Skip to content Skip to navigation menu

Data Protection

Privacy Policy

Websites of the Wieland Group

Status as of: 20.10.2020

Wieland-Werke AG and its subsidiaries offer you information, contact options and customer portals as part of their digital services. Personal data is also processed in this context, about which we would like to inform you in detail below.

back to top

1. Name and contact details of the data controller and joint controllers

Wieland-Werke AG
Graf-Arco-Straße 36
89079 Ulm
Germany

Phone: +49(0) 731 944 0

info@wieland.com

is responsible for data processing when visiting our websites and using the services offered there.

We operate our websites in joint control with the individual subsidiaries of the Wieland Group.

The locations and contact details of the respective companies of the Wieland Group can be found here.

back to top

2. Contact details of the data protection officer of the responsible persons

If you have any questions regarding data processing or data protection in the Wieland Group, you can contact our Group Data Protection Officer at any time.

You can reach him by mail at the above address (please note 'att. Data Protection Officer' on the envelope), by e-mail at datenschutz@wieland.com or confidentially via our data protection portal.

back to top

3. Processing of your personal data when visiting and using our websites and online services

3.1 When using one of our websites

a)Technical protocol data

When calling up our website, your browser automatically transmits a number of technical data. These include the requested page, time of access, your IP address, details of the browser used, operating system and, if applicable, resolution, details of the previously visited page, the amount of data transferred and a technical status code.

We use this data for the following purposes:

  • Delivery of the website to your browser,
  • Evaluation for system security and stability, and
  • for further administrative purposes and for
  • Detection of misuse and troubleshooting

The legal basis for this data processing is our legitimate interest in the sense of Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest follows from the above listed purposes for data collection.

We store the aforementioned log data in our web server logs for a regular period of 14 days; in case of abuse for the duration of the analysis and possible prosecution of the abuse.

b) Google Tag Manager

Our websites use the 'GoogleTag Manager' service from Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) to manage cookies and control their playout, particularly in cooperation with our Consent Management. This enables us to technically secure your preferences regarding the setting of cookies.

The technical data already mentioned in section 2.1 a (in particular the IP address of the requesting device, the browser and operating system used, call time, the previously visited page as well as the amount of data transferred and a technical status code) are processed. The data is automatically made available by the browser you are using.

Without this automatically provided data the use of our websites is not possible.

The Google Tag Manager itself does not set any cookies and does not process any data stored in the cookies.

The legal basis for the processing is our legitimate interest in the sense of Art. 6 Par. 1 letter f GDPR in a simple and reliable control of the logic for setting cookies.

The deletion of the processed data is carried out by Google according to purpose.

c) Google Maps

Our websites used the service 'Google Maps' from Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland), e.g. to visualize our locations on a map and allow you to plan your route.

We have integrated Google Maps in a way that ensures that the map is generated and thus data is transferred to Google only with your consent (i.e. by actively clicking on the map symbol). This is then the technical protocol data already mentioned in section 2.1 lit. a or, if approved, your current location (for further information, please see https://policies.google.com/technologies/location-data?hl=en) or a departure point you have entered for route planning. This service is subject to the Google Privacy Policy (https://policies.google.com/privacy?hl=en), supplemented by the separate terms of use for Google Maps (https://www.google.com/intl/en_en/help/terms_maps/).

Recipient of the data: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

The legal basis for this data processing is your consent within the meaning of Art. 6 para. 1 sentence 1 lit. a GDPR.

You can find more information on the storage period of data at Google at https://policies.google.com/privacy?hl=en#inforetaining.

d) Youtube Videos

Our websites integrate video material, which is deposited on the video platform 'YouTube'. Youtube is a service of Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland).

When you access one of our websites on which YouTube videos are integrated, data is transmitted to Google, e.g. the technical protocol data already mentioned in section 2.1 lit. a as well as the ID of the accessed video. We use Youtube in extended data protection mode, so that only the data necessary for the delivery of the video is transmitted. You can find more information about data protection on Youtube at https://support.google.com/youtube/answer/2801895?hl=en.

Recipient of the data: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

The legal basis for this data processing is our legitimate interest in the sense of Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest results from our efforts to present our products and services to you in a visual and moving form and thus create easier access.

