1. Data privacy at a glance

General information

The following information presents a simple overview of what happens to your personal data when you visit this website. Personal data are defined as all data which enable you to be personally identified. Detailed information on the topic of data protection can be found in our Privacy Statement below.

Data collection on this website

Who is responsible for collecting data on this website?

Data on this website is processed by the website operator. The website operator’s contact data can be found in the section on “Information on the Controller” in this Privacy Statement.

How do we collect your data?

On the one hand, your data are collected because you provide us with them. This may be data you have entered into a contact form, for instance.

On the other, data are automatically recorded by our IT system when you visit the website and after your consent has been obtained. Such data include technical data above all (e.g. Internet browser, operating system or the time when the website is accessed). They are collected automatically as soon you access the website.

What do we use your data for?

Part of the data is collected to ensure the smooth availability of the website and other data for the purpose of analysing how to use the website.

What rights do you have in respect of your data?

You have the right at any time to obtain information free of charge about the origin, recipient and purpose of storing your personal data. Moreover, you have the right to have these data corrected or erased. When you have given your consent to data processing you can revoke this consent at any time for the future. In addition, under certain circumstances, you have the right to request that the processing of your personal data be restricted. Furthermore, you have the right to lodge complaints with the respective supervisory authority.

If you have questions about this topic or any other issue, you can contact us at any time.

Analytics tools and tools of third party providers

When you visit this website, your surfing behaviour may be statistically analysed first and foremost by analytics programs.

You can find detailed information on these analytics programs in the following Privacy Statement.

2. Hosting

Strato

Our website site is hosted by Strato. The provider is Strato AG, Pascalstraße 10, 10587 Berlin (hereinafter: “Strato”). When you visit our website, Strato records various log files, including your IP addresses.

For more information, please see Strato’s privacy statement: https://www.strato.de/datenschutz/.

The use of Strato is based on Art. 6 (1) (f) GDPR. We have a legitimate interest in having as reliable a presentation of our website as possible. Inasmuch as consent is requested, processing takes place exclusively on the basis of Art. 6 (1a) GDPR; consent can be revoked as any time.

Processing arrangement

We have concluded a processing agreement with the aforementioned provider. This is an agreement prescribed by data protection law. It ensures that the personal data of visitors to our website are only processed in accordance with our instructions and in compliance with GDPR.

3. General information and required information

Data protection

The operator of these pages takes the protection of your personal data very seriously. We keep your personal data confidential, in accordance with the law on data protection as well as this Privacy Statement.

When you use this website, various personal data are collected. Personal data are data with which you can be personally identified. This Privacy Statement explains which data we collect and what we use them for. It also explains how and for what purpose this is done.

We make reference to the fact that data transmission via the Internet (e.g. communicating via email) may be subject to security vulnerabilities. Absolute protection of data against accessing by third parties is not possible.

Information on the Controller

The Controller responsible for data processing on this website is:

Würfel Holding GmbH
Am Leuchtturm 10
27568 Bremerhaven

Telephone: +49 (0)471/ 9795-0
email: wuerfel@wuerfel.com

The Controller is a natural person or legal entity who decides, either alone or together with others, on the purpose and means of processing personal data (e.g. names, email addresses and similar).

Retention period

Insofar as no more specific retention periods are referenced in this Privacy Statement, your personal data will remain with us until the purpose of processing the data no longer applies. If you make a legitimate request for deletion or revoke your consent to data processing, your data will be deleted provided that we have no other legally permissible reasons for storing your personal data (e.g. record retention periods in accordance with fiscal and commercial law); in the latter case, deletion will take place when these reasons no longer apply.

Data Protection Officer

We have appointed a Data Protection Officer for our company.

Wirtschaftskontor Weinert
WKW Beratungsgesellschaft mbH
Beim Wendentor

18055 Rostock

Telephone: +49 (0)381/ 817082 298
email: a.weinert@wirtschaftskontor-weinert.de

Note on transmitting data to the USA and other non-EU countries

We also use tools from companies domiciled in the USA or in other non-EU countries natural which are unsafe under data protection law. When these tools are active, your personal data may be transmitted to these non-member countries and processed there. We make reference to the fact that a data protection level comparable with that of the EU cannot be guaranteed in these countries. For instance, US companies are required to relinquish personal data to the security authorities without you as the data subject being able to take legal action to prevent this. The possibility of US authorities (e.g. the Secret Service), processing, analysing and permanently storing your data on US servers cannot be excluded. We have no possibility of influencing these processing activities.

