Data collection on our website
Who is the controller responsible for data collection on this website?
Data processing on this website is done by the owner of the website. You can find their contact details in the legal notice on this website.
How we collect your data
For one thing, your data are collected when you communicate them to us. This may be data you enter in a contact form. Other data are collected automatically by our IT systems when you visit our website. These are mostly technical data (e.g., web browser, operating system or time of access to a page). The collection of these data happens automatically as soon as you enter our website.
How we use your data
Some of the data are collected to ensure the smooth running of the website. Other data can be used for analysing your user behaviour.
Your rights regarding your data
You have the right to obtain information about the source, recipient and purpose of your personal data stored by us at any time free of charge. You also have the right to obtain the rectification, blocking or erasure of these data. Regarding this and other questions concerning data protection, you can contact us at any time at the address given in the legal notice. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.
General and mandatory information
Information regarding the data controller
The controller for data processing on this website is:
Telefon: +49 (0) 4155 / 7188 0
Fax: +49 (0) 4155 / 7188 160
The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data (e.g., names, email addresses and the like).
Withdrawal of your consent to data processing
Many instances of data processing are possible only with your express consent. You can withdraw any consent already given at any time. You can do this by sending us an informal message by email. The withdrawal of consent shall not affect the lawfulness of data processing based on consent before its withdrawal.
Right to lodge a complaint with the competent supervisory authority
In the event of an infringement of data protection law, you have the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority for data protection matters is the state data protection commissioner of the federal state in which our business has its registered office. You can find a list of the data protection commissioners and their contact details by following this link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
Right to data portability
You have the right to receive the data which we process automatically based on your consent or in the performance of a contract or have them transmitted to a third party in a commonly used, machine-readable format. Where you request the direct transmission of the data to another controller, this will be done only where technically feasible.
SSL and / or TLS encryption
For security reasons and to protect confidential contents such as orders or queries which you send to us as owners of the site, this site uses SSL or TLS encryption. You can tell an encrypted connection by the fact that the address bar of your browser changes from ‘http://’ to ‘https://’ and by the lock symbol in your browser bar. When SSL or TLS encryption is active, the data you transmit to us cannot be read by third parties.
Access, blocking, erasure
Under applicable legal provisions, you have the right, at any time and free of charge, of access to your personal data stored by us and to information about their source and recipients and the purposes of the data processing and, where appropriate, a right to rectification, blocking or erasure of these data.
Regarding this and other questions concerning personal data, you can contact us at any time at the address given in the legal notice.
Data protection officer
We have designated a data protection officer for our business.
Philipp Herold, c/o Bodo Wascher Holding GmbH & Co. KG
Telephone: 0451/29 04 92 26
Data collection on our website
The legal bases of these transmissions are Article 6 (1) b and Article 6 (1) f of the General Data Protection Regulation (GDPR). Transmissions on the basis of Article 6 (1) f GDPR may take place only as far as this is necessary to preserve justified interests of our company or third parties and do not outweigh the interests or basic rights and basic freedoms of the person concerned that require that protection of personal data. The data exchange with CRIFBÜRGEL also serves to fulfil legal obligations regarding the performance of creditworthiness reviews of customers (Section 505a and 506 of the Bürgerliches Gesetzbuch (BGB) [German Civil Code]).
CRIFBÜRGEL processes the data received and also uses them for the purposes of profile building (scoring), in order to provide its contractual partners in the European Economic Area and Switzerland as well as other third countries, if applicable (provided an adequacy decision of the European Commission on these exists), with information including on the assessment of the creditworthiness of natural persons. More detailed information about the activity of CRIFBÜRGEL can be obtained from the CRIFBÜRGEL information sheet or can be viewed online at www.crifbuergel.de/en/privacy.
Server log files
The provider of the website automatically collects and stores information in server log files which are transmitted to us automatically by your browser. These include:
This data is not combined with other data sources. The basis for this data processing is point (b) of Art. 6(1) of the GDPR, which allows processing of data for the performance of a contract or in order to take steps prior to entering into a contract.
