Name	Partner	Expiry	Type	Description
__cf_bm (x2)	en.ridex.eu	30 minutes	HTTP-Cookie	This cookie is set by Cloudflare. The cookie is used to support Cloudflare Bot Management.
__cfduid (x3)	en.ridex.eu	1 month	HTTP-Cookie	The cookie is used by CDN services like Cloudflare to identify individual clients behind a shared IP address and apply security settings on a per client basis. It does not correspond to any user ID in the web application and does not store any personal identification information.
INGRESSCOOKIE	en.ridex.eu	2 days	HTTP-Cookie	This cookie is used for load balancing and session stickiness. This technical session identifier is required for some website features.
kmtx_sync_pi	en.ridex.eu	1 year	HTTP-Cookie	The cookie is used to store information on how visitors use a website and helps to create an analytics report of how the website is performing. The data collected is anonymous and includes the number of visitors, the traffic source, and the pages visited.
fuel_csrf_token	en.ridex.eu	1 hour	HTTP-Cookie	This cookie enables basic functionalities and the security features of the website. It operates on an anonymous basis.
checkedSwitchClone	en.ridex.eu	Session	HTTP-Cookie	This cookie enables basic functionalities and the security features of the website. It operates on an anonymous basis.
SSNONE	emitter.kilometrix.de	Session	HTTP-Cookie	The cookie is used to store information on how visitors use a website and helps to create an analytics report of how the website is performing. The data collected is anonymous and includes the number of visitors, the traffic source, and the pages visited.
ui	en.ridex.eu	2 months	HTTP-Cookie	This cookie enables basic functionalities and the security features of the website. It operates on an anonymous basis.
clientCode	en.ridex.eu	Session	HTTP-Cookie	This cookie enables basic functionalities and the security features of the website. It operates on an anonymous basis.
drv	en.ridex.eu	7 days	HTTP-Cookie	This cookie enables basic functionalities and the security features of the website. It operates on an anonymous basis.
CookieConsent	en.ridex.eu	1 year	HTTP-Cookie	This cookie enables basic functionalities and the security features of the website. It operates on an anonymous basis.
kmtx_sync	en.ridex.eu	1 year	HTTP-Cookie	The cookie is used to store information on how visitors use a website and helps to create an analytics report of how the website is performing. The data collected is anonymous and includes the number of visitors, the traffic source, and the pages visited.
JSESSIONID	nr-data.net	Session	JSESSIONID	Used by sites written in JSP. This is a general purpose platform session cookie that is used to maintain the user's session state across page requests.
_genesys.widgets.inFocus	en.ridex.eu	Persistent	HTML Local Storage	Genesys Widgets uses this cookie to store non-sensitive data in the browser. The end user's browser must allow cookies for Genesys Widgets to operate properly. Each cookie is required, and without the ability to read and write these cookies, Genesys Widgets products will not function properly.
fueldid	en.ridex.eu	2 months	HTTP-Cookie	This cookie enables basic functionalities and the security features of the website. It operates on an anonymous basis.
productsOnCart	en.ridex.eu	Persistent	HTML Local Storage	This cookie enables basic functionalities and the security features of the website. It operates on an anonymous basis.
sntk_test	en.ridex.eu	1 day	HTTP-Cookie	This cookie enables basic functionalities and the security features of the website. It operates on an anonymous basis.
Widgets.ready	en.ridex.eu	Session	HTML Local Storage	This cookie enables basic functionalities and the security features of the website. It operates on an anonymous basis.
WINDOW_VALIDATION	en.ridex.eu	Persistent	HTML Local Storage	This cookie enables basic functionalities and the security features of the website. It operates on an anonymous basis.
kmtx_sync	emitter.kilometrix.de	1 year	HTTP-Cookie	The cookie is used to store information on how visitors use a website and helps to create an analytics report of how the website is performing. The data collected is anonymous and includes the number of visitors, the traffic source, and the pages visited.

Name	Partner	Expiry	Type	Description
_ga	en.ridex.eu	2 years	HTTP Cookie	Used to identify users.
_gid	en.ridex.eu	24 hours	HTTP Cookie	Used to identify users.
_gat	en.ridex.eu	1 minute	HTTP Cookie	The cookie is installed by Google Analytics to control the request rate and limit the collection of data on high-traffic websites.

Privacy policy

In the following, we inform you about the processing of personal data in connection with the use of our online services.

1. General information

1.1. Responsible party

RIDEX GmbH
Josef-Orlopp-Straße 55
10365 Berlin
Germany
Email: datenschutz@ridex.de

1.2. Purposes and legal basis of data processing

As part of our business activities, we process personal data of various data subjects (e.g. website users, interested parties, and customers). We will inform you of the purposes and legal basis as well as further details of the respective processing further down in this privacy policy.

