We take the protection of your personal data very seriously. Processing is performed in compliance with the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (Bundesdatenschutzgesetz, "BDSG”). Through the information provided here, we would like to give you an overview of how our company processes your personal data, and about your rights under data protection law. Your personal data will not be communicated to any third parties for any purposes other than those described here.
1. Name and contact data of the controller
c/ Berguedà, esq. Maresme
Polígono Can Bernades-Subirá
08130 Santa Perpètua de Mogoda
Controller/contact information of the affiliated companies of the Wieland-Group and of-fices located in Germany and worldwide with their respective contact data are available here.
Data protection inquiries can be sent to the above address, for the attention of the Data Protection Officer, or by email email@example.com.
Our external data protection officer: www.kt-datenschutz.de.
2. Collection and storage of personal data, and the nature and purpose of its use
a) When visiting our website
When you visit our website www.wieland-cimsa.com, the browser of your terminal device will automatically send information to our website server. This information will be temporarily stored in a log file. The following information will be recorded without any intervention by you, and stored until it is automatically deleted:
- Request (file name of the requested file) (such as www.example.de/index.html)
- Browser type/version (such as Mozilla Firefox 33, Google Chrome, Safari)
- Browser language (e.g.: German)
- Applicable operating system (e.g.: Windows 10)
- Interim resolution of the browser window
- Screen resolution
- Java on/off
- Cookies on/off
- Colour depth
- Referrer URL (the previously visited page)
- Truncated IP address for geographical recognition
- Time of the access (time stamp)
- Where applicable, content of forms (in the case of free-text fields, such as “Name” and “Password", only the information “completed” or “not completed” will be communicated).
We will process the specified data for the following purposes:
- to guarantee smooth access to our website,
- to ensure our website is userfriendly,
- for the analysis of system security and stability and
- other administrative purposes, and in order to
- detect abuses and eliminate faults
b) When subscribing to our newsletter and white paper
SIf you have issued your explicit consent in accordance with Art. 6 (1) 1st sentence point a) GDPR, we will use your email address in order to send you our regular newsletter, or to send you a specific white paper. You only need to provide your email address to receive the newsletter. We will also use this for the confirmation mail as part of the double opt-in procedure, to verify that the owner of the email address has agreed to receive the newsletter.
You can cancel your subscription at any time, for example by using the link located at the end of each newsletter. Alternatively, you can of course send your cancellation request by email at any time to firstname.lastname@example.org. The data provided to us will only be transferred to our technical service providers and the partner companies that we use to perform the technical processes for sending our newsletter and whitepaper. However, in this case we will restrict the scope of the transferred data to the minimum necessary. Our service provider for delivering the newsletter is the Germany-based company sc-networks.com, which uses the Evalanche software. If the newsletter subscription is cancelled, your email address will be erased from our servers and from the servers of our service provider.
c) When using our contact form
For questions and queries of any kind, we offer you the option of contacting us using the form made available on this website. This requires you to enter a valid email address, in order that we can know who sent the inquiry, and how we can respond to it. Further information can be provided voluntarily. The processing of data for the purposes of making contact with us is performed in accordance with Art. 6 (1) 1st sentence point a) GDPR on the basis of the consent voluntarily provided by you. Once your inquiry has been fully resolved, we will erase the personal data collected using the contact form. This will be the case if the circumstances indicate that the relevant matter has been conclusively clarified, and provided there are no contrary statutory retention obligations.
d) When transferring your data by another means with your consent (Article 6 (1) a) GDPR)
SThe processing is lawful if you have consented to the processing of your personal data for specific purposes (such as communicating the contact data from your business card within the Wieland Group). Any consent issued may be revoked at any time. This also applies to revoking consents issued before the EU General Data Protection Regulation came into force, i.e. before 25 May 2018. Please note that this cancellation of consent has future effect. Data processing activities performed prior to the cancellation of the consent, are not affected. You may, at any time, contact us using the contact data set out above, to request information concerning the consents you have issued to us, and the personal data that has been processed.
