Image

Welb & Söhne Plant engineering – Data privacy statement


Data privacy statement

With the following notes, we give you a simple overview of what happens to your personal data (hereinafter referred to in short as “data”) if you visit our online offering and the websites, functions and contents linked with it as well as external Internet presences (social media profiles) (hereinafter referred to as “online offering”).

Personal data is all the data with which you can be identified personally. You can find detailed information on data privacy from our data privacy statement given under this title. Should you have queries related to the terminologies used, such as “processing” or “responsible party”, we refer you to the definitions in Article 4 of the General Data Protection Regulation (GDPR). Data is processed on this website by the following responsible website owner:

R
esponsible data controller

Responsible data controller within the meaning of § 3 paragraph 7 of Federal Data Protection Act (BDSG) as well as service providers within the meaning of § 13 Tele-media Act (TMG) is:


HEINRICH WELB & SÖHNE
Dosier- und Verwiegetechnik GmbH

 

Head office
Siemensstraße 14
63165 Mühlheim / Main
Tel: +49 (0)6108-97940

Contact: info@welb.de
Chief Executive Officer:

Dipl. Betriebswirt (MBA) Matthias Wörner
VAT ID no. DE113555854


Your rights

You are entitled to the following rights with respect to us regarding personal data related to you:

  • the right of access,
  • the right to restriction of processing of data,
  • the right to rectification and erasure of data,
  • the right to object to processing of data,
  • the right to data portability


Summary: You have the right to obtain information about the origin, recipient and purpose of your personal data stored, free of charge and at any time. Apart from that, you have the right to demand the rectification, blocking or ersaure of this data, provided this erasure does not oppose the rights and duties of third parties, e.g. our duty to store invoices. You can get in touch with us at any time for this purpose as well as other queries related to data privacy at the address given in the imprint of this website. Furthermore, you are entitled to a right to appeal with the competent supervisory authority.

Data collection on the website:

Your data shall be collected, for one thing, because you share it with us. An example of this is the data that you enter in a contact form. Other data shall be collected automatically by our IT system when you visit the website. This is primarily technical data (e.g. Internet browser, operating system or time of accessing the webpage). This data is collected automatically as soon as you access our website.

Types of processed data:

  • User data (e.g. name, address that you enter in our contact form or share with us otherwise)
  • Contact data (e.g. email address, phone number that you enter in our contact form or share with us otherwise)
  • Content data (e.g. text entries, photos or videos that you enter in our contact form or submit to us otherwise)
  • Usage data (e.g. websites visited, interest in contents, access times)
    Meta / Communication data (e.g. device information, IP addresses)


We have a legitimate interest in data processing in fulfilling a contract with you.

Categories of data subjects

Visitors and users of the online offering – we also collectively refer to the data subjects as “users” hereinafter.


Purpose of processing

A part of the data is collected to guarantee flawless and secure provision of the website. Other data can be used for analysis of your user behaviour. We process your data for:

  • Provision of online offering, its functions and contents
  • Responding to contact requests and communication with users
  • Safety measures
  • Measuring the reach/marketing purposes


The aforementioned data is also stored in the so-called log files on the servers of company, which we have commissioned with web hosting of our Internet site(s). This data is not stored along with other personal data. Collection and temporary storage of IP addresses are necessary to facilitate the display of our website on your terminal device. For this, your IP address must be stored for the duration of the visit to our website. The storage in log files serves to ensure the functioning and optimisation of our website and to ensure the safety of our information technology systems. This data is not analysed for the purposes of marketing.

The data described in this paragraph, which serves in the provision of our website, is deleted when you exit our website. Collection of the above data for provision of our website and storage of this data in log files are mandatory for the operation of our website. There is no option of objection.

We have a legitimate interest in data processing in the purposes mentioned here.

Revocation of your consent

Many data processing operations are feasible only with your express consent. You can revoke consent that you have already given at any time. Sending us wordinformal email communication to us is sufficient. The legality of the data processing that has happened until the revocation shall remain unaffected by the revocation.

Right to data portability

You have the right to have the data that we automatically process based on your consent or to fulfil the contract handed over to you or a third party in a conventional, machine-readable format. If you demand the direct transfer of the data to other responsible parties, this shall happen only to the extent it is technically feasible.

