Data Protection Notice

We take the protection of your personal data very seriously. Processing is performed in compliance with the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (Bundesdatenschutzgesetz, "BDSG”). Through the information provided here, we would like to give you an overview of how our company processes your personal data, and about your rights under data protection law. Your personal data will not be communicated to any third parties for any purposes other than those described here.

1. Name and contact data of the controller

Wieland-Werke AG
Graf-Arco-Strasse 36
89079 Ulm
Germany

+49 731 944 0
+49 731 944 2772
info@wieland.com
www.wieland.com

Controller/contact information of the affiliated companies of the Wieland-Group and offices located in Germany and worldwide with their respective contact data are available here.

Data protection inquiries can be sent to the above address, for the attention of the Data Protection Officer, or by email datenschutz@wieland.com

2. Collection and storage of personal data, and the nature and purpose of its use

a) When visiting our website

When you visit our website www.wieland.com, the browser of your terminal device will automatically send information to our website server. This information will be temporarily stored in a log file. The following information will be recorded without any intervention by you, and stored until it is automatically deleted:

  • Request (file name of the requested file) (such as www.example.de/index.html)
  • Browser type/version (such as Mozilla Firefox 33, Google Chrome, Safari)
  • Browser language (e.g.: German)
  • Applicable operating system (e.g.: Windows 10)
  • Interim resolution of the browser window
  • Screen resolution
  • JavaScript activated: “Yes” or “No”
  • Java on/off
  • Cookies on/off
  • Colour depth
  • Referrer URL (the previously visited page)
  • Truncated IP address for geographical recognition
  • Time of the access (time stamp)
  • Clicks
  • Where applicable, content of forms (in the case of free-text fields, such as “Name” and “Password", only the information “completed” or “not completed” will be communicated).


We will process the specified data for the following purposes:

  • to guarantee smooth access to our website,
  • to ensure our website is userfriendly,
  • for the analysis of system security and stability and
  • other administrative purposes, and in order to
  • detect abuses and eliminate faults


The legal basis for the data processing is Art. 6 (1) 1st sentence point f) GDPR. Our legitimate interest is based on the collection of data as described above. Under no circumstances do we use the collected data to draw conclusions about you personally. In addition, we use cookies and analysis services when you visit our website. You will find further information on the topic under Paragraph 4 and 5 of this Data Protection Notice.

b) When subscribing to our newsletter and white paper

If you have issued your explicit consent in accordance with Art. 6 (1) 1st sentence point a) GDPR, we will use your email address in order to send you our regular newsletter, or to send you a specific white paper. You only need to provide your email address to receive the newsletter. We will also use this for the confirmation mail as part of the double opt-in procedure, to verify that the owner of the email address has agreed to receive the newsletter.

You can cancel your subscription at any time, for example by using the link located at the end of each newsletter. Alternatively, you can of course send your cancellation request by email at any time to newsletter@wieland.com. The data provided to us will only be transferred to our technical service providers and the partner companies that we use to perform the technical processes for sending our newsletter and whitepaper. However, in this case we will restrict the scope of the transferred data to the minimum necessary. Our service provider for delivering the newsletter is the Germany-based company sc-networks.com, which uses the Evalanche software. If the newsletter subscription is cancelled, your email address will be erased from our servers and from the servers of our service provider.

c) When using our contact form

For questions and queries of any kind, we offer you the option of contacting us using the form made available on this website. This requires you to enter a valid email address, in order that we can know who sent the inquiry, and how we can respond to it. Further information can be provided voluntarily. The processing of data for the purposes of making contact with us is performed in accordance with Art. 6 (1) 1st sentence point a) GDPR on the basis of the consent voluntarily provided by you. Once your inquiry has been fully resolved, we will erase the personal data collected using the contact form. This will be the case if the circumstances indicate that the relevant matter has been conclusively clarified, and provided there are no contrary statutory retention obligations.

d) When transferring your data by another means with your consent (Article 6 (1) a) GDPR)

