PRIVACY POLICY

Status: 18.11.2020

KWM Karl Weisshaar Ing. GmbH Blechbearbeitung (short: KWM WEISSHAAR) appreciates your visit to our website and your interest in our company and our products. We take the protection of your private data very seriously and treat it with the utmost care and confidentiality. We only use this data in accordance with the applicable data protection regulations.

COLLECTION, PROCESSING AND USE OF PERSONAL DATA

It is possible to visit our website without providing any personal details. However, access data such as the date and time of access, request details and destination address, name of the file accessed and amount of data transferred, notification of whether the access was successful and IP address are stored for statistical data collection purposes. In some situations, such as when contacting us, we require personal data from you in order to process your enquiry correctly. This information includes customer number, surname, first name, company, street, postcode, city, e-mail address and telephone number. However, we only collect this personal data if you provide it to us voluntarily by filling in the relevant forms (contact form, information request, online enquiry). Against this background, you are completely free to fill in such forms. The data provided in this way will only be used to the extent necessary, for example to answer your enquiries, process your orders or provide you with access to certain information. If necessary, your data may be passed on within the KWM WEISSHAAR group of companies. Your data will not be passed on to third parties without your express consent.

USE OF COOKIES

We use so-called "cookies" to collect and store data, which serve to make our website more user-friendly, effective and secure overall. Cookies also enable us to measure the frequency of page views and general navigation. Cookies are small text files that are stored on your computer system. We would like to point out that some of these cookies are transferred from our server to your computer system, most of which are so-called "session cookies". "Session cookies" are characterised by the fact that they are automatically deleted from your hard drive at the end of the browser session. Other cookies remain on your computer system and enable us to recognise your computer system on your next visit (so-called persistent cookies). You can set your internet browser so that our cookies cannot be stored on your end device or cookies that have already been stored are deleted.

PRIVACY POLICY FOR ETRACKER ANALYTICS

We use the services of etracker GmbH from Hamburg, Germany (www.etracker.com) to analyse usage data on this website. Cookies are used to statistically analyse the use of this website by its visitors and to display usage-related content or advertising. etracker cookies do not contain any information that enables a user to be identified. The data generated with etracker is processed and stored by etracker on our behalf exclusively in Germany and is therefore subject to strict German and European data protection laws and standards. etracker has been independently audited and certified in this respect and has been awarded the ePrivacyseal data protection seal of approval. Data processing is carried out on the legal basis of Art. 6 para. 1 lit f (legitimate interest) of the EU General Data Protection Regulation (EU GDPR). Our legitimate interest lies in the optimisation of our online offering and our website. As the privacy of our visitors is particularly important to us, the IP address is anonymised before it is stored or further processed. Login or device identifiers are converted by etracker into a unique key that is not assigned to a person. No other use, merging with other data or forwarding to third parties is carried out by etracker.

You can find further information on data protection at etracker here.

LINKS TO OTHER WEBSITES

Our website may contain links to websites of other providers. If you click on such a link on the website, we unfortunately no longer have any influence on the collection, processing and use of your data by third parties. Therefore, we cannot accept any responsibility for this.

E-MAILING

Communication by e-mail can have security gaps. E-mails can be intercepted and viewed by experienced Internet users on their way to KWM WEISSHAAR employees. If KWM WEISSHAAR receives an e-mail from you (e.g. via a contact form), it is assumed that KWM WEISSHAAR is also authorised to reply by e-mail. Otherwise, another form of communication should be considered.

PROTECTION OF MINORS

Persons under the age of 16 may not transmit any personal data to us without the consent of their parents or legal guardians.

SECURITY

We have taken technical and organisational security measures to protect your personal data from loss, destruction, manipulation and unauthorised access. All our employees and all third parties involved in data processing are obliged to comply with the Federal Data Protection Act and to handle personal data confidentially. When personal data is collected and processed, the information is transmitted in encrypted form to prevent misuse of the data by third parties. Our security measures are continuously revised in line with technological developments.

CHANGES TO OUR DATA PROTECTION PROVISIONS

We reserve the right to change our security and data protection measures if this becomes necessary due to technical developments. In such cases, we will also adapt our data protection information accordingly. Please therefore refer to the latest version of our data protection agreement.

STORAGE OF DATA

Your personal data will only be stored for the duration of the processing of your enquiry or order, unless there is a legal retention period, technical or organisational requirements or other legal obligations to the contrary.

META-PIXEL (FORMERLY FACEBOOK PIXEL)

This website uses the Facebook/Meta visitor action pixel to measure conversions. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the data collected is also transferred to the USA and other third countries.

This allows the behaviour of site visitors to be tracked after they have been redirected to the provider's website by clicking on a Facebook ad. This allows the effectiveness of Facebook ads to be evaluated for statistical and market research purposes and future advertising measures to be optimised.

