Privacy Policy

We are pleased to welcome you to our website and delighted that you are interested in Roto and our products and services. To ensure that you feel safe and comfortable visiting our website, we take the protection of your personal data and the confidential handling of this data extremely seriously.

In this privacy policy, we therefore provide you with information on when we store which data, and the purpose for which we use this data – naturally, in accordance with the applicable data protection regulations.

1. Contact details of the Controller

Roto Frank Fenster- und Türtechnologie GmbH
Wilhelm-Frank-Platz 1
70771 Leinfelden-Echterdingen

represented by the Company Management:

Marcus Sander (Chairman)
Michael Stangier

2. Data protection officer

Please direct any enquiries to the above address, addressed to the "Data protection officer".

3. Purposes and legal bases for collecting and processing personal data

When you use this website, your personal data is processed on the basis of various legal bases.

(1) Website in general

When you visit our website, our web server automatically collects information of a general nature. This includes the type of web browser, the operating system used, the domain name of the Internet service provider, the IP address, the website from which you accessed our website, the pages that you visit on our website, and the date and duration of the visit.

Some of this information is recorded in cookies that are stored on your client. This is sometimes necessary in order to display the page directly and to allow you to use the login area. The legal basis for the processing of required personal data, such as your IP address, is our legitimate interest in accordance with Article 6(1f) GDPR. Our interest lies in being able to display the content of this website to you. The purpose of the processing is to be able to display this website to you and ensure that the website is displayed correctly without any errors.

(2) Cookiebot

This also includes giving you a choice as to which cookies are set and which information we collect concerning you. We use the services provided by Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (Cookiebot) for this purpose.

We take into account your preferences and process data for marketing, analysis and personalisation purposes only if you give your consent by clicking on "Allow all cookies". Your consent applies to the domain You can withdraw your consent with effect for the future at any time. Further information on the cookies and setting options can be viewed by clicking on "Show details". Please provide your consent ID and the date when contacting us regarding your consent.

Further information on the handling of transmitted data is provided in the Cookiebot privacy policy.

You can also prevent Cookiebot from processing your data by disabling JavaScript in your browser or installing a script blocker, such as, in your browser. However, if you disable JavaScript then we will no longer be able to log your preferences.

Where you provide consent, we process your personal data based on this consent and in accordance with Article 6(1a) GDPR.

(3) Cookies

(4) Contact form

You have the option to contact us via our e-mail address or the contact form. We will, of course, use the personal data transmitted to us in this way solely for the purpose for which you provided the data to us.

If we ask you to enter data in our contact form that is not required to make contact, we will always mark these fields as optional. These details help us to find out more about your enquiry and improve how it is processed. This information is provided expressly on a voluntary basis and with your consent in accordance with Article 6(1a) GDPR. If the information relates to communication options (for example, e-mail address, telephone number), you also consent to us contacting you via this means of communication to respond to your enquiry.

You may, of course, withdraw this consent with effect for the future at any time. Please contact our data protection officer to do so.

(5) Customer registration/supplier portal

You have the option to register with us and create an account as a customer (window/door manufacturer, coating retailer) or as a supplier. We collect and store the following data from you for registration (* mandatory fields):

* Title, * First name, * Last name, * E-mail (username), * Password, Company, Complete address, Country, Language, Telephone, Fax, Website.

For registration as a customer, we use the double opt-in procedure: After clicking on "Create account," you will be sent an e-mail with an activation link to the e-mail address you have provided. Registration is not complete until you have clicked on this activation link.

Once you have successfully registered, you will receive personal, password-protected access, and can view and manage the data you have provided. Registration is voluntary, but may be required to use our services. The legal basis is therefore your consent in accordance with Article 6(1a) GDPR.

If you place orders and we collect personal data from you in relation to these orders, the legal basis is the contract in accordance with Article 6(1b) GDPR.

(6) Newsletter

When you register as a customer (see above), you also have the option of subscribing to our newsletter. For subscription to our newsletter and when registering as a customer, we use the double opt-in procedure. This means that once you have provided your e-mail address, we will send a confirmation e-mail to the specified e-mail address to ask you for confirmation. If you confirm your request, you will then receive the newsletter and continue to do so until you unsubscribe from it. For the subscription and confirmation, we store your IP addresses and the dates/times to prevent your personal data being misused. The legal basis is your consent in accordance with Article 6(1a) GDPR.

You may withdraw your consent to being sent the newsletter at any time. To do so, click on the corresponding link provided in each newsletter or contact the data protection officer using the details above.

(7) Applications

You can apply to Roto online via our application portal. Your online application is sent directly to the HR department via an encrypted connection and is, of course, handled confidentially. We will use your information exclusively for the purpose of processing your application and will not forward your details to third parties outside the Roto Group.

Further information on the data processing carried out during the application process is provided in the privacy policy for our application portal. If you have applied for a specific position and this vacancy has already been filled or we think that you are equally or even better suited to another role, we would like to be able to forward your application within the company. Please tell us if you agree to your application being forwarded in this way. We will erase your personal data no later than six months following the completion of the application process, unless you have expressly given your consent for us to store your data for longer. In this case, the legal basis would be your consent in accordance with Article 6(1a) GDPR; also Section 26(1) GDPR.

Please note that we exclusively provide the application portal for applications. If you wish to submit your application via e-mail though, it is important to note that e-mail attachments are not encrypted.

