WEBER RESCUE Shop GmbH, Güglingen (hereinafter referred to as "WEBER") appreciates your visit to our website and your interest in our company and our products. We take the protection of your private data very seriously and want you to feel comfortable when visiting our website.
In principle, our website can be used without providing any personal data. Only if services and special functions of our company are to be used, the processing of personal data may become necessary. If there is no legal basis for the required processing of personal data, then we always obtain the consent of the data subject in advance.
The processing of personal data (e.g. first name, last name, address, e-mail address, or telephone number of a data subject) shall always be in line with the General Data Protection Regulation (GDPR), and in accordance with the country-specific data protection regulations applicable to us. In the following, we will inform you about the type, scope and purpose of the personal data we collect, use and process, and we will inform you of your rights as a data subject.
We have taken various technical and organizational measures to ensure the most complete protection of personal data processed through our website. However, data transmission via the Internet can never be 100% secure.
I. Important terms
1. Personal data
Personal data (sometimes also referred to as person-related data) is data that fundamentally enables the determination of your person (data subject). It does not matter whether the determination can be obtained on the basis of a single piece of information, this will rarely be the case. However, the more information and data are combined, the more precisely the person can be determined. Personal data includes in particular the name, address, age, e-mail address and telephone number of a person.
2. Data subject
A data subject is any identifiable person or natural person (e.g. companies, associations and organizations) whose personal data is processed by us.
Cookies are small files that contain a string of characters in which certain information has been stored openly or encrypted. Cookies are sent from the server to your computer and stored there. They are initially used to identify the computer from which a website has been accessed. If you log on to a website, cookies are used to communicate the logon to the server and to verify the authorization to access a page. Each cookie has an expiration date, after which it is no longer valid. However, this expiration date can be very long in the future. WEBER mainly uses session cookies on the homepage, which lose their validity after the browser is closed. Cookies allow the path of a user to be tracked across different pages of the homepage and also across different websites. With the help of cookies, communication between our server and your computer can be improved, making the use of a website more comfortable.
Cookies can come not only from the website operator, but also from third parties, for example, if there is advertising on the site. You have the option via your browser to display the cookies present on your computer, to delete the existing cookies or to set up the configuration so that not all or no cookies are stored. Please note that some functions (such as registration and the shopping cart) do not work or do not work properly if you disable the setting of cookies.
Pixels, web beacons, clear GIFs, or similar measures (collectively, "pixels") are small images placed on a web page or in an email. Since these images are usually completely transparent, you cannot see them, they do not affect the user experience as a result. When the web page or email is accessed, the associated image is also retrieved. This makes it possible, for example, to track which pages are called up and how often, and whether or when a newsletter is opened. Pixels are often used together with cookies. If you deactivate cookies in your browser, the pixel usually only counts how often a web page has been called up.
5. IP address
The Internet Protocol (IP) address is a unique number assigned to your computer. It is necessary for you to be able to move around on the Internet at all; all data packets that you need for surfing are sent to it. In Germany, the IP address is reassigned for most private connections every time the connection to the Internet provider is disconnected. This usually happens at least once a day. IP addresses also allow conclusions to be drawn about the country from which a PC is accessing a website.
The consent of a data subject is a voluntarily given expression of will in the form of a declaration or other clearly confirming action. It gives us to understand that the data subject has been informed by us about the certain use of personal data and agrees with the processing of the data concerning him or her by us.
II. Relevant legal basis
1. Basic data protection regulation (DSGVO)
2. Cooperation with processors and third parties
If, in the course of our processing, we disclose data to other persons and companies (processors or third parties), transmit it to them or otherwise grant them access to the data, this will only be done on the basis of legal permission (e.g. if a transfer of the data to third parties, such as to payment and shipping service providers, is necessary for the performance of the contract pursuant to Art. 6 (1) lit. b DSGVO), you have expressly consented, a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.). If we commission third parties with the processing of data on the basis of a so-called "order processing agreement", this is done on the basis of Art. 28 DSGVO.
3. Transfer to third countries
If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this happens in the context of the use of third-party services or disclosure, or transfer of data to third parties, this will only happen if it is done for the fulfillment of our (pre)contractual obligations, on the basis of your consent, due to a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or allow the processing of data in a third country only if the special requirements of Art. 44 et seq. DSGVO are met. I.e. the processing is carried out, for example, on the basis of special guarantees, such as the officially recognized determination of a level of data protection corresponding to the EU or compliance with officially recognized special contractual obligations (so-called "standard contractual clauses").