The processing is lawful if you have consented to the processing of your personal data for specific purposes (such as communicating the contact data from your business card within the Wieland Group). Any consent issued may be revoked at any time. This also applies to revoking consents issued before the EU General Data Protection Regulation came into force, i.e. before 25 May 2018. Please note that this cancellation of consent has future effect. Data processing activities performed prior to the cancellation of the consent, are not affected. You may, at any time, contact us using the contact data set out above, to request information concerning the consents you have issued to us, and the personal data that has been processed.

e) When visiting our Facebook page
We are represented with our online presence on the social network Facebook in order to network with you, exchange information and inform you about news and interesting jobs in our company. This involves processing data outside the EU, which can make it more difficult to enforce data protection laws. The legal basis for the processing of visitor data when operating our Facebook website is Art. 6 Para. 1 lit. f). We have legitimate operational interests on the basis of the interests weighed in an optimization of content, troubleshooting, an attractive form of information and exchange with our visitors and the effective and secure operation of the necessary technologies. You can find out more about our joint responsibility for processing personal data and about OptOut in our separate data protection information for our Facebook page

f) For pictures taken on the occasion of our events

At our events, visitors' images in the form of photos and video recordings are created by our employees or by media partners commissioned by us on site.
We use the images to the usual extent for our public relations work and to present our activities in order to increase awareness and for information and documentation about the event in the context of our legitimate interest pursuant to Art. 6 Para. 1 lit. f) GDPR. We have a legitimate interest in exercising our communication rights pursuant to Art. 12 GG, Art. 19 para. 3 GG and, with regard to economic activity, pursuant to Art. 12 GG, Art. 19 para. 3 GG.
We can use all media such as print (offline), television and the Internet for publication. For this purpose, we use both our website and possibly special websites of the event itself or of a service provider carrying it out online. We also reserve the right to publish via the social media further listed here.
We do not use the image material produced for advertising or other commercial purposes of our own or those of third parties. A passing on takes place only to the reaching of the purpose specified above. In addition to the creator of the photographs, recipients are usually the image editor and those responsible for the media channel who are necessarily involved in the processing (marketing, PR, EDP department) as well as any recipients who participate in the further processing (e.g. print services), as contractors or contract processors.
We assume that the production and use of the recordings within the framework of the events does not encroach excessively on the rights and freedoms of natural persons. We therefore draw your attention to the production and use of photographic material prior to and during the event itself and ensure that no obvious legitimate interests of persons depicted are violated. We instruct our photographers not to take any distorting, inappropriate photographs and check this prior to publication. Should, however, the rights and freedoms of those affected be violated for reasons particularly worthy of consideration, we will refrain from further processing by means of appropriate measures. A disguising in already issued print media cannot take place. Within the scope of technical possibilities, deletion will take place on websites and in social media.
In addition, the persons depicted are entitled to the rights listed below [under 9].

 

3. Transfer of data

We only pass on your personal data to other persons responsible or co-responsible with us if you have given us your express consent to do so in accordance with Art. 6 para. 1 sentence 1 lit. a) DSGVO, insofar as this is required in accordance with Art. 6 para. 1 sentence 1 lit. b) DSGVO for the processing or initiation of contractual relationships with you or if there is a legal obligation to pass on such data in accordance with Art. 6 para. 1 sentence 1 lit. c) DSGVO. Furthermore, data may be disclosed in accordance with Art. 6 para. 1 sentence 1 lit. f) DSGVO if we or third parties have a predominantly legitimate interest in the disclosure, for example if this is necessary for the assertion, exercise or defence of legal claims and there is no reason to assume that you have a predominantly legitimate interest in not disclosing your data.

Internal

For the purposes stated in this data protection declaration, Wieland-Werke AG may transfer personal data within the Wieland-group of companies and pass them on to the respective national companies and subsidiaries. Some of our companies are located outside the EU or the European Economic Area (EEC). Wieland Werke AG is responsible for informing those affected of their rights within the framework of the applicable data protection laws. Inquiries and complaints regarding your personal data can therefore always be directed to Wieland Werke AG as the person responsible. The other companies within the Wieland Group, which also process personal data, cooperate with us and support us in responding to any enquiries or complaints.