Revoking your consent to data processing

Many data processing operations are only possible with your explicit consent. You can revoke your consent at any time. The legitimacy of data processing performed until revocation remains unaffected by such revocation.

Right to object to the collection of data in special cases, as well as against direct marketing (Art. 21 GDPR)

IF DATA PROCESSING IS CARRIED OUT BASED ON ART. 6 (1) (E) OR (F) GDPR, YOU HAVE THE RIGHT TO LODGE A COMPLAINT AGAINST THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. PLEASE SEE THE INFORMATION IN THIS PRIVACY STATEMENT ON THE RESPECTIVE LEGAL BASIS WHICH SUPPORTS PROCESSING. IF YOU FILE AN OBJECTION, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE HAVE PROOF OF COMPELLING LEGITIMATE GROUNDS FOR PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS, OR IF PROCESSING SERVES THE ESTABLISHMENT, EXERCISING OR DEFENCE OF LEGAL CLAIMS (OBJECTION ACCORDING TO ART. 21 (1) GDPR).

IF YOUR PERSONAL DATA ARE PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA FOR SUCH MARKETING; THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER THEN BE USED FOR DIRECT MARKETING PURPOSES (OBJECTION PURSUANT TO ART. 21 (2) GDPR).

Right to lodge a complaint with the respective supervisory authority

In the event of breaches against the GDPR, data subjects have the right to lodge a complaint with the respective supervisory authority, in particular in the member state of their habitual residence, their place of work or the place of the alleged infringement. The right to object applies without prejudice to any administrative or judicial redress.

Right to data portability

You have the right to have the data which we process automatically on the basis of your consent or for the purpose of fulfilling a contract transmitted to yourself or to a third party in a machine-readable format. Insofar as you request the direct transmission of data to another controller, transmission will be carried out to the extent that this is technically possible.

SSL/TLS encryption

For reasons of security and to protect the transmission of confidential content, such as orders or enquiries which you send us as the webpage operator, this page uses SSL/TLS encryption. You can identify an encrypted connection from the address line of your browser is switching from “http://” to “https://” and from the padlock symbol in your browser line.

If the SSL/TLS encryption is activated, data which you transfer to us cannot be read by third parties.

Information, erasure and correction

Under the applicable legal provisions, you have the right at any time to request information about your stored personal data, its origin and the recipients and the purpose of data processing and the right to correction or erasure of these data. If you have any further questions about the topic of personal data, you can contact us at any time.

Right to restriction of processing

You have the right to request that the processing of your personal data be restricted. You can contact us at any time for this purpose. The right to obtain restriction on processing applies in the following cases:

• If you contest the accuracy of the personal data we generally need time to verify this. During the period when verification is being carried out, you have the right to obtain restriction on the processing of your personal data.
• If the processing of your personal data was/is unlawful, you may request that, instead of the erasure of your data, their processing is restricted.
• If we no longer need your personal data for the purposes of the processing, but you require them for the establishment, exercise or defence of legal claims, you have the right to request that, instead of the erasure of your data, their processing is restricted.
• If you have objected to processing pursuant to Article 21 (1) your interests and ours must be weighed up. For the period pending the decision on whose interests override, you have the right to request that, instead of the erasure of your data, their processing is restricted.

If you have placed restrictions on the processing of your personal data, these data – apart from their storage – may only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.

4. Data collection on this website

Cookies

Our Internet pages use what are known as “cookies”. Cookies are small text files, and do not cause any damage on your device. They are either stored temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device. Session cookies are automatically deleted when you leave our website. Permanent cookies remain stored on your device until you yourself delete them or automatic deletion is carried out by your web browser.

Cookies can also partly be stored by third-party enterprises on your device when you visit our webpage (third-party cookies). These cookies enable us or you to use certain services of the third-party enterprise (e.g. cookies for handling payment services).

