Wigedis
Wir geben`s Dir schriftlich

Privacy Policy

We are pleased to welcome you to our website!

One of our highest priorities is to protect your privacy and ensure the protection of your personal data. For this reason, we will inform you in the following about the legal basis and the purpose for which we process your data and how you can object to data processing.

We ask you to read our privacy policy carefully. You can access, save and print out our data protection regulations at any time at www.wigedis.de and www.wirgebensdirschriftlich.de.

For a better overview, we refer at various points by links to information and data protection notices that can be found on external websites. We would like to point out that when you select the links, you leave our pages. We have no influence on the processing of data on these external websites. We recommend that you read the data protection regulations on these external websites carefully.

Furthermore, we secure our website and other systems by technical and organizational measures against loss, destruction, access, modification or distribution of your data by unauthorized persons. Despite regular checks, however, complete protection against all dangers is not possible.

This privacy policy applies to all our websites and online presences.

 

1. Personal data

According to Art. 4 No. 1 DSGVO, personal data is all information relating to an identified or identifiable natural person. A natural person who can be directly or indirectly identified is considered identifiable.

In principle, we will only process personal data to which we are legally entitled. This may depend on your consent or the execution of a contract you have entered into with us or may be necessary in connection with our legitimate interests. Under no circumstances will your data be processed in a way that is incompatible with these purposes. In particular, we will take all measures to maintain the security and confidentiality of your personal data and to protect it against unauthorized use or disclosure.

 

2. Technical and organizational measures

We have taken technical and organizational measures to ensure that the regulations of the DSGVO are observed both by us and by external service providers working for us. If we work together with other companies to provide our services, this only happens after an extensive selection process. In this selection process, each individual service provider is carefully selected for its suitability in connection with technical and organizational skills in data protection. This selection procedure is documented in writing and a contract in accordance with Art. 28 para. 3 DSGVO for the processing of personal data on behalf (ADV contract) is only concluded if it meets the requirements of Art. 28 DSGVO. Your details will be stored on specially protected servers. Access to these servers is only possible for a few specially authorized persons.  Our website is SSL/TLS encoded, which you can recognize by the “https://” at the beginning of the URL. If personal data is involved in e-mail communication, the e-mail is sent from our site in encrypted form. We also use the integrated SSL certificate for this.

We would like to point out that despite regular checks, complete protection against all risks is not possible

 

3. Deletion and storage duration

Your personal data will be deleted or blocked as soon as the purpose for which it was stored no longer applies. Furthermore, data may be stored if this has been provided for by the European or national legislator in EU ordinances, laws or other regulations to which the person responsible is subject. Data will also be blocked or deleted when a storage period prescribed by the above-mentioned standards expires, unless it is necessary to store the data for the purpose of concluding or fulfilling a contract. In addition, internal deletion processes are in place within the company, which are integrated into our local data protection management system under regular revision.

 

4. Transfer of personal data to third parties

We only pass on your personal data to third parties if this is necessary for the fulfilment of our own business purposes – in particular for the provision of the services owed to you -, if you have given your consent to do so, or if we are obliged to do so by law or by a court or official order. All employees, partners and third parties that we employ in the performance of our services are also subject to this data protection regulation. If we commission third parties to process data, this is done on the basis of an order processing contract in accordance with Art. 28 DSGVO.

 

5. Your right of objection according to art. 21 DSGVO

Pursuant to art. 21 of the DPA, you have the right to object at any time to the processing of personal data collected on the basis of article 6, paragraph 1, letters e) or f). This also applies to profiling purposes.

This means for you:

If we cite our legitimate interest or a legitimate interest of a third party (Art. 6 para. 1 letter f) DSGVO) as the lawfulness basis for the processing of personal data, you have the right to object in accordance with Art. 21 DSGVO.

You may also object to the processing of your personal data for reasons arising from your particular situation, for scientific or historical research purposes or for statistical purposes in accordance with Art. 89 para. 1 DSGVO, unless the processing is necessary for the performance of a task carried out in the public interest (cf. Art. 21 para. 6 DSGVO).

