The data protection declaration of WIHAG Fahrzeugbausysteme GmbH is based on the terms used by the European Directives and Regulations legislator when issuing the General Data Protection Regulation (GDPR). Our data protection declaration is intended to be easy to read and understand for the public as well as for our customers and business partners. The owners of these web pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration. The use of our website is usually possible without providing personal data. Insofar as personal data (e.g. name, address or e-mail addresses) is collected on our web pages, this is always done, as far as possible, on a voluntary basis. This data will not be disclosed to third parties without your express consent. We would like to point out that data transmission on the Internet (e.g. communication by e-mail) can have security gaps. Complete protection of the data against access by third parties is not possible.
The responsible party within the meaning of the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and other provisions of a data protection nature is: WIHAG Fahrzeugbausysteme GmbH represented by the Corporate Directors, Herforder Str. 22, 33602 Bielefeld, Germany, Tel.: +49 (0)521 1455 0, e-mail: post(at)wihag.de, website: www.wihag.de.
The data protection officer of the person responsible for the processing is: SD-Con GmbH, Mr Thomas Schweppe, Pfarrgasse 25, 87600 Kaufbeuren, Germany, Tel.: +49 (0)8341 9966470, e-mail: info(at)sd-con.de.
Any data subject can contact our data protection officer in writing at any time with all questions and suggestions regarding data protection.
This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the browser address line changes from "http://" to "https://" and by the lock symbol in your browser line. If SSL encryption is activated, the data you transmit to us cannot be read by third parties.
On our web pages you will find contact forms in which you can enter personal data. The transmission of data is encrypted (see SSL encryption). The processing of the data is carried out in accordance with the section "Rights of the data subject".
You can subscribe to a newsletter on our web pages.
We use rapidmail for sending newsletters. The provider is rapidmail GmbH, Wentzingerstraße 21, 79106 Freiburg, Germany. Among other things, rapidmail is used to organize and analyze the dispatch of newsletters. The data you enter for the purpose of receiving the newsletter is stored on rapidmail's servers in Germany. If you do not want any analysis by rapidmail, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. For the purpose of analysis, the e-mails sent with rapidmail contain a tracking pixel, which connects to the rapidmail servers when the e-mail is opened. In this way, it can be determined whether a newsletter message has been opened. Furthermore, with the help of rapidmail, we can determine whether and which links in the newsletter message are clicked. All links in the e-mail are tracking links, with which your clicks can be counted.
Legal basis: The legal basis for data processing is Art. 6 para. 1 lit. a) GDPR.
Recipient: The recipient of the data is rapidmail GmbH.
Transmission to third countries: A transfer of data to third countries does not take place.
Duration: The data stored by us within the scope of your consent for the purpose of the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from our servers as well as from the servers of rapidmail after you unsubscribe from the newsletter. Data stored by us for other purposes (e.g. e-mail addresses for members) remain unaffected by this.
Revocation option: You have the option to revoke your consent to data processing with effect for the future at any time. The legality of the data processing operations already carried out remains unaffected by the revocation.
Further data protection information: For more details, please refer to rapidmail's data security information at: www.rapidmail.de/datensicherheit. For more information on the analysis functions of rapidmail, please refer to the following link: www.rapidmail.de/wissen-und-hilfe
The web pages sometimes use cookies. Cookies do not cause any damage to your computer and do not contain viruses. Cookies serve to make our offerings more user-friendly, more effective and safer. Cookies are small text files that are stored on your computer and saved by your browser. Most of the cookies we use are "session cookies". They are automatically deleted after the end of your visit. Other cookies remain stored on your system until you delete them. These cookies allow us to remember your browser the next time you visit. You can set your browser so that you are informed about the setting of cookies and only allow cookies in specific cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. When cookies are disabled, the functionality of this website may be restricted.
