We maintain our web pages in accordance with the principles outlined below:
We undertake to comply with the statutory provision on data protection and strive to always take into consideration the principles of data avoidance and data minimisation.
1. Name and address of the Controller and the Data Protection Officer
The Controller within the meaning of the General Data Protection Regulation and other national data protection laws of the Member States of the European Union as well as other provisions under data protection law is:
WILKA Schließtechnik GmbH Represented by the Managing Director: Robert Schlieper Mettmannerstr.56- 64
Tel.: +49 (0)2051/20810
Fax: +49 (0)2051/2081151
The Data Protection Officer of the Controller is:
Dipl.Ing. Stefan Kock
2. Definition of terms
3. Legal basis for the processing of personal data We process your personal data such as your first and last name, your e-mail address and your IP address only if a legal basis for this exists. In accordance with the General Data Protection Regulation, three provisions, in particular, come into consideration:
a) You have provided us with your consent to the processing of your personal data for one or more purposes, Art. 6 Par. 1 S. 1 Lit. a GDPR. In connection with this, we will inform you in detail about the purpose and/or purposes of the processing and will document your explicit consent.
b) The processing of your personal data is necessary for the fulfilment of a contract or for carrying out pre-contractual measures with you, Art. 6 Par. 1 S. 1 Lit. b GDPR.
c) The processing of the personal data is necessary for maintaining our legitimate interests unless they are outweighed by your interests or basic rights or basic freedoms, Art. 6 Par. 1 S. 1 Kit. f GDPR.
But we will point out to you once more at the respective issues on which legal basis the processing of your personal data is being performed.
4. Passing-on of the personally identifiable information
A transfer of your personal data to third parties for purposes other than the following does not take place. We only pass your personal data on to third parties if:
a) You have given your explicit consent to this in accordance with Art. 6 Par. 1 S. 1 Lit. a GDPR;
b) the passing-on in accordance with Art. 6 Par. 1 S. 1 Lit. f GDPR is necessary for the establishment, exercise or defence of legal claims and if there is no reason to assume that you have an outweighing compelling legitimate interest in the non-passing-on of your data;
c) a legal obligation exists for the passing-on in accordance with Art. 6 Par. 1 S. 1 Lit. c GDPR;
d) this is legally permitted and necessary for the handling of contractual relationships with you in accordance with Art. 6 Par. 1 S. 1 Lit. b GDPR.
5. Duration of storage and erasure We are storing all personal data that you transmit to us only as long as they are needed to fulfil the purposes for which these data were transmitted, or as long as prescribed by law. Upon fulfilment of the purpose and/or expiration of the statutory retention period, we will erase or restrict the data.
6. SSL encryption
For security reasons and to protection the transmission of confidential contents, such as inquiries that you are sending to us as operators of the website, this website is using an SSL encryption. You can recognise an encrypted connection by the address line of the browser switching from "http://" to "https://" and by the lock symbol in your browser bar.
If SSL encryption is activated, the data that you transmit to us cannot be read by third parties.
7. Collection and storage of personal data as well as its type and purpose of utilisation
a) Upon visiting the website
When calling up our website, the browser in use on your end device automatically sends information to our website’s server. This information is temporarily stored in a so-called log file. In the process, the following information is collected without your interaction and stored until automatic deletion:
• IP address of the inquiring computer
• date and time of access
• name and URL of the retrieved file
• web page from which the access took place (referrer URL)
• utilised browser and, where applicable, the operating system of your computer as well as the name of your access provider
The specified data are processed by us for the following purposes:
• for additional administrative purposes
Data that allow conclusions as to your person, such as the IP address, are deleted after 7 days, the latest. If we store the data beyond this period, these data are anonymized so that an attribution to you no longer is possible.
The legal basis for this data processing is Art. 6 Par. 1 S. 1 Lit. f GDPR. Our legitimate interest arises from the purposes for data collection listed above. Under no circumstances will we use the collected data for the purpose of drawing conclusions regarding your person.
Content of the newsletter and registration data
We only send a newsletter to you if you have ordered it and have granted your consent in accordance with Art. 6 Par.[sic] S. 1 Lit. a GDPR. The contents of the newsletter are described specifically upon registration for the newsletter. To register for the newsletter, your e-mail address is sufficient. If you voluntarily provide additional information such as your name and/or your gender, this information will exclusively be used for personalising the newsletter addressed to you.
Double opt-in and logging
For security reasons, we use the so-called double opt-in method for registering for our newsletter so that nobody can register with third party e-mail addresses. Therefore, after registering for our newsletter, you will first receive an e-mail asking you to confirm your registration. It is only upon confirmation of your registration that the latter becomes effective.