III. Collection and processing of personal data by WEBER
WEBER collects, stores and processes your personal data only if this is permitted by law or if you have given us your consent. If personal data are processed, this is necessarily done within the WEBER-HYDRAULIK Group (forwarding within the group of companies) in order to use the resources in the best possible way for a quick fulfillment of your request.
1. Collection of your data
We obtain data in two ways:
Data you provide to us:
Data we receive through your use of our services:
Some data accrue automatically and for technical reasons already when you visit our website. This includes the log data of the web server. Each time you access a page from our offer and each time you retrieve a file, access data about this process is stored in a log file on our server.
Each data record consists of:
- the page from which the new page or file was requested (referrer URL)
- the name of the requested file or page
- the date and time of the request, the success of the request and the server load at the time of the request
- the amount of data transferred
- the IP address assigned to you by your provider
- if you log in with a user account, also the login information for the corresponding web service.
The stored data is used on the basis of our legitimate interest within the meaning of Art. 6 para. 1 lit. f. DSGVO and evaluated exclusively anonymously for statistical purposes. Log file information is stored for security reasons (e.g. to clarify acts of abuse or fraud) for a maximum of 7 days and then deleted. Data whose further storage is required for evidentiary purposes is exempt from deletion until final clarification of the respective incident.
Google Adwords Conversion Tracking
We use the online advertising program "Google AdWords" and, as part of Google AdWords, conversion tracking. The cookie for conversion tracking is set when a user clicks on an ad placed by Google. Cookies are small text files that are stored on your computer system. These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognize that the user clicked on the ad and was redirected to this page. Each Google AdWords customer receives a different cookie. Cookies can therefore not be tracked across AdWords customers' websites. The information obtained using the conversion cookie is used to create conversion statistics for AdWords customers who have opted for conversion tracking. Customers learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive information that personally identifies users. If you do not wish to participate in the tracking, you can object to this use by easily deactivating the Google conversion tracking cookie via your internet browser under user settings. You will then not be included in the conversion tracking statistics. You can obtain further information about Google's data protection policy at the following Internet address: https://policies.google.com/privacy
WEBER uses so-called session cookies as part of the registration process in order to store your registration information for the duration of your visit to our website. These cookies lose their validity as soon as you close your browser.
Facebook, Twitter, YouTube, Instagram
In order to contact us via these platforms, you must register accordingly. For this purpose, the platform may collect, store and process personal data. WEBER has no influence on the type, scope and processing of this data. WEBER does not receive any personal data about you from the platforms that you have not actively released. You can find more information about data processing by Facebook here: http://en-us.facebook.com/about/privacy/
2. Processing of your data
The hosting services used by us serve to provide the following necessary services: Infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services, which we require for the purpose of operating this online offer. In this context, we, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta data and communication data of customers, interested parties and visitors of this online offer on the basis of our legitimate interests in an efficient and secure provision of this online offer pursuant to Art. 6 para. 1 lit. f DSGVO in conjunction with Art. 28 DSGVO. Art. 28 DSGVO (conclusion of order processing contract).
We process your data as part of the ordering process in our online store to enable you to select and order the selected products and services, as well as their payment and delivery, or execution. The processed data includes inventory data, communication data, contract data, payment data and the data subjects are our customers, prospective customers and other business partners. The processing is carried out for the purpose of providing contractual services in the context of operating an online store, billing, delivery and customer service. In this context, we use session cookies for the storage of the shopping cart content and the storage of the login status.
The processing is carried out on the basis of Art. 6 para. 1 lit. b (execution of order transactions) and c (legally required archiving) DSGVO. In this context, the information marked as required is necessary for the justification and fulfillment of the contract. We disclose the data to third parties only in the context of delivery, payment or in the context of legal permissions and obligations to legal advisors and authorities. The data is processed in third countries only if this is necessary for the fulfillment of the contract (e.g. at the request of the customer for delivery or payment).
