Data protection declaration
1. General information
Data protection at a glance
Protecting your personal data is very important to Westiform. We treat your personal data as confidential and in accordance with the statutory data protection provisions and this data protection declaration.
When you use this website, various personal data is collected. Personal data is data through which you can be identified as an individual. This data protection declaration explains which data we collect and what we use it for. It also explains how and why we do this.
Data is processed on this website by the website operator; you can find its contact details in the further information under Clause 2.1 below.
We would like to point out that the transfer of data on the internet (e.g. when communicating by email) can present security risks. Complete protection of data from being accessed by third parties is not possible.
How do we record your data?
One way we collect your data is when you share it with us. Other data is automatically recorded by our IT systems when you visit the website. This is primarily technical data (e.g. internet browser, operating system or time the page was viewed). This data is recorded automatically, as soon as you use our website.
Information for customers and suppliers according to Art. 13/14 of the General Data Protection Regulation on data protection can be found here.
What do we use your data for?
Some data is collected in order to ensure that the website works properly. Other data may be used for analysing your user behaviour.
What rights do you have in relation to your data?
You have the right to receive information free of charge at any time on the origin, recipients and purpose of the personal data stored about you. You also have the right to demand that this data be rectified, blocked or deleted. You can contact us at any time regarding this or any other questions on the topic of data protection at the address given in the imprint. Furthermore you have the right to appeal to the appropriate supervisory authority.
Analysis tools and tools from third-party providers
By visiting our website your surfing behaviour can be statistically evaluated. This is primarily done using Cookies and so-called analysis programs. Analysis of your surfing behaviour is usually anonymous; the surfing behaviour cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools.
You can find more detailed information on this, especially on the options for objecting, in the following data protection declaration.
2. Mandatory information
2.1. Who is responsible for recording data on this website?
Data is processed on this website by the website operator:
Westiform Germany GmbH
Mr. Christian Dreser
Phone: +49 (0)781 489 0
Fax: +49 (0)781 489 99
2.2. Who can you contact if you have any questions regarding the protection of your personal data?
2.3 Data recording on our website
Server log files
When you visit the website , our IT systems or the provider of the pages, automatically collect and store information in so-called server log-files, which your browser automatically sends to us. These are:
- Browser type and browser version
- operating system used by the terminal of the visitor
- Name of the access provider used by the visitor
- Referrer URL (website from which the visitor reaches the Westiform website)
- Hostname of the accessing computer
- Date/time of the server request by the visitor
- IP address of the terminal of the visitor
This data will not be merged with other data sources.
The basis for data processing is Art. 6(1)(f) GDPR, which allows the processing of personal data on the basis of legitimate interest as long as none of the visitor’s interests outweigh this.
Westiform Germany GmbH in its role as the website operator has a legitimate interest in data processing for the purpose of
- quickly establishing connection to the website,
- making the website user-friendly,
- recognising and ensuring the security and stability of the systems and
- to make the administration of the website easier and improve it.
Processing is explicitly not carried out for the purpose of identifying you personally, but rather that of improving our advertising presence.
An IP address may be a form of personal data, because it is possible under particular circumstances to learn the identity of the owner of the internet connection being used. We will only use this possibility in order to prevent an attack on our web infrastructure, to identify the person responsible for an attack and/or to take legal measures against this person. In such cases, the processing (evaluation) of the IP address is justified on the basis of legitimate interests according to Art. 6(1)(f) GDPR (General Data Protection Regulation).
This data is regularly deleted after seven days, unless there is reason to believe that our system has been subject to an attack.
SSL or TLS encryption
For security reasons and to protect the transfer of confidential content, such as, for example, orders or enquiries which you send us as a site operator, this website uses SSL or TLS encryption. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to https://, and by the padlock symbol in your browser line.
If SSL or TLS encryption is activated, the data which you submit to us cannot be read by third parties.
Our website uses so-called Cookies in part. Cookies do not cause any damage to your computer and do not contain any viruses. Cookies are used to make our service more user-friendly, more effective and safer. Cookies are small text files which are placed on your computer and saved by your browser.
Most of the Cookies used by us are so-called “Session Cookies”. They are deleted automatically at the end of your visit. Other Cookies remain stored on your terminal until you delete them. These Cookies enable us to recognise your browser when you next visit us.
You can configure your browser to inform you when Cookies are placed and only to allow cookies in individual cases, to prevent Cookies from being accepted in particular cases or in general, or activate automatic deletion of Cookies when you close your browser. If Cookies are deactivated then this may limit the functionality of this website. Cookies which are required for the execution of electronic communications or for the provision of particular functions which you require (e.g. basket function) are stored on the basis of Art. 6(1)(f) GDPR (General Data Protection Regulation). The website operator has a legitimate interest in storing Cookies in order to provide its services in the very best way without technical problems. Where other Cookies are stored (e.g. Cookies to analyse your surfing behaviour), these are handled separately in the data protection declaration.
2.4 Social media
Links from the social networking site Facebook, provided by Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA, are integrated on our pages.
When you click the link, direct connection between your browser and the Facebook server is established. Facebook obtains the information that you have accessed on our website with your IP address. If you are logged into your Facebook account and click on the Facebook “Like” button on our pages, content from our pages can be linked to your Facebook profile. This allows Facebook to associate your visit to our website with your user account. We would like to point out that as the provider of these pages, we have no knowledge of the data transferred, or of its use by Facebook. For further information on this, please see the data protection declaration from Facebook at https://de-de.facebook.com/policy.php.
If you do not want Facebook to associate your visit to our website with your Facebook account, you must log out of Facebook before you visit our website.
Our website uses functions of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.
Whenever you click the LinkedIn link, a connection to LinkedIn servers is established. LinkedIn will be informed that you have visited our internet pages with your IP address.
