Privacy policy
This privacy policy clarifies the type, scope, and purpose of the processing of personal data (hereinafter referred to as ‘data’) via our online service and the associated web pages, functions, and content as well as external online activities, such as our social media profile (hereinafter referred to collectively as ‘online service’). With regard to the terms used, such as ‘processing’ or ‘controller,’ we refer to the definitions in Article 4 of the EU General Data Protection Regulation (GDPR).
Controller
WTK Germany GmbH
Aulweg 47
35392 Gießen
Email: info@wtk-germany.de
CEO: Joachim Kunz
Link to legal information: http://en.wtk-germany.de/legal-notice
Types of data processed:
– User data (e.g., names, addresses).
– Contact data (e.g., e-mail, telephone numbers).
– Content-related data (e.g., input text, photographs, videos).
– Usage data (e.g., websites visited, interest shown in content, access times).
– Metadata and communications data (e.g., device information, IP addresses).
Categories of data subjects
Users of and visitors to the online service (hereinafter we also refer to data subjects collectively as ‘users’).
Purpose of processing
– Provision of the online service, its functions, and its contents.
– Response to contact requests and communication with users.
– Security precautions.
– Outreach evaluation and marketing
Terms and definitions
‘Personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is anyone who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. a ‘cookie’), or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
‘Processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means. The definition is broad and encompasses practically all ways of interacting with data.
‘Pseudonymization’ means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.
‘Profiling’ means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.
‘Controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
‘Processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Applicable legal frameworks
In accordance with Art. 13 of the GDPR we hereby inform you of the legal basis of our data processing. If the legal basis is not specified in the privacy policy, the following shall apply: The legal basis for obtaining consent is Art. 6 (1) lit. a and Art. 7 of the GDPR; the legal basis for processing in order to fulfill our services, meet contractual requirements, and respond to inquiries is Art. 6 (1) lit. b of the GDPR; the legal basis for processing in order to fulfill our legal obligations is Art. 6 (1) lit. c of the GDPR; and the legal basis for processing in order to safeguard our legitimate interests is Art. 6 (1) lit. f of the GDPR. In the event that vital interests of the data subject or another natural person necessitate the processing of personal data, Art. 6 (1) lit. d of the GDPR shall serve as the legal basis.
Security precautions
In accordance with Art. 32 of the GDPR, we take appropriate technical and organizational measures to ensure a level of protection appropriate to the risk, taking into account the state of the art in technology, the implementation costs and the nature, extent, circumstances, and purpose of data processing, as well as the varying probability and severity of such risk to the rights and freedoms of natural persons.
Measures shall include, in particular, ensuring the confidentiality, integrity, and availability of data by putting controls on the physical access to it, in addition to other means of access, data input, disclosure, and the safeguarding and separation of data. In addition, we have put in place procedures to ensure that data subjects’ rights can be exercised, that data is deleted where necessary, and that we respond effectively to anything that might jeopardize the integrity of such data. Furthermore, we take the protection of personal data into account when developing or procuring hardware, software, and establishing processes. This is achieved by putting in place the appropriate technical measures and ensuring default settings are compatible with privacy requirements (Art. 25 of the GDPR).
Cooperation with processors and third parties
Insofar as we disclose data to other persons and companies (contract processors or third parties) within the scope of our processing, transfer such data to them or otherwise grant them access to the data, this shall only take place where permitted by law (e.g., if a transfer of the data to third parties, such as payment service providers, is necessary for the performance of the contract, pursuant to Art. 6 (1) lit. b of the GDPR), you have given your consent, legal obligations require such disclosure, or on the basis of our legitimate interests (when using agents, web hosts, etc.).
If we commission third parties with the processing of data on the basis of an ‘order processing contract,’ this is done on the basis of Art. 28 of the GDPR.
Data transferred to third-party countries
If we process data in a third-party country (i.e., outside the European Union (EU) or the European Economic Area (EEA)) or if this is carried out in the context of the use of third-party services, or in the context of the disclosure or transfer of data to third parties, this will only be carried out in order to meet our (pre)contractual obligations, on the basis of your consent, a legal obligation, or on the basis of our legitimate interests. Where permitted by statute or contractual provisions, we process or allow the data to be processed in a third-party country only if the special requirements specified in Art. 44 ff. of the GDPR are met. In other words, processing is conducted on the basis of special guarantees, such as an officially recognized data protection level corresponding to the EU (e.g. for the USA through the ‘Privacy Shield’), or the observance of officially recognized special contractual obligations (known as ‘standard contractual clauses’).
Rights of the data subject
In accordance with Art. 15 of the GDPR, you have the right to request confirmation as to whether the data in question will be processed and to receive information about, as well as a copy of, such data.
In accordance with Art. 16 of the GDPR, you have the right to request the completion or correction of data concerning you.
Pursuant to Art. 17 of the GDPR, you have the right to demand that the relevant data be deleted immediately or, alternatively, to demand a restriction on the processing of the data pursuant to Art. 18 of the GDPR.