External

We assign external service providers with various tasks such as maintenance, programming, analyses, data or platform hosting and hotline services, but also transport or shipping service providers. We have carefully selected these service providers and regularly monitor them, in particular their careful handling and safeguarding of the data stored with them. All service providers are obliged by us to maintain confidentiality and to comply with legal requirements as contract processors or jointly responsible persons.

Third-party countries

If we also provide personal information to recipients located outside the EEA in so-called third-party countries, we will ensure that the recipient has an adequate level of data protection through adequate safeguards or consent to the provision of personal information before providing such information.

4. Cookies

We use cookies (or “session cookies”) during your visit to individual pages of this website, in order to make it more user-friendly to visit our website. These cookies are small text files that are stored on your hard disk only for the duration of your visit to website, and which are erased once the browser is closed. Cookies do not harm your computer and do not retrieve any of the personal information stored on your hard disk. The data processed by cookies is necessary for specified purposes, in order to fulfil our legitimate interests and those of third parties in accordance with Art. 6 (1) 1st sentence point f) GDPR.

We use the following cookies for web controlling purposes:

  • last click (for session time-out, lifetime: one session)
  • session cookie (for session recognition, lifetime: one session)
  • evercookie (for detecting new/existing customers, lifetime: 60 months/5 years)


The majority of browsers accept cookies when configured as standard. However, you can configure your browser’s security settings to block cookies, or configure your browser to notify you when cookies are active. Of course, the data stored in our cookies will not be linked with your personal data (name, address, etc.).

If you do not want cookies to be stored on your computer, you will be asked to switch off the relevant option in your system’s settings. Cookies stored on your computer can erased using the system settings of the browser. Blocking cookies may lead to restrictions in the functions of this online site.

You may opt out of the use of cookies for reach measurement and promotional purposes via the deactivation page of the Network Advertising Initiative (optout.networkadvertising.org/) as well as the US website (www.aboutads.info/choices) or the European website (www.youronlinechoices.com/uk/your-ad-choices/).

5. Webtrekk.com tracking analysis tool

We use the services of the German company Webtrekk GmbH, in order to collect data concerning the use of our website and to correspondingly optimise our online service. The tracking measures we employ are carried out on the basis of Art. 6 (1) 1st sentence point f) GDPR. Webtrekk GmbH always takes care that the collection and processing of tracking data is performed in accordance with the latest standards for data protection and data security.

This also ensures that data is not transferred abroad. We use these tracking measures to design our website in line with users’ needs, and to continuously optimise it. The access data is recorded anonymously here, so that no link can be made to a particular user. This is performed particularly through the anonymisation of the IP address. Only authorised persons have access to this anonymised data. These interests are legitimate within the definition of the regulations set out here.

The collection and storage of data by Webtrekk can be objected to at any time with effect for the future. For this purpose, please click on the following link:

By confirming the link, a so-called opt-out cookie will be set on your data carrier. Please note that if you delete all cookies on your computer, this opt-out cookie will also be deleted, i.e. if you wish to continue to object to data collection by Webtrekk, you will have to set the opt-out cookie again. The opt-out cookie is set per browser and device. If you visit our website at home and at work or with different browsers, you must activate the opt-out cookie in the different browsers or on the different devices.

Analysis-Tool Google Analytics

If you have given your consent, we use Google Analytics for web analysis on our website. With the help of Google Analytics, we investigate the user behaviour of visitors to our website in pseudonymised and anonymised form.
You can allow or prevent the usage of Google Analytics at any time by clicking the following button at the end of this part.

Alternatively, you can also use Google's browser plug-in, which prevents data collection by Google Analytics: http://tools.google.com/dlpage/gaoptout?hl=en.

5.1 The purpose of data processing is to measure the success of our websites. As well as to measure the satisfaction of our visitors and (potential) customers by (usage-based) optimization of our web offer by measuring the usage of our web offer.