For this purpose, we will create a customer account (account), in which you can view your orders. During the registration process, you will be provided with the required mandatory information. The user accounts are not public and cannot be indexed by search engines. If you cancel your customer account, your data with regard to the customer account will be deleted, subject to their retention is necessary for commercial or tax reasons in accordance with Art. 6 para. 1 lit. c DSGVO. Information in the customer account remains until its deletion with subsequent archiving in the event of a legal obligation. In the context of your registration and renewed logins as well as use of our online services, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests, as well as those of users in protection against abuse and other unauthorized use. In principle, this data is not passed on to third parties, unless it is necessary for the pursuit of our claims or there is a legal obligation to do so in accordance with Art. 6 Para. 1 lit. c DSGVO. The deletion takes place after the expiry of legal warranty and comparable obligations, the necessity of keeping the data is reviewed every year. In the case of legal archiving obligations, deletion takes place after their expiry (end of commercial law (6 years) and tax law (10 years) retention obligation).
Provision of contractual services
We process your inventory data (e.g., names and addresses as well as contact data of users), contract data (e.g., services used, names of contact persons, payment information) for the purpose of fulfilling our contractual obligations and services pursuant to Art. 6 para. 1 lit b. DSGVO. The entries marked as mandatory in online forms, are required for the conclusion of the contract.
We process usage data (e.g., the visited web pages of our online offer, interest in our products) and content data (e.g., entries in the contact form or user profile) for advertising purposes in a user profile, for example, to display product information to the user based on their previously used services. The deletion of the data takes place after the expiry of legal warranty and comparable obligations, the necessity of keeping the data is reviewed every three years. In the case of legal archiving obligations, the deletion takes place after their expiry. Information in any customer account remains until it is deleted.
We process your data in the context of administrative tasks as well as organization of our operations, financial accounting and compliance with legal obligations, such as archiving. In doing so, we process the same data that we process in the course of providing our contractual services. The processing bases are Art. 6 para. 1 lit. c. DSGVO, Art. 6 para. 1 lit. f. DSGVO. Customers, interested parties, business partners and website visitors are affected by the processing. The purpose and our interest in the processing lies in the administration, financial accounting, office organization, archiving of data, i.e. tasks that serve the maintenance of our business activities, performance of our tasks and provision of our services. The deletion of data with regard to contractual services and contractual communication corresponds to the data mentioned in these processing activities.
In this context, we disclose or transfer data to the tax authorities, consultants, such as tax advisors or auditors, as well as other fee offices and payment service providers. Furthermore, based on our business interests, we store information on suppliers, event organizers and other business partners, e.g. for the purpose of contacting them at a later date. This data, most of which is company-related, is generally stored permanently.
Analyses and market research
In order to operate our business economically and to be able to recognize market trends, customer and user wishes, we analyze the data we have on business transactions, contracts, inquiries, etc.. In doing so, we process inventory data, communication data, contract data, payment data, usage data, metadata on the basis of Art. 6 para. 1 lit. f. DSGVO, whereby the data subjects include customers, interested parties, business partners, visitors and users of the online offer.
The analyses are carried out for the purpose of business evaluations, marketing and market research. In doing so, we may take into account the profiles of registered users with details of, for example, their purchase transactions. The analyses serve us to increase the user-friendliness, the optimization of our offer and the business management. The analyses serve us alone and are not disclosed externally, unless they are anonymous analyses with aggregated values. If these analyses or profiles are personal, they will be deleted or anonymized upon termination of the user, otherwise after three years from the conclusion of the contract. Otherwise, the overall business analyses and general tendency analyses are created anonymously, if possible.
Deletion of data
The data processed by us will be deleted or restricted in its processing in accordance with Articles 17 and 18 DSGVO. Unless expressly stated within the scope of this data protection declaration, the data stored by us will be deleted as soon as they are no longer required for their intended purpose and the deletion does not conflict with any statutory retention obligations. If the data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted. I.e. the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law.
According to legal requirements in Germany, data is retained in particular for 6 years in accordance with Section 257 (1) of the German Commercial Code (commercial books, inventories, opening balances, annual financial statements, commercial letters, accounting vouchers, etc.) and for 10 years in accordance with Section 147 (1) of the German Fiscal Code (AO) (books, records, management reports, accounting vouchers, commercial and business letters, documents relevant for taxation, etc.). According to legal requirements in Austria, storage is carried out in particular for 7 years in accordance with Section 132 (1) BAO (accounting records, vouchers/invoices, accounts, receipts, business papers, statement of income and expenditure, etc.), for 22 years in connection with real estate and for 10 years for documents in connection with electronically provided services, telecommunications, radio and television services provided to non-entrepreneurs in EU member states and for which the One-Stop-Shop (OSS) is used.
