Data Privacy

Our privacy statement

1. General information and principles of data processing

We are pleased that you have chosen to visit our website. We find it important to protect your privacy and personal data when you use our services.

The term “personal data”, as defined in Art. 4 No. 1 GDPR, is used to refer to any information related to an identified or identifiable natural person (e.g. first and last name, address, phone number, email address and IP address).

Any data that cannot be linked to a person (e.g. anonymised data) is not regarded as personal data. Your personal data will only be processed (e.g. collected, stored, extracted, retrieved, used, submitted, erased or destroyed) pursuant to Art. 4 No. 2 GDPR on specific legal grounds or with your consent. If your personal data is being processed, it must be deleted as soon as the purpose of processing has been achieved and no retention periods are stipulated by law.

This privacy statement contains more information about how your personal data will be handled when you visit our website. We have to collect your personal data to provide the functions and services of our website.

We will also explain the nature, scope and purpose of each type of data processing, as well as the relevant legal grounds and retention periods.

This privacy statement only applies to this website. It does not apply to any other websites that may be linked on our website. We cannot assume responsibility for the confidential handling of your personal data on such third-party websites, as we cannot control whether such companies comply with the data protection regulations. If you would like to find out how such companies will handle your personal data, please refer to the information contained on their websites.

You can find the contact details of the controller and the data protection officer below.

2. Controller (Art. 4 No. 7 GDPR)

The “controller”, as defined in the GDPR, other national data protection laws in the member states of the European Union and other data protection regulations, is:
Josef Weischer GmbH & Co KG
Sternbusch 14
D-48282 Emsdetten
Tel.: +49 2572 93920

3. Name and address of the data protection officer

If you have any questions about data protection, you can contact our data protection officer at any time:
Claus Wissing
Sachverständigenbüro Mülot
Grüner Weg 80
D-48268 Greven
Tel.: +49 2571 540 40 200

4. Provision and use of the website / server log files

a) Nature and scope of data processing
If you use this website without submitting data in any other way (e.g. by registering or using the contact form), we will use server log files to collect the following technically necessary data and automatically transmit it to our server:

  Your IP address;
  The date and time of access;
  The name and URL of the accessed file;
  The website from which the file is accessed (referrer URL);
  Your browser type / version; and
  Your operating system.

b) Purpose of data processing
This processing is technically necessary to display our website to you. We will also use the data to ensure the security and stability of our website.

c) Legal basis of data processing
The legal basis for this processing is point (f) of Art. 6 (1) GDPR (legitimate interest). As the processing of such data is necessary to provide a website, it constitutes one of our company’s legitimate interests.

d) Retention period
Such personal data will be deleted as soon as it is no longer necessary to display the website, but no later than 3 months after you have visited our website. As the collection and storage of data in log files is absolutely necessary to operate our website, you cannot object to this form of data processing. Your data may be stored for longer in certain cases if this is stipulated by law.

5. Data collection for the performance of contracts and pre-contractual measures

a) Nature and scope of data processing
We will collect your personal data before concluding a contract with you and during the term of the contract. Such data may include your first and last name, address, email address, phone number and bank details.

b) Purpose of data processing
We will collect and process such data exclusively for the purpose of performing the contract and our pre-contractual duties.

c) Legal basis of data processing
The legal basis is point (b) of Art. 6 (1) GDPR. If you also give your consent, the additional legal basis will be point (a) of Art. 6 (1) GDPR.

d) Retention period
The data will be deleted as soon as it is no longer required for the purpose for which it was being processed.
However, your data may also be subject to statutory retention requirements such as those stipulated in the German Commercial Code (HGB) and the German Tax Code (AO). In the case of such retention obligations, we will block or erase your data at the end of such retention periods.