3. Transfer of data
Your personal data will not be communicated to any third parties for any purposes other than those described here. We will pass your personal data onto third parties only if:
- In accordance with Art. 6 (1) 1st sentence point a) GDPR, you have given your explicit consent,
- In accordance with Art. 6 (1) 1st sentence point f) GDPR, the transfer is necessary for the purposes of the legitimate interests and there is nothing to indicate that such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data,
- In accordance with Art. 6 (1) 1st sentence point c) GDPR, the transfer is necessary for compliance with a legal obligation, and
- This is lawful and, in accordance with Art. 6 (1) 1st sentence point b) GDPR, is necessary for the performance of a contract with you.
If we provide links to thirdparty web pages, this process is performed by opening another browser window on your computer, to which your IP address and the target URL address (i.e. the target address of the destination website) are supplied. We have no knowledge of how these data are subsequently used on the thirdparty website; however, we have only provided links to those we deem to be trusted providers. The assurances contained in this Data Protection Notice therefore do not apply there, of course.
We use the following cookies for web controlling purposes:
- last click (for session time-out, lifetime: one session)
- session cookie (for session recognition, lifetime: one session)
- evercookie (for detecting new/existing customers, lifetime: 60 months/5 years
The majority of browsers accept cookies when configured as standard. However, you can con-figure your browser’s security settings to block cookies, or configure your browser to notify you when cookies are active. Of course, the data stored in our cookies will not be linked with your personal data (name, address, etc.).
If you do not want cookies to be stored on your computer, you will be asked to switch off the relevant option in your system’s settings. Cookies stored on your computer can erased using the system settings of the browser. Blocking cookies may lead to restrictions in the functions of this online site.
5. webtrekk.com Tracking Analysis Tool
We use the services of the German company Webtrekk GmbH, in order to collect data concerning the use of our website and to correspondingly optimise our online service. The tracking measures we employ are carried out on the basis of Art. 6 (1) 1st sentence point f) GDPR. Webtrekk GmbH always takes care that the collection and processing of tracking data is performed in accordance with the latest standards for data protection and data security.
This also ensures that data is not transferred abroad. We use these tracking measures to design our website in line with users’ needs, and to continuously optimise it. The access data is recorded anonymously here, so that no link can be made to a particular user. This is performed particularly through the anonymisation of the IP address. Only authorised persons have access to this anonymised data. These interests are legitimate within the definition of the regulations set out here.
The collection and storage of data by Webtrekk can be objected to at any time with effect for the future. For this purpose, please click on the following link:
By confirming the link, a so-called opt-out cookie will be set on your data carrier. Please note that if you delete all cookies on your computer, this opt-out cookie will also be deleted, i.e. if you wish to continue to object to data collection by Webtrekk, you will have to set the opt-out cookie again. The opt-out cookie is set per browser and device. If you visit our website at home and at work or with different browsers, you must activate the opt-out cookie in the different browsers or on the different devices.
Analysis-Tool Google Analytics
If you have given your consent, we use Google Analytics for web analysis on our website. With the help of Google Analytics, we investigate the user behaviour of visitors to our website in pseudonymised and anonymised form.
You can allow or prevent the usage of Google Analytics at any time by clicking the following button at the end of this part.
Alternatively, you can also use Google's browser plug-in, which prevents data collection by Google Analytics: http://tools.google.com/dlpage/gaoptout?hl=en.
5.1 The purpose of data processing is to measure the success of our websites. As well as to measure the satisfaction of our visitors and (potential) customers by (usage-based) optimization of our web offer by measuring the usage of our web offer.
5.2 In the context of the use of Google Analytics the following data is processed:
Google Analytics HTTP data
This is protocol data that is technically generated when using the web analysis tool Google Analytics via the Hypertext Transfer Protocol (Secure) (HTTP(S)) used on the website: This includes IP address, type and version of your Internet browser, operating system used, the page called up, the previously visited page (referrer URL), date and time of the call.
Google Analytics end device data
Data generated by the web analysis tool Google Analytics and assigned to your end device: This includes a unique ID for (re-)recognizing returning visitors (so-called "client ID") as well as certain technical parameters for controlling the data collection for web analysis.