5.2 In the context of the use of Google Analytics the following data is processed:

Google Analytics HTTP data
This is protocol data that is technically generated when using the web analysis tool Google Analytics via the Hypertext Transfer Protocol (Secure) (HTTP(S)) used on the website: This includes IP address, type and version of your Internet browser, operating system used, the page called up, the previously visited page (referrer URL), date and time of the call.
Google Analytics end device data
Data generated by the web analysis tool Google Analytics and assigned to your end device: This includes a unique ID for (re-)recognizing returning visitors (so-called "client ID") as well as certain technical parameters for controlling the data collection for web analysis.
Google Analytics measurement data
Device-related raw data (so-called "dimensions" and "measured values"), which are collected and analysed by the web analysis tool Google Analytics when using our website: This includes, above all, information about the sources through which visitors reach our website, information about the location, the browser and the end device used, information about the use of the website (in particular page views, frequency of visits and time spent on accessed pages) as well as information about the fulfilment of certain objectives. The data is assigned to the client ID assigned to your terminal device. This results in device-related usage profiles in which all device-related raw data is combined into a client ID. The data that we collect using Google Analytics does not enable us to identify you personally (i.e. by your civil name). We also do not merge the device-related raw data and the resulting device-related usage profiles with data that directly identifies you personally without your consent.
Google Analytics report data
Data contained in aggregated segment- and device-related reports generated by Google Analytics based on the analysis of device-related raw data.

Google Analytics provides us with four categories of reports: Target group (location, browser, devices used and other device-related data), acquisition (sources through which visitors reach the website), behavior (information on the call of contents of the website, in particular pages called up on the website, visiting time, bounce rate).


5.3 The legal basis for the processing is your consent within the meaning of Article 6 paragraph 1 letter a DS-GVO.

5.4 The data is provided automatically by the user's browser.

5.5 The recipient of the data is Google Ireland Limited (Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland).

5.6 We use Google Analytics with the so-called IP anonymization. This means that the IP address transmitted by the browser for technical reasons is made anonymous by truncation (deletion of the last octet of the IPv4 address or the last 80 bits of the IPv6 address) prior to storage. We store the remaining protocol data for a period of 14 months.

5.7 The provision of data is not required by law or contract or necessary for the conclusion of a contract. There is no obligation of the data subject to provide the data. In the event that the data is not made available, we cannot carry out web analysis using Google Analytics.

5.8 There is no automated decision making.

6. Content and services from Google Maps and Google Fonts and other third parties

For our online site, we use third-party content and services on the basis of our legitimate interest within the definition of Art. 6 (1) point f) GDPR.

In our case, the third-party content or services are maps or fonts from Google that we include on our individual pages (third-party content). This is always conditional on the third-party providers knowing your IP address, as without it they could not be able to send their content to your browser. The IP address is therefore required in order to display such content. We make every effort to only use that content whereby the providers in question only use the IP address for the purpose of delivering the content. Third parties may use “pixel tags” (hidden graphics, also known as “web beacons”) for statistical or marketing purposes. These pixel tags can be used to evaluate information such as visitor traffic to pages on this website. The pseudonymous information may be stored in cookies on the user's device and may include, but is not limited to, technical information about the browser and operating system, referrer web pages, visit time, and other information regarding the use of our online site. Third-party providers and links to their privacy policies, which contain information on data processing, are listed here. Opt-out methods are available there.

Here are “Infochoices” providing you with transparency and options regarding your Google activities: www.google.com/policies/privacy/#infochoices

Google Fonts:

The contents are external fonts of Google Inc. that are incorporated into the website: www.google.com/fonts (“Google Fonts”). The integration of Google Fonts is carried out via a server request made to Google (usually in the USA). Your browser asks Google servers if there were any changes to the fonts or the CSS file. Privacy Policy: www.google.com/policies/privacy, Opt-Out: www.google.com/settings/ads/

Google Maps:

Google Maps: maps from “Google Maps” provided by the third-party provider Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy Policy: www.google.com/policies/privacy/
Opt-Out: www.google.com/settings/ads/

7. Social media plug-ins

Our website does not include any provider-based social plug-ins to social networks; we only offer links to our profile on Facebook, Xing, LinkedIn and Twitter.

8. Storage, erasure and blocking of data

We process and store personal data in accordance with the principles of data avoidance and data economy, meaning only for the period necessary to achieve the purpose of the storage (such as responding to inquiries, performing contracts) or insofar as prescribed by legal regulations to which our company was subject.