SSL or TLS encryption

This site uses SSL or TLS encryption for security and for the protection of transfer of confidential contents such as orders or queries, which you send to us as website operator. You can identify an encrypted connection by the fact that the browser’s address bar switches from “http://” to “https://” and by the lock symbol in your browser line.

If SSL or TLS encryption is enabled, the data that you submit to us cannot be read by third parties. That is how it is technically planned. A voluntary recommendation, which goes beyond the information obligations of GDPR: Irrespective of the SSL encryption of our Internet site, we recommend you to strictly not transfer any sensitive information about yourself via email or elsewhere online. The safest way to do this is in person. Therefore, please restrict your information to general data such as preferred date and confirmation of date. 

Information, blocking, deletion

Within the framework of the applicable legal provisions, you have the right to free information at any time about your personal data that is stored, its origin and recipient and the purpose of data processing and, as required, a right to rectification, blocking and erasure of this data. You can get in touch with us at any time for this purpose as well as other queries related to personal data at the address given in the imprint. The customer data that is collected is deleted after the completion of the order or termination of the business relationship. Legal retention periods shall remain unchanged.

Objection to promotional mails

We hereby object to the use of contact data disclosed in the context of obligation to provide imprint for sending promotion and information material that has not been expressly requested. The operators of the webpages expressly reserve the right to take legal steps if unsolicited promotional information is sent, for instance, through spam emails.

Terminology used

“Personal data” is all the information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”); a natural person, who can be identified directly or indirectly, especially by means of allocation to an identifier such as a name, an ID number, location data, online identifier (e.g. cookie) or one or more special features, which are the manifestation of physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person, is considered as identifiable.

“Processing” is any operation carried out with or without the help of automated procedure or any such set of operations in connection with personal data. The term is all-encompassing and covers practically any handling of data.

The natural or legal person, agency, institutions or other authority, which alone or along with others decides on the purposes and means of processing of personal data, is called as the “responsible party”.

Relevant legal bases

According to Article 13 GDPR, we hereby inform you of the legal basis of our data processing. Provided the legal basis is not explicitly and/or separately mentioned in the data privacy statement, the following is applicable: The legal basis for obtaining consent is the Article 6 paragraph 1 lit. a and Article 7 of GDPR, for processing to fulfil our performances and execution of contractual measures as well as answering queries, it is Article 6 paragraph 1 lit. b of GDPR, for the processing to fulfil our legal obligations, Article 6 paragraph 1 lit. c of GDPR forms the legal basis and for the processing to protect our legitimate interests, it is Article 6 paragraph 1 lit. f of GDPR. If the vital interests of the data subject or another natural person make the processing of personal data necessary, the Article 6 paragraph 1 lit. d of GDPR serves as the legal basis.

Cooperation with processors and third parties

If we reveal the data to other persons and companies (processors and third parties) as a part of our processing, transfer the data to them or grant them access to the data otherwise, this shall take place only on the basis of legal permission (e.g. if a transfer of data to third parties such as payment service providers is necessary for fulfilment of the contract as per Article 6 paragraph 1 lit. b of GDPR), or if you have consented, or a legal obligation stipulates this or on the basis of our legitimate interests (e.g. when employing agents, web hosting agencies, etc.). Based on Article 28 of GDPR, we can entrust third parties with the processing of data based on a “Order processing contract” (abbreviated: AV or ADV or AVV).

Transmission to third-party countries

If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or this happens as a part of utilisation of services of third parties or disclosure or transmission of data to third parties, it shall be only if it happens for fulfilling our (pre-)contractual duties, based on your consent, owing to legal obligations or on the basis of our legitimate interests. Subject to legal or contractual permits, we process or have the data processed in a third country only in the presence of special prerequisites of Article 44 et. seq. of GDPR. This means that the processing takes place e.g. on the basis of special guarantees, such as the officially recognised statement of a data privacy standard corresponding to the EU (e.g. the “Privacy Shield” for the USA) or observing the officially recognised special contractual obligations (so-called “Standard contractual clauses”).

Rights of the data subjects

You have the right to demand confirmation of whether relevant data is processed and right to information about this data as well as other information and copy of the data according to Article 15 of GDPR.

On the basis of Article 16 of GDPR, you have the right to demand the completion of the data related to you or the rectification of incorrect data related to you.

According to Article 17 of GDPR, you also have the right to demand that the relevant data be immediately erased or you can alternatively demand a restriction of processing of the data according to Article 18 of GDPR. The data is deleted after the completion of the order or termination of the business relationship. Legal retention periods shall remain unaffected by this right.

