Status: April 2021
Status: April 2021
Data protection information for customers, suppliers and business partners
Status: April 2021
Thank you for visiting our website and for your interest in our company and our products. E. Wehrle GmbH is a provider of products and solutions in the field of flow measurement technology and precision parts made of plastic. In the following, we inform you in accordance with the applicable data protection regulations about the type and scope of personal data that we collect in the context of
- your visit to our website,
- job advertisements
- the newsletter dispatch
- our social media presences
(hereinafter collectively “Website”), for what purposes we use this data and how we use it to optimize our services for you.
1. responsible person and data protection officer
(1) Responsible under data protection law within the meaning of Art. 4 No. 7 GDPR:
E. Wehrle GmbH
Phone: +49 7723 940-0
Fax: +49 7723 940-178
hereinafter referred to as “Wehrle”, “we” or “us”. Further information about the provider can be found in our imprint.
(2) You can reach the data protection officer by post at the above address with the addition “Attn. data protection officer” or by e-mail as follows: email@example.com.
2. types of data processed, categories of data subjects
2.1 Nature of the data processed
- Master data (e.g., customer master data, such as names, addresses)
- Account data (login, PW # hash)
- Contact details (e.g., email, phone numbers)
- Communication data and history
- Content data (e.g., text input, photographs, videos)
- Contract data (e.g., subject matter of the contract, term, customer category)
- Payment data (e.g., bank details, payment history)
- Usage data (e.g., pages visited, interest in content, access times)
- Meta/communication data (e.g., device information, IP addresses)
- Data according to items 4 and 5
- Applicant data according to item 7
- Data according to section B
2.2 Categories of affected persons
- Visitors and users of the website and online offers
- Customers, prospects and business partners
- Newsletter subscribers and direct marketing in existing customer relationships
- Other communication partners
(Hereafter, we also refer to the data subjects collectively as “Users”).
3. purpose of processing
We use your personal data
- For the provision of the website and the online offer, its functions and contents.
- For the creation and management of your personal customer account.
- To identify you as a contractor
- For responding to contact requests and communication with users.
- For the assertion, enforcement, exercise or defense of and against legal claim(s) and legal dispute(s), and for the detection, investigation and prevention of crime
- For security measures
- For range measurement
- For the purpose of direct marketing, e.g. in the form of an e-mail newsletter or postal advertising.
- For the purpose of product and service satisfaction surveys and analysis thereof.
4. provision of website and log files
(1) During the mere informational use of the website, i.e. if you do not register or otherwise transmit information to us, we only collect the personal data that your browser automatically transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security (legal basis is Art. 6 para. 1 lit. f) GDPR):
- IP address
- Date and time of the request
- Time zone difference from Greenwich Mean Time (GMT)
- Content of the request (concrete page)
- Access status/HTTP status code
- Data volume transferred in each case
- Web page from which the request comes
- Operating system and its interface
- Language and version of the browser software
(2) The IP addresses of the users are deleted or anonymized after termination of use. In the case of anonymization, the IP addresses are changed in such a way that the individual information about personal or factual circumstances can no longer be assigned to a specific or identifiable natural person, or can only be assigned to such a person with a disproportionate amount of time, cost and effort.
(1) In addition to the aforementioned log files data, cookies are stored on your computer when you use our website. Cookies are small text files that are assigned to the browser you are using and stored on your hard drive and through which certain information flows to the body that sets the cookie (here by us). Cookies cannot execute programs or transfer viruses to your computer. They serve to make the Internet offer as a whole more user-friendly and effective.
a) This website uses the following types of cookies, the scope and functionality of which are explained below:
- Session cookies (for this b)
- Persistent cookies (in addition c).
b) Session cookies store a so-called session ID, with which various requests from your browser can be assigned to the joint session. Session cookies are deleted when you log out or close the browser. If you restart your browser and go back to the website, the website will not recognize you. You will need to log in again (if a login is required) or reset templates and preferences if the website offers these features. Then a new session cookie is generated, which stores your information and remains active until you leave the site again and close your browser.
c) Persistent cookies are automatically deleted after a specified duration, which may differ depending on the cookie. You can delete the cookies in the security settings of your browser at any time.
