RIKUTEC Richter Kunststofftechnik GmbH & Co.KG
Tel.: +49 2681 95 46-0
Fax: +49 2681 95 46-33
Registry court Montabaur, HRA 11585
PhG: Richter Kunststofftechnik GmbH, Altenkirchen
Registry court Montabaur, HRB 11817
VAT ID no. DE 148 00 52 63
Bodo W. Richter, MBA
Hermann Hassler, MBA
Person responsible for the content pursuant to § 10 paragraph 3 of the MDStV (governmental contract about media services):
Bodo W. Richter, MBA.
Concept and design: Jeschenko MedienAgentur Köln GmbH
We periodically update our information on these internet pages. RIKUTEC KUNSTSTOFFTECHNIK GMBH & CO. KG can not be held liable for damages related to this information. Therefore, we expressly do not claim any warranty or guarantee and make no representations as to the accuracy or completeness of the information provided or referenced.
Any use of our internet pages and their content is at the user’s own risk. Neither RIKUTEC KUNSTSTOFFTECHNIK GMBH & CO. KG nor any other party that is responsible for the production, design and maintenance of the entire website and individual parts thereof, shall be liable in any way for any direct or indirect damages that may arise as a result of access to, use of, or the inability to use the website of RIKUTEC KUNSTSTOFFTECHNIK GMBH & CO. KG.
Despite careful content-related monitoring, we assume no liability for the content of external links. The content of the linked pages are the sole responsibility of their respective operators. RIKUTEC KUNSTSTOFFTECHNIK GMBH & CO. KG cannot guarantee that the website or linked websites are free of harmful content.
Therefore, RIKUTEC KUNSTSTOFFTECHNIK GMBH & CO. KG rejects any liability for negligently caused material or moral damages, in particular consequential damages, caused by the use of the available information. We reserve the right to change the content of these internet pages without prior notice, whenever we deem this to be appropriate. No liability shall arise from this.
All images and information contained in these web pages, insofar as they are reproducible, are protected by copyright or other industrial property rights. All product names are trademarks. The use and duplication of this information by RIKUTEC KUNSTSTOFFTECHNIK GMBH & CO. KG is not permitted without the prior written consent of RIKUTEC KUNSTSTOFFTECHNIK GMBH & CO. KG.
RIKUTEC KUNSTSTOFFTECHNIK GMBH & CO. KG
These web pages contain general information about RIKUTEC KUNSTSTOFFTECHNIK GMBH & CO. KG, as well as their products and services. They are not meant to provide technical advice or instructions on the products and services sold by RIKUTEC KUNSTSTOFFTECHNIK GMBH & CO. KG.
Before using or applying our products, the technical information enclosed with the products must be observed. For special inquiries about our products and services, please contact us directly.
Data Protection Policy of RIKUTEC Richter Kunststofftechnik GmbH & Co.KG
Trust is the key to all communication and cooperation. That is why the responsible handling of your data is of great importance to RIKUTEC Richter Kunststofftechnik GmbH & Co.KG (hereinafter referred to as ‘RIKUTEC’).
Thank you for your interest in our company. Data protection is particularly important to the management of RIKUTEC. You can generally use the RIKUTEC website without specifying any personal data. If you wish to use particular services of our company through our website, it may be necessary to process personal data for this purpose. Where it is necessary to process personal data and if there is no legal basis for this processing, we generally obtain consent from you as the data subject.
Personal data, e.g. name, postal address, email address or phone number of a data subject, shall be processed at all times in accordance with the General Data Protection Regulation (GDPR) and the country-specific data protection regulations that apply for RIKUTEC. With this Data Protection Policy, our company would like to inform the general public of the type, scope and purpose of the personal data collected, used and processed by us. In addition, this Data Protection Policy serves to inform data subjects of their rights.
RIKUTEC, as the data controller, has implemented numerous technical and organisational measures to ensure that the personal data processed on this website is protected as consistently as possible. Nevertheless, there are inherent security risks in transmitting data through the Internet, which makes it impossible to completely safeguard the data. For this reason, you are at liberty to transmit personal data to us through alternative channels, e.g. by phone. If any of the terms used in the following information require explanation or seem vague, we have attached a glossary as a reference (Appendix 1).
I. Name and address of the controller
The controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection regulations of the Member States and other regulations relating to data protection is:
RIKUTEC Richter Kunststofftechnik GmbH & Co.KG
Phone +49 2681 95 46-0
Fax +49 2681 95 46-33
(hereinafter referred to as ‘RIKUTEC’).