If you send us enquiries via a contact form, your information from the enquiry form including the contact details given there will be stored by us for the purpose of dealing with your enquiry and any further enquiries. We will not pass these data on to others without your consent. The processing of the data entered into the contact form is solely on the basis of your consent in accordance with point (a) of Art. 6(1) of the GDPR. You can withdraw this consent at any time. You can do this by sending us an informal message by email. The withdrawal of consent shall not affect the lawfulness of data processing based on consent before its withdrawal. The data entered into the contact form by you will remain with us until you request their erasure, withdraw your consent to their storage or the purpose for which the data were stored no longer applies (e.g., when your enquiry has been dealt with). Mandatory statutory provisions – particularly retention periods – remain unaffected.
Plugins and tools
Purpose and legal basis
Use of the service takes place on the basis of our justified interests, i.e. interest in platform-independent provision of content pursuant to Art. 6 (1) f. GDPR.
Google Double Click
We have integrated components of DoubleClick by Google on our website. DoubleClick is a brand of Google under which mainly special online marketing solutions are sold to advertising agencies and publishers. DoubleClick by Google transfers data onto the DoubleClick server both with each impression and with clicks or other activities.
Each of these data transfers triggers a cookie request to the browser of the person concerned. If the browser accepts this request, DoubleClick places a cookie in your browser. DoubleClick uses a cookie ID, which is required to execute the technical process. The cookie ID is required, for example, to highlight an advertisement in a browser. Additionally, by means of the cookie ID, DoubleClick can identify which advertisements have already been shown in a browser in order to avoid double placements. Further, the cookie ID allows DoubleClick to record conversions. Conversions are recorded, for example, when a user was previously shown a DoubleClick advertisement and this customer subsequently completes a purchase on the website of the advertiser with the same internet browser. A DoubleClick cookie contains no personal data; however, it may contain additional campaign identifiers. A campaign identifier serves to identify the campaigns that you were already in contact with on other websites. As part of this service, Google obtains knowledge of data that also help Google to create commission settlements. Among other things, Google can ascertain that you have clicked on certain links on our website. In this case, your data is transferred to the operator of Double Click, Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. More information and the applicable DoubleClick by Google data protection provisions can be found at https://www.google.com/intl/de/policies/.
Purpose and legal basis
Google Tag Manager
Our website uses Google Tag Manager. This service allows website tags to be managed using an interface. Google Tool Manager implements tags only. This means the following: no cookies are used and
Google is certified for the US–European ‘Privacy Shield’ data protection framework. This data protection framework is to ensure compliance with the data protection level applicable in the EU.
Google Web Fonts
To this end, your browser needs to connect to Google’s servers. In this way, Google is made aware that our website has been accessed from your IP address. Our use of Google Web Fonts is in the interest of a uniform and appealing presentation of our online services. This constitutes a legitimate interest within the meaning of point (f) of Art. 6(1) of the GDPR.
If your browser does not support web fonts, a standard font will be used by your computer.
General information on presence in social networks
In order to present our company in the best possible way and to communicate with you as a user, customer or interested party and inform you about the services we offer, we make use of presence in social networks.
You will find us on the following platforms and social networks
When social networks are used, data is processed outside the European Union (EU) and the European Economic Area (EEA). An equivalent data protection level to the one that exists in the EU cannot be guaranteed in all countries outside the EU.
In this connection, it can lead to risks for you as a user when the data transmitted to so-called third countries are processed with an inadequate data protection level.
This makes it difficult to assert known user rights. Additionally, it can occur that your data are not processed in your interests by the provider in the third country.
NOTE on the invalid privacy shield agreement:
Facebook Inc., based in the USA, as well as associated services (Instagram, etc.) had the “privacy shield” certification for the US-European data protection agreement. On the basis of the current decision of the ECJ, the agreement no longer guarantees sufficient proof of compliance with the level of protection required according to the EU General Data Protection Regulation.
In general, the processing purposes of the social networks deviate from ours. For instance, it mostly occurs that your data recorded in social networks are processed for the purposes of market research, advertising and the creation of user profiles for personalised advertising (e.g. Facebook, Google, Instagram, etc.).