Furthermore, your registration for the newsletter is logged. The logging includes storage of the point in time of registration and confirmation, your data entered, as well as your IP address. When you modify your data, those changes will be logged, too.
Kommentiert [NS1]: Achtung – hier und im Folgenden fehlt im Ausgangstext der entsprechende Absatz – bitte in beiden Sprachen vor Verwendung noch ergänzen.
If you do not want to receive our newsletter any more, you can withdraw your consent at any time, effective for the future. To do so, click on the newsletter cancellation link at the end of each newsletter, or send us an email at the following e-mail address: email@example.com
The withdrawal of the declaration of consent will not affect the legality of the processing performed based on the declaration of consent up until the withdrawal.
Utilisation of CleverReach To send our newsletter, we use the e-mail tool CleverReach (CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede, Germany). For this purpose, we are passing the data provided by you on to CleverReach and CleverReach is processing them. Via this tool, we are able to analyse how the newsletters are opened and used. We have concluded a contract with CleverReach for order processing. CleverReach does not obtain the right to pass-on your data.
For additional information regarding the data protection of CleverReach, see here. [http://www.cleverreach.de/datenschutz/]
The utilisation of the service provider CleverReach takes places of the basis of our legitimate interests in accordance with Art. 6 Par. 1 S. 1 Lit. f GDPR. Our interest is geared towards the use of a newsletter system that is both user-friendly and secure, that corresponds to both our business interests as well as the expectations of the users.
c) Contact form / e-mail contact
On our website, we make a form available so that you have the option to get in touch with us at any time. To use of the contact form, it is necessary to provide a name for the personal addressing and a valid e-mail address for establishing contact, so that we know from whom the inquiry originates and can also process it. If you send inquiries to us via the contact form, your information from the inquiry form, including the contact information you specified there, as well as your IP address, will be processed in accordance with Art. 6 Par.[sic] S. 1 Lit. b and f GDPR for carrying out pre-contractual measures that are performed upon your inquiry and/or to maintain our legitimate interests, i.e., to perform our business activity.
You are welcome to send us an e-mail instead, using the e-mail address specified on our website. In this case, we store and process your e-mail address as well as the information provided by you as part of the e-mail in accordance with Art. 6 Par.[sic] S. 1 Lit. b and f GDPR to process your message. The inquiries as well as the data associated therewith will be deleted no later than 3 months after receipt, unless they are needed for a further contractual relationship.
d) Utilisation of Google Maps Our website utilises the Google Maps API. Through the utilisation of Google Maps, information about your utilisation of this website (including your IP address) may be transferred to and stored on a server operated by Google (Google Inc., 1600 Amphitheatre Parkway, Mountain View, California, 94043) in the USA.
Google may also transfer the information gained through Maps to third parties where required to do so by law, or where such third parties process the information on Google's behalf. But under no circumstances will Google link your IP address with other data stored by Google. We must, however, point out that it would be technically possible that Google could identify individual users based on the data received.
e) Google Fonts
We are using Google Fonts on our web pages. This makes possible the presentation of fonts. Google Fonts is a service of Google Inc. (1600 Amphitheatre Parkway, Mountain View, California, 94043, USA). The integration of these web fonts is performed via a server call, typically to a server of Google in the USA. As a result, the following is potentially transmitted to the server and stored by Google:
• name and version of the browser used
• website from which the inquiry was triggered (referrer URL)
• operating system of your computer
• screen resolution of your computer
• IP address of the inquiring computer
• language settings of the browser and/or of the operating system the user is using
For more detailed information, see the data protection policy of Google, which you can retrieve here:
The use of Google Fonts serves for making the reading of our website easier for you and graphically more pleasant, and is as such carried out based on our legitimate interests in accordance with Art. 6 Par.[sic] S. 1 Lit. f GDPR.
We are using cookies on our website. Cookies are small data packages that your browser creates automatically and which are stored on your end device when you visit our website. These cookies serve to store information in connection with the respective end device used. But a personal identification of your person via the cookies is not possible.
The data processed through cookies are necessary for the stated purposes to maintain our legitimate interests as well as those of third parties in accordance with Art. 6 Par.[sic] S. 1 lit. f GDPR.
Most browsers automatically accept cookies based on the browser’s default settings. You can, however, configure your browser such that it either does not store any cookies on your end device or, at a minimum, notifies you before a new cookie is stored. If you completely deactivate the cookie function in your browser, it may be that you will not be able to use all the functions of our website.
Below, we explain to you’re the different types of cookies we are using.
a) Session cookies
In order to design our presence more comfortable, we are using so-called session cookies to recognise that you have already visited select pages of our website.
These session cookies are automatically deleted after you leave our website.
b) Temporary cookies
We are also using cookies that enable us to “remember” you when you visit our website again and utilise our services. Therefore, you do not need to once again effect entries and settings that you already set the last time.