If you are entitled to a right of objection, we will again explicitly draw your attention to the right of objection in the individual sections. Please pay attention to the note: “Right of objection”. There you will also find further information on exercising your right of objection.

 

6. Revocation of consent pursuant to Art. 7 para. 3 DSGVO

You have the right to revoke your voluntarily given declaration of consent at any time. Revocation of your consent does not affect the lawfulness of the processing that has taken place on the basis of your consent until revocation.

If you are entitled to a right of revocation, we will again explicitly draw your attention to the right of revocation in the individual sections. Please pay attention to the note: “Revocation of consent”. There you will also find further information on how to exercise your right of revocation.

 

7. Person responsible

The person responsible for the processing of personal data in accordance with Art. 4 No. 7 DSGVO:

LEXAL LAW \ CONSULTINGS
Anahita Lotfi
Zinkhüttenweg 11
44143 Dortmund

Phone: 0231 952 980 5
Fax: +49 231 229 209 06
Mail: datenschutz@wigedis.de

 

8. Contact person for data protection

If you have any questions regarding the processing of your personal data or your rights regarding data protection, please contact us:

LEXAL LAW \ CONSULTINGS
Data protection officer
Zinkhüttenweg 11
44143 Dortmund

Phone: 0231 95 29 80 5
Fax: +49 231 229 209 06
Mail: datenschutz@wigedis.de

 

9. Contact form

On our website there is a contact form which you can use for electronic contact. If you contact us via this contact form, the data entered in the input fields will be processed by us.

This includes the following data as mandatory data:

The following data will also be saved when you send the form:

The legal basis for the processing of personal data provided by you in the context of the contact is art. 6 par. 1 letter b) DSGVO. The purpose of the processing of your personal data within the scope of the mandatory and voluntary information is to process the contact request and to be able to contact you for the purpose of your request.

The other personal data processed during sending (IP address, date and time of sending) serve to prevent misuse of our contact form.

The legal basis for this is our legitimate interest in accordance with Art. 6 para. 1 lit. f) DSGVO. We have a legitimate interest in preventing or proving misuse of our contact form.

The data will be deleted as soon as they are no longer necessary for the purpose of their collection.

Recipient of the data is our server host, who works for us within the scope of a contract data agreement.

 

10. Contacting us

You have the possibility to contact us by mail, telephone, fax or e-mail.

If you contact us by post, we can process your address data (e.g. last name, first name, street, city, postal code), date and time of receipt of the mail as well as the data resulting from your letter itself. Depending on which data you provide here, we will then contact you again either by telephone, fax or e-mail and, if necessary, call you back or write to you.

If you contact us by telephone, we will process your telephone number and, if necessary, your name, your e-mail address, the time of the call and details of your request.

If you contact us by fax, the fax number or the sender identification as well as the data resulting from the fax will be processed.

If you contact us by e-mail, your e-mail address, the time of the e-mail and the data resulting from the message text (and attachments if applicable) will be processed.

The purpose of the processing of the above-mentioned data is to process the contact request and to be able to contact the requesting party to answer the request.

The legal basis for the processing of personal data described here is Art. 6 para. 1 letter f) DSGVO. It is our legitimate interest to offer you the possibility to contact us at any time and to be able to answer your inquiries.

The personal data will only be processed as long as it is necessary for the processing of the contact request.

Recipient of the data is our server host, who is working for us within the scope of an order data agreement.

 

Right of objection

You have a right of objection.

You can notify us of your objection at any time at datenschutz@wigedis.de or by telephone on 0231/952 980 5 or by fax on 0231/229 209 06.

 

11. Rights of persons concerned

According to the legal data protection regulations you can exercise your rights to

Revocation of consent Art. 7 para. 3 DSGVO (You have the right to revoke your voluntarily given declaration of consent at any time. Revocation of consent does not affect the lawfulness of the processing that has taken place on the basis of the consent until revocation).

Information Art. 15 DSGVO (You may request confirmation from us as to whether personal data concerning you is being processed).

Correction Art. 16 DSGVO (You have the right to request correction and/or completion if the processed personal data concerning you is incorrect or incomplete).

Deletion Art. 17 DSGVO (You have the right to request that the personal data concerning you be deleted immediately if there are reasons to justify deletion).