II. General information on data processing
You can generally visit our homepage and use our range of online services without providing personal data. Personal data refers to particulars about the personal and factual circumstances of an identified or identifiable person (Section 3 (1) BDSG [German Federal Data Protection Act]), i.e. data that would allow conclusions to be drawn about a certain individual. This data shall only be collected or stored by us if you disclose the data to us voluntarily, e.g. by contacting us.
In this respect, we apply the principles of data economy and data reduction: If, for example, you use our contact form to contact us, you thereby consent to the temporary processing, storage and use of the data provided by you to enable us to contact you. This data shall be erased by us without undue delay once the matter has been resolved and/or your question answered, unless a business deal ensues from this or you explicitly consent to further processing.
1. Scope of the processing of personal data
We collect and use the personal data of our users strictly to the extent necessary to provide a fully functioning website and our content and services. We collect and use the personal data of our users strictly with the user’s consent pursuant to Art. 6 (1) a) GDPR. An exception to this rule applies in those cases where it is not possible to obtain prior consent for practical reasons and where statutory regulations permit the data to be processed, e.g. to perform a contract to which the data subject is party pursuant to Art. 6 (1) b) GDPR or where processing is necessary to safeguard the legitimate interests of our company or a third party, and where such interests are not outweighed by the interests or fundamental rights and freedoms of the data subject pursuant to Art. 6 (1) f) GDPR. For purposes of clarification, the statutory privileges pursuant to Art. 6 (1) b) GDPR shall also apply for processing that is necessary for implementing measures prior to entering into a contract.
2. Data erasure and data storage period
Your personal data shall be erased or blocked where there is no longer any reason to store such. Data may be stored beyond this period where stipulated by the European or national legislative authorities in Union regulations, laws or other provisions to which RIKUTEC is subject. Data shall also be blocked or erased where a storage period dictated by the aforementioned standards expires, unless it is necessary to continue to store the data for the purpose of concluding or performing a contract.
III. Providing the website and creating log files
1. Description and scope of data processing
Each time our website is accessed, our system automatically collects data and information from the computer system of the requesting computer. The following data is collected and processed on the basis of Art. 6 (1) f) GDPR:
(1) Browser types and versions used
(2) The operating system used by the accessing system
(3) The website from which an accessing system was referred to our website (so-called referrer)
(4) The sub-pages of our website that are accessed by an accessing system
(5) The date and time of access to the website
(6) An Internet protocol address (IP address)
(7) The Internet service provider of the accessing system
(8) Other similar data and information that can be used for the prevention of hazards in the event that our IT systems are attacked.
This data is also stored in our system’s log files. This does not include the user’s IP addresses or other data that enables said data to be associated with a specific user. This data shall not be stored together with other personal data of the user.
This information is needed to
(1) correctly display the contents of our website,
(2) optimise the content of our website and advertising for it,
(3) ensure the functional reliability of our IT systems and our website technology,
(4) provide law enforcement authorities with the information necessary for prosecution in the event of a cyber-attack.
2. Explicit purpose of data processing
The aforementioned anonymised data and data types are stored in log files to ensure that the website functions properly. The data also enables us to optimise the website and to ensure the safety of our IT systems. In this context, the data is not evaluated for marketing purposes.
3. Storage period
The data shall be erased as soon as it is no longer required to achieve the purpose for which it was collected. Where data is stored in log files, this shall be the case after seven days at the latest. It is possible for data to be stored beyond these periods. In this case, the IP addresses of the users shall be deleted or irreparably distorted so that a client visiting the website can no longer be identified.
4. Objection and deletion options
The collection of data to enable provision of the website and the storage of data in log files is essential for the website to function properly. Consequently, there is no option available for the user to object.
1. Description and scope of data processing
For this purpose, the following data is stored in the cookies and transmitted:
(1) Language settings
(2) Items in a shopping basket
(3) Log-in information
Art. 6 (1) f) GDPR provides the legal basis for processing the personal data with the use of technically essential cookies.
The cookies enable the following data to be transmitted:
(1) Search terms entered
(2) Frequency of website visits
(3) Use of website functions
In this context, we also offer detailed information on how to prevent the storage of cookies by adjusting your browser settings accordingly. You can prevent cookies from being installed by our website by adjusting the browser settings accordingly at any time; this disables the instalment of cookies on a permanent basis.
2. Purpose of data processing
The user data collected by technically essential cookies shall not be used to create user profiles. Analysis cookies are used for the purpose of improving the quality of our website and its content. The analysis cookies show us how the website is used, enabling us to continue to optimise the content.
