1. Who is responsible for the processing of personal data and whom can I contact if I have any questions?
The person responsible within the meaning of the statutory provisions on data protection (e.g. DSGVO) for the processing of personal data is:
RUFF pm GmbH
Commercial register | Handelsregister: HRB 781103
Registry court | Registergericht: Local court | Amtsgericht Stuttgart
You can revoke your consent for the future at any time by sending an email to firstname.lastname@example.org.
2. How do we collect your information?
Your data is collected when you visit the website. This is mainly technical data (e.g. internet browser, operating system or time of page view). This data is collected automatically as soon as you enter our website. Some of the data is collected to ensure error-free provision of the website. Other data may be used to analyse your user behaviour. In addition, your data is collected by you providing it to us. Your personal data is used and stored for the fulfilment of the existing contract with you or the implementation of the contractual or pre-contractual measures requested by you (e.g. preparation of an offer, answering a contact enquiry) as well as for our own advertising purposes.
3. Data sharing
Your personal data will not be transferred to third parties for purposes other than those listed below. We only pass on your personal data to third parties if:
– you have given your express consent to do so in accordance with Art. 6 para. 1 p. 1 lit. a DSGVO,
– on the basis of legitimate interests pursuant to Art. 6 Para. 1 lit. f. DSGVO in the economic and effective operation of our business,
– in the event that there is a legal obligation for the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. c DSGVO, as well as
– this is legally permissible and necessary for the processing of contractual relationships with you according to Art. 6 para. 1 p. 1 lit. b DSGVO.
4. Data processing for the purpose of contract initiation and processing (Art. 6 para. 1 lit. b DSGVO)
The processing of the data is necessary for the initiation, execution and settlement of the contract. The following types of personal data are processed within the scope of project processing: Name of the customer, address data, telephone number, e-mail address for the preparation of the contractually agreed services, dispatch of invoices if necessary reminders, processing of payment, communication with the customer, complaint management. The personal data are processed for the following purposes on the following legal basis:
– Fulfilment (including invoicing) of the contract (and implementation of pre-contractual measures upon your request) on the basis of Art. 6 para. 1 lit. b DSGVO.
– Direct advertising on the basis of Art. 6 para. 1 lit. a DSGVO or your consent and on the basis of Art. 6 para. 1 lit. f) DSGVO and
– Fulfilment of legal obligations (Art. 6 para. 1 lit. c) DSGVO)
– Compliance with legal archiving and storage obligations (e.g. § 257 HGB, § 147 AO) on the basis of Art. 6 para. 1 lit. c) DSGVO
5. Is there any disclosure of personal data to other bodies?
Within our company, those departments receive access to the data that need it to fulfil the above-mentioned purposes. This also applies to service providers and vicarious agents employed by us. Personal data will only be transmitted by us to third parties if this is necessary for the aforementioned purposes or if you have given your prior consent.
Recipients of personal data may be, for example: Financial and tax authorities, trade credit insurance (EulerHermes), collection service providers, insurance companies, banks and credit institutions (payment processing), planning partners, commercial agents, auditors, internet service providers (e.g. Google) and internet agencies, lawyers and auditors.
The legal basis for these transfers is Article 6(1)(b) and Article 6(1)(f) of the General Data Protection Regulation. Transfers based on Article 6(1)(f) of the GDPR may only take place if this is necessary to protect the legitimate interests of the site operators or third parties and if the interests or fundamental rights and freedoms of the data subject, which require the protection of personal data, do not take precedence.
6. Deleting data
Your/their personal data will be stored for the above-mentioned purposes. Your data will be processed for the first time from the time of collection, insofar as you or a third party provide it to us. Your/the personal data will be deleted when the contractual relationship with you/the customer has ended or the joint project has ended, all mutual claims have been fulfilled and there are no other legal retention obligations or legal justification reasons for the storage. These are the retention obligations from the German Commercial Code (HGB) and the German Fiscal Code (AO). This means that your personal data will be deleted at the latest after expiry of the statutory retention obligations, which is usually 10 years after the end of the contract.
Physical documents relating to the projects are destroyed within the same periods.