You can find more information on the storage period of data at Google within the framework of YouTube integration at back to top

3.2 Premium Pages, Newsletter and Whitepapers, Contact Forms

a) myWieland

We offer our customers a closed area in which they can, for example, track their orders and access further information about their business relationship with us.

Receiver of the data: Companies of the Wieland Group

The legal basis for this data processing is the contractual relationship between you and us in the sense of Art. 6 para. 1 sentence 1 lit. b GDPR.

b) Newsletter and Whitepapers

We offer a series of newsletters and whitepapers on various topics related to our products and services, which you can subscribe to via e-mail if you are interested. For this purpose we need your e-mail address in order to send the e-mail. Any further information is voluntary. In addition, when you register, we record the website from which it was made, the IP address of your computer, the time of registration and, if applicable, the time of a double opt-in.

Please note that we can only send you the desired newsletter / whitepapers once you have confirmed your e-mail address. For this purpose, we will send you a separate e-mail after registration, in which you should click the confirmation link ('Double Opt-In').

Receiver of the data: Companies of the Wieland Group

The legal basis for this data processing is your consent within the meaning of Art. 6 para. 1 sentence 1 lit. a GDPR.

You can revoke your consent to receive newsletters / whitepapers at any time with effect for the future. The easiest way to do this is to use the 'unsubscribe link' at the end of the respective e-mail or send an e-mail to newsletter@wieland.com.

We will delete your relevant data (e-mail address and any voluntary details) no later than 30 days after you unsubscribe or after 10 days if the link in the confirmation e-mail was not clicked.

c) Contact forms

If you have any questions of any kind, we offer you the opportunity to contact us using a form provided on the website. In order to be able to answer your inquiry, a valid e-mail address is required. Further information can be provided voluntarily. In addition, we record the IP address of your computer and the time of sending the contact request.

Receiver of the data: Companies of the Wieland Group

The legal basis for this data processing is your consent within the meaning of Art. 6 para. 1 sentence 1 lit. a GDPR. You can revoke your consent to the use of your data in the course of contacting us at any time with effect for the future. To do so, please contact us by e-mail at newsletter@wieland.com.

The personal data collected by us for the use of the contact forms will be deleted after the final processing of your request, provided that this does not conflict with any legal storage obligation, e.g. under commercial law. In this case, the deletion will take place after the end of the respective period.

back to top

3.3 Cookies and web analysis

We use cookies in connection with our websites and the offers provided on our websites. Cookies are small text files containing information which are stored on your end device when you visit one of our websites using your browser. The information stored in cookies can be read and processed when you visit the website again using the same terminal device and browser. In doing so, we use the processing and storage functions of the browser on your terminal device and collect information from the memory of the browser on your terminal device.

a) Technically necessary cookies

We use so-called session cookies, which are automatically deleted when you close your browser. By means of the session cookie we recognize you during a session and can, for example, provide you with your selected language preference or manage your login status across different pages.

We also use cookies to document any consent you may have given, for example for the purpose of conducting our web analysis, as part of our content management.

Technically necessary cookies can only be completely prevented by adjusting your browser settings; in this case, however, the website will not be fully usable.

b) Web analysis using Google Analytics

For the purpose of web analysis, page optimization and to learn more about your interests when using our websites, we use the web analysis tool Google Analytics from Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) on some of our websites.

This is done in pseudonymized and, as far as possible, anonymized form; of course also using the IP anonymization function (i.e. the IP address transmitted by your browser is anonymized by truncating, i.e. deleting the last octet of the IPv4 address or the last 80 bits of the IPv6 address before saving).

The data processing is mainly done by Google, but we have deactivated the functions for further data processing by Google for our own purposes as well as the Google marketing functions. Nevertheless, it cannot be ruled out that Google may merge the collected data, for example, if you are logged into your browser with a Google account.