|Technically necessary cookies||Technically necessary cookies enable the use of our website by providing basic functions such as page navigation and access to secure areas of the website. Visiting our website cannot function properly without these cookies.||Session cookies – are deleted when the browser is closed.|
|Performance (e.g., user’s browser), rendering, and preferences.||When using our website, cookies are used (e.g. to recognize the browser) to improve performance (e.g. faster loading of content). When you visit our website, the determined or self-selected country and language selection is stored in cookies to save you from having to select again on subsequent visits. In advance, we check whether your browser supports cookies and this information is stored in another cookie. Subsequently, you will be shown country- and language-specific localized contact information, which will also be stored. The legal basis for this is your consent (Art. 6 para. 1 lit. a) GDPR).||Session cookies – are deleted when the browser is closed.|
|Advertising cookies (marketing)||We use advertising cookies to assess the efficiency of our advertising measures and to derive optimizations from them. The legal basis for this is your consent (Art. 6 para. 1 lit. a) GDPR).||Persistent cookies – remain, but are automatically deleted after 26 months at the latest when the website has no longer been visited, unless shorter periods apply in individual cases.|
(5) Control over cookies
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. When deactivating cookies, the functionality of this website may be limited.
6. e-mail contact
(1) Contact is possible via the e-mail addresses provided on the website. In this case, the personal data of the user transmitted with the e-mail will be stored. The data will be used exclusively for the processing of the request. The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 para 1 lit. f) GDPR. If the e-mail contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b) GDPR.
(2) The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is ended when it is clear from the circumstances that the matter in question has been conclusively clarified.
(3) Notwithstanding para. 2, the following shall apply: Contact requests from customers that relate to a specific business transaction shall be stored as long as this is necessary for the execution and processing of the contract (Art. 6 para. 1 lit. b) GDPR) or due to statutory retention obligations (Art. 6 para. 1 lit. c) GDPR). Contact requests from customers that do not relate to a specific business transaction are stored as long as the business relationship exists. The legal basis is Art. 6 para. 1 lit. f) GDPR to protect our legitimate interests and those of the customer, in particular support and quality assurance. Customers can object to the processing at any time in individual cases.
7. Job advertisements
(1) We advertise vacancies on our website. To process your online application, we collect, process and use your personal data. The legal basis is Art. 6 para. 1 lit. b) GDPR in conjunction with. § 26 BDSG (German Federal Data Protection Act).
(2) We use the service Softgarden (https://softgarden.de/) for this purpose. Softgarden is a cloud-based solution for applicant management. Provider is softgarden e-recruiting GmbH, Tauentzienstraße 14, 10789 Berlin, Germany. There is an agreement with Softgarden on commissioned processing in accordance with Art. 28 GDPR: Appropriate technical and organizational measures ensure that your personal data is treated confidentially within the legal requirements. Softgarden implements the highest security standards thanks to German servers and is TÜV and Dekra certified. You can find more information about Softgaren’s data protection here: https://softgarden.de/unternehmen/datenschutz-webseite/ .
(3) If you have applied for a specific position and this position has already been filled or we consider you to be equally or even more suitable for another position, we would be happy to forward your application within our company. The legal basis for this is Art. 6 para.1 lit. f) GDPR to protect your and our legitimate interests. Please inform us if you do not agree with this procedure.
(4) After termination of the application process, but no later than after 6 months, your personal data will be automatically deleted unless you expressly consent to storage for a longer period.
8. disclosure to third parties
(1) As part of the hosting of our website, your data processed by us is processed on the basis of a contract processing agreement.
(2) In the case of the use of web analytics services and third-party providers, the data is transmitted to the extent described herein, see section B.
9. storage period
We process and store your personal data as long as it is necessary for the fulfillment of our contractual and legal obligations. We delete your personal data as soon as it is no longer required for the above-mentioned purposes. In this context, personal data may be retained for the period during which claims can be asserted against our companies (statutory limitation periods of three or up to thirty years). In addition, we store your personal data to the extent that we are required to do so by law. Corresponding obligations to provide proof and to retain data result from commercial, tax and social security regulations.
10. automated decision-making, profiling
As a matter of principle, we do not use fully automated decisionﬁndings in accordance with Article 22 GDPR to establish and implement the business relationship. We do not engage in profiling.