7. Rights of data subjects
You have the right
– to request information about your personal data processed by us in accordance with Art. 15 DSGVO. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making, including profiling, and, if applicable, meaningful information about its details;
– in accordance with Art. 16 DSGVO, to demand the immediate correction of inaccurate or incomplete personal data stored by us;
– in accordance with Article 17 of the Regulation, to request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise or defence of legal claims;
– in accordance with Art. 18 DSGVO, to request the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defence of legal claims or you have objected to the processing in accordance with Art. 21 DSGVO;
– pursuant to Art. 20 DSGVO, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transferred to another controller;
– revoke your consent at any time in accordance with Art. 7 (3) DSGVO. This has the consequence that we may no longer continue the data processing based on this consent in the future; and
– complain to a supervisory authority in accordance with Art. 77 DSGVO. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters for this purpose.
8. Right of objection
If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) sentence 1 lit. f DSGVO, you have the right to object to the processing of your personal data pursuant to Art. 21 DSGVO, insofar as there are grounds for doing so that arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which is implemented by us without specifying a particular situation.
If you wish to make use of your right of revocation or objection, it is sufficient to send an e-mail to
Cookies are small text files that are stored on your computer. Most of the cookies we use are deleted from your hard drive at the end of the browser session (so-called session cookies). Other cookies remain on your computer and enable us to recognise your computer on your next visit (so-called permanent cookies). Of course, you also have the option of viewing our website without cookies. Most browsers accept cookies automatically.
You can revoke the consent you have given us or object to data processing at any time. The easiest way to do this is to prevent cookies from being stored on your hard drive by selecting “Do not accept cookies” in your browser settings. However, in this case you may not be able to use all the functions of our website to their full extent.
10. Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
– browser type and browser version
– Operating system used
– referrer URL
– Host name of the accessing computer
– Time of the server request
– IP address
This data will not be merged with other data sources.
11. Analysis Tool (Google Analytics)
This website uses Google Analytics, a web analytics service provided by Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States. However, in the event that IP anonymisation is activated on this website, your IP address will be truncated beforehand by Google within member states of the European Union or in other member states of the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
As an alternative to the browser plug-in, you can prevent the collection of data by Google Analytics by clicking on the following link: Deactivate collection of data by Google Analytics for this website.
An opt-out cookie will be set that prevents future collection of your data when visiting this website. You can find more information on this at http://tools.google.com/dlpage/gaoptout?hl=de and at http://www.google.com/intl/de/analytics/privacyoverview.html (general information on Google Analytics and data protection).
We would like to point out that the code “gat._anonymizeIp();” has been added to Google Universal Analytics on this website to ensure anonymised collection of IP addresses (so-called IP masking).
12. Social Media Plug-ins
We use social plug-ins from the social networks LinkedIn, XING and Twitter on our website on the basis of Art. 6 (1) sentence 1 lit. f DSGVO in order to raise awareness of our law firm. The underlying promotional purpose is to be regarded as a legitimate interest within the meaning of the DSGVO. The responsibility for data protection-compliant operation is to be ensured by their respective providers. We integrate these plug-ins using the so-called two-click method in order to protect visitors to our website as best as possible.
Plugins of the Twitter Inc. short message network (Twitter) are integrated on our website. You can recognise the Twitter plugins (tweet button) by the Twitter logo on our site. You can find an overview of tweet buttons here (https://about.twitter.com/resources/buttons).
When you call up a page of our website that contains such a plugin, a direct connection is established between your browser and the Twitter server. Twitter thereby receives the information that you have visited our site with your IP address. If you click the Twitter “tweet button” while you are logged into your Twitter account, you can link the content of our pages on your Twitter profile. This enables Twitter to associate your visit to our pages with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Twitter.
If you do not wish Twitter to be able to associate your visit to our pages, please log out of your Twitter user account.
This data protection declaration is currently valid and has the status December 2021. Due to the further development of our website and offers on it or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can access and print out the current data protection declaration at any time on the website at http://www.innofleet.de/datenschutzerklaerung/. The contact details of our data protection officer are: email@example.com.