Willenbrock Fördertechnik GmbH welcomes you to their website. Below you will find information on the type, scope and purpose of collecting and processing personal data.
Personal data is specifics related to personal or factual circumstances of an identified or identifiable natural person. These include e.g. information such as name, postal address, e-mail address or telephone number, and possibly user data such as your IP address.
The controller is Willenbrock Fördertechnik GmbH, Managing Director: Ulrike Meyer, Senator-Bömers-Straße 1, 28197 Bremen, E-Mail: email@example.com, Bremen Local Court, HRB no. 14604 HB.
b. Company data protection officer
You can e-mail our company’s data protection officer at: firstname.lastname@example.org.
c. Purposes for which personal data is processed and legal basis for processing
aa. Which data categories do we use and where is it sourced?
When visiting our website, we collect and store temporary general technical information, e.g. the website from which you are visiting us or the time and duration of your visit.
Additional personal data such as e-mail address, name, address is only collected when provided voluntarily, for instance when submitting an inquiry through out contact form or when registering for our extranet.
bb. For which purposes is data processed?
The general technical information we collect and store temporarily when visiting website, e.g. the website from which you are visiting us or the time and duration of your visit are is anonymised by us and analysed for statistics purposes and used exclusively to improve the appeal, contents and functionalities of our website.
When providing us with additional information in specific cases, this is treated as confidential in compliance with the applicable data protection regulations. We only process this additional personal data to correspond with you to submit the requested documentation or information, or for other purposes specified in the respective form.
If you subscribed to our newsletter, we use the so-called double opt-in process. Meaning after providing your e-mail address we send a confirmation e-mail to the address provided to confirm you wish to receive the newsletter. If this is not confirmed, your subscription is automatically erased. If you confirm your newsletter subscription, your e-mail address will be stored until you unsubscribe the newsletter. It is only stored for the purpose of sending you the newsletter. Our newsletter is sent through our service provider CleverReach GmbH & Co. KG (also see list of service providers under item 4).
The e-mail addresses of our recipients as well as the types of data described are exclusively stored on certified servers of CleverReach within the European area. We use this information to send and analyse newsletter use and to optimise the service. The data will not be used by CleverReach independently, for instance to contact you, and will not be disclosed to third parties. Sending our newsletter allows us to analyse user behaviour. The newsletters we send use web-beacons for this purpose. This take place by collecting the IP address, time of request, contents of the request, access status, the data volume transmitted, browser, operating system and interface, as well as web-beacons, which are matched with your e-mail address and linked to its own ID. The ID is not linked to the data provided by you, ruling out a direct reference to a person.
If we intend to process your personal data for a purpose not specified there, we will notify you beforehand.
cc. What is the legal basis for processing your personal data?
We process your personal data in compliance with the regulations of the European General Data Protection Regulation (GDPR), the Federal Data Protection Act NEW (BDSG) as well as any other applicable laws on the processing of personal data.
The specific legal basis for data processing depends on the context and the purposes for which we received your personal data.
aaa. Based on your consent (Article 6(1)(a) GDPR)
If you have given us your voluntary consent to collect, process and transmit certain personal data, this consent forms the legal basis for processing this data.
In the following cases we will only process your personal data based on your consent:
bbb. For the performance of a contract (Article 6(1)(b) GDPR)
We use your personal data to perform the contract.
Within this contractual relationship we will particularly process your data for the following activities:
ccc. To satisfy legal obligations (Article 6(1)(c) GDPR) or in the public interest (Article 6(1)(e) GDPR)
As a business, we have various legal obligations. Meeting these obligations may require processing personal data.
ddd. Based on legitimate interest (Article 6(1)(f) GDPR)
In certain cases we process your data to safeguard a legitimate interest of ours or of third parties.
d. Recipients or categories of recipients of personal data
Within our company, only persons and departments responsible for the respective process receive personal data. We have a clear assignment of business and authorisation concepts for this purpose.
The data may also be transmitted to service providers for the above purposes. Involving service providers is e.g. necessary to manage and maintain IT systems or to send our newsletter. The list of all service providers processing data on our behalf can be found under item 4 or downloaded or can on request also be sent to you.
In addition, personal data may be transmitted to other recipients where required to meet contractual or legal obligations (e.g. to supervisory, tax, customs authorities and/or social insurance carriers).
Your data may also be forwarded to third-party companies if we have stipulated with you by contract that your purchase order is to be fulfilled by the third-party company.
e. Transmission of personal data to third countries
We do not intend to transmit your personal data to a third country or an international organisation.
