We operate a website with general information and the option to contact us. We place particular importance on protecting your personal data. Below we explain how we handle your personal data.
1. Controller
The controller within the meaning of data protection law is:
ReMach GmbH
Elbringhausen 22
42929 Wermelskirchen
Germany
Website: https://www.re-mach.com
Email: info@re-mach.com
Phone: +49 2196 7050573
2. Contact for Data Protection Questions
If you have any questions regarding data protection, please contact:
Email: dataprivacy@re-mach.com
Postal address: ReMach GmbH, Elbringhausen 22, 42929 Wermelskirchen, Germany
3. Collection and Storage of Personal Data, and the Nature and Purpose of Its Use
In accordance with the statutory provisions of the German Federal Data Protection Act (BDSG), the General Data Protection Regulation (GDPR), and the Telemedia Act (TMG), we collect personal data only where permitted by law and where you voluntarily provide personal data to us when contacting us. We use the data you provide, without separate consent, solely to respond to your inquiries.
a) When Visiting the Website
When you access our website, information is automatically sent to our website server by the browser used on your device. This information is temporarily stored in a so-called log file. The following information is collected without any action on your part and stored until it is automatically deleted:
IP address of the requesting device
Date and time of access
Name and URL of the retrieved file
Website from which access is made (referrer URL)
Browser used and, if applicable, the operating system of your device, as well as the name of your access provider
We process the above data for the following purposes:
Ensuring a smooth connection setup for the website
Ensuring convenient use of our website
Evaluating system security and stability
For further administrative purposes
The legal basis for data processing is Art. 6(1) sentence 1 lit. f GDPR. Our legitimate interest follows from the purposes for data collection listed above. Under no circumstances do we use the data collected to draw conclusions about your identity.
b) When Contacting Us by Email
If you send us an email, we store your email address and the data contained therein that you provide to us in your message in order to respond to your inquiry on the basis of Art. 6(1) sentence 1 lit. b GDPR (pre-contractual measures) or lit. f GDPR (legitimate interest in answering your question). As soon as we no longer need this data to process your inquiry, we will delete it immediately, provided there are no statutory retention obligations. We secure the data against unauthorized access in accordance with the state of the art. Please note that unencrypted emails are not sufficiently protected against access by third parties.
c) When Using Our Contact Form
For questions of any kind, we offer you the opportunity to contact us via a form provided on the website. Providing a valid email address is required so that we know who the inquiry is from and can respond to it. Further information can be provided voluntarily. Data processing is based on your voluntarily given consent pursuant to Art. 6(1) lit. a GDPR. The data will be automatically deleted after your inquiry has been handled.
4. Registration on the Website
On our website, we offer users the option to register by providing personal data. The data entered is transmitted to us and stored. It is not passed on to third parties.
In particular, the following data is collected as part of registration:
Title
First and last name
Areas of interest
Company
Street, postal code, city, country
Mobile number, telephone, if applicable fax
Password
In addition, the following technical data is stored:
IP address
Date and time of registration
As part of the registration process, the user’s consent to the processing of this data is obtained.
The legal basis is Art. 6(1) lit. a GDPR.
If the registration serves the performance of a contract or pre-contractual measures, the additional legal basis is Art. 6(1) lit. b GDPR.
Pseudonymized storage for statistical purposes is carried out pursuant to Art. 5(1) lit. b GDPR in conjunction with Art. 89(1) GDPR.
Registration is required to provide certain content and services of the website as well as to carry out contractual or pre-contractual measures.
The data will be deleted or pseudonymized as soon as it is no longer necessary for the purpose. Statutory retention obligations (e.g. under the German Commercial Code (HGB) and the Fiscal Code (AO)) may require storage for up to 10 years. Specifically, the following retention periods apply:
Customer account data: until deletion by the user or three years after last activity
Contract data (invoices, orders): ten years (Section 147 AO, Section 257 HGB)
Log files: seven days
Contact inquiries: until fully processed, then deletion
Pseudonymized statistical data: indefinitely
Users may cancel their registration at any time and have stored data changed. Early deletion is excluded if statutory or contractual obligations conflict with this. Thereafter, the data will remain only in anonymized form for statistical purposes.
5. Disclosure of Data to Third Parties
Your personal data will not be transferred to third parties for purposes other than those listed below. We only disclose your personal data if:
you have given your express consent (Art. 6(1) lit. a GDPR);
this is legally permitted and necessary for contract processing (Art. 6(1) lit. b GDPR), e.g. to shipping companies for delivery or information about shipment status; in particular, we transfer data to the following recipient categories: shipping service providers (e.g. DHL, UPS) for delivery of goods; payment service providers for payment processing; IT service providers for hosting and technical maintenance; tax advisors and auditors within the scope of statutory obligations;
we are legally obliged to disclose it (Art. 6(1) lit. c GDPR).
