Privacy Policy

This privacy policy covers all data processing activities carried out by all Rey companies. A list of Rey companies can be found on our website.

The respective company of the “Rey companies” mentioned in this text (Rey 360 Holding AG [UID: CHE-398.217.352], Rey Technology Holding AG [CHE-275.651.197], Rey Technology AG [UID: CHE-108.042.994], Rey Informatik AG [UID: CHE-115.251.959], Rey Immobilien AG [UID: CHE-398.018.189], iDIP Solution AG [UID: CHE-284.008.847]), unless expressly stated otherwise.

The main responsibility for data protection for joint data processing lies with:

Rey Technology Holding AG
Rütihofstrasse 6
CH-8370 Sirnach
Switzerland

Data protection officer:
Rey Technology Holding AG
Michael Engler
Rütihofstrasse 6
CH-8370 Sirnach
Phone: +41 58 810 04 00
Email: datenschutz@noSpamrey-technology.com
Website: https://www.rey-technology.com 

Rey GmbH, DE-79111 Freiburg im Breisgau [HRB 703684], is responsible for data processing as described in this privacy policy: 

Rey GmbH
Burkheimer Strasse 3
DE-79111 Freiburg im Breisgau
Germany

If individual processing operations are carried out jointly by both companies (e.g., via central IT systems or web platforms), joint responsibility applies in accordance with Art. 26 GDPR. In this case, a corresponding agreement on joint responsibility has been concluded, which regulates the distribution of tasks and your contact person. For inquiries in connection with such processing, you can contact both companies.

Data protection officer in accordance with Art. 37 ff. GDPR:
Rey GmbH
Karl Georg Manuel Hirsch
Burkheimer Strasse 3
DE-79111 Freiburg im Breisgau
Phone: +49 761 3896 40 00
Email: datenschutz@rey-technology.com
Website: https://www.rey-technology.com 

The data protection officer at Rey GmbH is available exclusively for inquiries relating to data processing by the German company.

Federal Data Protection and Information Commissioner (Switzerland):
EDÖB
Feldeggweg 1
CH - 3003 Bern
https://www.edoeb.admin.ch/edoeb/de/home.html 

EEA and UK:
A list of authorities in the EEA can be found here: https://edpb.europa.eu/about-edpb/board/members_de .

You can contact the UK supervisory authority here: https://ico.org.uk/global/contact-us/

General information

The protection of your data and privacy is of paramount importance to us. We work closely with our hosting providers to protect your data as best we can against unauthorized access, loss, misuse, or falsification. Your security is important to us.

This privacy policy informs you about the nature, scope, and purpose of the collection, processing, and use of personal data by Rey companies in the course of their business activities.

This policy supplements any specific privacy notices in contracts, forms, consents, or technical tools and is an integral part of our data protection concept in accordance with the Swiss Data Protection Act (DSG) and, where applicable, the EU General Data Protection Regulation (GDPR). If necessary, we will inform you in a timely manner in writing about additional processing activities not mentioned in this privacy policy.

If you provide us with data about other persons, such as family members, work colleagues, etc., we assume that you are authorized to do so and that this data is correct. By providing data about third parties, you confirm this. Please also ensure that these third parties have been informed about this privacy policy. This policy applies regardless of the communication channel and covers all processing in Switzerland, the EU, and third countries, provided that technical services are provided or centralized IT systems are operated there.

Purpose and scope of data processing

We process personal data for various purposes related to the initiation, execution, or termination of business relationships, the operation of our systems, the optimization of our offerings, and the fulfillment of legal obligations.

Below, we provide information about the most important processing purposes—the list is not exhaustive:

  • Maintenance of master data: We define master data as basic information that we need to establish and maintain our business relationships or for marketing and advertising purposes, including in particular your name, contact details, and information about your role and function, your bank account(s), your date of birth, customer history, powers of attorney, signing authorizations, and declarations of consent.

