§1 General Information
Data protection is an important issue. In the following, we would like to provide you with information regarding the collection of personal data when using our website. Personal data refers to all data, with which you can be personally identified.
When using the website for information purpose only, meaning without registering or otherwise transmitting information to us, we only collect the personal data transmitted technologically from your browser to our server, which is required to open the website (§ 5).
Controller according to Article 4 (7) of the GDPR
Data Security Officer:
Konzept 17 GmbH
§2 Brief overview of the data and processing operations
We seek to provide you with transparency (in accordance with Article 12 of the GDPR). Therefore, please refer to the overview of processing below:
Types of data processed:
- Usage data or communication data (when accessing a website, IP address, device information, access time and access moment, etc.)
- Contact information for registration or data entry
- User-related data (name, company, address, etc.)
- Communication data (potentially meta-data of phone calls, emails)
- Content data (especially for sending emails)
Furthermore, (internally) the following additional data pertaining to our customers, interested parties, suppliers and business partners for the provision of services in the creation and processing of offers and contracts, services and marketing, direct advertising and customer care:
- Contract data
- Customer relationship management (CRM) data
- Payment information
- Order information and billing information
Data subjects (categories)
- Users of this website (also referred to as visitors)
- Customers (for emails, etc.)
- Website operation and the provision of information
- Ensuring the operation of our website and systems (e.g. firewall)
- Communicating with our customers
- Responding to enquiries
- Website optimization and analysis
- Provision of information to our (prospective) customers and suppliers
§3 General legal bases
For the processing of personal data required for the performance of a contract to which the data subject is a party, Article 6 (1) (b) of the GDPR serves as the legal basis. This also applies to processing operations required to carry out pre-contractual measures.
If processing is required to safeguard the legitimate interests of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not override the former interest, Article 6 (1) (f) of the GDPR serves as the legal basis for said processing. This is also particularly the case if we use tracking to optimize the website or to measure the reach of our newsletter as well as for respective direct marketing.
If the processing of personal data is required to fulfill a legal obligation our company is subject to, Article 6 (1) (c) of the GDPR serves as the legal basis.
In the event that vital interests of the data subject or another natural person require the processing of personal data, Article 6 (1) (d) of the GDPR serves as the legal basis.
Insofar as we obtain the consent of the data subject for the processing of personal data, Article 6 (1) (a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
§4 General rights of the data subject
- Erasure / Restriction
- Lodging a complaint with a supervisory authority
- according to Article 15 of the GDPR, you can request information about your personal data processed by us. In particular, you can request information regarding the purposes of processing, the category of personal data, the categories of recipients to whom your data will be or has been disclosed, the planned retention period, the existence of a right to rectification, erasure, limitation of processing or revocation, the existence of a right to lodge a complaint, the origin of your data, provided it was not collected by us as well as the existence of an automated-decision making process including profiling and potentially meaningful information in regard to their details;
- according to Article 16 of the GDPR you can request the immediate rectification of incorrect or incomplete personal data stored by us;
- according to Article 17 of the GDPR, you can request the erasure of your personal data stored with us, unless processing is required to exercise the right of free expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
- according to Article 18 of the GDPR, you can request the restriction of processing of your personal data, provided you contest the accuracy of the data, the processing is unlawful however, you object to the erasure of said data and we no longer require the data but you require it to assert exercise or defend legal claims or you have objected to processing pursuant to Article 21 of the GDPR;
- according to Article 20 of the GDPR, you can request to obtain the data you provided to us in a structured, prevalent and machine-readable format or to have it transferred to another controller;
- according to Article 7 (3) of the GDPR, you can revoke your previously given consent at any time. This leads to us no longer being permitted to process the data the consent is based on in the future from the time of revocation and
- according to Article 77 of the GDPR, you have the right to lodge a complaint with a supervisory authority responsible for us:
State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia.
Tel.: +49 211/38424-0
There is no right to erasure if processing is required
- to exercise the right to free expression and information;
- to fulfill a legal obligation required by the law of the European Union or the Member States, which the controller is subject to or to carry out a task in the public interest or is carried out in exercising official authority, which was delegated to the controller;
- for reasons of public interest in public health in accordance with Article 9 (2) (h) and (i) as well as Article 9 (3) of the GDPR;
- for archival purposes of public interest, scientific or historical research purposes or for statistical purposes in accordance with Article 89 (1) of the GDPR, to the extent that the law referred to in section a) is likely to render impossible or seriously affect the achievement of the objectives of that processing or
- to assert, exercise or defend legal claims
§5 Website use
General data collected when accessing the website
When using the website for informational purposes only, meaning without registering or otherwise transmitting information to us, we only collect the personal data transmitted to our server by your browser. When browsing our website, we collect the following data we require for technical purposes, to display our website and safeguard the stability and security of our website (the legal basis is Article 6 (1) sentence 1 (f) of the GDPR):
- IP address
- date and time of the request
- time zone difference to Greenwich Mean Time (GMT)
- contents of the request (specific page)
- access status /HTTP status code
- respective data volume transferred
- website, where the request originated
- operating system and its user interface
- browser software language and version.
Data is stored in log files to ensure the functionality of the website. Furthermore, this data serves optimizing the website and ensuring the security of our information technology systems. In this context, the data is not analyzed for marketing purposes. These purposes also constitute our legitimate interest in data processing according to Article 6 (1) (f) of the GDPR.
The data is erased as soon as it is no longer required to achieve the purpose of its collection.
For data stored in log files, this is the case after seven days at the latest. Further storage is possible. In this case, the users' IP addresses are erased or altered, which makes an allocation of the accessing client impossible.