IV. Individual services
In the following, you will find information on individual services that are made available to you on our homepage and in the context of which you provide us with personal data that we require for the provision of the services.
In order to use all the functions of our website, and especially to place orders in our online store, you can create a customer account (account). During registration, the required mandatory information will be provided and requested. All data entered will be stored and used by us for the purpose of using the offer. You can subsequently be informed by us with relevant information about your account and your orders placed by e-mail. If you delete your customer account, the data will be removed by us, subject to their retention is necessary for commercial or tax reasons in accordance with Art. 6 para. 1 lit. c DSGVO. You must take care of any backup of the data before deletion yourself.
Within the scope of registration as well as the use of your customer account, we store the IP address and the time of the respective action. The storage is based on our legitimate interest, as well as yours, in protection against abuse and unauthorized use. A transfer outside the WEBER group of companies does not take place in principle, unless it is necessary for the pursuit of our claims, or there is a legal obligation to do so in accordance with Art. 6 para. 1 lit c DSGVO. The IP addresses are anonymized or deleted after 14 days at the latest.
2. Contact forms
WEBER offers you extensive personal support. If you contact us via one of the contact forms, we collect (for processing according to Art. 6 para. 1 lit. b DSGVO) the title, your name and your e-mail address, so that we can answer your request quickly and individually. If you wish to be contacted by telephone, please also provide us with your telephone number. The data will only be used to answer your inquiry, they will not be used for a sales pitch or otherwise for advertising purposes. The information provided will be stored in our ticket system and deleted after one year. We will gladly provide you with information about your stored data.
3. Payment data
WEBER offers you a variety of different payment providers. In order to complete your payment, you must provide further personal data to the payment service you have selected. In principle, we do not store any of this data on our servers, it is stored directly by the respective provider. However, we transmit your SSL-encrypted order-relevant data to us in accordance with Art. 6 Para. 1 lit. b DSGVO for the execution of the payment.
When paying via PayPal, we pass on your payment data to PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal") as part of the payment processing. PayPal reserves the right to conduct a credit check for the payment methods credit card via PayPal, direct debit via PayPal or "purchase on account" via PayPal - if offered. PayPal uses the result of the credit check with regard to the statistical probability of non-payment for the purpose of deciding on the provision of the respective payment method. The credit report may contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, they have their basis in a scientifically recognized mathematical-statistical procedure. Among other things, address data is included in the calculation of the score values. Further information on data protection, including information on the credit agencies used, can be found in PayPal's data protection declaration: https://www.paypal.com/en/webapps/mpp/ua/privacy-full
In the case of credit card purchases, we pass on your payment data to Mollie B.V., Keizersgracht 126, 1015 CW Amsterdam, the Netherlands. For this purpose, your personal credit card details are entered and processed directly on the secure server of Mollie B.V. during the payment process. Further information on data protection, including information on the credit agencies used, can be found in Mollie's data protection declaration: https://www.mollie.com/en/privacy
The following payment methods are also processed by the payment service provider Mollie B.V.: SEPA direct debit, Sofortüberweisung, Appel Pay, EPS and Giropay. This means that the data you enter is even better protected and is only available to us in anonymized form. It may happen that, depending on the payment method, Mollie B.V. appears as the payee, but your purchase will always be completed with an appropriate reason for payment, which refers to the WEBER RESCUE Shop.
4. Ratings and comments
If you enter an article rating or a comment on our website, we ask you for your name (may also be a pseudonym or an abbreviation) to better identify your entry for other visitors. In addition, we also store your IP address for 14 days on the basis of our legitimate interest according to Art. 6 para. 1 lit. f DSGVO. This is done for our security in case someone publishes illegal content (insults, prohibited political comments, hate speech, etc.) in comments or ratings.
5. Availability information
If an item is currently not available, you have the option to be informed by e-mail as soon as the item is back in stock. For this service, we store your e-mail address and, if available, your name and customer number based on your consent pursuant to Art. 6 para. 1 lit. a DSGVO. To ensure that the e-mail address provided is really yours, it will only be stored after confirmation by you via double opt-in. As soon as you have been informed about the changed delivery status, your data will be deleted again.