To implement this, cookies are used that capture user behaviour and allow the formation of a user profile. In the case of Facebook, user profiles are also created of persons who do not hold a registered account on Facebook.
You will find a specific list of the processing purposes of the user data in the data protection notices of the respective providers. With the performance of corresponding settings in your user account, the profile formation can be restricted by you, at least to a degree. For information on the exact approach, please read the corresponding data protection notices of the respective provider.
If our Facebook page is accessed, Facebook will record, among other things, your IP address and other information that exists on your computer in the form of cookies. This information will be used to provide us, as the operator of the Facebook pages, with statistical information about how the Facebook page is used. Detailed information regarding this is provided by Facebook at the following link: http://de-de.facebook.com/help/pages/insights .
It is not possible for us to draw conclusions about individual users by means of the statistical information communicated. We use this information only for the purposes of being able to cater to the interests of our users and to improve our online presence continuously as well as to ensure the quality thereof.
We collect your data by means of our fanpage only in order to implement a possible provision for communication and interaction with us. In general, the information collected includes your name, message content, comment content as well as the profile information “publicly” provided by you.
The processing of your personal data for our above-mentioned purposes takes place on the basis of our justified business and communicative interest in offering an information and communication channel pursuant to Art. 6 (1) f) GDPR. Should you as the user have issued a consent to the processing of data towards the respective provider of the social network, the legal basis of the processing extends to Art. 6 (1) a), Art. 7 GDPR.
Due to the fact that the actual data processing is performed by the provider of the social network, our opportunities to access your data are limited. Only the provider of the social network is entitled to full access to your data. For this reason, only the provider can directly take and implement corresponding measures to fulfil your user rights (information request, erasure request, objection, etc.). Thus, corresponding rights are asserted most effectivelytowards the respective provider directly.
Should you nevertheless require assistance in this matter, you are welcome to contact us.
Rights of data subjects
With the Facebook “Page Controller Addendum”, the rights and obligations to be complied with together with Facebook are highlighted. You will find it at the following link: https://www.facebook.com/legal/terms/page_controller_addendum
In the event of a request for information, we will forward this to Facebook and we ask that you complete the corresponding contact form at https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Fhelp%2Fcontact%2F308592359910928.
Below you will find a detailed presentation of the respective data processing by the providers and their opt-outs via the corresponding links to the websites of the providers:
Bodo Wascher Holding GmbH & Co. KG uses the services of Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA for its web presence.
It is not conclusively and clearly indicated by Instagram, nor is it known to us, how Instagram uses the data from the visit to Instagram pages for its own purposes, to what extent activities on the Instagram page are assigned to individual users, for what period Instagram retains such data and whether data from a visit to the Instagram page will be forwarded to third parties. When accessing an Instagram page, the IP address assigned to your terminal will be transmitted to Instagram. According to Instagram, this IP address will be anonymised (in the case of “German” IP addresses) and erased after 90 days. Moreover, Instagram will store information about the terminals of its users (for example, as part of the “login notification”), which may allow Instagram to assign IP addresses to individual users.
If you, as the user, are currently logged into Instagram, your terminal contains a cookie with your Instagram ID. This enables Instagram to track that you have accessed this page and how you have used it. This also applies to all other Instagram pages. Instagram buttons embedded in websites enable Instagram to record your visits to these website pages and to assign them to your Instagram profile. Using this data, contents or advertising can be offered tailored to your needs.
You can avoid this by logging out of Instagram or disabling the “remain logged in” function, erasing the cookies on your device and closing and restarting your browser. In this way, any information allowing Instagram to directly identify you will be erased. You can use our Instagram page without your Instagram ID being disclosed. If you access interactive functions of the page (Like, Comment, Messages and others), you will see an Instagram login mask. Following your login, Instagram can identify you as a specific user again. Information on how you can manage or erase information existing about you can be found in the following Instagram help section.
Beyond this, we as the provider of the information service do not collect or process
any data from your use of our service.