Once the purpose for storage no longer exists, or the applicable statutory storage period has expired, the personal data will be routinely blocked or erased in accordance with the statutory regulations. The storage duration criterion is the relevant statutory retention period.

9. Rights of the data subject

Every data subject has the right,

  • in accordance with Art. 15 GDPR, to obtain confirmation from us whether or not his personal data is being processed. In particular, you may request information about the purposes of the processing, the category of the personal data, the categories of recipients to whom your data is or has been disclosed, the planned storage period, the existence of a right of rectification, erasure, to object to or limit the processing of your data, the existence of a right to lodge a complaint, the origin of your data insofar as it was not collect-ed by us, about the existence of an automated decision-making process (including profiling) and any significant information regarding the details of this;
  • in accordance with Art. 16 GDPR, to request that any incorrect or incomplete personal data belonging to you and which is stored by us be rectified without delay;
  • in accordance with Art. 17 GDPR, to request that personal data belonging to you, and which is stored by us, be erased insofar as the processing of said data is not required for exercising the right to free expression of opinion and information, for fulfilling a legal requirement, and is not needed on the grounds of public interest or for the purposes of asserting, exercising or defending legal claims;
  • in accordance with Art. 18 GDPR, to request that the processing of your personal data be limited insofar as you dispute the correctness of the data or the processing of said data is unlawful, but you do not wish for the data to be erased; in this case, the data are no longer required by us but are needed by you for the purposes of asserting, exercising or defending legal claims or you have objected to the processing of said data in accordance with Art. 21 GDPR;
  • in accordance with Art. 20 GDPR, to request that your personal data provided to us be made available to you or another authorised party in a structured, standard and machinereadable format;
  • in accordance with Art. 7(3) GDPR, to revoke the consent that you previously provided to us, at any time. This means that in future we will not be permitted to continue processing the data based on this consent, and
  • to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR. For this purpose you can contact the supervisory authority - State Commissioner for Data Protection - for your usual place of residence or work, or that of our company's main office.

10. Right of objection pursuant to Art. 21 DSGVO


1. Right of objection in individual cases

For reasons arising from your particular situation, you have the right at any time to object to the processing of personal data concerning you on the basis of Article 6 para. 1 e DSGVO (data processing in the public interest) and Article 6 para. 1 f DSGVO (data processing on the basis of a weighing of interests); this also applies to profiling based on this provision within the meaning of Article 4 para. 4 DSGVO.

If you file an objection, we will no longer process your personal data unless we can prove compelling reasons for the processing worthy of protection which outweigh your interests, rights and freedoms, or if the processing serves the assertion, exercise or defence of legal claims.

2. Right of objection against the processing of data for advertising purposes

Insofar as we are entitled to do so, we process your personal data in individual cases in order to carry out direct advertising. You have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling, insofar as it is connected with such direct advertising. If you object to the processing for purposes of direct marketing, we will no longer process your personal data for these purposes.

The objection can be made in any form, preferably at datenschutz@wieland.com. However, you can also contact us in another way

11. Automated decision-making processes, including profiling

In principle we do not use any fully automated decisionmaking process according to Article 22 GDPR for the establishment and performance of business relationships with you. We will separately inform you if this is legally prescribed, and insofar as we use these processes in individual cases.

12. Profiling

We process customer data using a partially automated method, for the purpose of evaluating certain personal aspects (profiling). For example, we use this method in the following cases: statutory regulations mean we are duty bound to combat money laundering and fraud. In this context, data analyses are performed in the area of payment transactions; this is also for your protection. It is only possible to send targeted information to our customers and to provide them with targeted advice about our frequently highly technical applications, if we are able to use suitable analysis tools, which enable us to deliver needs-based and customer-friendly communications, information and advertising, including market and opinion surveys. We may use scoring procedures for assessing the creditworthiness of our customers. At this point, mathematical-statistical methods are employed to calculate a probability, which enables the risk of non-payment to be assessed. Apart from the business relationship history with the company to date, information is also obtained on the contractually-compliant repayment of previous loans, as well as reports for credit agencies.

13. Other data protection queries

If you are unable to find answers here to any other questions, comments or queries regarding your personal data you may have, please contact us at: datenschutz@wieland.com, or contact our Data Protection Officer.