Privacy Statement – Weißer + Grießhaber GmbH

Weißer + Grießhaber GmbH takes your legitimate data protection concerns very seriously and observes the provisions of the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG-new), the Telecommunications Telemedia Data Protection Act (TTDSG) and, if applicable, the provisions of other applicable data protection regulations.

Weißer + Grießhaber GmbH handles the data transmitted by you carefully and with due diligence. As far as data of any kind is collected, processed or used, this is always done within the scope of the applicable legal provisions or after obtaining explicit consent from you.

Protecting the individual’s privacy on the Internet is crucial to the future of Internet-based business models and the move toward a true Internet economy. Weißer + Grießhaber GmbH has created this privacy statement to demonstrate its firm commitment to the individual’s right to privacy. This policy outlines Weißer + Grießhaber GmbH's personal information handling practices for this website.

This Privacy Statement covers this website and all other sites that reference this Privacy Statement. Some Weißer + Grießhaber GmbH entities may have their own, possibly different, privacy statements. We encourage you to read the privacy statements of each of the websites you visit.

The controller according to Art. 4 Para. 7 of the General Data Protection Regulation (GDPR) is:

Weißer + Grießhaber GmbH
Waldstrasse 11
78087 Mönchweiler
Germany

District court: Freiburg i. Br. HRB 600860

VAT ID: DE 811 307 121

Phone: +49 7721 9487-0
Fax: +49 7721 9487-50
Email: information@weisser-griesshaber.de

You can contact Weißer + Grießhaber GmbH's data protection officer at:

Weißer + Grießhaber GmbH
Thomas Fletschinger
Email: dsb(at)weisser-griesshaber.de

 

Global Privacy Fundamentals

Our privacy practices reflect current global principles and standards on handling personal information. These principles include notice of data use, choice of data use, data access, data integrity, security, onward transfer, and enforcement/oversight. Weißer + Grießhaber GmbH abides by the EU General Data Protection Regulation (GDPR)

Consent

By using this website, you consent to the electronic collection and use of the information as described here. If Weißer + Grießhaber GmbH decides to make changes to this Privacy Statement, we will post the changes on this site so that you will always know what information we collect, and how we use it.

From time to time, as may be required by applicable law, we may also seek your explicit consent to process certain data and information collected on this website or volunteered by you.

Collection and Processing of Your Personal Data

To serve you better and understand your needs and interests, Weißer + Grießhaber GmbH collects, exports, and uses personal information with adequate notice and consent, along with required filings with data protection authorities, when applicable.

When you visit our website, we may record your IP address and use cookies and other Internet technologies (referred to below as "Automated Tools" and "Embedded Web Links") to gather general information about our visitors and their interests. The technologies used and the information collected are described in more detail below.

We may further collect and process any information and data that you volunteer to us, e.g. when you register for events, subscribe to newsletters, participate in online surveys, discussion groups or forums, or when you make purchases.

Use and Purpose of Collected Personal Data

The information Weißer + Grießhaber GmbH collects to understand your needs and interests helps Weißer + Grießhaber GmbH deliver an optimized and personalized experience. Weißer + Grießhaber GmbH will use such information only as described in this Privacy Statement. We will not subsequently change the way your personal data is used without your consent unless this is otherwise permitted by law.

We always process your personal data for a specific purpose.

In particular, we process your personal data for the following purposes:

  • To manage our relationship with you, e.g. through our databases, in which we collect data about you from our various sources in order to get an overview of the collaboration; also, to improve and individualize our understanding of your preferences and our communication with you;
  • To process your orders and deliver the products and services that you have ordered.
  • To implement tasks in preparation of or to perform existing contracts;
  • To evidence transactions and ensure transparency on transfers of value;
  • To provide you with appropriate and current information about research as well as our products and services;
  • To improve the quality of our products and services by adapting our offering to your specific needs;
  • To answer your requests and provide you with efficient support;
  • To manage communications and interactions with you;
  • To track our activities (e.g. measuring interactions or sales, number of appointments/calls, issues discussed, documents presented);
  • To invite you to events sponsored or used by us (e.g. speaker events, conferences);
  • To grant you access to our specified IT systems so that you can use certain services of Weißer + Grießhaber GmbH;
  • To manage our IT resources, including infrastructure management and business continuity;
  • To preserve the company’s economic interests and ensure compliance and reporting (such as complying with our policies and local legal requirements, tax and deductions, internally defined contribution caps, managing alleged cases of misconduct or fraud; conducting audits and defending litigation);
  • Archiving and record keeping;
  • To support recruitment inquiries;
  • Billing and invoicing; and
  • any other purposes imposed by law and authorities.
  • In certain cases, we are legally obliged to transfer certain data to the requesting government agency (institution or authority). The legal basis for the processing is Art. 6. Para. 1 (c) GDPR and Art. 24 Para. 2, No 1 of the German Federal Data Protection Act
  • In some cases, business partners require personal information from our customers. This is usually done for the purpose of order fulfillment (e.g. in case of complaints). This is expressly provided for by law. In this case, Weißer + Grießhaber GmbH remains responsible for the protection of your data – in addition, the processor may also be responsible. The service provider works strictly in accordance with our instructions, which Weißer + Grießhaber GmbH ensures by means of strict contractual regulations.
  • To fulfil legal obligations to record, document and report to the responsible authorities

