• raps.png
  • silo.png
  • speicher.png
  • zapfsaeule.png

Data privacy statement

Thank you for visiting our website www.redcert.org and for your interest in our company. We attach great importance to protecting your personal data. Personal data is information about personal or factual circumstances of an identified or identifiable natural person. This includes, for example, the civil name, address, telephone number and date of birth, but also all other data that can be traced to an identifiable person.

Since personal data enjoys special legal protection, it is only collected by us to the extent necessary for the provision of our website and services. Below we describe which personal information we collect during your visit to our website and how we use it.

Our data privacy practices comply with legal regulations, in particular those of the Federal Data Protection Act (Bundesdatenschutzgesetz - BDSG), the Telemedia Act (Telemediengesetz - TMG) and the General Data Protection Regulation of the EU (GDPR). We only collect, process and store your personal data to the extent necessary to make this website and our content and services available for use, to process enquiries and, if applicable, to handle orders/contracts, but only to the extent that there is a legitimate interest in this regard pursuant to Art. 6(1) p.1 lit. f of the GDPR or any other legal basis for permission. Only if you have given your prior consent separately is your data used further for purposes specifically identified in the consent, e.g. sending advertising information by newsletter.


Person responsible (controller) pursuant to Art. 4(7) of the GDPR

Controller as defined in the GDPR and other national data privacy laws of the member states as well as other data privacy regulations:

REDcert Gesellschaft zur Zertifizierung nachhaltig erzeugter Biomasse mbH

Schwertberger Str. 16

DE-53177 Bonn

Contact: Contact form

Fax: +49 (0) 228 35 06 280


Name and address of Data Privacy Officer

Name: René Fetkenhauer

Address: Alpha Datenschutz UG (haftungsbeschränkt) & Co. KG, Friedrich-Breuer-Str. 34, 53225 Bonn

E-mail: This email address is being protected from spambots. You need JavaScript enabled to view it.


Providing the website and creating log files

Each time you access our website, our system automatically collects data and information from the computer system of the accessing computer. The following data is collected:

Scope of data processing

(1)           Information about the browser type and version used

(2)           The operating system of the accessing computer

(3)           The IP address of the accessing computer

(4)           Date and time of access

(5)           Websites and resources (images, files, other page content) accessed from our website.

(6)           Websites from which the user's system accessed our website (referrer tracking)

This data is stored in the log files of our system. This data is not stored together with the personal data of a specific user so that individual site visitors cannot be identified.

  • Legal basis for processing personal data

Art. 6(1) lit.f of the GDPR (legitimate interest). It is our legitimate interest to ensure that the purpose described below is achieved.

  • Purpose of data processing

Logging is done to maintain compatibility of our website for as many visitors as possible and to combat abuse and troubleshoot problems. For this purpose, it is necessary to log the technical data of the accessing computer in order to be able to respond as early as possible to display errors, attacks on our IT systems and/or errors in the functionality of our website. The data is also used to optimise the website and generally ensure the security of our IT systems.

  • Duration of storage

The aforementioned technical data is deleted as soon as it is no longer required to ensure the compatibility of the website for all visitors, but no later than 3 months after our website has been accessed.

  • Possibilities for objection and erasure

The possibilities for objection and erasure are based on the general regulations regarding the right to object and the right to erasure under data protection law described below in this data privacy statement.


Special functions of our website

Our website offers you a variety of functions which require us to collect, process and store your personal data. We explain what happens to your data in the section below:

  • Contact form(s):

    • Scope of processing of personal data

The data you enter in our contact forms.

    • Legal basis for processing personal data

Art. 6(1) lit.a of the GDPR (tacit consent)

    • Purpose of data processing

The data collected via our contact form or forms is only used to process the specific contact enquiry received via the contact form.

    • Duration of storage

After your enquiry is processed, the collected data is deleted immediately as long as there are no legal retention periods.

    • Possibilities for objection and erasure

The possibilities for objection and erasure are based on the general regulations regarding the right to object and the right to erasure under data protection law described below in this data privacy statement.

  • Login area:
    • Scope of processing of personal data

The registration and login data you entered with us.

    • Legal basis for processing personal data

Art. 6(1) lit.a of the GDPR (tacit consent)

    • Purpose of data processing

You have the possibility to use a separate login area on our website. If you have forgotten your password or user name for this area, you can have this data sent to you again after entering your contact data (e-mail address). We collect, store and process the user data generated when using the login area only for the purpose of preventing misuse and troubleshooting problems or maintaining functionality. The data is not used for other purposes or shared with third parties.

    • Duration of storage

The data collected for the 'Forgot user name or password' function is only used to resend forgotten access data.

    • Possibilities for objection and erasure

The possibilities for objection and erasure are based on the general regulations regarding the right to object and the right to erasure under data protection law described below in this data privacy statement.

  • Newsletter subscription form:
    • Scope of processing of personal data

The data you entered when signing up for the newsletter.

    • Legal basis for processing personal data

Art. 6(1) lit.a of the GDPR (tacit consent)

    • Purpose of data processing

We use the data entered in the registration mask of our newsletter for the sole purpose of sending our newsletter which contains information about all our services and news. After registration, we will send you a confirmation e-mail containing a link that needs to be clicked to complete your subscription to our newsletter (double opt-in).