This website uses Google Maps; this is a map service provided by Google (Headquarters: Google LLC 1600 Amphitheatre Parkway Mountain View, CA 94043 USA). When using Google Maps, data on the use of the Maps functions by visitors to the websites is collected, processed and used. Data protection information can be found at:
https://policies.google.com/privacy?hl=en
Our website uses plugins from the YouTube site operated by Google. The operator of the pages is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
When you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited.
If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.
YouTube is used in the interest of an engaging presentation of our online offers. YouTube is used to present our online offers in an engaging manner. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
For more information on the handling of user data, please see YouTube's privacy policy at: www.google.de/intl/de/policies/privacy.
We refer to other company pages on social media on our website. If you visit one of our presences on social media (e.g. Facebook), you trigger a processing of your personal data during such a visit. In this case, we are jointly responsible with the operator of the respective social network for the data processing operations within the meaning of Art. 26 GDPR, provided that we actually make a joint decision with the operator of the social network about the data processing and we also have an influence on the data processing.
Please note that despite the joint responsibility according to Art. 26 GDPR with the operators of social networks, we do not have full influence on the data processing of the individual social networks. The corporate policy of the respective provider has a significant influence on our options. In the event of the assertion of data subject rights, we could only forward these requests to the operator of the social network.
We would like to point out that you use the Facebook site and its functions on your own responsibility. This applies in particular to the interactive functions (for example, commenting, sharing, rating). Facebook processes personal data about your account, your IP address as well as about the end devices you use; cookies are used for data collection.
Facebook describes in general terms what information it receives and how it is used in its data usage guidelines. There you will also find information on how to contact Facebook, the options for raising objections, and the settings options for advertisements. The data usage guidelines are available at the following link: de-de.facebook.com/about/privacy You can find Facebook's complete data guidelines here: de-de.facebook.com/full_data_use_policy
The information may be used by Facebook to provide us, as operators of the Facebook pages, with statistical information such as gender and age distribution about the use of the Facebook page. In addition, Facebook may show you further information or advertisements according to your preferences. Facebook provides more detailed information on this at the following link: de-de.facebook.com/help/pages/insights.
The data collected about you in this context is processed by Facebook Ltd. and may be transferred to countries outside the European Union.
If you are currently logged in to Facebook as a user, a cookie with your Facebook ID is stored on your system. This enables Facebook to track that you have visited this page and how you have used it. This also applies to all other Facebook pages. Via Facebook buttons embedded in websites, it is possible for Facebook to record your visits to these website pages and assign them to your Facebook profile. Based on this data, content or advertising can be offered tailored to you.
The provider of the pages automatically collects and stores information in server log files, which your browser automatically transmits to us. These are: browser type and browser version, operating system used, referrer URL, host name of the accessing computer, and time of the server request This data cannot be assigned to specific persons. This data is not merged with other data sources. We reserve the right to check this data retrospectively if we become aware of specific indications of illegal use.
The use of contact data published within the framework of the imprint obligation to send advertising and information materials not expressly requested is hereby prohibited. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails. Source: e-recht24.de
The data controller shall process and store personal data of the data subject only for the period necessary to achieve the purpose of storage or where provided for by the European Directives and Regulations legislator or other legislator in laws or regulations to which the data controller is subject. If the storage purpose ceases to apply or if a storage period prescribed by the European Directives and Regulations legislator or another competent legislator expires, the personal data will be routinely blocked or deleted in accordance with the statutory provisions.
(a) Right to confirmation: Every data subject has the right, granted by the European Directives and Regulations legislator, to obtain confirmation from the controller as to whether personal data concerning him or her are being processed. If a data subject wishes to exercise this right to obtain confirmation, he or she may, at any time, contact our Data Protection Officer or another employee of the controller.
b) Right of access: Any person concerned by the processing of personal data has the right granted by the European Directives and Regulations legislator to obtain at any time from the controller, free of charge, information about the personal data stored about him or her and a copy of that information. Furthermore, the European Directives and Regulations legislator has granted the data subject access to the following information:
– the processing purposes
– the categories of personal data that are processed
– the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular in the case of recipients in third countries or international organizations
– if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration
– the existence of a right to obtain the rectification or erasure of personal data concerning them or to obtain the restriction of processing by the controller or a right to object to such processing
– the existence of a right of appeal to a supervisory authority
– if the personal data are not collected from the data subject: All available information about the origin of the data
– the existence of automated decision-making, including profiling, pursuant to Article 22(1) and (4) of the GDPR and, at least in these cases, meaningful information about the logic involved and the scope and intended effects of such processing for the data subject.
