The privacy policy of WiBa GmbH is based on the terminology used by the European legislator when issuing the General Data Protection Regulation (GDPR). Our privacy policy should be easy to read and understand for both the public and our customers and business partners. To ensure this, we would like to explain the terminology used in advance.
a) Personal data: Personal data are all information relating to an identified or identifiable natural person. This includes, for example, names, addresses, email addresses, and telephone numbers.
b) Data subject: A data subject is any identified or identifiable natural person whose personal data is processed by the controller responsible for processing.
c) Processing: Processing is any operation or set of operations performed on personal data, whether or not by automated means, such as collecting, recording, organizing, structuring, storing, adapting or altering, retrieving, consulting, using, disclosing by transmission, dissemination, or otherwise making available, aligning or combining, restricting, erasing, or destroying.
d) Restriction of processing: This is the marking of stored personal data with the aim of limiting its future processing.
e) Profiling: Profiling is any form of automated processing of personal data that consists of using those personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.
f) Pseudonymization: Pseudonymization is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately.
g) Controller or controller responsible for processing: The controller or controller responsible for processing is the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
h) Processor: A processor is a natural or legal person, public authority, agency, or other body that processes personal data on behalf of the controller.
i) Recipient: A recipient is a natural or legal person, public authority, agency, or another body, to which the personal data are disclosed.
j) Third party: Third parties are natural or legal persons, authorities, institutions, or other bodies that are not the data subject, controller, processor, or those persons authorized under the direct authority of the controller or processor.
k) Consent: Consent is any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which they, by a statement or by a clear affirmative action, signify agreement to the processing of personal data relating to them.
WiBa GmbH
Georgstraße 48
30159 Hannover
Germany
Phone: +49 511 59299120
Email: data-privacy@wiba-parts.com
3. Collection of General Data and Information
The website of WiBa GmbH collects a series of general data and information each time the website is accessed by a data subject or an automated system. This general data and information are stored in the server’s log files. Collected may be (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (so-called referrers), (4) the subpages, (5) the date and time of access, (6) an Internet Protocol address (IP address), (7) the Internet service provider of the accessing system, and (8) any other similar data and information that may be used in the event of attacks on our information technology systems.
When using these general data and information, WiBa GmbH does not draw any conclusions about the data subject. Rather, this information is needed to (1) deliver the content of our website correctly, (2) optimize the content of our website as well as its advertisement, (3) ensure the long-term viability of our information technology systems and website technology, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack. Therefore, WiBa GmbH analyzes anonymously collected data and information statistically, with the aim of increasing the data protection and data security of our enterprise, and to ensure an optimal level of protection for the personal data we process.
The website of WiBa GmbH contains information that enables quick electronic contact with our company, as well as direct communication with us, which also includes a general address of the so-called electronic mail (email address). If a data subject contacts the controller by email or via a contact form, the personal data transmitted by the data subject are automatically stored. Such personal data transmitted on a voluntary basis by a data subject to the controller are stored for the purpose of processing or contacting the data subject. There is no transfer of this personal data to third parties.
WiBa GmbH uses services from Salesforce.com, Inc. to process contact inquiries and for live chat. Access to the data by Salesforce.com, Inc. cannot be excluded, which is why an appropriate EU standard contract (adequate guarantee for data processing in countries outside the EU or the European Economic Area) has been concluded. The EU standard contractual clauses used can be accessed via the following URL: https://eur-lex.europa.eu/legal-content/de/TXT/?uri=CELEX%3A32021D0914.
The controller processes and stores personal data of the data subject only for the period necessary to achieve the purpose of storage or as far as this is granted by the European legislator or other legislators in laws or regulations to which the controller is subject.
If the storage purpose is not applicable or if a storage period prescribed by the European legislator or another competent legislator expires, the personal data are routinely blocked or deleted in accordance with legal requirements.
The controller has integrated components of the company Facebook on this website. Facebook is a social network.