In addition to the aforementioned data, cookies are stored on your computer when using our website. Cookies are small text files, which are stored on your hard drive and allocated to the browser you are using and which provide specific information to the site, which places the cookie (in this case, us). Cookies cannot execute programmes or transmit viruses to your computer. They serve the purpose of making the website more user-friendly and efficient overall.
a) This website uses the following types of cookies, the scope and function of which are explained below:
- Transient cookies (see b)
- Persistent cookies (see c).
Transient cookies are automatically erased after you close the browser. In particular, this includes session cookies. These store a so-called session ID, which is used to assign various requests from your browser to a common session. This enables recognizing your computer, when you return to our website. Session cookies are erased when you log out or close the browser.
Persistent cookies are automatically erased after a specific time period, which can vary depending on the cookie. You can erase the cookies at any time in your browser security settings.
You can configure your browser settings according to your preferences and e.g. block the acceptance of third party cookies or all cookies. Please note that in this case, you may not be able to fully use all functions on this website.
§6 Social media
At no time is it mandatory, to register at one of these portals for information purposes or in order to contact us (the provider). In fact, you have various options of contacting us (telephone, mail, contact form).
An unauthorized disclosure of personal data based on embedding does not exist.
§7 Integration of third-party services
Integration of Google Maps
- This website uses the web services provided by Google Maps. This allows us to show you interactive maps directly on the website and provides you with a convenient use of the map function.
- When visiting the website, Google obtains information in regard to your accessing the respective subpage on our website. Furthermore, the data specified in § 3 of this policy is transmitted. This occurs whether or not you have a Google user account, which you are logged into. If you are logged into Google, your data is directly allocated to your account. If you do not want an allocation to your Google account, please log out of our account before using the button. Google stores your data as usage profiles and uses them for the purpose of advertising, market research, and/or to customize the website design when required. This type of analysis (even for users, who are not logged in) is particularly aimed at providing custom advertising and to provide other members of the social network with information about your activity on our website. You have the right to object to this user profile being created; to do so, you must contact Google.
Web analysis through Matomo
1. Scope of the processing of personal data
We use the open source software tool Matomo (formerly PIWIK) on our website to analyze the surfing behavior of our users. This is an open source tool for web analysis. Matomo does not transmit data to servers that are outside the control of Wippermann jr. GmbH. Matomo does not collect session data without your consent.
Wippermann jr. GmbH understands this analysis as part of its Internet service. It would like to use it to further improve the website and adapt it even more to the needs of the users.
If you agree to web analysis using Matomo, the following data is collected when you call up individual pages of our website:
(1) 2 bytes of the IP address of the user's calling system.
(2) The web page called up
(3) The website from which the user accessed the accessed website (referrer)
(4) The subpages that are called up from the called-up website
(5) The length of time spent on the website
(6) The frequency with which the web page is accessed
The software runs exclusively on the servers of our website. A storage of the personal data of the users takes place only there. The data is not passed on to third parties.
You can decide here whether a web analysis cookie may be stored in your browser to enable Wippermann jr. GmbH to collect and analyze statistical data.
To do so, click on the "Cookie Settings" link at the bottom of the page.
2. Legal basis for the processing of personal data
The legal basis for the processing of users' personal data is Art. 6 para. 1 lit. a DSGVO.
3. Purpose of the data processing
The processing of the users' personal data enables us to analyze the surfing behavior of our users. By evaluating the data obtained, we are able to compile information about the use of the individual components of our website. This helps us to continuously improve our website and its user-friendliness. By anonymizing the IP address, the interest of users in the protection of their personal data is sufficiently taken into account.
4. Duration of storage
The data is deleted as soon as it is no longer required for our recording purposes. The statistics generated and underlying data are not deleted.
5. Possibility of objection and removal
More information on the privacy settings of the Matomo software can be found at the following link: matomo.org/docs/privacy/.
Your right to rectification, deletion and objection according to Art. 16, 17 and 21 DSGVO is pointed out; more details in §4 General rights of the data subject.
We use the consent management service Cookiebot, provided by Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (Cybot). This enables us to obtain and manage consent from website users for data processing. The processing is necessary for compliance with a legal obligation (Art. 7(1) DSGVO) to which we are subject (Art. 6(1) p. 1 lit. c DSGVO). For this purpose, the following data is processed with the help of cookies:
- Your IP address (the last three digits are set to '0').
- Date and time of consent.
- Browser information URL from which the consent was sent.
- An anonymous, random and encrypted key.
- Your end-user consent status, as proof of consent.
The key and consent status are stored in the browser for 12 months using the "CookieConsent" cookie. This preserves your cookie preference for subsequent page requests. With the help of the key, their consent can be proven and tracked.
Cybot is a recipient of your personal data and acts as a processor for us.
The processing takes place in the European Union. You can find more information about objection and removal options vis-à-vis Cybot at: www.cookiebot.com/de/privacy-policy/.
Your personal data will be deleted consecutively after 12 months or immediately after the termination of the contract between us and Cybot.
§8 Contact form and email contact
There is a contract form on our website, which can be used to contact us electronically. If a user chooses to use this option, the data entered by the user in the input screen is transmitted to us and stored. This data includes:
- user’s name
- information regarding the receipt of a copy of the contact email
- consent to data storage
When sending the message, the following data is also stored:
- the user's IP address
- date and time of sending
Alternatively, you can contact us using the provided email address. In this case, we store the user's personal data transmitted in the email.
In this context, the data is not disclosed to third parties. The data is solely used to process the conversation.
Last updated: Dec. 2022