These temporary cookies are stored on your end device for a certain defined period of time.
c) Cookies for optimisation purposes
Finally, we are also using cookies for optimisation purposes. These capture the utilisation of our website statistically and are analysed for the purpose of optimising the presence for you. The cookies allow for a “remembering” of your web browser when you visit our website again.
These cookies are each deleted automatically after a defined period of time.
9. Analysis and tracking tools
On our website, we utilise the analysis and tracking tools listed below. These serve to ensure the continuous optimisation of our website and for designing it commensurate with demand. These interests are to be considered legitimate in the meaning of Art. 6 Abs.[sic] S. 1 Lit. f GDPR. For the respective data processing purposes and data categories, see the respective tool.
a) Google Analytics
On our website, we use Google Analytics, a web analysis service of Google Inc. (https://www.google.de/ intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter referred to as “Google”).
• name and version of the browser used
• operating system of your computer
• web page from which the access took place (referrer URL)
• IP address of the inquiring computer
• time of the server inquiry
are typically transferred to and stored on a server operated by Google in the USA.
However, since we have IP anonymisation activated on our website, your IP address will be shortened first by Google within Member States of the European Union or in other contract states of the Agreement on the European Economic Area. Only in exceptional circumstances will the complete IP address be transferred to a server of Google in the USA and then shortened there.
Google will use this information on our behalf for the purpose of evaluating your use of the website, compiling reports on website activities and for providing other services relating to website utilization and Internet usage to us. The IP address transmitted by your browser – as part of "Google Analytics" – is not combined with other data of Google.
You can prevent the storage of the cookies through a corresponding setting in your browser software. We would, however, like to point out to you that in this case you may not be able to use all functions of this website and other websites to their full scope.
You can, furthermore, prevent the recording of the data generated by the cookie and related to your use of the website (incl. your IP address) to Google as well as the processing of this data by Google by downloading and installing the browser plug-in available at the following link http://tools.google.com/dlpage/gaoptout?hl=de You can prevent the recording of your data by Google Analytics by clicking on the following link. An opt-out cookie is installed which prevents the recording of your data upon future visits to our website: deactivate Google Analytics
b) Utilisation of Google reCaptcha
On our web pages, in our contact form, we utilise the reCAPTCHA service of the company Google Inc (1600 Amphitheatre Parkway, Mountain View, California 94043, USA) to be able to distinguish between data entry by a human being or by automated, abusive machine processing. We have a legitimate interest in protecting our web offers against wrongful, automated spying and SPAM.
Upon the query by the reCAPTCHA service, both your IP address as well as, where applicable, other date required by Google for the reCAPTCHA service will be transferred to Google and processed there further.
There are three variants of the query:
• No CAPTCHA reCAPTCHA: Only a check box with the content “I am not a robot” needs to be clicked
• Image reCAPTCHA: There are 9 image segments displayed and subsequently similar elements must be selected (e.g. all images with street signs)
• Text reCAPTCHA: A text needs to be entered that, most of the time, is difficult to read and depicted as image(s)
In case of the utilisation of reCAPTCHA, you must accept the terms and conditions of use of Google. There is a separate field for this. With the activation, you provide your declaration of consent that the identification you performed is contributed to the digitalisation of old works. We have activated IP anonymisation on this website so that your IP address will be shortened first by Google within Member States of the European Union or in other contracting states of the Treaty on the European Economic Area. Only in exceptional circumstances will the complete IP address be transferred to a server of Google in the USA and then shortened there.
Google will use this information on our behalf for the purpose of evaluating your use of this service. The IP address transmitted by your browser – as part of reCaptcha – is not combined with other data of Google. For this data, the deviating data protection provisions of the Google company apply.
For more information regarding the data protection provisions of Google, see: https://www.google.com/intl/de/policies/privacy/.
10. Social media
On our website, the social media plug-ins listed below are being utilised to raise awareness of our website this way. The legal basis for the use of the social media plug-ins arises from Art. 6 Par.[sic] S. 1 Lit. f GDPR. The underlying advertising purpose is to be considered a legitimate interest within the meaning of the GDPR.
Facebook plug-in “Like”
The Facebook plug-in “Like” has been integrated into this website. You can recognise it by the blue Facebook logo and the addition “Like” next to it. The plug-in is being operated by Facebook Ireland Limited (Hanover Reach, 5-7 Hanover Quay, Dublin 2 Ireland) and is connected directly to the servers of Facebook. A passing on of data to the website operator does not take place.
Once you have activated the plug-in, it collects, uses, and transfers data to Facebook – independent of this website – in the scope and for the purpose specified in the privacy policies of Facebook under http://www.facebook.com/policy.php (among other things, the information as to that and when you visited this website). When you actively use the plug-in (e. g. by clicking the “Like” button), this information will be transmitted to Facebook and utilised there as well.