We obtain this data directly from you, from your organization, or from publicly available sources such as public registers or the internet (websites, social media, etc.). In certain cases, we also process information about third parties (e.g., contact persons, employees) or particularly sensitive data (e.g., health data based on protection concepts) as part of master data.

We generally store this data for 10 years from the last relevant contact, but at least from the end of the contract. This period may be longer if this is necessary for reasons of evidence, to enforce or defend claims, or to comply with legal or contractual requirements, or if it is technically necessary (e.g., backups, archiving systems) . For purely marketing and advertising contacts, the period is usually much shorter.

  • Contract data: Contract data includes all information relating to the initiation, conclusion, execution, and termination of contracts. This includes, in particular, information on products, services to be provided or already provided, prices, terms, services, correspondence, invoices, payment data, performance records, feedback, and project-related information (e.g., documentation, minutes, specifications) . Such data relates to business partners themselves or their contact persons and may in individual cases also contain particularly sensitive data (e.g., in the case of personal development projects, security-critical applications, or within the framework of contractually agreed confidentiality).

This data usually originates from you yourself, from your organization, or is transmitted by third parties in the course of contract processing. We may also obtain credit information from specialized third-party providers and from publicly available sources.

Contract data may also be processed centrally or on a collaborative basis within the Rey companies, in particular for the provision of services, in project management, for central IT use, accounting, or group-wide quality and risk management. In doing so, we ensure compliance with the principle of purpose limitation and implement appropriate technical and organizational measures to restrict access to personal contract data to authorized parties. Internal exchange within the group only takes place if there is a legal basis for this or if legitimate interests outweigh any overriding interests of the data subject. Data processing within Rey companies is carried out in accordance with appropriate safeguards pursuant to Art. 16 DSG / Art. 46 GDPR, e.g. by concluding standard contractual clauses or internal group data protection agreements. 

Contract data is generally retained for 10 years from the last contract activity, but at least from the end of the contract. This period may be longer if this is necessary for reasons of evidence, to enforce or defend claims, or to comply with legal or contractual requirements, or if it is technically necessary (e.g., backups, archiving systems).

  • Communication: We process communication data (e.g., email content, correspondence, media data) in order to contact you and third parties via common communication channels (email, telephone, letter, video call) or to process inquiries. Communication data may also be stored for training or quality assurance purposes, where permitted by law.
  • Marketing: We process your personal data for marketing and advertising purposes and for relationship management, e.g. to send our customers and other contractual partners personalized advertising for products and services from us and third parties (e.g. advertising contractual partners). This can take the form of newsletters and other regular communications (electronically, by mail, by telephone), via other channels for which we have your contact information, but also in the context of individual marketing campaigns (e.g., events, competitions, etc.) and may also include free services (e.g., invitations, vouchers, etc.).

If you would like to receive the newsletter offered on this website, we need your email address and information that allows us to verify that you are the owner of the email address provided and that you agree to receive the newsletter. No further data is collected. The newsletter is sent via the mailing service provider Brevo, a newsletter mailing platform of Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany. You can view the mailing service provider's privacy policy here: https://www.brevo.com/de/legal/privacypolicy/ .& nbsp; You can revoke your consent to the storage of data, your email address, and its use for sending the newsletter at any time, for example via the “unsubscribe link” in the newsletter.

AI-supported tools may also be used for certain administrative and editorial tasks in the marketing area (e.g., text drafts, campaign ideas, translations). In doing so, we take care not to transmit any sensitive or identifying content and to use the tools exclusively within the permissible framework of data protection law.