    • Duration of storage

You can unsubscribe to our newsletter at any time by clicking on the unsubscribe link which is also included in every newsletter. Your data is deleted by us immediately after you unsubscribe. If you do not complete registration, your data is also deleted by us immediately. We reserve the right to delete the data without providing reasons and without informing you before or after the fact.

    • Possibilities for objection and erasure

The possibilities for objection and erasure are based on the general regulations regarding the right to object and the right to erasure under data protection law described below in this data privacy statement.

Information on the use of cookies

  • Scope of processing of personal data

We use cookies on various pages to enable the use of certain functions of our website. 'Cookies' are small text files that your browser can store on your computer. These text files contain a characteristic string of characters that uniquely identify the browser when you return to our site. 'Setting a cookie’ is the process of placing a cookie file.

  • Legal basis for processing personal data

Art. 6(1) lit.f of the GDPR (legitimate interest). Our legitimate interest lies in maintaining the full functionality of our website, increasing its usability and enabling a more individual approach to our customers. We can only identify individual website visitors using cookie technology if the website visitor has previously provided us with corresponding personal data on the basis of a separate consent.

  • Purpose of data processing

The cookies are set by our website in order to maintain the full functionality of our website and to improve usability. Cookie technology also enables us to recognise individual visitors by means of pseudonyms, e.g. an individual, user-defined ID, so that we are able to offer more individual services.

  • Duration of storage

Our cookies are stored in your browser until they are deleted or, in the case of a session cookie, until the session has expired.

  • Possibilities for objection and erasure

Depending on your needs, there are different cookie settings available to you in your browser: you can generally prevent cookies from being set, you can ask to be informed when cookies are set, you can decide whether cookies are accepted on a case-by-case basis or generally decide to accept cookies. Cookies can be used for various purposes, e.g. to detect that your PC has already accessed our website (permanent cookies) or to save recently viewed pages (session cookies). We use cookies to customise your user experience. In order to use our user-friendly functions, we recommend that you allow cookies for our website.

The possibilities for objection and erasure are based on the general regulations regarding the right to object and the right to erasure under data protection law described below in this data privacy statement.

Data security and data privacy, communication by e-mail

Your personal data is protected by technical and organisational measures during collection, storage and processing in such a way that it is not accessible to third parties. In the case of unencrypted communication by e-mail, we cannot guarantee complete data security on the transmission path to our IT systems, so that we recommend encrypted communication or the post for highly confidential information.

Automatic e-mail archiving

  • Scope of processing of personal data

We would like to expressly point out that our mail system has automated archiving. All incoming and outgoing e-mails are digitally archived in a way that prevents them from being tampered with.

  • Legal basis for processing personal data

Art. 6(1) lit.f of the GDPR (legitimate interest). Our legitimate interest lies in compliance with tax and commercial law requirements (e.g. Articles 146, 147 of the Tax Code (Abgabenordnung - AO)).

  • Purpose of data processing

The purpose of archiving is to comply with tax and commercial law requirements (e.g. Articles 146, 147 of the Tax Code (Abgabenordnung - AO)).

  • Duration of storage

Our mail communication is stored until the fiscal and commercial retention requirements expire. The retention period can be up to 10 years.

  • Possibilities for objection and erasure

E-mails sent to bewerbung(at)redcert.de are excluded from archiving. If you have any questions about our e-mail archiving system, please contact our Data Privacy Officer. We would also like to point out that we only consider application documents in PDF format. Zipped (WinZip, WinRAR, 7Zip, etc.) files are filtered out by our security systems and not delivered. Applications in Word file format and other file formats are not considered and are deleted without being read. Please keep in mind that application documents sent unencrypted by e-mail may be opened by third parties before they arrive in our IT systems. We assume that we are also allowed to respond to unencrypted application e-mails without encryption. If you prefer an encrypted response, please let us know in your application mail.

Revocation of consents - data information and change requests - deletion & blocking of data

Once a year you have a right to free information about your stored data and at any time a right to rectification, blocking or deletion of your data. Your data is deleted by us on first request as long as this does not conflict with legal regulations. You can revoke any permission you have granted us to use your personal data at any time. You can send requests for information, erasure and rectification of your data and suggestions at any time to the following address:

REDcert Gesellschaft zur Zertifizierung nachhaltig erzeugter Biomasse mbH

Schwertberger Str. 16

DE-53177 Bonn

Contact: Contact form

Fax: +49 (0) 228 35 06 280

Right of appeal to the supervisory authority pursuant to Art. 77 I of the GDPR

If you suspect that your data is being illegally processed on our site, you can of course at any time initiate legal clarification of the problem. Independently of this, you have the option to contact a supervisory authority. You have the right to appeal in the EU member state of your place of residence, workplace and/or place of alleged infringement, i.e. you can choose the supervisory authority to which you apply in the above places. The supervisory authority to which the complaint was submitted then informs you of the status and results of your complaint, including the possibility of a legal remedy under Art. 78 of the GDPR.

Created by:

© IT-Recht-Kanzlei DURY – www.dury.de

© Website-Check GmbH – www.website-check.de