The protection of your personal data is of particular concern to us, which is why we strictly adhere to the legal requirements of the Data Protection Act and the GDPR when collecting and processing your personal data.
A. Processing of personal data on our homepage
1. Personal data
Our website can generally be used without providing personal data. However, different rules may apply to the use of individual services, which we will point out to you separately.
Therefore, besides the cookies described in detail below, we only collect and save data that you provide to us yourself by entering it into our input fields or actively interacting with our website in any other way.
Personal data is deemed to be all information that relates to an identified or identifiable natural person. This includes, for example, your name, your address, your telephone number, or your date of birth, but also your IP address or geolocation data that can be used to identify you.
a. If you only use our website for information purposes, i.e. if you do not register for a service or otherwise provide us with information - for example via a contact form - we will only collect the personal data that your browser transmits to our server. If you want to visit our website, we collect the data listed below, which is technically necessary for us to display the website to you, and to ensure its stability and security in accordance with Art. 6 para. 1 sentence 1 letter of of the EU-GDPR:
Date and time of the request
Time zone difference from Greenwich Mean Time (GMT)
Content of the request
Access status / http status code
Amount of data transferred in each instance
Website from which the request originated
Operating system and its interface
Language and version of the browser software
b. In addition to the aforementioned data, first party and third party cookies are stored on your computer when you use our website. These are small text files that are stored on your hard drive and related to the browser you are using. The party that sets a cookie (here this is done by us and the third parties listed below) receives certain information. These cookies can be used to identify the user of the website, and their use of our services can be determined. Cookies may also be used for marketing purposes, usage analysis, and for targeted advertising.
A basic distinction can be made between first party cookies, third party cookies and third party requests.
First party cookies
First party cookies are stored by us or our website itself in your browser to provide you with the best possible user experience. These are in particular functional cookies, such as shopping cart cookies. We use the following first party cookies on our website:
- tarteaucitron (storage period 1 year)
Via this cookie, we record whether you have given consent to the storage of cookies for the Google Analytics, Google Maps and Facebook services when you enter our website.
- session_id (storage duration during the session)
- visitor_uuid (storage period 1 year)
This cookie allows us to track your movements and selections on the site. This is necessary to display the shopping cart correctly.
- tz (storage duration during the session)
Via this cookie, we recognize in which time zone you are located and can thus ensure correct processing steps for payment services, among other things.
- frontend_lang (storage duration during the session)
Via this cookie we record your language selection for the display of our website.
Third party cookies
Third party cookies are stored in your browser by a third party provider. These are mostly tracking or marketing tools that on the one hand evaluate your user behavior and on the other hand offer the third-party provider the possibility to recognize you on other websites you visit. Basically, retarget marketing, for example, is based on the function of such cookies.
In order to inform you comprehensively about the cookies we use, we have designed a cookie banner in accordance with the case law of the ECJ of 01.10.2019, C-673/17 (Planet 49) and other relevant decisions, which is displayed to you when you first access our website. In this cookie banner, all cookies used are shown together with their function, storage duration and origin. Only if you agree to the use of some or all cookies, they will be stored by us; an exception to this may be technically mandatory cookies, without whose use our website could not be displayed correctly.
It is possible for you to change your browser settings at any time so that, for example, you refuse to accept third-party cookies or all cookies. In this case, however, we must inform you that you may no longer be able to use all the functions of our website.
Third party requests
3. Collection and processing of personal data
Personal data that goes beyond the information stored by cookies is only processed by us if you voluntarily provide it to us, for example, when you register with us, enter into a contractual relationship with us, or otherwise contact us. This only concerns contact details and information on the issues about which you contact us.
We only use the personal data that you provide to the extent that is necessary in the context of fulfilling the respective purpose of processing (e.g., registering an account, processing an order, sending informational material and advertising, answering a question, enabling access for certain information) and that is legally permissible (in particular in accordance with Art. 6 of the EU-GDPR) (e.g., sending out advertising and informational material to existing customers).