B. Data processing by third parties
11.1 Google Fonts
(1) On our website we use Google Fonts. These are the “Google Fonts” of the company Google Inc. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services .
(2) The fonts are embedded locally on our servers and are not reloaded from Google servers when the website is called up. The Google fonts are licensed under the “SIL Open Font License, 1.1” or the “Apache License, version 2.0”, see fonts.google.com/attribution. Google’s GitHub page (http://bit.ly/2U7oxHk) says: “Since all the fonts available here are licensed with permission to redistribute, subject to the license terms, you can self-host. For help doing this, see github.com/majodev/google-webfonts-helper”.
11.2 Google Maps
(1) This website uses Google Maps to display interactive maps and to create directions. Google Maps is a map service provided by Google Inc, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services.
(2) By using Google Maps, information about the use of this website, including your IP address and the (start) address entered as part of the route planner function, may be transmitted to Google in the USA. When you call up a web page on our website that contains Google Maps, your browser establishes a direct connection with Google’s servers. The map content is transmitted by Google directly to your browser, which then integrates it into the website. Therefore, we have no influence on the scope of the data collected by Google in this way. According to our knowledge, this is at least the following data:
- Date and time of the visit to the website in question,
- Internet address or URL of the accessed web page,
- IP address, (start) address entered as part of route planning
(3) We have no influence on the further processing and use of the data by Google and therefore cannot assume any responsibility for this.
(5) The purpose and scope of the data collection and the further processing and use of the data by Google as well as your rights in this respect and setting options for protecting your privacy by Google can be found at: https://www.google.com/intl/de/policies/privacy/ .
12. social media plug-ins
We maintain online presences within social networks in order to communicate with users active there or to offer information about us there.
12.1 LinkedIn, XING
(1) We currently use the following social media plug-ins: Linkedln, XING. You can identify the provider of the plug-in by marking its initial letter or logo in the box. We give you the opportunity to communicate directly with the provider of the plug-in via the button. Only if you click on the marked box and thereby activate it, the plug-in provider receives the information that you have accessed the corresponding web page of our online offer. In addition, the data mentioned under item 4 of this declaration is transmitted. By activating the plug-in, your personal data is transmitted to the respective plug-in provider and stored there (in the case of US providers, in the USA).
(2) We have no influence on the collected data and data processing operations, nor are we aware of the full scope of data collection, the purposes of processing, the storage periods. We also have no information on the deletion of the collected data by the plug-in provider.
(3) The plug-in provider stores the data collected about you as usage profiles and uses them for purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (also for users who are not logged in) for the display of tailored advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact the respective plug-in provider to exercise this right. The legal basis for our use of the plug-ins is Art. 6 para. 1 lit. f) GDPR.
(4) The data transfer takes place regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in to the plug-in provider, your data collected by us will be directly assigned to your account with the plug-in provider. If you click the activated button and, for example, link to the page, the plug-in provider also saves this information in your user account and shares it publicly with your contacts. We recommend that you log out regularly after using a social network, but especially before activating the button, as this allows you to avoid an assignment to your profile with the plug-in provider.
(5) For further information on the purpose and scope of data collection and processing by the plug-in provider, please refer to the data protection declarations of these providers provided below. There you will also receive further information about your rights in this regard and setting options for protecting your privacy.
(6) Addresses of the respective plug-in providers and URL with their privacy notices:
- Linkedln Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; https://www.linkedin.com/legal/privacy-policy, Cookie- Policy: https://www.linkedin.com/legal/cookie-policy; Notice on data transfer from EU, EEA and Switzerland to third countries, especially USA: https://www.linkedin.com/help/linkedin/answer/62533?trk=microsites-frontend_legal_privacy-policy&lang=de
(1) We would like to point out that user data may be processed outside the European Union. This may result in risks for users because, for example, it could make it more difficult to enforce users’ rights. With regard to U.S. providers that are certified under the Privacy Shield or offer comparable guarantees of a secure level of data protection, we point out that they thereby undertake to comply with the data protection standards of the EU.
(2) Furthermore, user data within social networks is usually processed for market research and advertising purposes. For example, usage profiles can be created based on the usage behavior and resulting interests of the users. The usage profiles can in turn be used, for example, to place advertisements within and outside the networks that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the users’ computers, in which the usage behavior and interests of the users are stored. Furthermore, data independent of the devices used by the users may also be stored in the usage profiles (especially if the users are members of the respective platforms and are logged in to them).