IP Addresses

We use IP addresses to help diagnose problems, to administer our website, and to gather demographic information. We may also use IP addresses or other information you have shared on this website to determine which pages on our sites are being visited and topics that may be of interest so we can provide you with information about relevant products and services. As a matter of principle, Weißer + Grießhaber GmbH will aggregate such data only in an anonymous way and will not tie it to a particular individual unless he or she has given consent.

Weißer + Grießhaber GmbH will only gather information related to your visit to the Weißer + Grießhaber GmbH website. We do not track or collect personal information from your visits to websites of companies or entities outside the Weißer + Grießhaber GmbH group of companies.

Cookie tool: Contao Marketing Suite

We use the Contao Marketing Suite cookie tool on our website to obtain your consent to the storage of cookies. The provider is: numero2 - Agentur für digitales Marketing GbR, Torsten Materna and Benjamin Born, Mozartstraße 3, 67480 Edenkoben. For this purpose, the Contao Marketing Suite cookie tool sets cookies in your browser. These cookies are necessary to store your consent or refusal. This data is not transmitted to the provider of the Contao Marketing Suite. The cookies are automatically deleted after 7 days. You can also delete cookies yourself in your browser at any time. We use the Contao Marketing Suite cookie tool to obtain the legally required consent for the use of cookies. The legal basis is Art. 6 para. 1 lit. c GDPR

Cookies

a) We use cookies on our website(s). These are small files that your browser automatically creates and stores on your device (laptop, tablet, smartphone, etc.) when you visit our websites. Cookies cannot do damage to your computer and do not contain viruses, Trojans or any other malware. The information stored in the cookie pertains to the specific device used. This, however, does not give us direct knowledge of your identity. The use of cookies serves to make using our online services more pleasant for you. For example, we use what are known as session cookies to determine that you have already visited individual pages on our website. These are automatically deleted after leaving our website.

b) In addition, to further improve usability, we also use temporary cookies that are stored on your device for a specified period of time. If you visit our website again to use our services, we will automatically determine that you have already visited our website and what inputs and settings you have made in order to avoid having to re-enter them.

c) Furthermore, we use cookies to statistically record the use of our website and to analyze it for the purpose of optimizing our website offerings. These cookies enable us to automatically determine that you have visited our website before. You can find more information on this in the “Analysis tools” section.

d) The data processed by cookies are necessary for the purposes mentioned in order to safeguard our legitimate interests and the interests of third parties under Art. 6 Para.1 Sent. 1 (f) GDPR.

e) Most browsers accept cookies automatically. You can, however, configure your browser in such a way that no cookies are stored on your computer or that a notice is displayed before a new cookie is created. Disabling cookies completely, however, may mean that you will not be able to all the features on our website.

Email Addresses

If you choose to give us your email address or submit it through our contact form, we will communicate with you via email. We do not share your email address with third parties. You can opt out from receiving future emails from Weißer + Grießhaber GmbH at any time.

External Service Providers

We work with service providers that process certain data on our behalf. This is done exclusively in accordance with the applicable data protection laws. In particular, we have entered into commissioned data processing agreements with our service providers which satisfy the requirements of Art. 28 GDPR.