Cookies have various functions. Numerous cookies are technically necessary as certain website functions would not work without them (e.g. shopping cart functions or the display of videos). Other cookies serve the purpose of analysing user behaviour or displaying adverts.

Cookies necessary for performing the electronic communication process (essential cookies) or for providing the specific functions you require (functional cookies, e.g. for the basket function) or for optimising the website (e.g. cookies for measuring web traffic) are stored on the basis of Art. 6 (1) (f) GDPR if no other legal basis is referenced. The website operator has a legitimate interest in storing cookies to ensure the technically smooth and optimised provision of its services. Insofar as consent for the storage of cookies is requested, the relevant cookies will be stored exclusively on the basis of this consent (Art. 6 (1) (a) GDPR); the consent can be revoked at any time.

You can set your browser so that you are informed about cookies being placed on your device and only allow cookies in the individual case, generally exclude the acceptance of cookies for certain cases, or activate the automatic deleting of cookies when the browser is closed. If cookies are deactivated, the functionality of this website may be limited.

In as much as cookies are used by third-party enterprises or for the purpose of analyses, we will inform you separately in the context of this Privacy Statement and, if appropriate, ask for your consent.

Consent to Borlabs Cookie

Our website uses Borlabs cookie consent technology in order to obtain and document your consent to the storage of certain cookies in your browser or for the use of certain technologies, and to document this in compliance with data protection regulations. Provider of this technology is Borlabs – Benjamin A. Bornschein, Rübenkamp 32, 22305 Hamburg (hereinafter: Borlabs).

When you visit our website, a Borlabs cookie is saved in your browser which is used to store your declarations of consent or revocation of such declarations of consent. These data are not relayed to the provider of Borlabs Cookie.

The data recorded are stored until you request us to delete them or the Borlabs cookie deletes itself, or if the purpose for storing the data no longer applies. Mandatory legal provisions remain unaffected. More information on data processing by Borlabs Cookie can be found at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/.

The Borlabs cookie consent technology is used to obtain the legally prescribed declarations of consent for the use of cookies. The legal basis for this activity is (Art. 6 (1) (c) GDPR

Server log files

The provider of the pages automatically collects and stores information in what are known as server log files which your browser automatically transfers to us. This includes:

• Browser type and browser version
• Operating system in use
• Referrer URL
• Host name of the accessing computer
• Time of the server query
• IP address

Combining these data with other data sources does not take place.

These data are collected on the basis of Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in the technically smooth display and optimisation of its website. Server log files must be collected for this purpose.

Contact form

If you send us enquiries using our contact form, the information you provide in the form, including the contact data you indicate in it, are used for the purpose of processing the enquiry and, in the event of subsequent questions, stored by us. We do not pass on these data without your consent.

Processing these data is carried out on the basis of Art. 6 (1) (b) GDPR if your enquiry concerns the fulfilment of a contract or is necessary for carrying out measures prior to entering into a contract. In all other cases, processing is based on our legitimate interest in the effective processing of enquiries addressed to us (Art. 6 (1) (f) GDPR) or on your consent (Art. 6 (1) (a) GDPR) if this consent was requested.

The data you provide in the contact form remains with us until you request us to erase them, revoke your consent to the storage, or the purpose of data storage no longer applies (e.g. once the processing of your enquiry has been completed). Mandatory legal provisions – in particular, retention periods – remain unaffected.

Enquiry via email, telephone or telefax

If you contact us via email, telephone or telefax, your enquiry, including all personal data (name, enquiry) arising from this contact is stored with us and processed for the purpose of handling your request. We do not pass on these data without your consent.

Processing these data is carried out on the basis of Art. 6 (1) (b) GDPR if your enquiry concerns the fulfilment of a contract or is necessary for carrying out measures prior to entering into a contract. In all other cases, processing is based on our legitimate interest in the effective processing of enquiries addressed to us (Art. 6 (1) (f) GDPR) or on your consent (Art. 6 (1) (a) GDPR) if this consent was requested.

The data you send to us in contact enquiries remain with us until you request us to erase them, revoke your consent, or the purpose for storing the data longer applies (e.g. upon completion of processing your request). Mandatory legal provisions – in particular, legal retention periods – remain unaffected.