1.3. Recipients

Depending on the processing situation, your personal data may be processed not only by the controller but also by third parties. Possible recipients include, in particular, order processors (e.g. web hosting, software providers and other technical service providers), shipping service providers and third-party providers of online services and content. Disclosure may also be made in connection with official enquiries, court orders, and legal proceedings if it is necessary for legal prosecution or enforcement. For details, please refer to the notes on the respective processing, where applicable.

1.4. Third-country transfer

We use services whose providers have locations or process personal data in so-called third countries (outside the European Union or the European Economic Area), i.e. countries where the level of data protection does not correspond to that in the European Union. Insofar as the European Commission has not issued an adequacy decision for these countries (Art. 45 GDPR), we have taken appropriate measures to ensure an adequate level of data protection for any data transfers. These include, among others, the standard contractual clauses of the European Union. If you would like to find out more or receive copies of the guarantees, please contact datenschutz@ridex.de.

1.5. Storage period

Personal data will be kept for as long as is necessary for the purpose for which it was collected, for as long as we are required by law to retain it, or for other legal reasons.

1.6. Rights of data subjects

You have the right to obtain information about the data stored about you, including any recipients and the intended storage period in accordance with Article 15 of the GDPR. If the processed data is not (or is no longer) correct, you have a right to rectification (Art. 16 GDPR). If the relevant legal requirements are met, you may request the deletion (Art. 17 GDPR) or restriction (Art. 18 GDPR) of the data processing as well as object to the processing (Art. 21 GDPR). If you believe that the processing of your personal data violates data protection law, you have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR).

1.7. Right to object

You have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data which is carried out based on Art. 6 para. 1 p. 1 lit. f GDPR. We will then no longer process your personal data unless there are compelling legitimate reasons worthy of protection that outweigh your interest in protection, or the processing serves the assertion, exercising, or defence of legal claims. You may object at any time, without giving reasons, to the processing of your data for the purposes of direct marketing and to any profiling that may be associated with it.

2. Processing situations

2.1. Website use

Our internet offers serve to provide information about our company and our products, as well as communication and interaction with our customers and interested parties.

We also process personal data for the aforementioned purposes. The scope and legal basis of the data processing depends on the services requested by the user, the relevant browser configuration, and the scope of any consent given.

Web technologies (cookies and similar technologies)

In order to improve communication and interaction with our customers as well as to optimise the user experience, we use various software solutions and web technologies, including tools for web analysis and marketing provided by third parties as well as services for the integration of third-party content, such as fonts, maps, or videos.

Analytics tools are used to collect, measure, and analyse data points such as visitor numbers, visitor sources, pages visited, time spent on the website, or scroll depth. Marketing tools enable targeted control and evaluation of marketing activities (advertising campaigns, affiliate advertising, multichannel analysis).

In some cases, the use of such tools requires the consent of the respective user. We use a so-called consent management tool to obtain and manage the necessary consent in accordance with Art. 6 para. 1 p. 1 lit. a GDPR and, if applicable, Section 25 (1) TTDSG [German Telecommunications-Telemedia Data Protection Act] (see the following section).

Detailed information about the subject and scope of the relevant consents and the data processing based on them will be provided to you directly via the consent management tool.

Insofar as consent is not required, personal data processing is carried out on the basis of Art. 6 para. 1 p. 1 lit. f GDPR for the purposes described, which at the same time represent the interests pursued by us or our partners ("necessary services"). The collection of data for the provision of the website and the storage of log files are absolutely necessary for the operation of the website.

Consent management tool

We use a consent management tool ("CMT") for the purpose of consent management. You can access the CMT at any time here or by clicking on the link "Cookie settings" in the footer of the website. When you access our website, a CMT cookie is set, which is used to store the consent given for the individual services and to control the corresponding activation or deactivation of the respective functionalities.

The CMT is used to obtain the necessary consents and to document them in accordance with our obligation to provide evidence. The legal basis for this is Art. 6 para. 1 p. 1 lit. c GDPR.

The collected data is stored until you delete the cookie. Details on data processing by the CMT can be found in the tool's user interface.

Google Tag Manager

Our website uses the Google Tag Manager of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Tag Manager is used to manage tracking tools and other services, so-called website tags. The Google Tag Manager does not require the use of cookies.

The legal basis is Art. 6 para. 1 p. 1 lit. f GDPR, based on our legitimate interest in integrating and managing multiple tags on our website in a straightforward manner.