These purposes and the purposes of performing our business activities for the well-being of all our employees and shareholders also constitute our legitimate interests in data processing pursuant to Art. 6 (1) f) GDPR.
3. Storage period, objection and deletion options
You will have to change the settings of your Flash Player to prevent the instalment of so-called flash cookies as this cannot be done in your browser settings.
V. Contact form and email contact
1. Description and scope of data processing
A contact form, which can be used to contact us electronically, is available on our website. If the user makes use of this option, the data entered on the input screen is transmitted to us and stored by us. This data includes:
(1) First and last name (optional)
(2) Company name (optional)
(3) Email address
(4) Your message to us
At the time the message is sent, the following data is also stored:
(1) The IP address of the user
(2) The date and time of the interaction
Before the contact form is actually transmitted, we shall obtain your consent for the processing of the data and refer you to this Data Protection Policy.
Alternatively, you may contact us using the email address provided, or by phone or fax. In such cases, the user’s personal data transmitted in the email is processed electronically.
The data shall not be forwarded to third parties in this context. The data shall be used solely for processing the conversation and not for advertising or other informational purposes.
2. Legal basis for data processing
The legal basis for the processing of data, where consent has been given by the user to do so, is Art. 6 (1) a) GDPR.
Art. 6 (1) f) GDPR provides the legal basis for processing the personal data that is transmitted in an email. Additionally, Art. 6 (1) b) GDPR provides the legal basis for processing data where the purpose of the email contact is to conclude a contract.
3. Purpose of data processing
We process the personal data entered in the input screen solely for the purpose of processing the request. If contact is made by email, this also constitutes the required legitimate interest in the processing of the data.
The purpose of the other personal data processed during the transmission of the contact form is to prevent misuse of the contact form and to ensure the safety of our IT systems.
4. Storage period
The data shall be erased as soon as it is no longer required to achieve the purpose for which it was collected. With regard to the personal data entered in the input screen of the contact form and the personal data sent by email, this is the case when the conversation with the user has ended. The conversation is deemed ended when the circumstances would suggest that the issue has been conclusively resolved.
Additional personal data collected during the transmission of the contact form is usually erased after a period of seven days.
5. Objection and deletion options
The user has the right at any time to withdraw his/her consent to the processing of the personal data. If the user contacts us by email using the address specified in Section II. above, he/she may object to the storage of his/her personal data at any time. In such cases, the communication can, however, not be continued by email.
In this case, all personal data stored upon contacting us shall be erased without undue delay.
VI. Rights of the data subject
Where personal data relating to you is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis RIKUTEC:
1. Right of access
You have the right to obtain from RIKUTEC confirmation as to whether or not personal data relating to you is being processed by us.
If such data is processed, you may obtain from RIKUTEC access to the following information:
(1) The purposes for which the personal data is processed.
(2) The categories of personal data processed.
(3) The recipient or categories of recipients to whom the personal data relating to you was disclosed or is still being disclosed.
(4) The planned storage period for the personal data relating to you or, where specific details are not available, the criteria for determining the storage period.
(5) The existence of the right to rectification or erasure of the personal data relating to you, the right to restriction of processing by RIKUTEC or the right of objection to such processing.
(6) The existence of the right to lodge a complaint with a supervisory authority.
(7) All available information on the origin of the data, where the personal data is not collected from the data subject.
(8) The existence of automated decision-making, including profiling, referred to in Art. 22 (1) and (4) GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
You also have the right to request information on whether the personal data relating to you is transmitted to a third country or to an international organisation. In this context, you may request information on the appropriate safeguards pursuant to Art. 46 GDPR in connection with such a transmission.
2. Right to rectification
You have the right to obtain from RIKUTEC rectification and/or completion, insofar as the processed personal data relating to you is inaccurate or incomplete. RIKUTEC shall rectify the data without undue delay.
3. Right to restriction of processing
Under the following conditions, you may request that the processing of the personal data relating to you be restricted:
(1) Where you contest the accuracy of the personal data relating to you for a period enabling RIKUTEC to verify the accuracy of the personal data.
(2) Where the processing is unlawful and you oppose the erasure of the personal data and request the restriction of use of the personal data instead.
(3) Where RIKUTEC no longer requires the personal data for the purposes of processing, but you require this data for the establishment, exercise or defence of legal claims.
(4) Where you have objected to processing pursuant to Article 21 (1) GDPR pending the verification whether the legitimate grounds of RIKUTEC override yours.
