Data protection declaration

We are pleased that you are visiting our website and thank you for your interest in our company.

Rhomberg Sersa Rail Group attaches great importance to the protection of your personal data. We treat the data entrusted to us as strictly confidential and handle it responsibly. We therefore inform you in accordance with the relevant data protection provisions of the General Data Protection Regulation (EUDATAP) and the Data Protection Act.

 

1. Collection of Information

We collect information from you directly from your input and automatically through the technologies of the services.

1.1 Automatically Collected Information

The Service automatically collects certain information relating to your use of the Service for the purposes of data security and user-friendliness:

  • The Internet protocol ("IP") address used to connect your computer to the Internet;
  • Computer, device and connection information, such as browser type and version, operating system, mobile platform and unique device identifiers (UDID) and other technical IDs;
  • Uniform Resource Locator ("URL") Clickstream data, including the date and time and the content you viewed or searched for in a service and the URL that referred you to that service.


The legal basis of this processing is our legitimate interest, which is to achieve the purposes stated above. We will store the data for a period of three months. A longer storage takes place only as far as this is necessary to investigate detected attacks on our website.


1.2 Cookies & Web Beacons

Rhomberg Sersa Rail Group uses in the browser so-called "session" cookies and web beacons. Cookies are small files with configuration settings that help Rhomberg Sersa Rail Group determine the frequency and type of use of our website. Cookies are also used to implement certain user functions. Rhomberg Sersa Rail Group does not collect any personal data via cookies and web beacons. In addition, use of Rhomberg Sersa Rail Group's website is also possible without cookies. Rhomberg Sersa Rail Group points out, however, that in this case not all functions of this website may be fully usable.

  • “Session” cookies are temporary and are deleted when the browser is closed;
  • “Web beacons" (counting graphics) are electrical graphics, also known as "single-pixel images", which allow recording or analysis.


Which cookies are used by Rhomberg Sersa Rail Group?
With the so-called "third party cookies", i.e. cookies from third party providers such as Google Inc., you will also find a link to the latest version of their data protection provisions known to us.

Use of Google-Maps
On our site we use the component "Google Maps" from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, to present addresses and locations in an userfriendly and simple way.
Each time you access our website, your IP-address is transmitted to Google and Google sets a cookie to process user settings and data when you view the page that includes the Google Maps component. As a rule, this cookie is not deleted when you close your browser, but expires after a certain time, unless you delete it manually beforehand.
The legal basis of this processing results from your consent, which you have given when calling up our website by clicking the "OK" button. You can revoke this consent at any time by deactivating the "Google Maps" service and thus prevent the transfer of data to Google. To do this, you must deactivate the JavaScript function in your browser. However, we would like to point out that in this case you will not be able to use "Google Maps" or only to a limited extent.
The legal validity of the processing carried out on the basis of your consent until revocation remains unaffected by the revocation.
The use of "Google Maps" and the information obtained via "Google Maps" is subject to the Google Terms of Service and the additional terms and conditions for "Google Maps".

Use of Youtube Components with Extended Data Protection Mode
On our website, we use videos stored on www.youtube.com by YouTube LLC, a company of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, that can be played directly from our website. These videos are shown as thumbnails on our websites. Only when you press the Play-button on the videos, a connection will be made to the YouTube servers and the content will be displayed on the website by a message to your browser.
We also use the option "extended data protection mode" provided by YouTube. According to YouTube, in "extended privacy mode" only data is transmitted to the YouTube server, especially your IP-address and which of our websites you visited when you click on the video. If you are logged in to YouTube at the same time, this information will be associated with your YouTube account. You can prevent this by logging out of your member account before visiting our website.
The legal basis of this processing results from your consent, which you have given when calling up our website by clicking the "OK" button. You can revoke this consent at any time by deactivating the setting of cookies in your web browser.
For more information about YouTube's privacy practices, visit the following link: https://policies.google.com/privacy.

LinkedIn Analytics and LinkedIn Ads
We use the conversion tracking and retargeting function of LinkedIn Corporation on our website.
This technology allows for displaying of personalized advertisements on LinkedIn to website visitors. Furthermore, it is possible to create anonymous reports on the performance of those advertisements as well as information on website interaction. For this purpose, the LinkedIn Insight-Tag has been integrated on this website, which establishes a connection to the LinkedIn server if you visit this website and are logged into your LinkedIn account at the same time.
LinkedIn’s privacy policy at https://www.linkedin.com/legal/privacy-policy provides more information on data collection and data usage, ways to protect your privacy, as well as your rights as a user. If you are logged into LinkedIn, you can deactivate the collection of data by using the following link: https://www.linkedin.com/psettings/enhanced-advertising.

 

Disabling Cookies:
There are several ways to manage cookies. The help button on the toolbars of most browsers shows you how to stop accepting cookies, how to be notified when a new cookie is set and how to block cookies. If you block cookies, you may not be able to register, log in or make full use of the services.