  • Administrative: We process your personal data for administrative and organizational purposes, in particular for invoicing, accounting, archiving, and internal reporting and control processes. We also process data for the purposes of our risk management, to ensure compliance with legal requirements, to protect our rights, and as part of prudent corporate management. We also reserve the right to obtain additional data from third parties if we deem this appropriate. This mainly involves credit checks and the prevention of fraud and abuse.
  • Application management: We process your personal data when you apply for a position with us or when your application has been added to our talent pool, e.g., as part of a recruiting event. The data is processed for the purpose of carrying out the application process and with a view to filling and starting a new position, and may be exchanged within the Rey companies. Storage in the talent pool takes place with your consent and can be revoked at any time.
  • Operation and analysis of the website: When you access our websites, data is stored in log files. This usage data forms the basis for statistical, anonymous evaluations, enabling us to identify trends and improve our offerings accordingly. We then process your data to the extent technically necessary to establish the connection you have requested and to deliver the requested content. This data also includes logs that record the use of our systems. We generally store technical data for 6 months. In order to ensure the functionality of these offers, we may also assign you or your end device a pseudonymized identification code. The technical data itself does not allow any conclusions to be drawn about your identity. However, in the context of user accounts, registrations, access controls, or the processing of contracts, it may be linked to other categories of data (and thus, if applicable, to your person).
  • AI-supported tools: In selected use cases—particularly in administration, word processing, translations, or internal processes—we also use AI-supported software solutions. We take care not to feed any particularly sensitive data or personal content into such systems, unless there is a legal basis for doing so or appropriate protective measures have been taken. Further information on this is available on request.

Other purposes of data processing:

In certain cases, we also process personal data outside of typical business situations, for example:

  • In the context of official, regulatory, or legal proceedings, e.g., as a party, witness, or to fulfill legal obligations to cooperate (including the retention of files, evidence, etc.);
  • To ensure safety and health, for example in the context of access controls, security monitoring (e.g., camera systems), within the framework of legally prescribed protection concepts, or in the context of security-critical infrastructures. This may also concern particularly sensitive data;
  • When documenting and communicating events, e.g., through photos, videos, and audio recordings in which you may be recognizable, evaluation of events or campaigns (e.g., competitions), or participant lists, provided this is useful for public relations or internal follow-up work;
  • To fulfill corporate law obligations, e.g., when maintaining shareholder and investor registers, holding general meetings, and documenting the exercise of voting rights.

The respective retention period depends on the purpose, legal requirements, or technical conditions. Data from access controls and security systems is usually deleted after a few days to weeks, while event reports or legally relevant records may be retained for several years. Investor-related data is retained in accordance with corporate law requirements, but in any case for as long as you are invested.

You are generally not obliged to provide us with personal data, subject to individual cases, e.g. in the context of binding protection concepts (legal obligations). However, certain services or access (e.g. conclusion of contracts, entry to buildings, use of systems) cannot be provided without the necessary data.

When using our website, the processing of technical data is unavoidable. However, you generally have the option of objecting to or not giving your consent to the processing of behavioral and preference data. Where data processing is based on your consent (e.g., newsletters, participation in competitions, use of cookies for statistical or marketing purposes), we will expressly point this out to you. You can revoke this consent at any time.

Unless this is inadmissible, we also obtain data from publicly accessible sources (e.g., debt collection registers, land registers, commercial registers, media, or the internet, including social media) or receive data from other companies within the Rey group, from authorities, and from other third parties (such as credit agencies, address brokers, associations, contractual partners, internet analysis services, etc.).

Categories of personal data processed

Depending on the purpose and context, we process the following categories of personal data in particular:

  • Master data: Name, address, telephone number, email address, date of birth, position, employer, signing authorizations, consents;
  • Contract data: Contract content, project information, services, prices, contract terms, communication in connection with contract fulfillment;
  • Communication data: Contents of emails, letters, telephone notes, minutes, metadata (e.g., time stamp, sender, recipient);
  • Usage data (web/IT systems): IP address, device information, browser type, access data, log files, location data, usage behavior;
  • Registration and access data: User IDs, logins, password hints, access data for protected systems or rooms;
  • Financial and payment data: Bank details, billing data, payment history, dunning status, credit rating data;
  • Marketing and preference data: Information about interests, responses to marketing content, newsletter subscriptions, tracking data (where permitted);
  • Employee data: Personal data of employees within the scope of the employment relationship, in particular contact details, salary data, social security information, working hours, expense information, performance data, absences, training information, and data from internal communication, IT use, or further training;
  • Application data: resume, diplomas, certificates, references, interview notes, and notes from internal decision-making processes. Applications that do not lead to employment may be stored in the talent pool with your consent;
  • Particularly sensitive data (where necessary) : e.g., health data for protection concepts, background checks, or project specifications;
  • Data about third parties: information about contact persons, employees, contractual partners, insofar as this is necessary for contract processing;
  • Data from public sources: data that we obtain from generally accessible registers or publications, e.g., from the commercial register, debt collection register, land register, credit rating databases, or media articles;
  • Sensor data / IoT data: Technically generated data from devices, sensors, or networked systems, such as operating states, event logs, machine behavior, or location data. Depending on the context, this data can be linked to natural persons, especially in the case of individual user or customer profiles;
  • Automatically generated or analyzed data: Data obtained using automated processes such as scoring, text analysis, language or behavior evaluation (e.g., tags, ratings, automated summaries, machine translations, or AI-supported classifications). This data can be generated on the basis of existing personal data or obtained externally and enriched. Depending on the procedure, there may be a personal reference, for example through individual profiles, semantic evaluations, or behavioral patterns. We do not make any decisions that are based solely on automated processing and that have legal effects on data subjects or similarly significantly affect them (e.g., automated rejections without human intervention).

Basis for processing

We only process your personal data if there is a legal basis for doing so. Depending on the type of data processing, we rely on the following bases for processing in accordance with the Swiss Data Protection Act (DSG) or, where applicable, the EU General Data Protection Regulation (GDPR):

  • Contract fulfillment: Processing is carried out because it is necessary for the conclusion, execution, or termination of a contract with you or your company (Art. 31 para. 2 lit. a DSG / Art. 6 para. 1 lit. b GDPR) .
  • Legal obligation: Processing is necessary to fulfill legal obligations, e.g., in connection with accounting, tax law, anti-money laundering, or compliance requirements (Art. 31 para. 1 DSG / Art. 6 para. 1 lit. c GDPR).
  • Consent: In certain cases, we process your data on the basis of your express consent, e.g., when sending newsletters, participating in events, in the talent pool during the application process, or for optional cookies. You can revoke your consent at any time with future effect (Art. 31 para. 1 DSG / Art. 6 para. 1 lit. a GDPR).
  • Legitimate interests: We process personal data if this is necessary to safeguard our legitimate interests or those of third parties, without your interests or fundamental rights prevailing. This may be the case, for example, in marketing measures, ensuring IT and data security, preventing fraud, operating websites, group-wide administration, or in the context of initiating business relationships with legal entities (Art. 31 para. 1 DSG / Art. 6 para. 1 lit. f GDPR).
  • Special legal bases: In individual cases, we rely on special legal bases, for example in labor law, company law, or in the health sector (e.g., protection concepts, legal documentation requirements).

If we process particularly sensitive personal data (e.g., health data, political opinions, religious beliefs), this is only done on the basis of express consent, a legal obligation, or within the framework of a specific contractual relationship, if necessary (Art. 5 lit. c and Art. 6 DSG / Art. 9 GDPR). In the case of health data, processing may also be based in particular on Art. 6 para. 7 lit. b DSG, for example to protect public health or to implement legally prescribed protection concepts.