5. Analytics tools and advertising

Google Analytics

This website uses the functions of Google Analytics, a web analytics service. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyse how website visitors use the website. The website operator receives certain usage data, e.g. pageviews, length of session, operating systems used and user origin. These data are collated by Google, if applicable in a profile assigned to the respective user or their device.

Furthermore, using Google Analytics allows us to record your mouse and scroll movements and clicks, among other things. In addition, Google Analytics deploys various modelling approaches to supplement the data records and uses machine learning technologies when analysing data.

Google Analytics uses technologies which facilitate recognising the user again for the purpose of analysing user behaviour (e.g. cookies or device fingerprinting). The information Google records on how the website is used is generally transferred to a Google server in the USA and saved there.

This analytics tool is used on the basis of Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in analysing user behaviour for the purpose of optimising its web offering and its advertising. Inasmuch as consent is requested (e.g. consent to store cookies), processing takes place exclusively on the basis of Art. 6 (1) (a) GDPR; consent can be revoked as any time.

The transmission of data to the USA is based on the EU Commission’s standard contractual clauses. You will find the details here: https://privacy.google.com/businesses/controllerterms/mccs/.

IP anonymisation

We have activated the IP anonymisation function on this website. Prior to being transmitted to the USA, your IP address is therefore truncated by Google within the Member States of the European Union or other states party to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address sent to a Google server in the US and truncated there. On behalf of the operator of this website, Google will use this information to analyse your use of the website, to prepare reports on website activities, and to provide the website operator with other services associated with using the website and the Internet. The IP address transmitted in the context of Google Analytics from your browser is not combined with other Google data.

Browser plugin

You can prevent the recording and processing of your data by Google by downloading and installing the browser plugin available via the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

You can find more information on the handling of user data in Google’s privacy policy: https://policies.google.com/privacy?english.

Retention period

The data at user and at event level stored at Google which are linked with cookies, user identifiers (e.g. user ID) or advertising IDs (e.g. DoubleClick cookies, Android advertising ID) are anonymised after two months and/or deleted. You can find further information at the following link: https://support.google.com/analytics/answer/7667196?hl=de

6. Plugins and tools

Google Maps

This page uses Google Maps. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Saving your IP address is necessary for using the Google Maps functions. This information is then generally sent to a Google server in the US and stored there. The provider of this page has no influence on this data transmission. Once Google Maps is activated, Google can use Google Web Fonts for the purpose of harmonising the font display. When Google Maps is accessed, your browser loads the required web fonts in your browser cache in order to display text and fonts correctly.

Google Maps is used in the interest of an attractive display of our online offering and to facilitate finding the locations referenced by us on the website. This constitutes legitimate interest within the meaning of Art. 6 (1) (f) GDPR. Inasmuch as consent is requested, processing takes place exclusively on the basis of Art. 6 (1a) GDPR; consent can be revoked as any time.

The transmission of data to the USA is based on the EU Commission’s standard contractual clauses. You will find the details here: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

You can find more information on the handling of user data in Google’s privacy policy: https://policies.google.com/privacy?english.

Google reCAPTCHA

We use “Google reCAPTCHA” (hereinafter, “reCAPTCHA”) on this website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

reCAPTCHA is designed to check whether data input on this website (e.g. in a contact form) is being made by human or by an automated program. With this in mind, reCAPTCHA analyses the behaviour of the website visitor based on various attributes. The analysis starts automatically as soon as the website visitor accesses the website. In the analysis process, reCAPTCHA analyses the various pieces of information (e.g. IP address, session duration of the website visitor on the website or mouse movements made by the user). The data collected in the analysis process is sent to Google.

The reCAPTCHA analysis runs completely in the background. Visitors to the website are not made aware that an analysis is taking place.

The saving and analysis of data is made on the basis of Art. 6 (1) (f) GDPR. A website operator has a legitimate interest in protecting its web offers against malicious, automated espionage and spam. Inasmuch as consent is requested, processing takes place exclusively on the basis of Art. 6 (1a) GDPR; consent can be revoked as any time.

More information on Google reCAPTCHA can be found in Google’s privacy policy and Google’s terms of service at the following links: https://policies.google.com/privacy?hl=en and https://policies.google.com/terms?hl=en.