The data collected is anonymous for us as the operator of this website; we cannot draw any conclusions about the identity of the user. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes in accordance with the Facebook Data Usage Policy(https://de-de.facebook.com/about/privacy/). This enables Facebook to place adverts on Facebook pages and outside of Facebook. This use of the data cannot be influenced by us as the site operator.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. Consent can be revoked at any time.

If personal data is collected on our website with the help of the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 GDPR). The joint responsibility is limited exclusively to the collection of the data and its transfer to Facebook. The processing carried out by Facebook after forwarding is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in an agreement on joint processing. You can find the wording of the agreement at: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing data protection information when using the Facebook tool and for the secure implementation of the tool on our website in accordance with data protection law. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g. requests for information) regarding the data processed by Facebook directly with Facebook. If you assert your data subject rights with us, we are obliged to forward them to Facebook.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.

You can find further information on protecting your privacy in Facebook's privacy policy: https://de-de.facebook.com/about/privacy/.

You can also deactivate the remarketing function "Custom Audiences" in the settings for adverts at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. You must be logged in to Facebook to do this.

If you do not have a Facebook account, you can deactivate usage-based advertising from Facebook on the website of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/.

The company is certified in accordance with the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnywAAC&status=Active

We have integrated Facebook Conversion API on this website. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the data collected is also transferred to the USA and other third countries.

Facebook Conversion API enables us to record the website visitor's interactions with our website and pass them on to Facebook in order to improve advertising performance on Facebook.

In particular, the time of the call, the website called up, your IP address and your user agent and, if applicable, other specific data (e.g. products purchased, value of the shopping basket and currency) are recorded. You can find a complete overview of the data that can be collected here: https://developers.facebook.com/docs/marketing-api/conversions-api/parameters.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. Consent can be revoked at any time.

As far as personal data is collected on our website with the help of the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 GDPR). The joint responsibility is limited exclusively to the collection of the data and its transfer to Facebook. The processing carried out by Facebook after forwarding is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in an agreement on joint processing. The text of the agreement can be found at: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the data protection information when using the Facebook tool and for the secure implementation of the tool on our website in accordance with data protection law. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g. requests for information) regarding the data processed by Facebook directly with Facebook. If you assert your data subject rights with us, we are obliged to forward them to Facebook.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.

You can find further information on protecting your privacy in Facebook's privacy policy: https://de-de.facebook.com/about/privacy/.

The company is certified in accordance with the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnywAAC&status=Active

Order processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract prescribed by data protection law, which ensures that the provider processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

FACEBOOK CUSTOM AUDIENCES

We use Facebook Custom Audiences. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

When you visit or use our websites and apps, take advantage of our free or paid offers, transmit data to us or interact with the Facebook content of our company, we collect your personal data. If you give us your consent to use Facebook Custom Audiences, we will transmit this data to Facebook, which Facebook can use to display suitable advertising to you. Your data can also be used to define target groups (lookalike audiences).

Facebook processes this data as our processor. Details can be found in the Facebook user agreement: https://www.facebook.com/legal/terms/customaudience.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. Consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/terms/customaudience and https://www.facebook.com/legal/terms/dataprocessing.

The company is certified in accordance with the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnywAAC&status=Active

YOUR RIGHTS AS A DATA SUBJECT

You have various rights as a data subject under the General Data Protection Regulation. Further details can be found in Articles 15 to 18 and 21 of the General Data Protection Regulation:

Right to information

You can request information about your personal data processed by us. In your request for information, you should describe your request in detail to make it easier for us to compile the necessary data.

Right to rectification

If the information concerning you is not (or no longer) correct, you can request a correction. If your data is incomplete, you can request that it be completed.

Right to erasure

You can request the erasure of your personal data. We will then immediately erase data that we have received from you on the basis of your consent in accordance with Art. 6 (1) (a). Data that we process on the basis of Art. 6 para. 1 lit. c or e can only be deleted when they are no longer required for the fulfilment of our legal tasks, after expiry of the periods applicable to the retention of documents under the Records Directive.

Right to restriction of processing

You have the right to request that the processing of data concerning you be restricted. The restriction does not prevent processing if there is an important public interest in the processing.

Right to object

You have the right to object, on grounds relating to your particular situation, at any time to processing of data concerning you. However, we cannot comply with this if there is an overriding public interest in the processing or if a legal provision obliges us to process the data.

Right to lodge a complaint

You have the right to lodge a complaint with the supervisory authority (BfDI) if you believe that the processing of your personal data violates the GDPR. The supervisory authority will inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.

CONTACT OR CONTACT PERSON FOR DATA PROTECTION

If you have any questions about these data protection provisions, the personal data stored about you or for the purpose of revoking consent, please contact

KWM Karl Weisshaar Ing. GmbH
Sheet metal working
Zwingenburgstraße 6-8
74821 Mosbach
Telephone: +49 (0) 6261 945-0
Telefax: +49 (0) 6261 17568
datenschutz@kwm-weisshaar.de
www.kwm-weisshaar.de