6. Cookies
We use cookies on our website. These are small files that your browser automatically creates and stores on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not cause any damage to your device and do not contain viruses or malware.
a) Cookies to Improve the Use of Our Services
We distinguish between:
Technically necessary cookies (session cookies):
Purpose: ensuring the functionality of the website
Legal basis: Art. 6(1) lit. f GDPR (legitimate interest)
Storage period: until the end of the browser session
No consent required
b) Analytics cookies (e.g. Google Analytics):
Purpose: statistical evaluation of use
Legal basis: Art. 6(1) lit. a GDPR (consent)
Storage period: up to 14 months
Consent required (Section 25 TTDSG)
c) Temporary cookies
These remain on your device for a defined period in order to recognize returning visitors and save settings.
You can revoke your consent at any time via our cookie banner or set your browser to block cookies. Completely disabling cookies may limit the functionality of our website.
7. Social Media Plug-ins
We use social plugins from the social networks LinkedIn, Instagram, Facebook, and WhatsApp to promote our company there. Integration is carried out according to the “two-click solution” principle to protect visitors.
When you visit a page with social plugins, your browser establishes a direct connection to the servers of the respective providers. Integration takes place using the two-click method: a connection is established only when you actively click on the plugin. The legal basis is Art. 6(1) lit. a GDPR (consent by click). Transfer to a third country (USA) is regulated under Art. 49(1) lit. a GDPR (consent required). Data such as your IP address and the page visited is transferred to the providers.
The providers use the data for personalized advertising and analysis. If you are logged in to these services, they can associate your visit with your account.
Links to the providers’ privacy notices:
LinkedIn: https://www.linkedin.com/legal/privacy-policy
Instagram: https://help.instagram.com/519522125107875
YouTube: https://www.youtube.com/howyoutubeworks/privacy/
WhatsApp: https://www.whatsapp.com/legal/privacy-policy
Please note that we have no influence on the nature and scope of data processing by the providers.
8. Your Rights
You have the right:
pursuant to Art. 15 GDPR, to obtain information about your personal data processed by us (including purposes, categories of data, recipients, planned storage period, rights to rectification/erasure/restriction/objection, right to lodge a complaint, data origin where applicable, and information on automated decision-making including profiling);
pursuant to Art. 16 GDPR, to request immediate rectification of inaccurate data or completion of your stored personal data;
pursuant to Art. 17 GDPR, to request erasure of your personal data, unless processing is required for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims;
pursuant to Art. 18 GDPR, to request restriction of processing of your personal data, if you contest the accuracy of the data, the processing is unlawful but you oppose erasure, we no longer need the data but you require it for legal claims, or you have objected pursuant to Art. 21 GDPR;
pursuant to Art. 20 GDPR, to receive the personal data you provided to us in a structured, commonly used, machine-readable format or to request transfer to another controller;
pursuant to Art. 7(3) GDPR, to revoke your consent at any time with effect for the future; after revocation, we may no longer continue the data processing that was based on this consent;
pursuant to Art. 77 GDPR, to lodge a complaint with a data protection supervisory authority. As a rule, you can contact the authority at your place of residence, workplace, or our company’s registered office. The competent supervisory authority is the State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia (Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen), Kavalleriestraße 2–4, 40213 Düsseldorf, Germany, Phone: 0211/38424, Email: poststelle@ldi.nrw.de, Website: https://www.ldi.nrw.de.
To exercise your rights, please contact us at: dataprivacy@re-mach.com
9. Embedded YouTube Videos
We embed YouTube videos. When you access them, a connection to YouTube servers is established and data about your use is transmitted. Integration takes place in extended data protection mode.
If you are logged in to YouTube, YouTube can directly associate your browsing behavior with your account. The legal basis is Art. 6(1) lit. a GDPR (consent via cookie banner). Transfer to a third country (USA) is governed by Art. 46(2) lit. c GDPR (EU Commission standard contractual clauses).
To prevent this, please log out of your YouTube account before visiting our website.
More information: https://www.google.de/intl/de/policies/privacy/
10. Analytics Tools
Google Analytics
We use Google Analytics (Google Ireland Ltd., Ireland; Google LLC, USA) to statistically evaluate website use. The legal basis is Art. 6(1) lit. a GDPR (consent via cookie banner). The following data is collected, among other things:
Pages accessed
Goals achieved (e.g. inquiries)
Click and scroll behavior
Approximate location (country)
IP address (anonymized)
Browser type, operating system, screen resolution
Source (referrer)
Third-country transfer (USA): Data is partly transferred to servers in the USA.
The transfer is based on: (i) EU Commission standard contractual clauses (Art. 46(2) lit. c GDPR) or (ii) your consent (Art. 49(1) lit. a GDPR).
Objection option: You can prevent Google Analytics from collecting data by installing the browser add-on: https://tools.google.com/dlpage/gaoptout. Alternatively, you can revoke your consent via our cookie banner.
11. Right to Object
You can object to the processing of your personal data at any time with effect for the future, e.g. by email to dataprivacy@re-mach.com.
12. Data Security
We use the SSL encryption method (Secure Socket Layer) with the highest level of encryption supported by the browser (usually 256-bit) to protect your data.
In addition, we use technical and organizational measures to protect your data against loss, manipulation, and unauthorized access.
13. Validity and Changes to This Privacy Policy
This Privacy Policy is currently valid and dated January 2026. Due to further development of our website or changes in legal requirements, it may become necessary to amend this Privacy Policy. The current version can be accessed on our website at https://www.re-mach.com/en/data-privacy.