6. Special website features

When you use various features of our website, we will collect, process and store your personal data. We will explain what happens to this data below:

6.1 Contact form(s):

a) Scope of data processing
The data you enter in our contact forms.

b) Legal basis of data processing
Point (a) of Art. 6 (1) GDPR (consent)

c) Purpose of data processing
We will only use the data collected via our contact form(s) to process your specific enquiry submitted via the contact form.

d) Retention period
Once we have processed your enquiry, the data we have collected will be immediately erased, unless it forms the basis for further business activities (e.g. enquiry / offer).

e) Right to object and request the deletion of data
Your right to object to such processing and request the deletion of such data will depend on the following general provisions described in this privacy statement.

7. Data transfer

We will only disclose your personal data to third parties if:

a) You have given your explicit consent in accordance with point (a) of Art. 6 (1) GDPR.
b) This is legally permissible and necessary to perform a contractual relationship or pre-contractual measures with you in accordance with point (b) of Art. 6 (1).
c) We are legally obliged to disclose your data in accordance with point (c) of Art. 6 (1) GDPR.
d) We are legally obliged to disclose your data to state authorities (e.g. tax authorities, social security providers, health insurance funds, supervisory authorities and law enforcement bodies).
e) The disclosure of your data is necessary for our company to pursue its legitimate interests in accordance with point (f) of Art. 6 (1) GDPR, or if such disclosure is necessary for the establishment, exercise or defence of legal claims and we have no reason to believe you might have an overriding legitimate interest in the non-disclosure of your data.
f) We hire external service providers (“processors”) who are contractually obliged to handle your data with care in accordance with Art. 28 GDPR.

We hire such service providers in the following fields:

▪    IT
▪    Logistics
▪    Telecommunications
▪    Sales
▪    Marketing

When transmitting your data to external third parties in third countries (i.e. outside the EU and EEA), we will make sure that such third parties handle your personal data with the same care as organisations are expected to exercise within the EU and EEA. We will only transfer your personal data to third countries that offer an adequate level of data protection according to the EU Commission or if we ensure the careful handling of your personal data by means of contractual arrangements or other suitable safeguards.

8. Withdrawal of consent – access to data and change requests – erasure and blocking of data

You have the right to request free information about the data we are storing on you at reasonable intervals and the right to request the rectification, blocking or erasure of your data at any time. We will delete your data upon first request, unless the deletion of your data is prevented by statutory regulations. In other words, you may withdraw your consent to data processing at any time. You may send requests for information and the deletion or rectification of your data, as well as suggestions, to the following address at any time:

Josef Weischer GmbH & Co KG
Sternbusch 14
D-48282 Emsdetten
Tel.: +49 2572 93920

9. Right to data portability

You have the right to receive any personal data you have provided to us in a structured, commonly used and machine-readable format. You may also instruct us to immediately transfer such data to a third party, provided the processing is based on your consent in accordance with point (a) of Art. 6 (1) GDPR or point (a) of Art. 9 (2) GDPR – or on a contract in accordance with point (b) of Art. 6 (1) GDPR – and provided your data is being processed by automated means.

In exercising your right to data portability, you may have your personal data transmitted directly to another controller, provided this is technically feasible and does not impair the rights and freedoms of others.

The right to data portability does not apply to any processing that is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

10. SSL and TLS encryption

This site uses SSL and TLS encryption to ensure security and protect the transmission of sensitive data, such as any orders or enquiries that you send to the website operator. You can tell whether an encrypted connection has been established, as your browser’s address bar will have changed from “http://” to “https://” and a padlock symbol will be displayed in your browser bar. If SSL or TLS encryption is enabled, third parties will not be able to intercept any data you send us.

11. Right to lodge a complaint with a supervisory authority (Art. 77 (1) GDPR)

If you suspect that we are processing your data unlawfully, you may seek the judicial clarification of the issue at any time. Irrespective of the above, you have the option of contacting a supervisory authority. You may exercise your right to lodge a complaint in the EU member state of your place of residence, your place of work and/or the location of the alleged infringement, i.e. you can contact the supervisory authority at any of these locations. The supervisory authority that receives your complaint will then inform you about the progress and outcome of your case, including the possibility of a judicial remedy in accordance with Art. 78 GDPR.