A social network is an Internet-based social meeting place, an online community, that enables users to communicate with each other and interact in a virtual space. A social network can serve as a platform for the exchange of opinions and experiences, or enable the Internet community to provide personal or business information. Facebook allows social network users to create private profiles, upload photos, and network through friend requests.
With each call-up to one of the individual pages of this website, which is operated by the controller and into which a Facebook component (Facebook plug-in) was integrated, the web browser on the information technology system of the data subject is automatically prompted to download the display of the corresponding Facebook component. An overview of all Facebook plug-ins may be accessed under https://developers.facebook.com/docs/plugins/. During the course of this technical procedure, Facebook gains knowledge of what specific sub-page of our website was visited by the data subject.
If the data subject is logged in at the same time on Facebook, Facebook detects with every call-up to our website by the data subject—and for the entire duration of their stay on our Internet site—which specific sub-page of our Internet page was visited by the data subject. This information is collected through the Facebook component and associated with the respective Facebook account of the data subject. If the data subject clicks on one of the Facebook buttons integrated on our website, e.g., the “Like” button, or if the data subject submits a comment, then Facebook matches this information with the personal Facebook user account of the data subject and stores the personal data.
The controller has integrated the Google Analytics component (with the anonymizer function) on this website. Google Analytics is a web analytics service. Web analytics is the collection, gathering, and analysis of data about the behavior of visitors to websites. A web analysis service collects, among other things, data on which website a data subject has come from (the so-called referrer), which sub-pages were visited, or how often and for what duration a sub-page was viewed.
For web analytics via Google Analytics, the controller uses the application “_anonymizeIp()”. By means of this application, the IP address of the Internet connection of the data subject is abbreviated by Google and anonymized when accessing our websites from a Member State of the European Union or another Contracting State to the Agreement on the European Economic Area.
The controller has integrated components of YouTube on this website. YouTube is an Internet video portal that enables video publishers to set video clips and other users free of charge, which also provides free viewing, reviewing, and commenting on the content.
b) Right of Access: Each data subject shall have the right to obtain from the controller information about their stored personal data at any time and a copy of this information free of charge.
c) Right to Rectification: Each data subject shall have the right to obtain from the controller the rectification of inaccurate personal data concerning them without undue delay.
d) Right to Erasure (Right to Be Forgotten): Each data subject shall have the right to obtain from the controller the erasure of personal data concerning them without undue delay, provided that the grounds for this right under GDPR apply, and processing is not required.
e) Right to Restriction of Processing: Each data subject shall have the right to obtain from the controller a restriction of processing where one of the conditions set out under GDPR is met.
f) Right to Data Portability: Each data subject shall have the right to receive the personal data concerning them, which was provided to a controller, in a structured, commonly used, and machine-readable format.
g) Right to Object: Each data subject shall have the right to object, on grounds relating to their particular situation, at any time, to the processing of personal data concerning them.
h) Automated Individual Decision-Making, Including Profiling: Each data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them.With each call-up to one of the individual pages of this website, which is operated by the controller and into which a Facebook component (Facebook plug-in) was integrated, the web browser on the information technology system of the data subject is automatically prompted to download the display of the corresponding Facebook component. An overview of all Facebook plug-ins may be accessed under https://developers.facebook.com/docs/plugins/. During the course of this technical procedure, Facebook gains knowledge of what specific sub-page of our website was visited by the data subject.
10. Privacy Policies for Applicants
The controller collects and processes the personal data of applicants for the purpose of processing the application procedure. Application documents are retained for up to six months after the end of the application process and are then deleted unless there are statutory retention periods.
11. Privacy Policies for the Use of Cookies
The websites of WiBa GmbH use cookies. Cookies are text files that are stored on a computer system via an Internet browser. Many cookies contain a so-called cookie ID, a unique identifier for the cookie.
12. Changes to Our Privacy Policy
We reserve the right to occasionally adapt this privacy policy to ensure it always complies with current legal requirements or to implement changes to our services in the privacy policy.
Hannover, Oktober 2024