,

Conference and webinar software,

Service provider for online surveys.

 
Transfer to third countries
 
Data is transferred to countries outside the European Economic Area. We only transfer personal data to third countries where the EU Commission has confirmed an adequate level of protection or where we can ensure the careful handling of personal data through contractual agreements or other suitable guarantees, such as certifications or proven compliance with international security standards.

USA (adequacy decision, standard contractual clauses)

 
Rights of the person concerned
 
As the data subject, you have the right to:

request information about the processing of your data and to receive a copy of your personal data. Among other things, you can request information about the purposes of the processing, the categories of personal data being processed, the recipients of the data (if it is passed on), the duration of storage or the criteria for determining the duration;

receive the personal data concerning you in a structured, commonly used and machine-readable format or to transmit those data to another controller;

rectify your data. If your personal data is incomplete, you have the right to complete the data, taking into account the purposes of the processing;

have your data deleted or blocked;

restrict the processing;

object to the processing of your data;

revoke your consent to the processing of your data for the future and

complain to the competent supervisory authority about unauthorised data processing.

Requirement or obligation to provide data
 
Unless expressly stated at the time of collection, the provision of data is not required or mandatory.
 
Automated decision-making including profiling
 
We do not carry out automated decision-making or profiling.
 
Status of this privacy policy
 
We adapt the information in the event of changes to our processes.
 
Status of this privacy policy: 07-2024