We are pleased that you visit our website. AUMA Riester GmbH & Co. KG (hereinafter "AUMA“, "we“ or "our“) attaches great importance to the security of the user data and the respect of data protection regulations. We would like to inform you with the follow on the processing of your personal data by our website.

Controller and data protection officer


AUMA Riester GmbH & Co.KG, Aumastr. 1, 79379 Müllheim

+49 7631 809 - 1250

Data protection officer:


The terminology used in this privacy policy are to be understood as legally defined in Art. 4 GDPR.

Notes on data processing

Automated data processing (log files etc.)

You may visit our website without actively disclosing personal data. However, we will automatically store access data (server log files) whenever you access the website. This includes, for example, the name of your internet service provider, the operating system used, the website from which you have accessed our website, date and duration of your visit or the name of the requested file, as well as - for security reasons e.g. to detect attacks to our website, the IP address of the computer used for a period of 14 days. This data is exclusively evaluated to improve our service portfolio and but will not allow to identify you personally. The data is not merged with other data sources. Art. 6(1) point f) GDPR serves as legal basis for data processing. Data will be used and processed for the following purposes: 1. Provision of the website, 2. Improvement of our websites and 3. Prevention and detection of errors/malfunctions as well as misuse of the website. Processing is done in the legitimate interests of ensuring functionality and fault-free and safe operation of the website and adapting the website to the requirements of the users.

Use of cookies (general information, functions, opt-out links, etc.)

To improve the user experience and enable the use of certain functions, our website uses so called cookies. The use of cookies serves our legitimate interest of creating a most pleasant used experience and is based on Art. 6(1) point f) GDPR. Cookies are standard internet technology for saving and retrieving login and other use information for all website users. Cookies are small text files stored on your end device. They enable us among others to store user settings allowing website display in customized for your device. Some of the cookies we use will be deleted when terminating the browser session, i.e. once the browser is closed (so called session cookies). Other cookies will remain on your end device and will enable us or our partner company to remember your browser on your next visit (so called persistent cookies).

You may adjust your browser settings so that you will be informed about the setting of cookies and will either be prompted to accept them or you may block cookies in certain cases or generally. Furthermore, cookies may be deleted at a later date to remove data stored by the website on your computer. Deactivation of cookies (so-called opt out) might impair some functionalities of our website.

Data subject category:

Website users, users of online services

Opt out:

Internet Explorer:  


Google Chrome:


Legal basis:                

Consent (Art. 6(1) point a) GDPR); legitimate interest (Art. 6(1) point f) GDPR).

The respective valid legal basis is specified for respective tool.

Legitimate interests:

Saving of opt-in preferences, representation of the website, ensuring of the functionality of the website, maintenance of user status for the complete website, recognition of the new website visitor, user-friendly online service, ensured chat function

Online marketing

To continuously increase awareness and reach of online services, we process personal data within the framework of online marketing, in particular with regard to potential interests and for measuring the efficiency of our marketing activities.

For measuring the efficiency of our marketing activities and identification of potential interests, relevant information is stored using cookies or similar technologies. Data stored in cookies may included viewed contents, visited web representations, settings and used functions and systems. However, for the described purposes, no non-obfuscated personal data of the users is processed. The data will be anonymised so that the actual identity of the user is neither known to us nor to the provider of the tool used. The anonymised data is often stored in user profiles.

Should user profiles be stored, the data can be read, amended and completed on the server of the online marketing technology when using other online services relying on the same online marketing technology.

The success of our advertisements can be determined on the basis of summarised data supplied by the online marketing technology provider (so called conversion tracking). Within the framework of the conversion tracking activities, we can identify whether a marketing activity has initiated a purchase decision of the visitor of our online service. The evaluation analyses the types is of our online marketing.

Data subject category:          

Website users, users of online services, interested parties, communication partners, business partners and contracting parties

Data category:

Usage data (e.g. websites visited, interest in contents, access times), meta and communication data (e.g. device information, IP addresses), geolocation data, contact data, content data

Purposes of processing:

Marketing (to some extent interest-based and activity-related), conversion tracking, target group segmentation, click tracking, marketing strategy development and increase of campaigning efficiency

Legal basis:

Consent (Art. 6(1) point a) GDPR); legitimate interest (Art. 6(1) point f) GDPR)

Legitimate interests:

Optimisation and further development of the website, profit increase, customer loyalty and acquisition

Google Analytics

Service used:

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland

Privacy policy:

Opt-out link:         or

Legal basis:         

Consent (Art. 6 paragraph 1 point a) GDPR)


With our online services, we provide the opportunity to directly contact us or to obtain information on various contact options.

In case of a contact, we will process the data of the inquiring person to the extent necessary for responding or processing the request. Depending on how we have been contacted, the data to be processed may vary.