1.3 Web analytics services

Google Remarketing
Rhomberg Sersa Rail Group uses Google Remarketing technology, a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, to target you as a website visitor with advertising by placing personalized, interest-based ads when you visit other websites on the Google or DoubleClick display network. Google uses cookies, which are stored on your computer, to evaluate your website usage, demographic characteristics and interests. Google uses cookies that are stored on your computer to analyse your website usage, which is a prerequisite for the use of interest-based advertisements. The information generated by the cookie is transmitted to a Google server, stored there and can be evaluated by Rhomberg Sersa Rail Group within the framework of statistics and used to create interest-related advertisements. Google may transfer this information to third parties if this is required by law or if third parties process this data on behalf of Google. The collection and storage of data can be revoked at any time with effect for the future. You can disable Google's use of cookies by visiting https://policies.google.com/technologies/ads to opt out of Google advertising. Alternatively, you can disable the use of cookies by third parties by visiting the opt-out page of the Network Advertising Initiative at www.networkadvertising.org/managing/opt_out.asp.
For more information about Google's privacy policy, please visit https://policies.google.com/privacy.

MATOMO
Web analytics (also referred to as \"reach measurement\") is used to evaluate the flow of visitors to our online offering and may include behaviour, interests or demographic information about visitors, such as age or gender, as pseudonymous values. With the help of the reach analysis, we can, for example, recognise at what time our online offer or its functions or content are most frequently used or invite re-use. Likewise, we can understand which areas need optimisation.

In addition to web analysis, we may also use test procedures, e.g. to test and optimise different versions of our online offer or its components.
Unless otherwise stated below, profiles, i.e. data summarised for a usage process, may be created for these purposes and information may be stored in a browser or in a terminal device and read from it. The information collected includes, in particular, websites visited and elements used there as well as technical information such as the browser used, the computer system used and information on usage times. If users have agreed to the collection of their location data from us or from the providers of the services we use, location data may also be processed.

The IP addresses of the users are also stored. However, we use an IP masking procedure (i.e. pseudonymisation by shortening the IP address) to protect users. In general, no clear user data (such as e-mail addresses or names) is stored in the context of web analysis, A/B testing and optimisation, but pseudonyms. This means that we as well as the providers of the software used do not know the actual identity of the users, but only the information stored in their profiles for the purposes of the respective procedures.

  • Types of data processed: Usage data (e.g. websites visited, interest in content, access times); meta/communication data (e.g. device information, IP addresses).
  • Data subjects: Users (e.g. website visitors, users of online services).
  • Purposes of processing: reach measurement (e.g. access statistics, recognition of returning visitors); profiles with user-related information (creation of user profiles).
  • Security measures: IP masking (pseudonymisation of the IP address).
  • Legal basis: Consent (Art. 6 para. 1 p. 1 lit. a. DSGVO); Legitimate interests (Art. 6 para. 1 p. 1 lit. f. DSGVO).
    Further information on processing processes, procedures and services:

Matomo is software that is used for the purposes of web analysis and reach measurement. Within the scope of the use of Matomo, cookies are generated and stored on the end device of the user. The user data collected in the course of using Matomo is only processed by us and is not shared with third parties. The cookies are stored for a maximum period of 13 months: https://matomo.org/faq/general/faq_146/; Legal basis: Consent (Art. 6 para. 1 p. 1 lit. a. DSGVO); Deletion of data: Cookies have a maximum storage period of 13 months.

Collected and pseudonymised data is not passed on to Matomo. Instead, they are stored on our own server at a certified hosting provider in Germany (Hetzner).

1.4 Newsletter

If you would like to receive this newsletter, we need your email address and additional information that will allow us to verify that you are the owner of the email address provided and that you agree to receive the newsletter.
We use a double opt-in procedure so your contacts receive only the emails they've agreed to get. In order for a potential subscriber to sign up for a newsletter, they have to complete all the steps of this process. This process is complete (and legally watertight!) once a user has clicked on the confirmation link in the double opt-in email. Their email address will be activated in your contact list only once they've confirmed their subscription.
We use this data exclusively for sending information and offers you have requested.
Sendinblue is used as newsletter software. Your data is transmitted to Sendinblue GmbH. The Sendinblue GmbH is prohibited from selling your data and from using it for purposes other than sending newsletters. The Sendinblue GmbH is a certified German newsletter software provider, working in accordance with the European directive 95/46, as well as the German Federal Data Protection Act (BDSG).
More Info: https://www.sendinblue.com/legal/termsofuse/?rtype=n2go

When you give a company permission to store your personal information and email address and to send you marketing emails, you can revoke this consent at any time via the unsubscribe link in every mailing.

2. Data Security

Your data will be hosted by a provider located within the European Union (dedicated server by Hetzner Online GmbH). Both Rhomberg Sersa Rail Group and the provider use technical and organisational security measures to protect your collected data against accidental or intentional manipulation, loss, destruction or against access by unauthorised persons. We would like to point out that the transmission of data on the Internet possibly is unsecured and there is therefore a risk that third parties may intercept and use the data. Our security measures are continuously improved in line with technological developments. You can also contact us at any time by mail or telephone.

3. Making contacts

If you contact us via the contact options offered on this website, we will process the data that you make available to us in the course of this. The purpose of the processing is to answer your request. The legal basis results from our legitimate interest in achieving this purpose.

4. Your Rights

In accordance with the applicable data protection law, you have the right to information, correction, deletion, restriction of processing, objection and transferability of the data.

Please direct any questions about your rights or any other questions on the topic of personal data to us.

Rhomberg Sersa Rail Group
Mariahilfstraße 29
6900 Bregenz
T +43 5574 403-0

Würzgrabenstraße 5
8048 Zürich
T +41 43 322 23 00

datenschutz@rsrg.com

You have the right to complain to a regulatory authority in the EU or to the data protection authority in your country if you believe there has been a breach of European or Austrian data protection law.

December 2019