Furthermore, the data subject shall have the right to obtain information as to whether personal data have been transferred to a third country or to an international organization. If this is the case, the data subject also has the right to obtain information about the appropriate safeguards in connection with the transfer. If a data subject wishes to exercise this right of access, he or she may, at any time, contact our data protection officer or another employee of the controller.
c) Right to rectification: Every person affected by the processing of personal data has the right granted by the European Directives and Regulations legislator to demand the immediate rectification of inaccurate personal data concerning him or her. Furthermore, the data subject has the right to request the completion of incomplete personal data - also by means of a supplementary declaration - taking into account the purposes of the processing. If a data subject wishes to exercise this right to rectify, he or she may, at any time, contact our data protection officer or another employee of the controller.
d) Right to erasure (right to be forgotten): Any person concerned by the processing of personal data has the right granted by the European Directives and Regulations legislator to require the controller to erase without delay personal data concerning him or her, where one of the following reasons applies and insofar as the processing is no longer necessary: the personal data were collected or otherwise processed for such purposes for which they are no longer necessary. The data subject revokes the consent on which the processing was based pursuant to Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR and there is no other legal basis for the processing. The data subject objects to the processing pursuant to Art. 21(1) GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Art. 21(2) GDPR. The personal data have been processed unlawfully. The erasure of the personal data is necessary for compliance with a legal obligation under Union or Member State law to which the controller is subject. The personal data has been collected in relation to information society services offered pursuant to Article 8(1) GDPR. If one of the aforementioned reasons applies, and a data subject wishes to arrange for the erasure of personal data stored by WIHAG GmbH, he or she may, at any time, contact our data protection officer or another employee of the controller. The data protection officer at WIHAG GmbH or another employee shall arrange for the deletion request to be complied with immediately. If the personal data have been made public by WIHAG GmbH and our enterprise as the controller is obliged to erase the personal data pursuant to Article 17 (1) of the GDPR, WIHAG GmbH shall, taking into account the available technology and the cost of implementation, implement reasonable measures, including those of a technical nature, to inform other data controllers which process the published personal data, that the data subject has requested from those other data controllers that all links to the personal data or copies or replications of the personal data be erased, unless the processing is necessary. The Data Protection Officer of WIHAG GmbH or another employee will arrange the necessary measures in individual cases.
e) Right to restriction of processing: Any person concerned by the processing of personal data has the right granted by the European Directives and Regulations legislator to request the controller to restrict processing where one of the following conditions is met: the accuracy of the personal data is contested by the data subject for a period enabling the controller to verify the accuracy of the personal data. The processing is unlawful, the data subject objects to the erasure of the personal data and requests instead the restriction of the use of the personal data. The controller no longer needs the personal data for the purposes of processing, but the data subject needs it for the assertion, exercise or defense of legal claims. The data subject has objected to the processing pursuant to Article 21 (1) of the GDPR and it is not yet clear whether the legitimate grounds of the controller override those of the data subject. If one of the aforementioned conditions is met, and a data subject wishes to request the restriction of personal data stored by WIHAG GmbH, he or she may, at any time, contact our Data Protection Officer or another employee of the controller. The data protection officer of WIHAG GmbH or another employee will arrange the restriction of the processing.