You can find more information here.

YouTube

We have integrated videos on this website that are stored on YouTube and can be played from our website. We have activated YouTube's extended data protection mode. This means that Google does not receive any usage information and does not set any cookies until the user actively clicks on the play button. After this click, the video starts playing and Google sets its own cookies to improve its services and to play individualised advertising on the Google advertising network.

The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

For more information, please see YouTube's privacy policy.

2.2. Customer management, direct marketing

For the purpose of central management of sales-relevant contact and marketing information within the AUTODOC Group, we use a so-called customer relationship management system ("CRM"). Data managed in the CRM includes both existing customer contacts and registered website users, including newsletter subscribers and other marketing contacts.

Customer/User profiles

The CRM enables us to collate and analyse marketing information from multiple sources to optimise our marketing strategy and target direct mail. This may include the creation and analysis of customer or user profiles to determine which products and services are most popular and to tailor marketing campaigns to individual interests.

In addition to the existing operational customer data, the data generated through our online offerings (e.g. landing pages, contact forms) is also processed in the CRM. Data from email and social media marketing (e.g. opening rates, referral paths, etc.) may also be used.

Our aim is to make the sales and marketing efforts of the various business units within the AUTODOC Group efficient and targeted, and to coordinate them across divisions. For this purpose, we process (also with the help of service providers) the relevant CRM data in accordance with Art. 6 para. 1 p. 1 lit. f GDPR on the basis of a balancing of interests.

Consent Management (email advertising)

Another component of our CRM is consent management. According to Section 7 (2) Nos. 1 and 2 UWG, certain direct advertising measures, such as email advertising in particular, require consent.

If and insofar as you give us advertising consent within the scope of our Internet offers (e.g. when registering for the newsletter), we document and store the information required to prove our obligation to provide evidence (Art. 7 para. 1 GDPR and, if applicable, § 7a UWG) based on Art. 6 para. 1 p. 1 lit. c GDPR.

In the event of withdrawal of consent, we will retain the evidence for documentation purposes pursuant to Art. 6 para. 1 p. 1 lit. f GDPR until the expiry of the statutory limitation periods. This serves our interests in any legal defence that may be necessary. The same applies to the documentation of advertising objections, which we also store in a blacklist for email delivery to ensure that no advertising is sent to recipients who expressly do not wish to receive it.

(Personalised) direct mail and newsletters

If consent has been given, the data processing for the purposes covered by the consent is carried out on the basis of Art. 6 para. 1 lit. a GDPR.

Irrespective of any consent requirements, we process personal data from our CRM and, where applicable, from other sources (including service providers) for the purposes of targeted and, where applicable, personalised delivery, and design of direct mail. The legal basis for the processing in pursuit of our advertising interests is Art. 6 para. 1 p. 1 lit. f GDPR.

On our website, you have the option of subscribing to a free and regular newsletter, which contains, among other things, customised information, news about our products and current special offers.

To subscribe to our newsletter, we use the double opt-in process, which means that we will only send you the newsletter by email if you click on a link in our notification email to confirm that you are the owner of the email address provided. If you confirm your email address, we will store your email address, the time of registration, and the IP address used for registration until you unsubscribe from the newsletter. The sole purpose of the storage is to send you the newsletter and to prove your registration. You can unsubscribe from the newsletter at any time. A corresponding "Unsubscribe" link can be found in every newsletter. Notification to the contact details given above or in the newsletter (e.g. by email or letter) is also sufficient.

The legal basis for the processing is your consent pursuant to Art. 6 para. 1 p. 1 lit. a GDPR. The logging of the registration process is based on our legitimate interests in accordance with Art. 6 para. 1 p. 1 lit. f GDPR for the purpose of proving consent.

In order to determine when our emails are opened and how they are used, we record and analyse the interactions with the newsletter and the access data (e.g. opening rate or click rate) using standard market technologies. For this purpose, our emails include web beacons. These are small image files loaded by our website that allow us to determine when an email has been opened by you. We also learn which of the links in the email you click on. We use this access data to continually improve our services, content, customer communications, and for statistical purposes. We also use this information to better understand what content and products interest you so that we can provide you with the most relevant content in the future.

The access data (opening and click data) are only stored anonymously. A separate revocation regarding the described analysis of your access data and the creation of a personalised usage profile is not possible. However, you can configure your email program to display emails in text format rather than HTML. This prevents image and graphics files from being displayed, so that tracking is not possible. In these cases, the newsletter will not be displayed in full, and you may not be able to use all functions. If you do not want us to analyse your access data or create a personalised usage profile for you, you can withdraw your consent to receive personalised email advertising at any time as described above.