(8) YouTube

We use a social plugin from YouTube, Google on our website; see "Google Analytics" section above for the address.

The plugin allows you to view, share and comment on content. Personal data is also transmitted to the provider via the plugin. We do not have any influence over the scope of the data that is collected using the plugin.

To prevent data from being transferred against your wishes, the plugins are disabled on this website by default. The plugin is not enabled until you click on the relevant icon; data can then be transmitted to the provider. For this purpose, when the plugin is enabled, a connection is established between your browser and the YouTube server. If the plugin is enabled, information such as your IP address, the fact that you have visited our site and other browser-related information is transmitted as soon as you access our site.

Further information on the data that is collected through the integration of social plugins and the purpose for which the data is used can be found in the Google Privacy Policy.

The purpose is being able to provide additional information to you. If you have provided your consent to us, this forms the legal basis in accordance with Article 6(1a) GDPR.

4. Data transfer to other companies within the Roto Group

As a general rule, your data is not transmitted to third parties outside of the Roto Group unless we are legally obligated to do so or the data transfer is required to perform the contract or you have expressly given your prior consent to the transfer of your data. External service providers and partner companies will receive your data only to the extent required to process your enquiry. However, in these cases, the data transmitted is limited to the minimum extent required. If our service providers come into contact with your personal data, we will ensure that they comply with the applicable data protection regulations as we do. Please also note the relevant privacy policies of the providers. The relevant service provider is responsible for the content of third-party services, although we check the services for compliance with the statutory requirements within the bounds of what is reasonable.

5. Data transfer to external service providers (processors)

Your data will be passed on to service partners to the extent that they are acting on our behalf and supporting Roto in the provision of its services. Any processing of your personal data by commissioned service providers is carried out within the scope of commissioned data processing in accordance with Article 28 GDPR. Service providers receive access only to the personal information that is required to carry out the relevant activity. These service providers are prohibited from passing on your personal information or using your personal information for other purposes, in particular for their own advertising purposes. Insofar as external service providers come into contact with your personal data, we have taken legal, technical and organisational measures and perform regular checks to ensure that these service providers also comply with the applicable data protection regulations.

6. Data erasure and storage period

The personal data of data subjects is erased or blocked as soon the purpose of storage no longer applies. The data may continue to be stored beyond this period if stipulated by European or national legislators in regulations or legislation under Union law or other regulations to which the controller is subject. The data will likewise then be blocked or erased once a storage period prescribed by the specified regulations expires, unless the data needs to be retained further for the purposes of concluding or executing a contract.

For information regarding the storage period for cookies, please refer to the information on Cookiebot.

7. Rights of the data subject

If personal data concerning you is processed, you are a data subject as defined in the GDPR and you have the following rights with respect to the controller:

(1) Right of access in accordance with Article 15 GDPR

You can request confirmation from us on whether we are processing personal data that concerns you. If we have processed data relating to you, you are entitled to other rights of access as specified in Article 15 GDPR.

(2) Right to rectification

If the data that we have collected relating to you is incorrect or incomplete, you can request that we promptly rectify it in accordance with Article 16 GDPR.

(3) Right to restriction of processing

In accordance with the requirements of Article 18 GDPR, you can, under certain circumstances, also request that the processing of your personal data is restricted.

Once processing has been restricted, your data must only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State. We will notify you before lifting the restriction.

(4) Right to erasure

You have the right to ask us to erase the personal data concerning you without undue delay where one of the grounds defined in Article 17(1) GDPR applies, unless there is an exemption to the erasure obligation in accordance with Article 17(3) GDPR.

(5) Right to notification

If you have asserted against us the right to rectification, erasure or restriction of processing, we are obligated in accordance with Article 19 GDPR to notify all recipients of your personal data of this rectification or erasure of the data or restriction of processing unless this proves to be impossible or involves a disproportionate effort. You also have the right to be notified of these recipients. You have the right to be informed of these recipients by the controller.

(6) Right to data portability

Furthermore, in accordance with Article 20 GDPR, you have the right to receive the personal data concerning you in a machine-readable format and to transmit the data to another controller without hindrance, provided that the requirements defined in Article 20(1a) GDPR are met, or to have your personal data transmitted directly by us to another controller, where this is technically feasible and does not impair the rights and freedoms of others. This right does not apply to the processing of personal data that is necessary for the performance of a task carried out in the public interest or in the exercise of official authority.

(7) Right to object

You have the right to submit to Roto Frank Fenster- und Türtechnologie GmbH an objection to the processing of personal data concerning you at any time in accordance with Article 6(1f) GDPR.

We will then cease processing your personal data unless there are compelling legitimate reasons for doing so which outweigh your interests, rights and freedoms, or unless the processing is used to establish, exercise or defend legal claims.

(8) Right to withdraw consent under data protection law

You have the right to withdraw your consent under data protection law at any time by notifying Roto Frank Fenster- und Türtechnologie GmbH accordingly. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

(9) Right to lodge a complaint with a supervisory authority

If you consider that the processing of the personal data concerning you infringes the GDPR, you have the right – without prejudice to any other administrative or legal remedy – to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place of the alleged infringement at any time.

8. Changes to the privacy Policy

This privacy policy will be updated on an ongoing basis as the Internet and our website evolves. We will announce any changes on this page in good time. For information on our current data protection regulations, you should check this page on a regular Basis.

Map Locations

Roto Division FTT

      Roto Division DST