Where processing of the personal data relating to you has been restricted, such data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
Where processing has been restricted under any of the aforementioned conditions, you shall be informed by RIKUTEC before the restriction on processing is lifted.
4. Right to erasure
a) Duty to erase
You have the right to obtain from RIKUTEC the erasure of personal data relating to you without undue delay and RIKUTEC shall be obligated to erase this personal data without undue delay where one of the following grounds applies:
(1) The personal data relating to you is no longer required for the purposes for which it was collected or otherwise processed.
(2) You withdraw your consent on which the processing pursuant to Art. 6 (1) a) or Art. 9 (2) a) GDPR was based, and where there is no other legal basis for the processing.
(3) You object to the processing pursuant to Art. 21 (1) GDPR and there are no overriding legitimate reasons for the processing, or you object to the processing pursuant to Article 21 (2) GDPR.
(4) The personal data relating to you was processed unlawfully.
(5) It is necessary to erase the personal data relating to you for compliance with a legal obligation under the Union or Member State law to which RIKUTEC is subject.
(6) The personal data relating to you was collected in relation to the offer of information society services referred to in Article 8 (1) GDPR.
There shall be no right to erasure where processing is necessary
(1) for exercising the right to freedom of expression and information;
(2) for compliance with a legal obligation, which requires processing under the Union or Member State law to which RIKUTEC is subject, or for the performance of a task carried out in the public interest; or
(3) for the establishment, exercise or defence of legal claims.
5. Right to notification
Where you have exercised your right to obtain rectification, erasure or restriction of processing from RIKUTEC the latter shall be obligated to communicate any rectification or erasure of personal data or restriction of processing to each recipient to whom the personal data relating to you has been disclosed, unless this proves impossible or involves disproportionate effort.
You have the right to request that RIKUTEC notify you of these recipients.
6. Right to object
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you that is performed on the basis of Art. 6 (1) e) or f) GDPR; this shall also apply for any profiling based on these provisions.
RIKUTEC shall no longer process the personal data relating to you, unless it can demonstrate compelling legitimate reasons for the processing which override your interests, rights and freedoms, or unless the processing is necessary for the establishment, exercise or defence of legal claims.
Where the personal data relating to you is processed for direct marketing purposes, you have the right to object at any time to the processing of the personal data relating to you for said purposes; this shall also apply for profiling to the extent that it is related to such direct marketing.
Where you object to the processing of data for direct marketing purposes, the personal data relating to you shall no longer be processed for such purposes.
In the context of the use of information society services, notwithstanding Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications.
7. Right to withdraw consent under data protection law
You have the right to withdraw your declaration of consent under data protection law at any time. The withdrawal of consent shall not affect the lawfulness of any processing for which consent was given and which was carried out prior to the withdrawal thereof.
8. Automated individual decision-making, including profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects on you or significantly affects you in a similar manner. This shall not apply where the decision
(1) is necessary for the purpose of concluding or performing a contract between you and RIKUTEC;
(2) is permissible under the Union or Member State law to which RIKUTEC is subject, and these statutory regulations stipulate suitable measures for safeguarding your rights and freedoms and your legitimate interests;
(3) is made with your explicit consent.
However, these decisions may not be based on specific categories of personal data pursuant to Art. 9 (1) GDPR, unless Art. 9 (2) a) or g) GDPR applies and suitable measures for safeguarding your rights and freedoms and your legitimate interests are in place.
In the cases referred to in (1) and (3), RIKUTEC shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of RIKUTEC, to express your point of view and to contest the decision.
9. Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your habitual place of residence, place of work or place of the alleged infringement, where it is your opinion that the processing of the personal data relating to you is in breach of GDPR regulations.
The supervisory authority with which the complaint was lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of judicial remedy pursuant to Article 78 GDPR.
10. Right to data portability
Pursuant to Art. 20 GDPR, you have the right to receive the personal data relating to you and provided to us by you in a structured, commonly used and machine-readable format. You also have the right to transmit said data to another controller without hindrance from us, where the processing is based on consent pursuant to Art. 6 (1) a) GDPR or Art. 9 (2) a) GDPR or on a contract pursuant to Art. 6 (1) b), and the processing is carried out by automated means, insofar as the processing is not essential for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
In exercising your right to data portability pursuant to Art. 20 (1) GDPR, you also have the right to have the personal data transmitted directly from us to another controller, where this is technically feasible and does not adversely affect the rights and freedoms of others.
VII. Data protection with regard to job applications and application procedures
The controller collects and processes the personal data of applicants for the purpose of transacting the application procedure. The data may also be processed electronically. This is particularly the case where an applicant submits application documents electronically, e.g. by email or by way of an online form, to the controller for processing.