2. We further offer the following information necessary to ensure fair and transparent processing:
a. We process and store your personal data only for the time period required to achieve the purpose of storage or if prescribed under European legislative bodies or another legislator in laws and directives/regulations the controller is subject to.
In the event that the purpose of storage no longer applies, or a limitation period prescribed by the European legislative bodies or any other competent legislator expires, the personal data is routinely blocked or erased in accordance with the legal provisions.
b. You have the following rights:
aa. The right of access (Article 15 GDPR):
You have the right: you have the right to at any time receive free information about the personal data concerning you we store as well as to receive a copy of this information.
You have the right to obtain the following information:
bb. The right to correction (Article 16 GDPR)
You have the right to request the prompt correction of personal data concerning you. You further have the right, taking into account the purposes of processing, to request to have incomplete personal data completed, including by means of providing a supplementary statement.
To exercise this right to correction, please contact our data protection officer or any other employee at any time.
cc. The right to erasure (Article 17 GDPR)
You have the right to request us to promptly erase the Personal data concerning you if one of the following reasons applies and provided processing is not required:
The personal data was collected for purposes or processed in other ways for which it is no longer required;
You withdraw your consent on which processing is based as per Article 6(1)(a) GDPR or Article 9(2)(a) GDPR and there is no other legal basis for processing;
You object to processing as per Article 21(1) GDPR and there are no other overriding legitimate reasons for processing, or you object to processing as per Article 21(2) GDPR;
Personal data was processed unlawfully;
The erasure of personal data is required to meet a legal obligation according to EU law or the law of member states which the controller is subject to.
The personal data was collected with regard to the offered services by the information society as per Article 8(1) of the GDPR.
If one of the above reasons applies and you would like to have the personal data we have stored erased, you may contact our data protection officer at any time. The data protection officer will have the request for erasure processed promptly.
If we published the personal data and our company as the controller is required to erase the personal data as per Article 17(1) GDPR, we are obliged to take suitable measures, taking into account the available technology and implementation costs, including of a technical nature, to notify other processors processing the published personal data that you have requested said others responsible for data processing to erase all links to this personal data or copies or duplicates or this personal data if processing is processing not required. The data protection officer or another employee will take the necessary action in the specific case.
dd. The right to restrict processing (Article 18 GDPR)
You have the right to request us to restrict processing if one of the following requirements exist:
You are disputing the correctness of personal data, namely for a period which enables us to review the correctness of the personal data,
Processing is unlawful, you object to having the personal data erased and instead request restricted use of the personal data;
We no longer require the personal data for processing purposes, however you require it for establishment, exercise or defence of legal claims;
You have objected to processing as per Article 21(1) GDPR and it has not yet been determined if our legitimate interests override yours.
If one of the above requirements exist you wish to request restrict processing of personal data we have stored, you may contact our data protection officer at any time. The data protection officer will initiate the restriction of processing.
ee. The right to object to processing (Article 21 GDPR)
You have the right to object to the processing of personal data concerning you at any time, taking place based on Article 6(1) (e) or (f) GDPR for reasons relating to your particular situation. This also applies to profiling based on these provisions.
In the event of an objection, we will no longer process the personal data unless we can demonstrate compelling legitimate reasons for processing which override your interests, rights and freedoms, or processing serves the establishment, exercise or defence of legal claims..
If we process personal data for direct advertising purposes, you have the right to at any time object to the processing of personal data for the purposes of such advertising. This also applies to profiling, provided that it is connected to such direct advertising. If you object with us to the processing for direct advertising purposes, we will no longer use the personal data for these purposes.
You further have the right reasons relating to your particular situation to object to the processing of personal data concerning you which we have stored for scientific or historical research reasons or for statistical purposes as per Article 89(1) GDPR unless such processing is required to fulfil a task in the public interest.
To exercise the right to object you may contact the data protection officer directly or one of our other employees. Notwithstanding Directive 2002/58/EC, in connection with the use of information society services you have the option to exercise your right to object to the use of automated means that use technical specifications.
ff. The right to data portability (Article 20 GDPR)
You have the right to obtain the personal data concerning you which you provided us in a structured, commonly used and machine-readable format.
You further have the right to have this data transmitted to another controller without hindrance by us, provided processing is based on consent as per Article 6(1)(a) GDPR or Article 9(2)(a) GDPR or on a contract as per Article 6(1)(b) GDPR and data is processed using automated means, provided processing is not required to perform a task in the public interests or takes place in exercising public authority which was transferred to us.