(3) For a detailed presentation of the respective forms of processing and the options to object (opt-out), we refer to the privacy statements and information provided by the operators of the respective networks.
(4) In the case of requests for information and the assertion of data subject rights, we also point out that these can be asserted most effectively with the providers. Only the providers have access to the users’ data and can take appropriate measures and provide information directly. If you still need help, you can contact us.
(5) Legal basis: Our legitimate interests in presenting the company and addressing customers and interested parties (Art. 6 para. 1 lit. f) GDPR).
(1) We have integrated YouTube videos into our online offer, which are stored on http://www.youtube.com and can be played directly from our website. These are all integrated in “extended data protection mode”, i.e. no data about you as a user is transmitted to YouTube if you do not play the videos. Only when you play the videos, the data mentioned in paragraph 2 are transmitted. We have no influence on this data transmission.
(2) By visiting the website, YouTube receives the information that you have accessed the corresponding subpage of our website. In addition, the data mentioned in section 4 (Provision of the website and log files) of this declaration are transmitted. This occurs regardless of whether YouTube provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be directly assigned to your account. If you do not want the assignment with your profile at YouTube, you must log out before activating the button. YouTube stores your data as usage profiles and uses them for purposes of advertising, market research and/ or needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) for the provision of tailored advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right.
13. links to other websites
(2) The links to external websites are checked by us before linking. However, we have no influence on whether their operators comply with data protection regulations. If we become aware of violations or infringements, we will remove the corresponding links.
C. Rights of the data subjects
14. Your rights
If personal data is processed by you, you are a data subject within the meaning of the GDPR and you are entitled to the following rights against us as the controller.
a) Rights according to Art. 15 ff. GDPR
(1) The data subject has the right to obtain confirmation from the controller as to whether personal data concerning him or her are being processed; if this is the case, he or she has a right of access to such personal data and to the information specified in Article 15 of the GDPR. Under certain legal conditions, you have the right to rectification under Article 16 GDPR, the right to restriction of processing under Article 18 GDPR and the right to erasure (“right to be forgotten”) under Article 17 GDPR. In addition, you have the right to receive the data you have provided in a structured, common and machine-readable format (right to data portability) pursuant to Article 20 GDPR, provided that the processing is carried out with the help of automated processes and is based on consent pursuant to Article 6 para 1 lit. a) or Article 9 (2) (a) or on a contract pursuant to Article 6 para 1 lit. b) GDPR.
b) Withdrawal of consent pursuant to Art. 7 para 3 GDPR
If the processing is based on consent, you can withdraw your consent to the processing of personal data at any time. Please note that the revocation is only effective for the future. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
c) Right of complaint
You have the option of contacting us or a data protection supervisory authority with a complaint (Article 77 GDPR). In Baden Württemberg, the competent supervisory authority is: The State Commissioner for Data Protection and Freedom of Information, P.O. Box 10 29 32, 70025 Stuttgart, Tel.: 0711/615541-0, FAX: 0711/615541-15, e-mail: firstname.lastname@example.org.
|d) Right of objection according to Article 21 GDPR
In addition to the aforementioned rights, you have the right to object as follows:
Right to object on a case-by-case basis
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6 para 1 lit. e) GDPR (data processing in the public interest) and Article 6 para 1 lit. f) GDPR (data processing on the basis of a balance of interests); this also applies to a proﬁling based on this provision within the meaning of Art. 4 No. 4 GDPR.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
Right to object to processing of data for advertising purposes
In individual cases, we process your personal data for the purpose of direct advertising. You have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to proﬁling insofar as it is related to such direct advertising. If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes.
D. Final Provisions
(1) We have taken technical and organizational security measures in accordance with Art. 24, 32 GDPR to protect your personal data from loss, destruction, manipulation and unauthorized access. All our employees and all third parties involved in data processing are obliged to comply with the requirements of the GDPR and the confidential handling of personal data.
(2) SSL or TLS encryption: This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
We reserve the right to change our security and data protection measures, insofar as this becomes necessary due to technical development, the expansion of our services or legal changes. In these cases, we will also adapt our data protection declaration accordingly. Please therefore note the current version of our data protection declaration.