Overview of data processing

Purpose of
processing		Typical personal dataBasis for processingStorage period
Contract initiation & processingMaster data, contract data, communication data, financial data, data about third partiesContract (Art. 31 para. 2 lit. a DSG / Art. 6 para. 1 lit. b GDPR)10 years from the end of the contract (OR, tax law requirements)
Application managementApplication data, communication dataConsent or pre-contractual relationship (Art. 6 para. 2 DSG / Art. 6 para. 1 lit. b/f GDPR)6 months from rejection / longer for talent pool with consent
Employee managementEmployee data, master data, communication dataContract/legal obligation (labor law, social security law)10 years (OR, social security law)
Marketing & direct advertisingMaster data, communication data, marketing and preference dataLegitimate interest (Art. 31 para. 1 DSG / Art. 6 para. 1 lit. f GDPR), consent for newsletterUntil revoked / maximum 2 years after last contact
Operation of the website & analysisUsage data, tracking data, IP address, cookie IDs, behavioral dataLegitimate interest / consent for non-essential cookiesIP and log data: 6 months / Tracking data: 1–2 years
IT operations & system securityLog data, technical usage data, login data, metadataLegitimate interest (security, availability), legal obligation6 months to 2 years depending on the system
Credit check /
Fraud prevention		Master data, financial data, public register informationLegitimate interest (protection against payment defaults) / legal obligation5–10 years depending on result and contract status
Operation of
access controls		Registration data, image data, access dataLegitimate interest, public interest, legal obligation (e.g., labor law, security)A few days to a maximum of 6 months, depending on the type of system
Organization of eventsMaster data, communication data, image and sound recordingsContract / legitimate interest / consent for use of photosUp to 3 years / longer in the case of publications
Legal retention obligationsAll relevant categoriesLegal obligation (tax law, commercial law, money laundering law, etc.)10 years (CH), 6 years (DE, under GDPR)
Automated analyses & AIAutomatically generated data (scoring, tags, semantic profiles), usage data, communication, possibly textsLegitimate interest / consent / contract (depending on the tool)Until completion of the respective process or revocation
Internal group processingAll relevant categories from contract, IT, communicationContract / legitimate interest (corporate structure, internal administration)Analogous to primary purpose
Use of publicly accessible data sourcesData from registers, media, internetLegitimate interest / legally permissible for publicly accessible dataDepending on the purpose / regular review

Recipients and disclosure of personal data

We only disclose your personal data if this is necessary for the performance of a contract, to comply with legal obligations, based on your consent or to safeguard legitimate interests, provided that there are no overriding interests on your part that warrant protection. We also process data that has been contractually agreed to be confidential or particularly sensitive. Such data is only disclosed on a legal basis, in accordance with a contractual obligation, contractual rights, or with your express consent. Depending on the processing, personal data may be transferred to the following categories of recipients:

  • Rey companies: Data may be passed on within Rey companies, e.g., for central administration, project management, or IT provision. In doing so, we observe group-wide data protection agreements and access restrictions. A list of Rey companies can be found on our homepage.
  • Service providers (contractors): We use carefully selected third parties in Germany and abroad, e.g., for IT services, cloud services, hosting, support, accounting, auditing, human resources management, marketing services, debt collection, transport, or logistics. These service providers are contractually obliged to process personal data only in accordance with our instructions. This may also include health data. Some recipients (e.g., IT service providers, auditors) work with subcontractors. We ensure through appropriate contractual arrangements that these subcontractors also comply with data protection requirements.
  • Contractual partners and business customers: If you act as a contact person or employee for a contractual partner, your contact details may be passed on to other business partners involved (e.g. in the context of service provision, project communication, access to platforms);
  • Authorities, courts, public bodies: If we are legally obliged or entitled to do so, or if we deem it necessary to protect our interests, we will disclose personal data to government agencies, supervisory authorities, courts, or other public bodies in Germany and abroad.
  • Insurance companies, banks, payment partners: Data may be transferred if necessary for payments, insurance claims, or security deposits;
  • Other recipients: In individual cases, other recipients may also be affected, e.g., in the event of company takeovers, legal proceedings, forensic investigations, or emergency processes, or media and associations in which we are involved.

We only disclose particularly sensitive personal data (e.g., health data) if there is a legal obligation to do so, if you have expressly consented to this, or if it is necessary for the performance of a contract and appropriate protective measures have been taken.

We do not sell your data to third parties or pass it on to third parties for advertising purposes, unless you have expressly consented to this (e.g. in the case of joint marketing campaigns with partner companies).