Restriction of processing Art. 18 DSGVO (Under the conditions of Art. 18 para. 1, you may request that the processing of personal data concerning you be restricted).

Information Art. 19 DSGVO (If you have exercised your right to rectification, erasure or limitation of processing, we are obliged to notify all recipients to whom the personal data concerning you have been disclosed of this rectification, erasure or limitation of processing, unless this proves impossible or involves a disproportionate effort. You have the right, vis-à-vis the controller, to be informed of these recipients).

Data transferability Art. 20 DSGVO (You have the right to receive your personal data that you have provided us with in a structured, common and machine-readable format and to oblige us to transfer this personal data to another responsible party).

Objection Art. 21 DSGVO (You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you, which is carried out pursuant to Art. 6, paragraph 1, letters e or f DSGVO).

 

For requests of this kind, please send us an e-mail to datenschutz@wigedis.de. Please note that in the case of such inquiries, we must ensure that the person concerned is indeed the data subject.

Automated decision making does not take place on our website.

 

12. Log files

Every time you visit our website, we automatically collect data and information through your device’s system and store it in so-called server log files. This data is information that relates to an identified or identifiable natural person (here: website visitor). The data is automatically transmitted by your browser when you visit our website.

The following information is recorded:

The time of the call to our website (request to the server of the host provider),
URL of the website from which you accessed our website,
The operating system you use,
Type and version of the browser you use,
IP address of your computer is masked, i.e. the last octet is zeroed.
The legal basis for the temporary storage of data in the log files is Art. 6 para. 1 sentence 1 lit. b) DSGVO. In this respect, we fulfil the existing contract with the user, even in the case of free offers, regarding the use of the website.

If we process the data for the purpose of compiling anonymous usage statistics, the legal basis is Art. 6 para. 1 sentence 1 lit. f) DSGVO. In this respect, our interest in understanding user behavior and the possible continuous optimization of our offers, the basic rights and freedoms of the users, among other things, outweighs our interest in this. The categories of the processed data of the users (IP address, user ID) and their anonymous processing were particularly taken into account in the weighing process. Also included was the circumstance of the processing to achieve the purpose potentially serving the user.

The data will be deleted as soon as they are no longer required to achieve the purpose of their collection. In the case of the collection of data for the provision of the website, this is the case when the respective session is ended.

In the case of the storage of data in log files, this is the case after ninety days at the latest. Any storage beyond this period will not take place. In this case, the IP addresses of the users are deleted or alienated, so that an assignment of the calling client is no longer possible.

The collection of data for website provision and the storage of data in log files is absolutely necessary for the operation of the website, so that you have no right of objection.

 

13. Cookies

We use cookies on our website. Cookies are text files that are stored on your device, e.g. to make the use of a website more comfortable or to recognize the user’s device and save settings or the like. In cookies, entries and settings can be stored on a website so that you do not have to enter them again each time you visit a new website. Cookies contain a so-called cookie ID, which makes it possible to assign the device in which the cookie was stored. Cookies help us to make our online offer user-friendly and tailor-made. We may use our own cookies and/or cookies from third parties.

You can thus restrict or completely prevent the setting of cookies in your browser settings. You can also arrange for the automatic deletion of cookies when you close the browser window.

You can find out how to delete cookies in the most common browsers and change the cookie settings here:

Google Chrome:https://support.google.com/chrome/answer/95647?hl=de
Mozilla Firefox:https://support.mozilla.org/de/kb/cookies-und-website-daten-in-firefox-loschen?redirectlocale=de&redirectslug=cookies-loeschen-daten-von-websites-entfernen
Apple Safari: https://support.apple.com/de-de/guide/safari/sfri11471/mac
Microsoft Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies
Cookies for marketing purposes

Marketing cookies are used to display advertising that is relevant to your interests. When you visit another website, the cookie on your browser is recognized and the advertising selected based on the information stored in this cookie is displayed to you.

These cookies are only activated if you have given your consent (legal basis: Art. 6 para. 1 lit. a) DSGVO). You can conclusively give your consent by continuing to use the website after a corresponding notice is displayed or by actively clicking on “Accept” in the displayed notice.