Data subject category:

Inquiring person

Data category:

Master data (e. g. name, address), contact data (e. g. e-mail address, phone number), content data (e. g. texts, photos, videos), usage data (e. g. interests, access times), meta and communication data (e. g. device information, IP address)

Purposes of processing:

Processing of inquiries

Legal basis:

Consent (Art. 6 paragraph 1 point a) GDPR), performance or development of a contract (Art. 6 paragraph 1 point b) GDPR)

Data transfer

We are a globally active company with headquarters in Germany. The data of visitors of our online presence will be stored in the central customer database in Germany while observing the valid data protection regulation and will be used throughout the group for internal administration purposes. Processing beyond administrative purposes does not take place.

Legal basis:

Legitimate interests (Art. 6 paragraph 1 point f) GDPR)

Legitimate interests:

so-called minor corporate privilege, central management and administration within the group to make use of synergy effects, cost savings, increased efficiency

For the performance of contracts or meeting of legal obligations it might be necessary to disclose personal data. Should we not be provide with the required data, it might not be possible to conclude the contract with the data subject.

We transfer data to countries outside the EEA (so-called third countries). This is done for the above-mentioned purposes (transfer within the group and/or to third-party recipients). The transfer shall only be performed to meet our contractual or statutory obligation or on the basis of prior consent by the data subject. Furthermore, this transfer shall place while respecting the valid data protection legislation and in particular Art. 44 et seqq. GDPR, in particular due to adequacy decisions adopted by the European Commission or due to certain safeguards (e.g. standard data protection clauses, etc.).

Storage period

We generally save the data of visitors of our website for the time required to provide our services or if stipulated by the European body issuing directives or regulation or the laws and regulations by any other legislation authority to which we are subject. In all other cases we will delete personal data once the purpose is completed, except for those data we have to store in order to meet legal obligations (e.g. due to fiscal and commercial retention periods, we are obliged to store some documents such as contracts and invoices for a specified period.

Automated decision-making

We refrain from both automated decision-making and profiling.

Legal basis

The binding legal basis is predominantly the GDPR. The regulation is supplemented by national legislation of the Member states and must be applied together with or as supplement to the GDPR.


Art. 6(1) point a) GDPR serves as legal basis for processing operations for which we have obtained a consent for a specified processing purpose.

Performance of contract:

Art. 6(1) point b) GDPR serves as legal basis for processing which is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.

Legal obligation:

Art. 6(1) point c) GDPR serves as legal basis for processing which is necessary for compliance with a legal obligation.

Vital interests:

Art. 6(1) point d) GDPR serves as legal basis, if processing is necessary in order to protect the vital interests of the data subject or of another natural person.

Public interest:

Art. 6(1) point e) GDPR serves as legal basis for processing which is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

Legitimate interest:

Art. 6(1) point f) GDPR serves as legal basis for processing which is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

Rights of data subjects

Right of access:

In compliance with Art. 15 GDPR, data subjects shall have the right to obtain from us confirmation as to whether or not personal data concerning him or her are being processed. They may claim access to this information as well as to the information listed in Art. 15(1) GDPR and claim a copy of their data.

Right to rectification:

In compliance with Art. 16 GDPR, data subjects shall have the right to obtain from us rectification of inaccurate personal data concerning him or her and have incomplete personal data completed.

Right to erasure:

In compliance with Art. 17 GDPR, data subjects shall have the right to obtain from us erasure of personal data concerning him or her without undue delay. As an alternative, they shall have the right to obtain from us restriction of processing of personal data concerning him or her in compliance with Art. 18 GDPR.

Right to data portability:

In compliance with Art. 20 GDPR, data subjects shall have the have the right to receive the personal data concerning him or her, which he or she has provided to us and have the right to transmit those data to another controller.

Right to lodge a complaint:

Furthermore, every data subject shall have the right to lodge a complaint with the competent supervisory authority in compliance with Art. 77 GDPR.

Right to object:

Should personal data be processed on the basis of legitimate interests in compliance with Art. 6(1) clause 1 point f) GDPR, data subjects shall have the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her or if the objection against direct marketing. With regard to the latter, data subjects shall have a general right of objection without stating a particular situation to which will be implemented by us.

Withdrawal of consent

Some data processing operations require the explicit consent of the data subjects. They shall be allowed to withdraw their given consent at any time. An informal message or e-mail to shall be sufficient. The lawfulness of the data processing performed until the withdrawal of consent shall remain unaffected by the withdrawal of consent.

External links

Our website includes links to the online services of other providers. We hereby notify that we have no impact on the contents of linked websites and the respect of data protection regulations by their providers.


We reserve the right to change this privacy policy at any time in case of changes of our online services while heeding the valid data protection regulations, to ensure that they meet the statutory requirements.