6. Wish list and shopping cart
If you put items on your watch list or put them in the shopping cart, we store this data via session cookie, or if you are logged in in your customer account. This data is automatically deleted after the session expires, or after 30 days (in the case of storage in the customer account).
We use your personal data collected in the context of the newsletter registration (first and last name, title and e-mail) to provide you with personalized product and service offers (promotional information). By providing us with your name, you enable us to address you personally and to easily manage your data in our own newsletter system. The dispatch takes place exclusively after consent by you, or by a legal permission. If the contents of a newsletter are specifically described in the registration, these are decisive for the consent and are only supplemented with information about our services and us.
The registration takes place in a so-called double opt-in procedure: You will receive an e-mail after registration in which you will be asked to confirm your registration. This confirmation is necessary so that no one can register with other e-mail addresses. The registrations to the newsletter are logged in order to be able to prove the registration process according to the legal requirements. This includes the storage of the registration and confirmation time, as well as the IP address. Changes to your stored data are also logged. The dispatch of the newsletter and the associated performance measurement is based on the consent of the recipients in accordance with Art. 6 para. 1 lit. a, Art. 7 DSGVO in conjunction with § 7 para. 2 No. 3 UWG or on the basis of legal permission in accordance with § 7 para. 3 UWG. The logging of the registration process takes place on the basis of our legitimate interests pursuant to Art. 6 para. 1 lit. f DSGVO.
Furthermore, we are always striving to improve our offer. This also includes a statistical and anonymous evaluation of the sent newsletter, e.g. whether the communicated e-mail address can be reached, which newsletters are opened, which links within the newsletter are clicked and whether a response ((automatic) reply, error message, etc.) was generated. For this purpose, the newsletters contain a so-called "web beacon", i.e. a pixel-sized file that is retrieved from our server when the newsletter is opened, or if we use a shipping service provider, from their server. The data is collected and processed exclusively in the total number (no logs on individual users) by WEBER and companies affiliated with WEBER. The data will not be transmitted to other external/third companies.
The revocation of your consent (use of e-mail address, use of personal data) is possible at any time. You will find a link to cancel the newsletter at the end of each newsletter, or contact the following e-mail address firstname.lastname@example.org. We may store the unsubscribed email addresses for up to three years based on our legitimate interests before deleting them for newsletter sending purposes, in order to be able to prove consent formerly given. The processing of this data is limited to the purpose of a possible defense against claims. An individual deletion request is possible at any time, provided that the former existence of consent is confirmed at the same time.
8. Social media
10. Youtube videos
11. Services and contents of third parties
We use within our online offer on the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. DSGVO) to integrate content or services offered by third-party providers, such as videos or fonts (hereinafter uniformly referred to as "content"). This always requires that the third-party providers of this content are aware of the IP address of the user, since without the IP address they could not send the content to their browser. The IP address is thus required for the display of this content. We endeavor to use only such content whose respective providers use the IP address only for the delivery of the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. The "pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may contain, among other things, technical information about the browser and operating system, referring websites, time of visit and other information about the use of our online offer, as well as be combined with such information from other sources.
V. Your rights
You have the right to request confirmation as to whether data concerning you is being processed and to be informed about this data and to receive further information and a copy of the data in accordance with Art. 15 DSGVO. In addition, according to Art. 16 DSGVO, you have the right to request the completion of the data concerning you or the correction of incorrect data concerning you.
In accordance with Art. 17 of the GDPR, you have the right to demand that the data in question be deleted without delay, or alternatively, in accordance with Art. 18 of the GDPR, to demand that the processing of the data be restricted. In addition, you may request that the data concerning you that you have provided to us be received in accordance with Article 20 of the GDPR and to request its transfer to other data controllers.
You also have the right to lodge a complaint with the competent supervisory authority in accordance with Art. 77 DSGVO.
Right of withdrawal
You have the right to revoke given consents according to Art. 7 (3) DSGVO with effect for the future.
Right of objection
You may object to the future processing of data concerning you in accordance with Art. 21 DSGVO at any time. The objection can be made in particular against the processing for purposes of direct advertising.
VI. Information and contact
You retain control over all personal data that you provide to us online. Upon request, we will gladly inform you in writing and free of charge whether and which personal data we have stored. Here you can also request the deletion of your data stored with us, unless it is needed for the processing of contractual relations between you and us or we are obliged to store it for legal reasons.
WEBER RESCUE Shop GmbH
Heilbronner Str. 30