You have the right to demand the data concerning you that you have provided to us in accordance with Art. 20 of the GDPR and to demand that it be transferred to other responsible parties.
Pursuant to Art. 77 of the GDPR, you also have the right to file a complaint with the relevant supervisory authority.
Right to withdraw consent
You have the right to withdraw consent granted, pursuant to Art. 7 (3) of the GDPR
Right to object
You may object at any time to the future processing of the data concerning you in accordance with Art. 21 of the GDPR. The objection may in particular be lodged against processing for the purposes of direct marketing.
Cookies and the right to object to direct marketing
‘Cookies’ are small files that are stored on the user’s computer. Different types of data can be stored in the cookies. A cookie is primarily used to store information about a user (or the device on which the cookie is stored) during or after the user’s visit to an online service. Temporary cookies, also known as ‘session cookies’ or ‘transient cookies,’ are cookies that are deleted after a user leaves an online service and closes the browser. The contents of a shopping cart in an online store or a login status, for example, can be stored in such cookies. Cookies that remain stored on the user’s computer even after the browser is closed are referred to as ‘permanent’ or ‘persistent.’ For example, the login status can be saved if users visit it after several days. The interests of the users can also be stored in such a cookie, which are used for reach measurement or marketing purposes. ‘Third-party cookies’ are cookies that are offered by other providers than the controller who operates the online service (otherwise, if they are only their cookies, they are known as ‘first-party cookies’).
We may use temporary and permanent cookies, and where this is the case there will be corresponding explanations in our privacy policy.
If users do not wish cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Stored cookies can be deleted in the system settings of your browser. However, refusal of cookies can lead to functional restrictions of this online service.
A general objection to the use of cookies for online marketing purposes can be raised for a large number of services, especially in the case of tracking, via the US website www.aboutads.info/choices or the EU website www.youronlinechoices.com. Furthermore, the storage of cookies can be achieved by switching them off in the browser settings. Please note that in this case, it may not be possible to take advantage of all of the online service’s functions.
Deletion of data
The data processed by us will be deleted, or their processing will be restricted, in accordance with Art. 17 and 18 of the GDPR. Unless expressly stated to the contrary in this privacy policy, the data stored by us will be deleted as soon as it is no longer required for its intended purpose and there are no legal obligations to retain it. If the data is not deleted because it is required for other, legally permissible purposes, its processing will be restricted. This means that the data will be locked down and not processed for other purposes. This applies, for example, to data that must be stored for commercial or tax reasons.
In accordance with statutory provisions applicable in Germany, retention is required for 10 years pursuant to Sections 147 (1) of the Fiscal Code, 257 (1) no. 1 and 4 (4) of the German Commercial Code (books, records, reports, booking documents, trading documents, for taxation of relevant documents, etc.) and 6 years pursuant to Section 257 (1) no. 2 and 3 (4) of the German Commercial Code (relating to business correspondence).
In accordance with statutory provisions applicable in Austria, retention is required for 7 years in accordance with Section 132 (1) of the Federal Fiscal Code (accounting documents, receipts/invoices, accounts, business papers, lists of income and expenses, etc.), for 22 years in connection with real estate and for 10 years for documents in connection with electronically rendered services, telecommunications, radio, and television services which are provided to non-entrepreneurs in EU member states and for which the Mini One-Stop Shop (MOSS) is used.
Contractual services
We process the data of our contractual partners and interested parties as well as other clients, customers, or contractual partners (collectively referred to as ‘contractual partners’) in accordance with Art. 6 (1) lit. b. of the GDPR in order to provide them with our contractual or pre-contractual services. The data processed and the type, scope, necessity, and purpose of its processing are determined by the underlying contractual relationship.
The processed data includes the master data of our contractual partners (e.g., names and addresses), contact data (e.g. e-mail addresses and telephone numbers) as well as contract data (e.g., services used, contract contents, contractual communication, names of contact persons) and payment data (e.g., bank details, payment history).
We do not process any special categories of personal data, unless these are part of commissioned or contractual processing.
We process data which is necessary for the preparation of and fulfillment of contractual services, and we will indicate, where necessary, the necessity of such disclosure where this is not evident to the contractual partners. Disclosure to third parties is carried out only when required under a contract. When processing the data provided to us within the framework of an order, we shall act in accordance with the instructions of the customer and the statutory requirements.
While our online services are being used, we reserve the right to store the IP address and the time of the respective user action. Such information is stored in order to safeguard our legitimate interests, as well as the interests of users, in the protection against abuse and other unauthorized activities. As a matter of principle, disclosure of this data to third parties is not carried out unless it is necessary for the purposes of our legitimate interests pursuant to Art. 6 (1) lit. f. of the GDPR or there is a legal obligation to do so pursuant to Art. 6 (1) lit. c. of the GDPR.
The data will be deleted when the data is no longer required for the fulfillment of contractual or statutory fiduciary obligations and for the handling of any warranty and similar obligations, whereby the necessity of data retention is reviewed every three years. Otherwise, the statutory retention obligations shall apply.
