Data Protection Declaration


  1. To Rheinische Post Mediengruppe GmbH (hereinafter referred to as RPM), Zülpicher Strasse 10, 40549 Düsseldorf, Germany, e-mail:, service provider and responsible instance, the protection of your personal data is extremely important. This document explains how your data is collected, processed and informs you of your rights.
  2. Questions relating to data protection in connection with the services can be directed at any time to:

Rheinisch-Bergische Verlagsgesellschaft mbH
Data Protection Officer
Zülpicher Straße 10
40549 Düsseldorf


Phone: +49 (0)211 505-0

A. General Provisions

Section 1 General Information

Personal data includes detailed information about your personal or factual circumstances, i.e. information stating your identity or that can be used to establish your identity. This includes, for example, your real name, address, telephone number or date of birth. Personal data also includes data that can be traced back to a person without having a direct link to the person, such as your IP address.

Personal data includes information collected when your client (browser) retrieves and which is stored in so-called log files on the RPM servers as well as servers from technical service providers.

We collect data about every access to the server on which the service is located (server log files) on the basis of our justified interests (i.e. analysis, optimisation and business operation and security of our services) within the meaning of Section 6 Paragraph 1f of the General Data Protection Regulation (GDPR).

This data includes the name of the website and file accessed, your IP number, date and time, browser type and requesting provider.

For security reasons (e.g. investigating misuse or fraud), log file information is stored for a maximum of seven days, after which it is deleted. Data which needs to be stored for longer to serve as evidence will only be deleted once the respective circumstances have been clarified in full and final.

When visiting RPM websites, personal data is also automatically collected in anonymised format. This includes usage data such as the start and end of your visit, the pages you accessed or the length of time you spend on the portal. This data is not used for personal purposes.

RPM collects, processes and uses personal data in strict compliance with data protection regulations, meaning that user data is only processed if permitted by law. In other words, users have given their consent, particularly if data is being processed for the purpose of providing our contractually agreed services as well as online services and data collection is required and/or stipulated by law, or if we have justified interests (i.e. analysis, optimisation and business operation and security of our services) within the meaning of Section 6 Paragraph 1f GDPR, particularly when measuring coverage, preparing profiles for advertising and marketing purposes, collecting access data and using third-party services.

Please note that all consent is legally based on Section 6 Paragraph 1a and Section 7 GDPR, all processing activities for the purpose of the provision of our services and performance of contractually agreed measures on Section 6 Paragraph 1b GDPR, all processing activities for the purpose of fulfilment of our legal obligations on Section 6 Paragraph 1c GDPR, and all processing activities for maintaining our justified interests on Section 6 Paragraph 1f GDPR.

Section 2 Security Measures

We implement state-of-the-art organisational and technical security measures to ensure compliance with data protection laws and to protect the data processed by us against accidental or malicious manipulation, loss, deletion and unauthorised access.

Section 3 Transferring Data to Third Parties and Third-party Providers

All data is transferred to third parties in compliance with legal requirements. We only transfer user data to third parties if required for contractual purposes, e.g. in accordance with Section 6 Paragraph 1b GDPR, or on the basis of justified interests in accordance with Section 6 paragraph 1f GDPR for the profitable and effective operation of our business. This applies to internal and external service providers for the purpose of contractual fulfilment and order processing.

In the event of us engaging subcontractors for the provision of our services, we implement suitable preventive, technical and organisational measures to protect the personal data in accordance with the relevant legal requirements.

In the event of contents, tools or other means of third-party providers (hereinafter referred to as “third-party providers”) with head offices in a third country being employed within the scope of this data protection declaration, it is to be assumed that data will be transferred to the countries in which these third-party providers maintain their head offices. Third countries are countries where the GDPR is not a directly applicable law, i.e. generally countries outside the EU and/or the EEA. Data is only transferred to third countries which implement an adequate data protection standard and/or for which there is consent from the user or permission by law.

Section 4 Contacting Us

When contacting us (per contact form or e-mail), the information provided by the user is processed for handling and processing the contact request in accordance with Section 6 Paragraph 1f GDPR.

Section 5 Concluding Regulations

For the operation of the website we process data within the meaning of § 25 para.2 no.2 TTDSG (Telecommunications-Telemedia Data Protection Act), in order to display content correctly and in a visually appealing way across different browsers by means of Google web fonts. Google web fonts are transferred to the cache of your browser to prevent repeated loading. If the browser does not support the Google web fonts or prevents access, content will be displayed in a standard font. Google Fonts is a service of Google Inc. (“Google”). You can find more information on Google web fonts at​faq?hl=de-DE&csw=1 You will find general information on the subject of data protection at Google at

Section 6 Use of Cookies

Cookies are small amounts of data that are transferred from the internet to your computer along with the requested data. The data is stored here and kept for later retrieval. RPM uses the following types of cookies:

a) Session cookies:
These are cookies that are only created for the respective session. They store a session ID with which various queries sent by your browser can be allocated to the joint session. This makes it possible to recognise your computer when you return to our website. These cookies are deleted after closing the session, i.e. after leaving or by closing the browser window.

Section 7 YouTube

Due to legitimate interests (i.e. interest in the analysis, optimisation and economic operation of the online offer within the meaning of Art. 6 (1) (f) GDPR), this website includes a "YouTube plug-in" in its information offer. This YouTube software uses cookies for data collection and statistical data analysis. YouTube uses cookies to capture reliable video statistics, prevent fraud, and improve usability, among other things. The operator of the website receives statistical values through the YouTube cookies to retrieve individual videos embedded in the website without reference to the respective user. YouTube's embedded videos are used within the scope of permitted use by YouTube, which all users must accept. If you notice any copyright infringement, please report it directly to YouTube.

We use embedded YouTube videos in enhanced privacy mode. That means: YouTube does not store cookies for a user who is viewing a website with an embedded YouTube video player, but does not click on the video to start playback. If the YouTube video player is clicked, YouTube may be able to store cookies on the user's computer, but no personal cookie information will be stored for playback of embedded videos. (Source: YouTube "Enabling Enhanced Privacy Mode for Embedded Videos") For more information, please refer to the general privacy policy of YouTube at ( We do not collect personally identifiable information while embedding YouTube videos.

Section 8 User Rights

You are entitled to request free-of-charge information on your personal data stored by us.

You are also entitled to request for us to correct your personal data, to restrict the processing of your personal data, to object against the processing and deletion of your personal data, to enforce your rights to data portability in accordance with Section 20 GDPR, and to submit a complaint to the responsible supervisory authorities if you suspect that your personal data has been processed illegally.

You may also withdraw your consent, generally with future effect.

Section 9 Deleting Data

The data stored by us is deleted as soon as it has served its purpose and is no longer required and its deletion does not violate any legal retention periods. If the user data is not deleted because it is required for other legally permitted purposes, it is processed on a restricted basis only. This means that the data is blocked and not used for any other purpose. This applies, for instance, to user data which must be kept for business or tax reasons.

Section 10 Right of Objection

Users may object to their personal data being processed in the future in accordance with legal provisions. Objections may be raised, in particular, against processing for the purpose of direct advertising.


B. Concluding Provisions

We reserve the right to amend this Data Protection Declaration at any time in accordance with the applicable data protection regulations.