You have the right to request to obtain the data related to you, which you have provided to us, according to Article 20 of GDPR and to request the transmission of that data to another responsible party.

Besides that, you have the right to lodge a complaint with the competent supervisory authority. You can find a list of data protection officers of the federal states as well as their contact data on the website at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Right of revocation

You have the right to revoke the granted consents with effect for the future. Legal retention periods shall remain unchanged.

Right to objection

You can object to the future processing of the data related to you at any time if and when required. You can easily object to processing for the purposes of direct promotion.

Cookies and right to objection to direct promotion

The Internet sites use cookies to some extent. Cookies do not cause any harm to your computer and do not contain viruses. Cookies serve to make our offering more user-friendly, effective and secure. Cookies are small text files that are filed on your computer and saved by your browser.

Most of the cookies we use are what are called as “session cookies”. They are automatically deleted after you end the visit to our site. Other cookies remain saved on your terminal device until you delete them. These cookies enable us to recognise your browser on your next visit.

You can change your browser settings so that you shall be informed of placement of cookies and you permit cookies only in individual cases, you exclude acceptance of cookies for certain cases or generally and enable the automatic deletion of cookies upon closing the browser. The functionality of this website may be restricted if cookies are disabled.

Cookies necessary for execution of electronic communication or provision of certain functions requested by you are stored on the basis of Article 6 paragraph 1 lit. f of GDPR. The website owner has a legitimate interest in saving cookies for technically error-free and optimised provision of its services. If other cookies (e.g. cookies for analysis of your websurfing behaviour) are saved, they are handled separately in this data privacy statement.

We can use temporary and permanent cookies and shall clarify about it as a part of our data privacy statement.

If you, as a user, do not want cookies to be stored on your computer, you are requested to disable the relevant option in the system settings of your browser. Saved cookies can be deleted in the browser’s system settings. The exclusion of cookies can lead to wide-ranging functional restrictions in this online offering.

Erasure of data

The data that we process is erased or restricted in its processing according to the Articles 17 and 18 of GDPR. Unless expressly stated as a part of this data privacy statement, the data saved with us is erased as soon as it is no longer required for its intended purpose and the deletion does not oppose any legal duties of retention. If the data is not erased because it is necessary for other legally permissible purposes, its processing is restricted, i.e. the data is blocked and not processed for other purposes. This applies, for example, to data that must be stored for reasons of commercial and tax laws.

According to the legal specifications in Germany, the storage is especially for 6 years as per § 257 paragraph 1 of the Commercial Code (HGB) (trading books, inventories, opening balances, annual financial statements, commercial correspondences, vouchers, etc.) and for 10 years as per § 147 paragraph 1 of the Tax code (AO) (accounts, records, status reports, vouchers, commercial and business correspondences, tax relevant documents, etc.)

Business related processing

We additionally process:

  • Contractual data (if you have concluded a contract with the Internet site operator) and
  • Payment data (e.g. bank details, payment history) of our customers / clients, interested parties and business partners for the purpose of rendering contractual performances, service and customer care, marketing, promotion and market research.

The business related processing of data is our legitimate interest.

Collection of access data and log files

We or our hosting service collects access data and log files about each access on the server on which this service is located (so-called server log files), on the basis of our legitimate interests. Access data includes name of the website accessed, file, data and time of access, data volume transmitted, notification of successful access, browser type plus version, operating system of the user, referrer URL (the previous site visited), IP address and requesting provider.

Log file information is saved for the duration of a maximum of 7 days for security reasons (e.g. for clarification of acts of misuse and frauds) and then deleted afterwards. Data, which must be stored for evidential purposes, is exempted from deletion until the conclusive clarification of the respective incident. This data is not merged with other sources of data.

The data processing is based on Article 6 paragraph 1 lit. b of GDPR, which authorises the processing of data to fulfil a contract or pre-contractual measures.

Rendering contractual services

We process user data (e.g. name and address as well as contact data of users), contractual data (e.g. availed services, names of contact persons, payment information) for the purpose of fulfilling our contractual obligations and services as per Article 6 paragraph 1 lit. b. of GDPR. The entries marked as mandatory in the online form are necessary for concluding the contract.