Data Transfer, Transfer to a Third Country

Your personal data will not be transferred to third parties for any purposes other than those set out below. We will only transfer your personal data to third parties if:

a) You have given your express consent in accordance with Art. 6 Para. 1 Sent. 1 (a) GDPR, Art. 26 Para. 2 German Federal Data Protection Act (BDSG),

b) The transfer is necessary in accordance with Art. 6 Para. 1 Sent. 1 (f) GDPR for the purpose of asserting, exercising or defending legal claims, and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data.

c) in the event that there is a legal obligation to transfer the data pursuant to Art. 6 Para. 1 Sent. 1 (c) GDPR and

d) this is legally permissible and necessary under Art. 6 Para. 1 Sent. 1 (b) GDPR, Art. 26 Para. 1 German Federal Data Protection Act (BDSG) for the execution of a contractual relationship with you or for pre-contractual measures at your request.

Transfer to a third country or an international organization is not intended and there is no automated decision making unless otherwise provided in this Privacy Statement.

Weißer + Grießhaber GmbH may also share such information with business partners, service providers, authorized third-party agents, or contractors in order to provide a requested service or transaction, including processing orders, providing customer support, or providing you with information on products and services that may be of interest to you.

We do not sell or rent your personal data to third parties for marketing purposes unless you have granted us permission to do so.

Weißer + Grießhaber GmbH may respond to subpoenas, court orders, or legal process by disclosing your personal data and other related information, if necessary. We also may choose to establish or exercise our legal rights or defend against legal claims.

Circumstances may arise where, whether for strategic or other business reasons, Weißer + Grießhaber GmbH decides to sell, buy, merge, or otherwise reorganize businesses. Such a transaction may involve, in accordance with applicable law, the disclosure of personal information to prospective or actual purchasers. It is Weißer + Grießhaber GmbH's practice to seek appropriate protection for information in these types of transactions.

We may collect and possibly share personal data and any other additional information available to us in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, or violations of Weißer + Grießhaber GmbH's terms of use, or as otherwise required by law.

 

Analysis Tools

The tracking measures listed below and used by us are carried out based on Art. 6 Para. 1 Sent. 1 (f) GDPR. With the tracking measures used, we want to ensure a needs-based design and the continuous optimization of our website. Furthermore, we use tracking measures to statistically record the use of our website and to analyze it for the purpose of optimizing our website offerings. These interests are considered legitimate within the meaning of the afore mentioned provision. For the respective data processing purposes and data categories, please refer to the corresponding tracking tools described in detail below.

 

 

Privacy Statement for the Use of YouTube Plug-Ins

Our website employs plug-ins provided by the Google-operated website YouTube. Operator of this site is: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, fax: +353 (1) 436 1001.

When you visit a site equipped with a YouTube plug-in, a connection is established to the YouTube servers. In the process, the YouTube server is informed which of our pages you have visited. If you are logged in to your YouTube account, you enable YouTube to associate your browsing behavior with your personal profile. You can prevent this by logging out of your YouTube account.

The use of YouTube takes place in the interest of an appealing presentation of our online services. This represents a legitimate interest in the sense of Art. 6 Para. 1 (f) GDPR. For more information on the handling of user data, please refer to YouTube's privacy policy at: https://www.google.com/analytics/terms/us.html, the data protection overview at: https://support.google.com/analytics/answer/6004245?hl=en, and the privacy statement at: https://policies.google.com/privacy?hl=en&gl=en.

If you do not wish to participate in the tracking process, you can disable the automatic setting of cookies in your browser settings. You can also choose to block only specific cookies for conversion tracking by modifying your browser settings so that cookies from the domain "googleadservices.com" are not allowed.

For further information and to view the Google privacy policy, click here and here .

Links to Other Sites

Our website may contain links to other sites. Weißer + Grießhaber GmbH is not responsible for the privacy practices or the content of other websites outside of Weißer + Grießhaber GmbH.

Data Retention

Weißer + Grießhaber GmbH will not retain your personal data longer than is necessary to fulfill the purposes for which it was collected or as required by applicable laws or regulations.

Applicant Privacy Notice

(1) We process applicant data only for the purpose and in the context of the application procedure in accordance with the legal requirements. The processing of the applicant data takes place in order to fulfil our (pre)contractual obligations within the scope of the application procedure pursuant to Art. 6 Para. 1 (b). GDPR, Art. 6 para. 1 (f) GDPR insofar as data processing becomes necessary for us, e.g. within the framework of legal proceedings (in Germany, Art. 26 of the German Federal Data Protection Act (BDSG) also applies).

(2) The application process requires that applicants provide us with their data. Necessary applicant data are personal details, postal and contact addresses and the documents accompanying the application, such as cover letter, curriculum vitae and certificates. In addition, applicants may voluntarily provide us with additional information.