The type, scope and purpose of the collected data depend on whether you are registered with and/or logged in at Facebook. However, a linking of data to your Facebook account is taking place only if you are currently logged in at Facebook [at the time]. This means that you should log out of Facebook before visiting this website if you want to prevent a linking to your Facebook profile. Facebook may also be processing the collected data in third countries in accordance with the Facebook privacy policies.
The most frequently asked questions regarding the privacy of the plug-in are explained in an easily comprehensible way at http://www.facebook.com/help.php?page=1068.
11. Rights of the data subject
You are entitled to the following rights:
In accordance with Art. 15 GDPR, you have the right to demand information about your personal data that we are processing. This right to information does include information about
• the purposes of the processing
• the categories of personal data
• the recipients or categories of recipients to whom the personal data have been or will be disclosed
• the planned storage period or at least the criteria used to determine that storage period
• the existence of a right to request rectification, erasure, restriction of processing or to object
• the existence of a right to lodge a complaint with a supervisory authority
• where the personal data were not collected by us, any available information as to their source
• the existence of automated decision-making, including profiling, and, where applicable, meaningful information about their specifics
In accordance with Art. 16 GDPR, you have right to rectification, without undue delay, of incorrect or incomplete personal data stored by us.
In Accordance with Art. 17 GDPR, you have the right to erasure by us, without undue delay, of your personal data unless the further processing is necessary for one of the following reasons:
• for exercising the right of freedom of expression and information
• for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
• for reasons of public interest in the area of public health in accordance with Art. 9 Par. 2 Lit. h and i as well as Art. 9 Par. 3 GDPR
• for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Art. 89 Par. 1 GDPR in so far as the right referred to in section a) is likely to render impossible or seriously impair the achievement of the objectives of that processing
• for the establishment, exercise or defence of legal claims
d) Restriction of processing
In accordance with Art. 18, you can demand restriction of the processing of your personal data for one of the following reasons: • You contest the accuracy of your personal data. • The processing is unlawful and you oppose the erasure of the personal data. • We no longer need the personal data for the purposes of processing but you still need them for the establishment, exercise or defence of legal claims. • You are objecting to the processing pursuant to Art. 21 Par. 1 GDPR.
e) Notification If you have requested the rectification or erasure of your personal data or a restriction of processing in accordance with Art. 16, Art. 17 Par. 1 and Art. 18 GDPR, we will communicate this to recipients to whom your personal data have been disclosed, unless this proves impossible or involves disproportionate effort. You can demand from us that we inform you about those recipients. f) Portability You have the right to receive your personal data, which you provided to us, in a structured, commonly used and machine-readable format.
You also have the right to demand transmission of these data to a third party insofar as the processing was carried out with the help of automated processes and is based on consent pursuant to Art. 6 Par. 1 S. 1 Lit. a or Art. 9 Par. 2 Lit. a or on a contract pursuant to Art. 6 Par. 1 S. 1 Lit. b GDPR.
g) Withdrawal In accordance with Art. 7 Par. 3 GDPR you have the right to withdraw the consent you declared towards us at any time. The withdrawal of consent shall not affect the lawfulness of the processing performed based on consent before its withdrawal. For the future, we must no longer carry out that data processing which was based on your withdrawn consent.
h) Complaint In accordance with Art. 77 GDPR, you shall have the right to lodge a complaint with a supervisory authority if you are of the opinion that the processing of your personal data infringes upon the GDPR.
i) Right to object
If your personal data are processed based on legitimate interests in accordance with Art. 6 Par. 1 S. 1 Lit. f GDPR, you shall have the right pursuant to Art. 21 GDPR to object to the processing of your personal data if grounds exist for this that result from your particular situation or if the objection is directed against direct marketing. In the latter case, you shall have a general right to object which will be implemented by us without specification of the particular situation. If you would like to exercise your right to withdraw or right to object, an e-mail to firstname.lastname@example.org will be sufficient.
j) Automated individual decision-making, including profiling
You shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or that similarly affects you significantly. This shall not apply if the decision
i. is necessary for entering into, or performance of, a contract between you and us
ii. is authorised by European Union or Member State law to which we are subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests
iii. is based on your explicit consent
However, these decisions shall not be based on special categories of personal data referred to in Art. 9 Par. 1 GDPR unless Art. 9 Par. 2 Lit. a or g GDPR applies and suitable measures to safeguard your rights and freedoms and legitimate interests are in place.
With respect to the cases referred to in i) and iii), we shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, which include at least the right to obtain human intervention on our part, to express your point of view and to contest the decision.
Version 09 May 2018