As a part of availing of our online services, we save the IP address and the time of the respective user operation. We save the data for our legitimate interest as well as the user’s interest in protection against misuse and other unauthorised usage. The data is generally not passed on to third parties, except when it is necessary to pursue our claims or when there is a legal obligation for passing on the data as per Article 6 paragraph 1 lit. c of GDPR.

We process usage data (e.g. the websites of our online offering visited, interest in our products) and content data (e.g. entries in the contact form or user profile) for promotional purposes in a user profile, to show the user e.g. product information based on the services you have availed till now.

The data is deleted after the legal guarantee and other similar obligations have lapsed and the necessity of data storage is reviewed every three years; in case of legal obligations to archive data, the deletion is after the obligation period lapses. Information in any customer account remains there until its deletion.

Contacting

In case of contacting us (e.g. by contact form, email, phone or via social media), the user information is processed in order to handle the contact request and its settlement as per Article 6 paragraph 1 lit. b) of GDPR. The user’s information can be stored in a customer relationship management system (“CRM” system) or an equivalent query set-up.

If you send us requests using the contact form, your information from the request form including the contact that you gave there shall be saved for the purpose of processing the query and if there are any follow-up questions. We do not pass on this data without your consent.

The data entered in the contact form is thus processed exclusively on the basis of your consent (Article 6 paragraph 1 lit. a of GDPR). You can revoke this consent at any time. Just an informal email communication to us will also do. The legality of the data processing operations that have happened until the revocation shall remain unaffected by the revocation.

The data that you entered in the contact form shall remain with us until you request us to delete it, revoke your consent for storage or the purpose of data storage is not applicable (e.g. after the handling of your request is complete). Mandatory legal provisions –

especially retention periods – shall remain unchanged.

We delete the requests as long as they are no longer necessary. We review the necessity every two years, furthermore, the legal obligations to archive are applicable.

 

Integration of services and contents of third party

We insert content and service offers of third party providers within our online offering for our legitimate interests (i.e. interests in analysis, optimisation and economic operation of our online offering within the meaning of Article 6 paragraph 1 lit. f of GDPR), in order to integrate their contents and services such as videos or fonts (hereinafter together referred to as “contents”).

This always requires that the third party provider of these contents detect the IP address of the user since they could not send the contents to the user’s browser without the IP address. The IP address is thus necessary for displaying these contents. We endeavour to use only those contents, whose respective providers use the IP address solely to deliver the contents. Furthermore, third party providers can use pixel tags (invisible graphics, also called as ‘web beacons’) for the purpose of statistics or marketing. Information such as the visitor traffic on the webpages of this website can be evaluated by the ‘pixel tags’. The pseudonymous information can be further stored in cookies on the user’s device and can contain technical information of the browser and operating system, referring websites, visiting time as well as other information on the use of our online offering and the cookies can also be linked with other information from other sources.

YouTube

We embed videos from the ‘YouTube’ platform of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Data privacy statement: https://www.google.com/policies/privacy/, Opt-out: https://adssettings.google.com/authenticated.

If you visit one of our webpages furnished with a YouTube plugin, a connection is established to the YouTube servers. In doing so, the YouTube server is informed of which of our webpages have you visited.

If you are logged in to your YouTube account, you allow YouTube to allocate your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account.

The use of YouTube is in the interest of an appealing representation of our online offerings. This constitutes a legitimate interest within the meaning of Article 6 paragraph 1 lit. f of GDPR.

You can find more information about the handling of user data in the data privacy statement of YouTube under: https://www.google.de/intl/de/policies/privacy.

 

Google Fonts

We embed fonts (“Google Fonts”) of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Data privacy statement: https://www.google.com/policies/privacy/, Opt-out: https://adssettings.google.com/authenticated. While accessing a webpage, your browser loads the required web fonts in your browser cache, to display the texts and fonts properly.

For this purpose, the browser that you use must contact the servers of Google. Google becomes aware through this that our website was accessed via your IP address. The use of Google Web Fonts is in the interest of a uniform and appealing representation of our online offerings. This constitutes a legitimate interest within the meaning of Article 6 paragraph 1 lit. f of GDPR.

If your browser does not support web fonts, your computer uses a standard font.

You can find more information about Google Web Fonts under: https://developers.google.com/fonts/faq and in the data privacy statement of

Google: https://www.google.com/policies/privacy/.

Please publish modules in offcanvas position.