The purpose of processing your data is the operation of our website and the targeted provision of company-specific information including the presentation of the range of our goods and services (marketing). Any further use of your data will only take place if you have given your express prior consent. You can revoke your consent - as explained in detail below - at any time for the future.
Each time you access our homepage, we collect the technical information about your computer described under 1. The IP address of your computer is stored only up to 7 days after the use of the online offer and then deleted or anonymized by shortening. We use all of this data for the operation of our homepage, in particular to detect and eliminate errors, to determine the utilization of the web server and to make adjustments or improvements. These purposes are also our legitimate interest in data processing according to Art. 6 para. 1 lit. f DSGVO.
4. Storage period
Unless we have already informed you specifically about the duration of the storage of personal data, the following principles generally apply to data processing:
Data that you have provided to us exclusively for customer service or for marketing and information purposes will generally be stored until three years after our last contact. However, if you wish, we will also delete your data before this period expires, provided that there is no legal obstacle to this.
In the event that a contract is initiated or concluded, we process your personal data after the contract has been fully concluded until the expiry of the guarantee, warranty, statute of limitations, and statutory retention periods that apply to us, and furthermore until the end of any legal disputes in which the data may eventually be needed as evidence.
5. Tools and applications used
Google uses this information on our behalf to evaluate your use of our website, to compile reports on website activity, and to provide the website operator with other services relating to website activity and internet usage. The IP address your browser transmits in the context of Google Analytics is not merged with other Google data.
You can prevent the storage of the cookies required by Google Analytics by rejecting the storage of cookies when entering our website or by setting your browser software accordingly, which may, however, mean that you will not be able to use all the functions of this website to their full extent. You can also prevent the collection of the data generated by the cookie and related to your use of the website (including your IP address) and its transmission and processing by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=en.
If you would like further information on the types, scope, and purposes of the data collected by Google, we recommend that you read their data protection provisions: https://support.google.com/analytics/answer/6004245?hl=en.
c. We use the Klarna service provided by Klarna Bank AB (publ), Sveavägen 46, 111 34 Stockholm, Sweden as a payment service provider for our online shop.
If you make a payment on our website via this payment service provider, a connection to the respective Klarna server is established and the payment data is transmitted.
Further information about Klarna and the data protection measures taken by Klarna can be found at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/en/privacy
d. Our website also offers the option of interacting with various social networks via plugins. These are:
Facebook und Instagram, betrieben von der Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland
Twitter, betrieben von der Twitter Inc., 795 Folsom Street, Suite 600, San Francisco, CA 94107, USA
Youtube, betrieben von der Youtube LLC, 901 Cherry Avenue, San Bruno, CA 94066 USA
Linked In, betrieben von der LinkedIn Inc., 2029 Stierlin Court, Mountain View, CA 94043, USA
When you click on a plugin of one of these social networks, it is activated and a connection to the respective server of this network is established as described above. We have no influence on the scope and content of the data that is transmitted to the respective operator of this social network by clicking on the plugin.
We have no influence on the scope and content of the data that is transmitted to the respective operator of this social network by clicking on the plugin or which may subsequently be subject to access by US authorities.
6. Data transfer
Your data will only be transferred to third parties if we are legally obliged to do so, if the transfer of data is necessary for the implementation of a contractual relationship between us, or if you have expressly consented to the transfer of your data beforehand. External processors or other cooperation partners will only receive your data if this is necessary for the execution of the contract or if we have a legitimate interest vested in this, which we will always give separate notification of when it is necessary. If one of our contract processors has access to your personal data, we ensure that they comply with the provisions of data protection laws in the same way as we do.
We do not sell or otherwise market your personal data to third parties outside the group. If our contractual partners or processors are based in a third country, i.e., a country outside the European Economic Area (EEA), we will inform you of the consequences of this fact in the description of the offer.
In any case, the recipients of your personal data are:
SIWA Online GmbH
eworx Network & Internet GmbH
our logistics partners and online payment services
Official Rosenbauer dealers in Germany
b. Data transfer to the USA?