Existing customer advertising

Provided you have given your consent and have entered your mobile number and/or telephone number in your customer account, we will contact you by phone or SMS for satisfaction surveys, special offers and promotions, product information and statistical purposes. You may revoke your consent at any time with effect for the future by notifying us at the above contact details (e.g. by email or letter).

If you give us your consent at the beginning of the call, we will then record the conversation. We will store the information provided during the call for the training of our customer service staff and for the quality assurance of our call centre and will normally delete it after three months unless a longer retention period is required by law or for evidence purposes. We may retain the recording for up to three years for evidence purposes (e.g. conclusion of a sales contract). Your consent is the legal basis (Art. 6 para. 1 p. 1 lit. a GDPR) for recording and analysing the conversation.

2.3. Contact

If you contact us via our contact forms or by email, we regularly process your personal data (also with the help of service providers) in order to respond to your enquiry or to process your request on the basis of Art. 6 para. 1 p. 1 lit. f GDPR to protect the fundamental interests of our business, in particular our corporate communications.

Contract-related communication which is necessary for the implementation of a contractual relationship concluded with you or within the scope of pre-contractual measures based on your enquiry is also carried out on the basis of Art. 6 para. 1 p. 1 lit. b GDPR.

You can also contact us by telephone. If you give us your consent at the beginning of the call, we will record the conversation. We will store the information provided during the call for the training of our customer service staff and for the quality assurance of our call centre and will normally delete it after three months unless a longer retention period is required by law or for verification purposes. We may retain the recording for up to three years for verification purposes (e.g. conclusion of a sales contract). Your consent is the legal basis (Art. 6 para. 1 p.1 lit. a GDPR) for recording and analysing the conversation.

2.4. Customer account

On our website, we offer users the opportunity to create a customer account or register for our login area in order to use the full functionality of our website. Registration for a user account constitutes a contract for the use of an account with ridex.eu. The data collected is used to provide the user with access to ridex.eu and its associated services. We have indicated the information you must enter by marking it as mandatory. The registration data is used to create a customer account and subsequent order processing. Registration is not possible without this information. The legal basis for the processing is Art. 6 para. 1 p. 1 lit. b GDPR.

3. Online presence on social networks

We maintain online presences in social networks in order to communicate with customers and interested parties, among others, and to provide information about our products and services.

User data is generally processed by the social networks concerned for market research and advertising purposes. In this way, usage profiles can be created based on users' interests. For this purpose, cookies and other identifiers are stored on the users' computers. Based on these user profiles, advertisements are then placed, for example, within the social networks, but also on third-party websites. As part of the operation of our online presences, we may have access to information such as statistics on the use of our online presences provided by the social networks. These statistics are aggregated and may include, in particular, demographic information and data on interaction with our online presences and the posts and content distributed through them. Details and links to the social network data to which we have access as the operator of the online presence can be found in the list below.

The legal basis for data processing is Art. 6 para. 1 p. 1 lit. f GDPR, based on our legitimate interest in effectively informing and communicating with users, or Art. 6 para. 1 p. 1 lit. b GDPR, in order to stay in contact with and inform our customers and to carry out pre-contractual measures with future customers and interested parties.

For the legal basis of the data processing carried out by the social networks under their own responsibility, please refer to the privacy policy of the respective social network. The following links will also provide you with further information about the respective data processing and the options to object.

We would like to point out that the most effective way to address privacy concerns is to contact the social network provider, as only they have access to the data and can take direct action.

Below is a list of information about the social networks on which we have an online presence:

Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)
- Operation of the Facebook fan page under joint responsibility on the basis of an Agreement on joint processing of personal data (so-called Page Insights Supplement regarding the responsible party);
- Information about the Page Insights data processed and how to contact us in the event of Data protection enquiries: https://www.facebook.com/;
- Privacy Policy: https://www.facebook.com;
- Opt-Out: https://www.facebook.com and http://www.youronlinechoices.com.
Instagram (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)
- Privacy Policy: https://help.instagram.com/519522125107875.
LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland)
- Operation of the LinkedIn company page under joint responsibility on the basis of an Agreement on the joint processing of personal data (so-called Page Insights Joint Controller Addendum);
- Information on the processed site insights data and the contact option in the event of data protection enquiries: https://legal.linkedin.com;
- Privacy Policy: https://www.linkedin.com;
- Opt-Out: https://www.linkedin.com.

4. Data Protection Officer

You can contact our data protection officer at:

c/o RIDEX GmbH
Josef-Orlopp-Straße 55
10365 Berlin
Еmail: datenschutz@ridex.de