f) Right to object: Any person affected by the processing of personal data has the right granted by the European Directives and Regulations legislator to object at any time, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her which is carried out on the basis of Article 6(1)(e) or (f) of the GDPR. This also applies to profiling based on these provisions. WIHAG GmbH shall no longer process the personal data in the event of the objection, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or for the assertion, exercise or defense of legal claims. If WIHAG GmbH processes personal data for direct marketing purposes, the data subject shall have the right to object at any time to the processing of personal data for such marketing activities. This also applies to profiling insofar as it is associated with such direct marketing. If the data subject objects to WIHAG GmbH for processing for direct marketing purposes, WIHAG GmbH will no longer process the personal data for these purposes. In addition, the data subject has the right, on grounds relating to his or her particular situation, to object to processing of personal data concerning him or her which is carried out by WIHAG GmbH for scientific or historical research purposes, or for statistical purposes pursuant to Article 89(1) of the Data Protection Regulation ("GDPR"), unless such processing is necessary for the performance of a task carried out in the public interest. In order to exercise the right to object, the data subject may directly contact the data protection officer at WIHAG GmbH or another employee. The data subject is also free to exercise his/her right to object in connection with the use of information society services, notwithstanding Directive 2002/58/EC, by means of automated procedures using technical specifications.
g) Right to withdraw consent under data protection law: Any person affected by the processing of personal data has the right, granted by the European Directives and Regulations legislator, to withdraw consent to the processing of personal data at any time. If the data subject wishes to exercise the right to withdraw consent, he or she may, at any time, contact our Data Protection Officer or another employee of the controller.
You can submit your application documents online via our website.
The controller collects and processes the personal data of applicants for the purpose of handling the application procedure. The processing may also take place electronically. This is the case, in particular, when an applicant submits relevant application documents to the controller by electronic means, for example, by e-mail or via a web form located on the website. If the controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. Other legitimate interest in this sense is, for example, a duty to provide evidence in proceedings under the General Equal Treatment Act (AGG).
Article 6 I lit. a GDPR serves as the legal basis for our business for processing operations in which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, as is the case, for example, with processing operations that are necessary for the delivery of goods or the provision of another service or consideration, the processing is based on Article 6 I lit. b GDPR. The same applies to such processing operations that are necessary for the implementation of pre-contractual measures, for example in cases of inquiries about our products or services. If our company is subject to a legal obligation by which a processing of personal data becomes necessary, such as for the fulfillment of tax obligations, the processing is based on Art. 6 I lit. c GDPR. In rare cases, the processing of personal data might become necessary in order to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor were to be injured on our premises and as a result his or her name, age, health insurance data or other vital information had to be passed on to a doctor, hospital or other third party. Then the processing would be based on Art. 6 I lit. d GDPR. Finally, processing operations could be based on Art. 6 I lit. f GDPR. Processing operations that are not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary to protect a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the data subject are not overridden. Such processing operations are permitted to us in particular because they were specifically mentioned by the European legislator. In this respect, it took the view that a legitimate interest could be assumed if the data subject is a customer of the controller (recital 47 sentence 2 GDPR).
If the processing of personal data is based on Article 6 I lit. f GDPR, our legitimate interest is the performance of our business activities for the benefit of the well-being of all our employees and our shareholders.
The criterion for the duration of storage of personal data is the respective statutory retention period. After expiry of the period, the corresponding data is routinely deleted, provided that it is no longer required for the fulfillment or initiation of the contract.
We would like to inform you that the provision of personal data is partly required by law (e.g. tax regulations) or may also result from contractual regulations (e.g. information on the contractual partner). Sometimes, in order to conclude a contract, it may be necessary for a data subject to provide us with personal data that must subsequently be processed by us. For example, the data subject is obliged to provide us with personal data if our company concludes a contract with him or her. Failure to provide the personal data would mean that the contract with the data subject could not be concluded. Before providing personal data by the data subject, the data subject must contact our data protection officer. Our data protection officer will inform the data subject on a case-by-case basis whether the provision of the personal data is required by law or contract or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data, and what the consequences of not providing the personal data would be.