All recipients are obliged to comply with data protection regulations. In cases where data is transferred abroad, we ensure that an adequate level of data protection is guaranteed (see next chapter).

Data disclosure abroad and guarantees

As explained above, we may also transfer personal data to recipients abroad in the course of our business activities, abroad, in particular when using IT service providers (e.g., Microsoft, Brevo, Google), for internal group data exchange, or in connection with contractual services. These may be countries within Europe or so-called third countries outside the scope of the Swiss Data Protection Act or the GDPR.

If there is no adequate level of data protection in the recipient country, we ensure that appropriate data protection safeguards are in place. As a rule, we rely on standard contractual clauses of the European Commission (available at: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj ) or other instruments recognized under Swiss law.

In the following cases, a transfer may also be permissible without such safeguards, in particular if:

  • You have expressly consented (Art. 17 para. 1 lit. a DSG / Art. 49 para. 1 lit. a GDPR);
  • the transfer is necessary for the performance of a contract with you or for the implementation of pre-contractual measures at your request (Art. 17 para. 1 lit. b DSG / Art. 49 para. 1 lit. b GDPR) or for the performance of a contract in the interest of the data subject with another person (Art. 49 para. 1 lit. c GDPR),
  • the disclosure is required by law or there is an overriding public interest (Art. 17 para. 1 lit. c DSG / Art. 49 para. 1 lit. d GDPR);
  • the data is publicly available and you have not expressly objected to its processing (Art. 17 para. 2 lit. a DSG).

It should also be noted that, for technical reasons, Internet data traffic is often routed through third countries, even if the sender and recipient are located in the same country. This applies in particular to the use of cloud services, communication platforms, or AI tools.

Despite technical, contractual, and organizational measures, there is a residual risk in certain third countries that your data may be accessed by the government without adequate legal protection. Where possible, we avoid such situations or examine risk-minimizing alternatives.

Storage period and deletion deadlines

We only process your personal data for as long as is necessary for the respective purpose. The storage period depends on:

  • the statutory or contractual retention obligation;
  • our legitimate interests in documentation, preservation of evidence, or IT operational security;
  • a technical necessity (e.g., backup/archive systems);
  • or your express consent for longer processing.

Once the purpose has been achieved and the deadline has expired, we delete or anonymize your data in accordance with our internal deletion policies.

Job applicants' application documents are generally deleted or destroyed six months after the application process has been completed, unless they are to be stored in the talent pool. If the applicant is hired, the application documents become part of the personnel file and are subject to the provisions of the internal data protection declaration for employees from that point on.

Please note: Even after deletion from the productive system, your data may remain stored in backup or archive systems for a limited period of time for technical reasons. Such data will be automatically deleted or overwritten as soon as this is technically possible and no longer required for recovery (e.g., in the event of a system failure or to ensure the integrity of business data).

Protection of your data

We take appropriate technical and organizational security measures to protect your personal data from unauthorized access, loss, misuse, alteration, or disclosure. In doing so, we follow proven standards of IT and data protection management (e.g., access controls, encryption, physical security measures, logging, training, instructions). Our security measures are state-of-the-art and are continuously adapted, improved, and reviewed for effectiveness. Access to your data is only possible for authorized persons within our company and commissioned service providers, insofar as this is necessary to fulfill the purpose.

Even after deletion or blocking, it may be technically necessary for data to remain in backup copies, logs, or archive systems for a limited period of time. In such cases, the data will be systematically blocked and permanently deleted after the respective deletion cycles have expired.

Your rights as a data subject

As a data subject, you have the following rights in particular in accordance with the applicable data protection law:

  • Information about your personal data processed by us;
  • Correction of incorrect or incomplete data;
  • Deletion of your personal data, provided that there are no legal or contractual retention obligations or other overriding interests that prevent this;
  • Restriction of the processing of your personal data;
  • Objection to certain data processing (in particular for direct marketing or legitimate interests);
  • Revocation of consent given with effect for the future. A revocation only takes effect for the future; the legality of the processing carried out up to that point remains unaffected.