When exercising your right to data portability as per Article 20 (1) GDPR you further have the right to have the personal data transmitted to another controller by us where technically feasible and this does not affect the rights and freedoms of other persons.
To exercise the right to data portability you may contact the data protection officer at any time.
gg. Withdrawing your consent
You have the right: to at any time withdraw your consent to the processing of personal data. To exercise your right to withdraw consent, you may contact our data protection officer at any time.
If you signed up to our newsletter using your email address, you may unsubscribe the newsletter using a link in the newsletter.
hh. The right to lodge a compliant with a supervisory authority (Article 77 GDPR)
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your residence, place of work or place of the alleged infringement, should you consider that the processing of your personal data infringes the provisions of the GDPR.
Our competent data protection supervisory authority is:
Die Landesbeauftragte für Datenschutz und Informationsfreiheit
Frau Dr. Imke Sommer Arndtstraße 1
Tel.: +49 421 3612010 or +49 471 5962010
Fax: +49 421 49618495
ii. Voluntary provision of personal data
You are not obligated to provide personal data to use our website. However, there are services for which we require personal data from you to e.g. provide you with information, e.g. newsletter or include you in an application process. To enter into a business relationship you must provide us with the personal data required for performance of contract or which we are required by law to collect. Without this data will be unable to provide the requested services. We only collect the necessary data.
jj. Automated individual decision-making, including profiling (Article 22 GDPR)
If we use purely automated processing in a specific case to make a decision – including profiling – we will notify you in the respective application.
3. Processing of personal data for other purposes
We do not intend to process personal data for any other purposes than that for which the personal data was collected.
4. List of service providers
We maintain a list of all service providers which may work for our company within the context of a contract. The purpose of this list is to create transparency on the processing of your personal data. The lists shows the service providers which process or use personal data on our behalf according to contract. The list shows, among others, those manufacturers commissioned with delivery, the carriers commissioned with delivery, the companies commissioned to send our newsletters, and/or payment services commissioned to process payments. The service providers are named specifically if their main task is to collect, process and use personal data. Service providers whose primary task is not to process personal data, such as waste management companies for paper waste and electronic data carriers, are only named as service provider categories. The same applies to service providers only commissioned occasionally. You can object to having your data transmitted to the service providers on the list in specific cases along with an explanation. We will then review if your personal situation overrides your legitimate interest in excluding transmission. Please note, the list contains all of our service providers. However, this does not mean your data will generally be transmitted to all service providers. You will find the Willenbrock list of service providers here
a. Google Analytics web analysis tool
This website uses Google Analytics, a web analysis tool of Google Ireland Limited, with registered office in Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google Analytics uses so-called cookies. The information about your use of the website generated by the cookie is typically transmitted to a Google server in the USA and stored there. However, by using IP anonymisation on this website, Google will truncate your IP address within member states of the European Union or in other states which are party to the Treaty on the European Economic Area. The full IP address will only be transmitted to a Google server in the USA and truncated there in exceptions. Google will use this information on our behalf to analyse the use of the website, generate reports on website activities and to provide us with additional services related to website use and internet use.
b. Google Tag Manager
However, the Google Tag Manager does not use this data. If you have changed your settings or otherwise blocked cookies, this applies to all tracking tags used by the Google Tag Manager, meaning the tool does not change your cookie settings. Google may request your permission to transmit some product data (e.g. your account information) to other Google products to enable certain functions, e.g. to make it easier to add new conversion tracking tags for AdWords.
Furthermore, Google developers occasionally review information about product use to further optimise the product. However, Google will never transmit this type of data to other Google products without your consent.
c. Adobe Typekit Web Fonts
This website uses so-called Web Fonts, provided by Adobe Typekit, to ensure a uniform display of fonts. When a web page is accessed, your browser adds the required web fonts in your browser cache in order to correctly display texts and fonts.
For this purpose the browser you are using must establish a connection to Adobe Typekit servers. This informs Adobe that our website was accessed from your IP address. Adobe Typekit Web Fonts are used in the interest of a uniform and appealing display of our online services.
6. Measures to protect your data
We take appropriate state-of-the-art technical and organisational safety measures to protect data against accidental or intentional manipulation, loss, destruction or unauthorised access. The dialogue forms on our website use SSL (Secure-Socket-Layer) encryption to protect your safety. This SSL connection protects your data from unauthorised third-party access during transmission. Please always use these dialogue forms for your protection. When sending us unencrypted data in form of a standard, unsecured e-mail, sending your data over the internet holds the risk of unauthorised access and modification.