(3) By submitting the application to Weißer + Grießhaber GmbH, applicants agree to the processing of their data for the purposes of the application process in accordance with the type and scope set out in this Privacy Statement.

(4) Insofar as special categories of personal data pursuant to Art. 9 Para. 1 GDPR are voluntarily disclosed in the application process, they are additionally processed in accordance with Art. 9 Para. 2 (b) GDPR (e.g. health data, e.g. severely disabled status or ethnic origin). Insofar as special categories of personal data pursuant to Art. 9 Para. 1 GDPR are requested from applicants in the application process, they are additionally processed in accordance with Art. 9 para. 2 lit. a GDPR (e.g. health data, if these are required for exercising the profession).

(5) Applicants can submit their applications through the online portal under Arbeiten bei W+G.

(6) The data provided by the applicants may be further processed by us in the event of a successful application for employment purposes. Otherwise, if the application for a job opening is not successful, the applicants' data will be deleted. Applicants' data will also be deleted if an application is withdrawn, which the applicants are entitled to at any time.

(7) The deletion is subject to a legitimate withdrawal by the applicant and carried after a six-month application period so that we can answer any follow-up questions regarding the application and meet our obligations under the Equal Treatment Act.
The data will be deleted from the applicant portal after two years.
If you have been accepted for a job in the application process, the data from the applicant data system will be transferred to our personnel information system and deleted 10 years after termination of employment.

Invoices for any reimbursement of travel expenses are archived in accordance with tax regulations.

 

Data Subject Rights

You have the right

a) in accordance with Art. 15 GDPR, to request information about your personal data processed by us. In particular, you may request information about the purposes of processing, the categories of personal data concerned, the categories of recipients to whom your personal data have been or will be disclosed, the planned storage period, the existence of the right to rectification, deletion, restriction or objection of processing of personal data, the right to lodge a complaint with a supervisory authority, the origin of your data where the personal data was not collected by us, and the existence of automated decision-making and, if applicable, meaningful information about the logic involved;

b) in accordance with Art. 16 GDPR, to demand without delay the correction of incorrect data or the completion of your personal data stored by us;

c) to request the deletion of your personal data stored with us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;

d) in accordance with Art. 18 GDPR to restrict the processing of your personal data if you dispute the accuracy of the data, if the processing is unlawful but you reject its deletion and we no longer need the data, but you need it to assert, exercise or defend legal claims, or if you have filed an objection to the processing in accordance with Art. 21 GDPR;

e) in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request its transfer to another person responsible;

f) in accordance with Art. 7 Para. 3 GDPR, to revoke your consent to us at any time. As a result, we will no longer be allowed to continue processing the data based on this consent in the future and

g) in accordance with Art. 77 GDPR, to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or of the registered office of our company.

The competent supervisory authority for data protection for Weißer + Grießhaber GmbH is:

Baden-Württemberg Supervisory Authority
Die Landesbeauftragte für Datenschutz und Informationsfreiheit Baden-Württemberg
[The State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia]

 

Postfach 10 29 32, 70025 Stuttgart
Urbanstr. 32, 70182 Stuttgart, Germany

 

Phone: 0711 615541 – 0

 

Fax: 0711 615541 – 15

 

Email: poststelle@lfd.bwl.de

 

http://www.baden-wuerttemberg.datenschutz.de

 

       

For the assertion of the afore mentioned rights as well as for questions regarding data protection, you can contact the person responsible or send an email to dsb(at)weisser-griesshaber.de.

Right to Object

If your personal data are processed on the basis of legitimate interests pursuant to Art. 6 Para. 1 Sent. 1 (f) GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided that there are reasons for this which arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which we will implement without specifying a particular situation. If you would like to exercise your right of withdrawal or objection, simply send an e-mail to dsb(at)weisser-griesshaber.de.

Data Security

a) While you visit our website, we use the common SSL procedure (Secure Socket Layer) with the highest possible encryption level supported by your browser. As a general rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we will resort to128-bit v3 technology instead. Whether an individual page of our website is transmitted in encrypted form is indicated by the display of the closed key/lock symbol in the lower status bar of your browser.

b) We also use appropriate technical and organizational security measures to protect your data against accidental or intentional tampering, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

Changes to This Privacy Statement

In the event of new developments such as changes to the applicable data privacy laws, we will, if necessary, update this privacy statement accordingly.

Last updated: April 1, 2024