Where the controller concludes an employment contract with the applicant, the transmitted data is stored for the purpose of transacting the employment relationship, taking into account the statutory regulations. Where the controller does not conclude an employment contract with the applicant, the application documents are automatically deleted six months after the application has been rejected, insofar as there are no other legitimate interests on the part of the controller that would oppose such deletion. Another legitimate interest in this sense would be, for example, a burden of proof in a lawsuit under the German General Equal Treatment Act. You are, of course, welcome to submit your application for confidential use in encrypted form.
VIII. Provision of website and use of Google Analytics
We use Google Analytics to periodically review our website and adapt it to your needs. The operator of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
This website uses Google Analytics, a web analysis service provided by Google Inc. (“Google”). Google Analytics uses so-called “cookies”, which are text files that are stored on your computer and enable an analysis of how you use the website.
The information generated by the cookie about your use of this website is normally sent to a Google server in the USA and stored there. If IP anonymisation has been enabled (by us) on this website, however, your IP address will first be truncated by Google within the Member States of the European Union or in other countries that are party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the US and truncated there.
Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports about website activity and to provide the website operator with other services relating to website activity and Internet usage. The IP address transmitted by Google Analytics from your browser will not be combined with any other data held by Google.
You can prevent the storage of cookies on your computer by adjusting your browser settings accordingly; we should point out, however, that in this case you may not be able to use all of the functions of this website to their full extent. You may also prevent Google from collecting and processing the cookie-generated data relating to your use of the website (including your IP address) by downloading and installing the browser plug-in available at the following link (http://tools.google.com/dlpage/gaoptout?hl=de).
You can prevent your data being collected by Google Analytics by clicking on the following link. This sets an opt-out cookie, which prevents your data from being collected when you visit this website in future: Disable Google Analytics
You can find more information on the terms and conditions of use and data protection at http://www.google.com/analytics/terms/de.html or https://policies.google.com/?hl=de. Please note that this website uses Google Analytics with the extension “anonymizeIp” to ensure that IP addresses are consistently collected in anonymised form (so-called IP masking).
IX. Provision of the website and use of Google Maps
This website uses Google Maps API, a map service provided by Google Inc. (“Google”), to display an interactive map and to generate route maps. Google Maps is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
By using Google Maps, information on your use of this website (including your IP address) can be transmitted to a Google server in the US and stored there. Google may forward information generated by Maps to third parties, insofar as this is legally stipulated or where third parties process this data on behalf of Google.
X. Statutory or contractual regulations for the provision of personal data; necessity of personal data for concluding a contract; obligation of the data subject to provide personal data; possible consequences of failure to provide personal data
We hereby inform you that the provision of personal data is partly stipulated by law (e.g. tax regulations) or may be required on the basis of a contract (e.g. details about the contract partner). Occasionally, in order to conclude a contract, it may be necessary for a data subject to provide us with personal data, which we are then required to process. The data subject is, for example, obligated to provide us with personal data where our company concludes a contract with him/her.
The result of failure to provide the personal data would be the inability to conclude a contract with the data subject. Prior to providing personal data, the data subject must contact one of our employees. Our employee shall inform the data subject on a case-by-case basis whether the provision of personal data is stipulated by law or by contract, if it is required to conclude a contract, if he/she is obligated to provide the personal data and what the consequences of failing to provide the personal data would be.
XI. Existence of automated decision-making
As a responsible company, we do not use automated decision-making or profiling.
XII. Appendix 1: Definitions
The Data Protection Policy of RIKUTEC is based on the terms used by the European legislator in the GDPR. Our Data Protection Policy should be easy to read and understand not only for the general public, but also for our clients and business partners. To this end, we would like to explain the terms used. The terms we use in this Data Protection Policy include the following:
a) personal data
‘Personal data’ means any information relating to an identified or identifiable natural person (hereinafter referred to as ‘data subject’). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
b) data subject
A ‘data subject’ is every identified or identifiable natural person, whose personal data is processed by the controller.
‘Processing’ means any operation or set of operations which is performed on personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
d) restriction of processing
‘Restriction of processing’ means the marking of stored personal data with the aim of limiting the processing of such in the future.
‘Profiling’ means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
‘Pseudonymisation’ means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.
‘Controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
‘Processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
‘Recipient’ means a natural or legal person, public authority, agency or other body to which the personal data is disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.
j) third party
‘Third party’ means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
‘Consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he/she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him/her.