If you click the LinkedIn “Recommend button” and are logged into your LinkedIn account, LinkedIn is able to allocate your visit to our site to you and your user account. We would like to point out that as the provider of this site, we have no knowledge of the data transferred, or of its use by LinkedIn. For further information on this, please see the data protection declaration from LinkedIn at https://www.linkedin.com/legal/privacy-policy.
Our website uses functions of the XING network. The provider is XING AG, Dammtorstrasse 29-32, 20354 Hamburg, Germany. Whenever you click the XING-link, a connection to XING servers is established. As far as we are aware, this does not involve personal data being saved. In particular no IP addresses are stored and neither is the user behaviour evaluated. For further information about data protection and the XING Share button please see XING’s data protection declaration at https://www.xing.com/app/share?op=data_protection.
2.5 Analysis tools and advertising
This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Ltd., Gordon House Barrow Street, Dublin 4, Ireland.
Google Analytics uses so-called "Cookies". These are text files which are stored on your computer and enable analysis of how you use the website. The information generated by the Cookie about your use of this website is usually transferred to a Google server in the USA and stored there. The Google Analytics Cookies are to be stored on the basis of Art. 6(1)(f) GDPR (General Data Protection Regulation). As the website operator we have a legitimate interest in the analysis of user behaviour, in order to optimise both our web service as well as our advertising.
We have enabled IP anonymisation on this website. This means your IP address will be truncated by Google within member states of the European Union or in other states which are party to the Agreement on the European Economic Area before it is transmitted to the USA. Your full IP address is only transferred to a Google server in the USA and truncated there in exceptional cases. The IP address provided by your browser within the framework of Google Analytics is not merged with other Google data. For exceptional cases where personal data is transferred to the USA, Google is subject to the US Privacy Shield, https://www.privacyshield.gov/eu-us-framework. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity and to provide other services relating to the use of the website and the internet to the website operator. The IP address provided by your browser within the framework of Google Analytics is not merged with other Google data.
When you visit our website, the following data, among others, is collected:
- the pages you call up
- achievement of "website goals" (conversions, e.g. newsletter registrations, downloads)
- your user behaviour
- your approximate location (region)
- your IP address (in abbreviated form)
- technical information on your browser and the terminal devices you use (e.g. language settings, screen resolution)
- your internet provider
- the referrer URL (the website through which you came to this website)
Purpose of processing
Google uses this information on behalf of the operator of this website to evaluate your (pseudonymous) use of the website and to compile reports on website activities. The reports provided by Google Analytics serve to analyse the performance of our website.
The recipient of the data is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland as processor. We have concluded a contract with Google to this end. Google LLC, based in California, USA, and, where applicable, US authorities may have access to the data stored by Google.
Transfer to third countries
Transfer of data to the USA cannot be excluded.
The data sent by us and linked to cookies is deleted automatically after 14 months. Data whose retention period has been reached is deleted automatically once a month.
You may prevent the storage of cookies by adjusting your browser software settings accordingly; however, we would like to point out that if you do this, you may not be able to use all the functions of this website to their full extent. You can also prevent the collection of the data generated by the cookie and related to your use of the website (including your IP address) by Google as well as the processing of this data by Google by downloading and installing the browser plugin available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de.
Objection to data collection by Google Analytics
Demographic characteristics with Google Analytics
This website uses the “demographic characteristics” function from Google Analytics. Using this, reports can be created which contain information on the age, sex and interests of the site visitor. This data comes from interest-based advertising from as well as visitor data from third party providers. This data cannot be traced back to a specific individual. You can deactivate this function at any time using the display settings in your Google account or prevent your data being recorded by Google Analytics in general as described under “Objection to data collection”.
2.6 Plugins and Tools
This page uses Google Maps via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
In order for you to use the functions of Google Maps, your IP address must be stored. This information is usually transferred to a Google server in the USA and stored there. The provider of this page has no influence on this data transfer.We use Google Maps in the interests of presenting our online services in an appealing way and making it easy to find the locations displayed on our website. This represents a legitimate interest in the sense of Art. 6(1)(f) GDPR (General Data Protection Regulation).
For more information on handling user data, please see Google’s data protection declaration at https://www.google.de/intl/de/policies/privacy/.
2.7 Which rights do you have as a data subject?
You have the following rights with respect to us in relation to your personal data:
Revocation of your consent to data processing
Many data processing operations are only possible with your explicit consent. You can withdraw your previously-given consent at any time. To do this you just need to send an information e-mail to us. The revocation will not affect the legality of the data processing which took place before it.
Right to appeal to the responsible supervisory authority
In the event of breaches of data protection law, the data subject has the right to appeal to a data protection supervisory authority. A list of state data protection officers and their contact details can be found at the following link at https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
Information, blocking, deletion
The applicable legal provisions give you the right to receive information at any time regarding the personal data stored on you, their origin and recipients and the purpose of data processing and where applicable a right to correction, blocking or deletion of this data. You can contact us at any time regarding this or any other questions on the topic of personal data at the address given in the imprint.
Right to data portability
You have the right to have data which we subject to automated processing based on your consent or to fulfil a contract issued to you or a third party in a common, machine-readable format. If you request that data be transferred directly to another controller, this will only be done where it is technically feasible.
Right to objection
You have the right to object to the processing of your personal data at any time for reasons arising from your particular situation, provided that we are basing our processing on a balancing of interests according to Art. 6(1)(f) GDPR (General Data Protection Regulation).
2.8 Version and updating of this data protection declaration
This data protection declaration is the version of 01 August 2020. We reserve the right to update the data protection declaration at any time in order to improve data protection and/or adapt it to new administrative practice or case law.