In addition to the technical data already mentioned under point 2.1 a, further data categories are processed:

  • Google Analytics endpoint data (this is data generated by Google Analytics and assigned to your endpoint: this includes a unique ID to (re-)recognize returning visitors (so-called 'client ID') and certain technical parameters to control data collection for web analytics)
  • Google Analytics measurement data (device-related raw data (so-called 'dimensions' and 'measured values'), which are collected and analyzed by Google Analytics when using our websites. This includes information about the sources through which visitors reach our websites, information about the location, the browser and the terminal device used, information about the use of the website (in particular page views, call frequency and duration of stay on the respective page called up) as well as information about the fulfilment of certain objectives. The data is assigned to the client ID assigned to your terminal device. This results in device-related usage profiles in which all device-related raw data are combined to form a client ID. The data we collect using Google Analytics does not enable us to identify you personally (i.e. by name). We also do not merge the device-related raw data and the resulting device-related usage profiles with data that directly identifies you personally without your consent)
  • Google Analytics report data (data contained in aggregated segment- and device-related reports generated by Google Analytics based on the analysis of raw device-related data)

Receiver of the data: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

In exceptional cases, the data processed by Google may also be transferred to the USA, where state authorities may also have access in accordance with the regulations applicable there. You also agree to this possible transmission, if you agree to the use of Google Analytics by us.

The legal basis for this data processing is your consent within the meaning of Art. 6 para. 1 sentence 1 lit. a GDPR. You can revoke your consent to the use of your data within the scope of our web analysis at any time with effect for the future.

Please click here to check the status of your consent and change it if necessary.

The personal data collected by us in the course of the web analysis will be stored for 14 months and then deleted.

Of course, our website is fully usable even if you do not give your consent for web analysis.

c) Web analysis using Matomo

For the purpose of web analysis, page optimization and to learn more about your interests when using our websites, we use the web analysis tool Matomo on some of our websites, e.g. on our Premium Pages ('myWieland'). Access data is recorded pseudonymously and, as far as possible, anonymously so that no direct connection to a user can be established. In particular, we make your IP address anonymous by shortening it by deleting the last octet of the IPv4 address or the last 80 bits of the IPv6 address before saving it.

With Matomo we process the following categories of data:

  • End device data (this is data generated by Matomo and assigned to your end device: this includes a unique ID for (re-)recognizing returning visitors (so-called 'client ID') as well as certain technical parameters for controlling data collection for web analytics)
  • Measurement data (device related raw data (so called 'dimensions' and 'measured values') that are collected and analyzed by Matomo when using our websites. This includes information about the sources through which visitors reach our websites, information about the location, the browser and the terminal device used, information about the use of the website (in particular page views, frequency of access and duration of stay on the respective page accessed) as well as information about the fulfilment of certain objectives. The data is assigned to the client ID assigned to your terminal device. This results in device-related usage profiles in which all device-related raw data are combined to form a client ID. The data that we collect via Matomo does not enable us to identify you personally (i.e. by name). We also do not merge the device-related raw data and the resulting device-related usage profiles with data that directly identifies you personally without your consent)
  • Report data (data contained in aggregated segment- and device-related reports generated by Google Analytics based on the analysis of raw device-related data)

The legal basis for this data processing is your consent within the meaning of Art. 6 para. 1 sentence 1 lit. a GDPR. You can revoke your consent to the use of your data within the scope of our web analysis at any time with effect for the future.

Please click here to check the status of your consent and change it if necessary.

The personal data collected by us in the course of the web analysis will be stored for 14 months and then deleted.

We process web analysis data collected by Matomo locally within the Wieland Group.

Of course, our website is fully usable even if you do not give your consent for web analysis.

back to top

4. Your rights

You have a number of legal rights towards us as the responsible party (or also towards the jointly responsible parties of the Wieland Group) to which we would like to draw your attention in the following.

The easiest way to exercise your rights is to use our online data protection portal, which you can access via https://privacy.wieland.com/wieland/anfrage_meldung.html?key=khupwYzouWRLtVgY&lang=2.

You can of course also contact us (and any company of the Wieland Group jointly responsible with us) by letter post. Please note 'for the attention of the data protection officer' on the envelope to ensure that we can be quickly assigned and forwarded. You can reach our data protection officer by e-mail at datenschutz@wieland.com.

Your rights as a person affected by data processing in detail:

  • Right to information (Art. 15 GDPR)

    As a data subject you have a right to information under the conditions of Art. 15 GDPR.

    This means in particular that you have the right to demand confirmation from us as to whether we are processing personal data relating to you. If this is the case, you also have the right to be informed about this personal data and to receive the information listed in Art. 15 Paragraph 1 GDPR.

  • Right of rectification (Art. 16 GDPR)

    As a data subject you have a right of rectification under the conditions of Art. 16 GDPR.