If you wish to exercise any of these rights, you can contact us at any time (see contact details below). We reserve the right to request appropriate evidence to verify your identity, such as a copy of your ID or confirmation of your email address, if there is any doubt about your identity.

Our response will generally be in electronic form (e.g., via PDF). If we do not process any data about you, we will inform you accordingly. Your request and our response will be stored by us for documentation purposes for two years and then deleted. A log entry with your name, date, and type of response will remain for the general limitation period (max. ten years).

In the case of obviously unfounded or excessive requests (e.g., in the case of repetitions without new facts), we reserve the right to charge a fee of up to CHF 300.00 in advance in accordance with Art. 19 para. 4 DSG. You will be notified of this in advance.

You also have the right to lodge a complaint with the competent data protection supervisory authority.

Cookies and third-party technologies

We use cookies and similar technologies (e.g., pixels, tags, local storage) on our website to ensure functionality, personalize content, and analyze usage. Cookies are small text files that are stored on your device and collect certain information, such as your IP address, browser used, time of visit, or usage behavior.

Your options

When you visit our website for the first time, you will be asked to set your cookie preferences using a consent tool. You can adjust or revoke your selection at any time by clicking on the “Change your consent” or “Revoke your consent” link at the end of this privacy policy.

Cookie categories

We distinguish between the following types of cookies in particular:

  • Necessary cookies: Required for the operation and security of the website;
  • Preference cookies: Enable, for example, the storage of language settings;
  • Statistics cookies: Used for anonymous analysis of usage (e.g., via Google Analytics);
  • Marketing/tracking cookies: Collect information about usage behavior for personalized advertising (e.g., through Meta Pixel, LinkedIn Insight Tag).

Third-party providers used (selection)

We also use technologies from the following external providers on our website:

Managing and revoking cookies

You can find your current consents and a complete list of all cookies used, their purposes, durations, and providers in our CookieFirst consent tool. You can access it at any time via the “Change your consent” or “Revoke your consent” link at the end of this privacy policy.

You can also delete or block cookies in your browser. Please note, however, that this may restrict certain functions of the website.

Social media and external platforms

We operate publicly accessible profiles and pages on social networks and platforms in order to communicate with customers, interested parties, and partners and to provide information about our services. If you interact with us via such platforms (e.g., liking or commenting on posts or sending us messages), the data protection provisions of the respective providers also apply.

Depending on the platform, joint responsibility may apply (e.g., on LinkedIn or Instagram), especially if we are provided with aggregated usage statistics. In such cases, we will inform you about the essential content of the relevant agreements with the platform operators in accordance with Art. 21 DSG or Art. 26 GDPR.

Please note that we have no influence on the data processing carried out by the platform providers. They collect, store, and use your data (e.g., IP address, location, usage behavior, interests, length of stay, interactions) for their own purposes—in particular for profiling and advertising purposes.

Platforms used and links to privacy policies

We operate LinkedIn pages at the following addresses:
https://www.linkedin.com/company/rey-technology
https://www.linkedin.com/company/idip-solution
https://de.linkedin.com/showcase/reygmbh

We operate an Instagram profile at the following address:
https://www.instagram.com/reytechnology_com 

We operate YouTube channels at the following addresses:

https://www.youtube.com/@iDIPSolution
https://www.youtube.com/@reytechnology3465 

If you do not want platform providers to associate your visit to our website with your user account, please log out of the respective network before visiting and delete the corresponding cookies.

Changes to this privacy policy

This privacy policy is not part of any contract with you. We reserve the right to change this privacy policy at any time, in particular in the event of new legal circumstances or requirements, official requirements, or technical developments. The version currently published at the time of your visit is binding: https://www.rey-technology.com/de/datenschutz 

In the event of significant changes, we will actively inform you (e.g., by email, notice on the website, or during your next contact with us), as necessary.

Last update: July 29, 2025