We occasionally offer some services in the course of which a data transfer to the USA takes place or may take place. However, in order to use these services - unless there is another justification, such as the fulfillment of contractual obligations - it is necessary that you consent to the use of your data collected via these services, if necessary also in the USA (Art. 49 para. 1 lit. a DSGVO).
We record this consent - depending on the service - via our cookie banner or separately by corresponding declaration of consent directly before the use of an offered service.
Your consent is required because, according to recent decisions by authorities and courts and the case law of the ECJ, the USA is not certified as having an adequate level of data protection in the processing of personal data (C-311/18, Schrems II). In particular, these decisions by authorities and courts critically point out that access by U.S. authorities (FISA 0702) is not comprehensively restricted by law, does not require approval by an independent authority, and no relevant legal remedies are available to the data subjects in the event of such interventions.
We have no direct influence - apart from the contracts concluded with US service providers - on access by US authorities to personal data transferred to service providers in the USA when using these services. Even if we assume that our service providers take the necessary steps to ensure the promised level of protection in accordance with the contractual agreements concluded with us, access by US authorities to data processed in the USA is still conceivable.
We therefore request your consent to the processing of data in the USA before using such services. We will point out separately for each service or application that there is a possibility of data transfer to the USA.
We use numerous technical and organizational security measures to protect your data against manipulation, loss, destruction, and access by third parties. Our security measures are continuously improved in line with the technological developments on the internet. If you would like to receive further information on the type and scope of the technical and organizational measures that we have taken, please contact us in writing.
8. Your rights
In accordance with the General Data Protection Regulation and the Data Protection Act, you as the data subject of our data processing have the following rights and legal remedies:
Right to information (Art. 15 of the EU-GDPR)
As the data subject of the above-described and other data processing, you have the right to request information on whether personal data about you is being processed and, if so, which data is being processed. For your own protection - in order to ensure that no unauthorized person receives information about your data - we will check your identity in a suitable manner before providing information.
Right to correction (Art. 16) and deletion (Art. 17 of the EU-GDPR)
You have the right to immediately request the correction of incorrect personal data concerning you or - taking into account the purposes of the data processing - the completion of incomplete personal data and the deletion of your data, provided that the criteria of Art. 17 of the EU-GDPR are met.
Right to restriction of processing (Art. 18 of the EU-GDPR)
Under the legal provisions, you have the right to restrict the processing of all personal data collected. From the point of the request for restriction, this data will only be processed with your explicit consent or to assert and enforce legal claims.
Right to data portability (Art. 20 of the EU-GDPR)
You can request the unhindered and unrestricted transfer of personal data that you have provided to us to either yourself or a third party.
Right of objection (Art. 21 of the EU-GDPR)
For reasons arising from your particular situation, you may object at any time to the processing of personal data concerning you which is necessary for the protection of our legitimate interests or those of a third party. Your data will no longer be processed after your objection, unless there are compelling legitimate reasons for processing that outweigh your interests, rights and freedoms, or if the processing serves to assert, exercise, or defend legal claims. You can object to the processing of data for the purpose of direct mailings at any time, which will take immediate effect for the future.
Revocation of consent
If you have separately given your consent to the processing of your data, you can revoke this at any time. Such a revocation limits our ability to process your personal data after your revocation.
If you take any measure to enforce your above-listed rights under the GDPR, Rosenbauer must respond to the requested measure or comply with the request immediately, but no later than one month after receipt of your request.
We will respond to all inquiries deemed reasonable within the scope of the legal framework free of charge and as quickly as possible.
The Data Protection Authority is responsible for issues regarding the violation of the right to information and violation of the rights to secrecy, correction, and deletion. Their contact details are as follows:
Austrian Data Protection Authority (Österreichische Datenschutzbehörde)
9. Contact information / contact person
a. Contact information of the data officer
Rosenbauer E-Commerce GmbH
Paschinger Straße 90
4060 Leonding, Austria
+43 (0)732 6794 – 0
b. Contact information for the contact person for data protection-related issues
DI Marinko Kvesic
Paschinger Straße 90
+43 732 6794-551
10. Final provisions
As of: July 2021