    This means in particular that you have the right to demand that we correct incorrect personal data relating to you without delay and complete incomplete personal data.

  • Right of deletion ('right to be forgotten') (Art. 17 GDPR)

    As a data subject, you have the right to deletion under the conditions of Art. 17 GDPR.

    This means that you are basically entitled to demand that we delete personal data relating to you immediately, and we are obliged to delete personal data immediately if one of the reasons listed in Art. 17 (1) GDPR applies.

    If we have made the personal data public and we are obliged to delete it, we are also obliged, taking into account the available technology and the implementation costs, to take reasonable measures, including technical measures, to inform other data controllers who process the personal data that a data subject has requested them to delete all links to this personal data or copies or replications of this personal data (Art. 17 (2) GDPR).

    The right to deletion does not apply by way of exception if the processing is necessary for the reasons listed in Art. 17 para. 3 GDPR. This may be the case, for example, if the processing is necessary for the fulfilment of a legal obligation or for the assertion, exercise or defence of legal claims (Art. 17 (3) lit. a, e GDPR).

  • Right to restrict processing (Art. 18 GDPR)

    As a data subject, you have a right to restrict processing under the conditions of Art. 18 GDPR.

    This may be the case, for example, if you dispute the accuracy of your personal data. In this case, processing is restricted for a period of time that enables us to verify the accuracy of the personal data (Art. 18 Paragraph 1 letter a GDPR).

    Restriction means the marking of stored personal data with the aim of restricting their future processing (Art. 4 No. 3 GDPR).

  • Right to data transferability (Art. 20 GDPR)

    As a data subject, you have a right to data transferability under the conditions of Art. 20 GDPR.

    This means that, in principle, you have the right to receive the personal data concerning you that you have provided us with in a structured, common and machine-readable format and you have the right to transfer this data to another person responsible without hindrance from us, provided that the processing is based on consent pursuant to Art. 6 Para. 1 letter a or Art. 9 Para. 2 letter a GDPR or on a contract pursuant to Art. 6 Para. 1 letter b GDPR and the processing is carried out using automated procedures (Art. 20 Para. 1 GDPR).

    When exercising your right to data transferability, you also have the fundamental right to request that personal data be transferred directly from us to another responsible party, insofar as this is technically feasible (Art. 20 Para. 2 GDPR).

  • Right to object (Art. 21 GDPR)

    As a data subject, you have the right to object under the conditions of Art. 21 GDPR.

    We will expressly draw your attention to your right of objection as a data subject at the latest at the time of the first communication with you.

    The following applies in detail:

    • As a data subject, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you that is carried out pursuant to Article 6(1)(e) or (f) of the DPA, including profiling based on these provisions.

      In the event of an objection for reasons arising from your particular situation, we will no longer process the personal data concerned unless we can demonstrate compelling reasons for processing that are worthy of protection and outweigh your interests, rights and freedoms, or unless the processing serves to assert, exercise or defend legal claims.

    • Where personal data are processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data relating to you for the purpose of such marketing, including profiling, where it is linked to such direct marketing.

      In the event of an objection to processing for the purposes of direct marketing, we shall no longer process the personal data concerned for those purposes.

  • Right to withdraw consent (Art. 7 para. 3 GDPR)

    If the processing is based on consent within the meaning of Art. 6 para. 1 letter a or Art. 9 para. 2 letter a GDPR, you as a data subject have the right to revoke your consent at any time pursuant to Art. 7 para. 3 GDPR. Revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until revocation. We will inform you of this before giving consent.

  • Right to appeal to the supervisory authority (Art. 77 GDPR)

    As a data subject, you have the right to appeal to a supervisory authority under the conditions of Art. 77 GDPR.

Our data protection officer is also available at any time to answer any questions you may have about data processing or to help you with your data protection concerns.

back to top

5. Transfer to third countries

If we also transfer personal data to recipients located outside the European Union or the EEA (so-called third countries), we will ensure before the transfer that the recipient has an adequate level of data protection through appropriate (contractual) guarantees or recognized agreements, or has given informed consent to the transfer of personal data.

back to top

6. Automated decision making including profiling

We do not use profiling within the meaning of Art. 22 GDPR when using our websites.

back to top