Google Analytics measurement data
Device-related raw data (so-called "dimensions" and "measured values"), which are collected and analysed by the web analysis tool Google Analytics when using our website: This includes, above all, information about the sources through which visitors reach our website, information about the location, the browser and the end device used, information about the use of the website (in particular page views, frequency of visits and time spent on accessed pages) as well as information about the fulfilment of certain objectives. The data is assigned to the client ID assigned to your terminal device. This results in device-related usage profiles in which all device-related raw data is combined into a client ID. The data that we collect using Google Analytics does not enable us to identify you personally (i.e. by your civil name). We also do not merge the device-related raw data and the resulting device-related usage profiles with data that directly identifies you personally without your consent.
Google Analytics report data
Data contained in aggregated segment- and device-related reports generated by Google Analytics based on the analysis of device-related raw data.
Google Analytics provides us with four categories of reports: Target group (location, browser, devices used and other device-related data), acquisition (sources through which visitors reach the website), behavior (information on the call of contents of the website, in particular pages called up on the website, visiting time, bounce rate).
5.3 The legal basis for the processing is your consent within the meaning of Article 6 paragraph 1 letter a DS-GVO.
5.4 The data is provided automatically by the user's browser.
5.5 The recipient of the data is Google Ireland Limited (Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland).
5.6 We use Google Analytics with the so-called IP anonymization. This means that the IP address transmitted by the browser for technical reasons is made anonymous by truncation (deletion of the last octet of the IPv4 address or the last 80 bits of the IPv6 address) prior to storage. We store the remaining protocol data for a period of 14 months.
5.7 The provision of data is not required by law or contract or necessary for the conclusion of a contract. There is no obligation of the data subject to provide the data. In the event that the data is not made available, we cannot carry out web analysis using Google Analytics.
5.8 There is no automated decision making.
6. Content and services from Google Maps and Google Fonts and other third parties
For our online site, we use third-party content and services on the basis of our legitimate inter-est within the definition of Art. 6 (1) point f) GDPR.
In our case, the third-party content or services are maps or fonts from Google that we include on our individual pages (third-party content). This is always conditional on the third-party pro-viders knowing your IP address, as without it they could not be able to send their content to your browser. The IP address is therefore required in order to display such content. We make every effort to only use that content whereby the providers in question only use the IP address for the purpose of delivering the content. Third parties may use “pixel tags” (hidden graphics, also known as “web beacons”) for statistical or marketing purposes. These pixel tags can be used to evaluate information such as visitor traffic to pages on this website. The pseudonymous infor-mation may be stored in cookies on the user's device and may include, but is not limited to, technical information about the browser and operating system, referrer web pages, visit time, and other information regarding the use of our online site. Third-party providers and links to their privacy policies, which contain information on data processing, are listed here. Opt-out methods are available there.
Here are “Infochoices” providing you with transparency and options regarding your Google ac-tivities: https://www.google.com/policies/privacy/#infochoices.
7. Social Media Plug-ins
Our website does not include any provider-based social plug-ins to social networks; we only offer links to our profile on Facebook, Xing, LinkedIn and Twitter.
8.Storage, erasure and blocking of data
We process and store personal data in accordance with the principles of data avoidance and data economy, meaning only for the period necessary to achieve the purpose of the storage (such as responding to inquiries, performing contracts) or insofar as prescribed by legal regulations to which our company was subject.
Once the purpose for storage no longer exists, or the applicable statutory storage period has expired, the personal data will be routinely blocked or erased in accordance with the statutory regulations. The storage duration criterion is the relevant statutory retention period.