Contact
When contacting us (e.g., using the contact form or by e-mail, telephone or on social media), the user’s details will be processed for the purpose of processing the contact request and processing it in accordance with Art. 6 (1) lit. b of the GDPR. The user data can be stored in a customer relationship management system (‘CRM system’) or a similar system for organizing customer requests.
Once requests are no longer necessary, we delete them. We review the necessity every three years. Statutory archiving obligations shall also apply.
Hosting and e-mailing
The hosting services we rely on are used in order to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, e-mail dispatch, security services, and the technical maintenance services which we use to operate this online service.
In this system, we and our hosting provider process data relating to users, contact details, content services, contractual items, usage, metadata, and communications of customers, interested parties, and visitors to this online service in order to pursue our legitimate interests in the efficient and secure provision of this online service in accordance with Art. 6 (1) lit. f of the GDPR in conjunction with Art. 28 of the GDPR (conclusion of an order processing contract).
Hosting Provider & Server-Logfiles
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
IP address
Browser type and version
Operating system used
Referrer URL
Host name of the accessing computer
Time of the server request
These data are not directly attributable to specific persons. A consolidation of this data with other data sources is not carried out. We reserve the right to check this data subsequently if we become aware of concrete indications of illegal use.
This data as well as all data on this website is stored by our hosting provider METANET AG, Josefstrasse 218, CH-8005 Zurich, whose privacy policy you can find here.
SSL Encryption
This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as the requests you send to us as site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.
If SSL encryption is activated, the data you send to us cannot be read by third parties.
Google-AdWords
The data controller has integrated Google AdWords on this website. Google AdWords is an internet advertising service that allows advertisers to display ads in Google's search engine results as well as in the Google advertising network. Google AdWords allows an advertiser to specify pre-defined keywords that will cause an ad to appear in Google's search engine results only when the user uses the search engine to retrieve a keyword relevant search result. In the Google advertising network, the ads are distributed to topic-relevant websites by means of an automatic algorithm and in accordance with the keywords previously defined.
The operating company of the Google AdWords services is Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
The purpose of Google AdWords is to advertise our website by displaying interest-relevant advertising on the websites of third-party companies and in the search engine results of the Google search engine and by displaying third-party advertising on our website.
If a person concerned reaches our website via a Google ad, a so-called conversion cookie is stored on the information technology system of the person concerned by Google. What cookies are has already been explained above. A conversion cookie loses its validity after thirty days and does not serve to identify the data subject. If the cookie has not expired, the conversion cookie is used to determine whether certain sub-pages, for example the shopping basket from an online shop system, have been called up on our website. The conversion cookie enables both we and Google to track whether a person who reached our website via an AdWords ad generated sales, i.e. whether he or she completed or abandoned a purchase.
The data and information collected through the use of the conversion cookie is used by Google to create visit statistics for our website. These visit statistics are in turn used by us to determine the total number of users who were referred to us via AdWords ads, i.e. to determine the success or failure of the respective AdWords ad and to optimize our AdWords ads for the future. Neither our company nor other Google AdWords advertisers receive any information from Google that could be used to identify the individual.
The conversion cookie is used to store personal information, such as the websites visited by the person concerned. Whenever our website is visited, personal data, including the IP address of the Internet connection used by the person concerned, is transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may pass on this personal data collected via the technical process to third parties.
The person concerned can prevent the setting of cookies by our website, as described above, at any time by means of a corresponding setting in the Internet browser used and thus permanently object to the setting of cookies. Such a setting of the Internet browser used would also prevent Google from setting a conversion cookie on the information technology system of the person concerned. In addition, a cookie already set by Google AdWords can be deleted at any time via the Internet browser or other software programs.
Furthermore, the person concerned has the opportunity to object to interest-based advertising by Google. To do so, the person concerned must access www.google.de/settings/ads from each of the Internet browsers he or she uses and make the desired settings there.
Further information and Google's applicable privacy policy can be found at https://www.google.de/intl/de/policies/privacy/.
Google Analytics
This website uses functions of the web analysis service Google Analytics. The provider is Google Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.
Google Analytics uses so-called "cookies". These are text files which are stored on your computer and which enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there.
IP Anonymization
We have activated the IP anonymization function on this website. This means that your IP address will be truncated by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area before it is transmitted to the USA. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on the website activities and to provide further services to the website operator in connection with the use of the website and the Internet. The IP address transmitted by your browser within the framework of Google Analytics is not combined with other data from Google.
Browser Plugin
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de
You can find more information on how Google Analytics handles user data in the Google privacy policy: https://support.google.com/analytics/answer/6004245?hl=de
Contract data processing
We have concluded a contract with Google for commissioned data processing and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
Google Fonts
Google Fonts are used on this website. According to our knowledge, no personal data is stored by Google.
For technical reasons, however, your IP address must be transmitted to Google so that the fonts can be transferred to your browser.
You can find more information from Google about Google Fonts here.
Created with Datenschutz-Generator.de by RA Dr. Thomas Schwenke