9. Rights of the data subject
Every data subject has the right,
- in accordance with Art. 15 GDPR, to obtain confirmation from us whether or not his per-sonal data is being processed. In particular, you may request information about the pur-poses of the processing, the category of the personal data, the categories of recipients to whom your data is or has been disclosed, the planned storage period, the existence of a right of rectification, erasure, to object to or limit the processing of your data, the exist-ence of a right to lodge a complaint, the origin of your data insofar as it was not collect-ed by us, about the existence of an automated decision-making process (including profil-ing) and any significant information regarding the details of this;
- in accordance with Art. 16 GDPR, to request that any incorrect or incomplete personal data belonging to you and which is stored by us be rectified without delay;
- in accordance with Art. 17 GDPR, to request that personal data belonging to you, and which is stored by us, be erased insofar as the processing of said data is not required for exercising the right to free expression of opinion and information, for fulfilling a legal requirement, and is not needed on the grounds of public interest or for the purposes of asserting, exercising or defending legal claims;
- in accordance with Art. 18 GDPR, to request that the processing of your personal data be limited insofar as you dispute the correctness of the data or the processing of said data is unlawful, but you do not wish for the data to be erased; in this case, the data are no longer required by us but are needed by you for the purposes of asserting, exercising or defending legal claims or you have objected to the processing of said data in accordance with Art. 21 GDPR;
- in accordance with Art. 20 GDPR, to request that your personal data provided to us be made available to you or another authorised party in a structured, standard and ma-chine-readable format;
- in accordance with Art. 7(3) GDPR, to revoke the consent that you previously provided to us, at any time. This means that in future we will not be permitted to continue pro-cessing the data based on this consent, and
- to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR. For this purpose you can contact the supervisory authority - State Commissioner for Data Protection - for your usual place of residence or work, or that of our company's main of-fice.
10. Right of objection
Insofar as your personal data is processed based on legitimate interests as defined under Article 6(1) 1st sentence f) GDPR, you have the right - in accordance with Art. 21 GDPR - to object to your personal data being processed, provided that there are grounds pertaining to your particular circumstances or that the objection is directed towards direct advertising. In the latter case, you have a general right of objection, which we will implement without the indication of any special circumstances.
If you wish to exercise your right to revoke consent or your right to object, simply send us an email to email@example.com. You may however us contact using any other informal means.
You can contact our external Data Protection Officer at www.kt-datenschutz.de.
11. Automated decision-making processes, including profiling
In principle we do not use any fully automated decisionmaking process according to Article 22 GDPR for the establishment and performance of business relationships with you. We will separately inform you if this is legally prescribed, and insofar as we use these processes in individual cases.
We process customer data using a partially automated method, for the purpose of evaluating certain personal aspects (profiling). For example, we use this method in the following cases: statutory regulations mean we are duty bound to combat money laundering and fraud. In this context, data analyses are performed in the area of payment transactions; this is also for your protection. It is only possible to send targeted information to our customers and to provide them with targeted advice about our frequently highly technical applications, if we are able to use suitable analysis tools, which enable us to deliver needs-based and customer-friendly communications, information and advertising, including market and opinion surveys. We may use scoring procedures for assessing the creditworthiness of our customers. At this point, mathematical-statistical methods are employed to calculate a probability, which enables the risk of non-payment to be assessed. Apart from the business relationship history with the company to date, information is also obtained on the contractually-compliant repayment of previous loans, as well as reports for credit agencies.
Information on the right to object in accordance with Article 21 EU General Data Protec-tion Regulation (GDPR)
1. Right to object in individual cases
For reasons pertaining to your particular situation, you have the right, at any time, to object to the processing of your personal data if this is based on Article 6 (1) point e GDPR (processing carried out in the public interest) and Article 6 (1) point f) GDPR (processing based on a weigh-ing-up of interests); this also applies to profiling within the definition of Article 4 (4) GDPR, which relies on this provision.
If you raise an objection, we will refrain from processing your personal data any further, unless we are able to present an imperative legitimate interest for the processing, which overrides your interests, rights and freedoms, of if the processing serves the purposes of asserting, exercising or defending legal claims.
2. Right to object to the processing of data for advertising purposes
In individual cases, but only if we are entitled to do so, we will process your personal data for the purpose of direct advertising. You have the right, at any time, to object to the processing of your personal data for the purposes of such advertising; this also applies to profiling activities, if this is linked with this type of direct advertising. If you raise an objection to processing for the purposes of direct advertising, we will no longer use your personal data for these purposes.
Your objection is not subject to any formalities and should be preferably sent to firstname.lastname@example.org. However, you can contact us by other means.
13. Other data protection queries
If you are unable to find answers here to any other questions, comments or queries regarding your personal data you may have, please contact us at email@example.com or contact our Data Protection Officer.