 

Revocation of consent

You can revoke your consent at any time and without giving reasons at datenschutz@wigedis.de. Your revocation does not affect the lawfulness of the processing that took place on the basis of your consent until the revocation.

Cookies for analysis:

With these cookies the reach of our own offer can be measured. The cookie enables us to track, among other things, which website was visited before our website was accessed and how our website was used. We use this data to optimize our website, among other things, by evaluating the campaigns we have conducted (legal basis: Art. 6 para. 1 lit. a) DSGVO).

These cookies are only activated if you have given your consent (legal basis: Art. 6 para. 1 lit. a) DSGVO). You can conclusively give your consent by continuing to use the website after a corresponding notice is displayed or by actively clicking on “Accept” in the displayed notice.

 

Revocation of consent

You can revoke your consent at any time and without giving reasons at datenschutz@wigedis.de. Your revocation does not affect the lawfulness of the processing that took place on the basis of your consent until the revocation.

 

Essential cookies

Technically required cookies are those that are necessary for the smooth functioning of our website (legal basis: Art. 6 para. 1 lit. c) DSGVO).

Without the technical cookies you cannot use our website.

 

14. Use of  YouTube

We use videos from YouTube on our website. YouTube is a service provided by YouTube LLC (“YouTube”), 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube LLC is a subsidiary of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

YouTube is integrated by embedding the service on our website using a so-called “iFrames”. When loading this iFrame, YouTube or Google may collect and process information (including personal data). It cannot be excluded that YouTube or Google may also transfer the information to a server in a third country.

Information on Google’s existing Privacy Shield certification and other relevant data on data processing by Google in the context of the use of Google services can be found in this Privacy Policy under the section “14. information on Google services”.

Through the integration of YouTube, we pursue the purpose of being able to present various videos on our website so that you can watch them directly on our website.

The legal basis for the processing of personal data described here is Art. 6 para. 1 lit. f) DSGVO. Our necessary legitimate interest in this respect lies in the great benefit that YouTube offers. By integrating external videos, we relieve our servers and can use corresponding resources elsewhere. This can increase the stability of our servers. YouTube or Google also has a legitimate interest in the collected (personal) data in order to improve our own services.

 

Right of objection

You have a right of objection. You can notify us of your objection at any time at datenschutz@wigedis.de or by telephone on 0231/952 980 5 or by fax on 0231/229 209 06.

You can find more detailed information in the YouTube or Google data protection notices, which you can download here: www.google.com/policies/privacy/.

You can find information about Google’s privacy settings at https://privacy.google.com/take-control.html?categories_activeEl=sign-in.

 

15. Information about Google services

We use various services on our website provided by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. By integrating the Google services, Google may collect and process information (including personal data). It cannot be excluded that Google may also transfer the information to a server in a third country.

As can be seen from Google’s Privacy Shield certification (to be found at https://www.privacyshield.gov/list under the search term “Google”), Google has committed itself to comply with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework regarding the collection, use and storage of personal data from the member states of the EU and Switzerland respectively. Google, including Google LLC and its wholly owned subsidiaries in the U.S., has declared through certification that it complies with the Privacy Shield Principles. For more information, please visit https://www.google.de/policies/privacy/frameworks/.

We cannot control what information Google actually collects and processes. However, Google states that the following information (including personal data) may be processed among others:

Google does this by, among other things, the following:

“We may combine personal information from one service with information and personal information from other Google services. This makes it easier for you to share content with friends and family, for example. Depending on your account settings, your activities on other sites and apps may be linked to your personal information to improve Google’s services and the advertising Google displays. (https://www.google.com/intl/de/policies/privacy/index.html)

You can prevent this information from being added directly by signing out of your Google Account or by using the appropriate account settings in your Google Account.

You can also change your cookie settings (e.g. delete cookies, block cookies, etc.). You can find more information in Google’s privacy policy, which can be found here: https://www.google.com/policies/privacy/. Information on Google’s privacy settings can be found at https://privacy.google.com/take-control.html.

 

16. Google ads

We use Google Ads (formerly: AdWords) on our site and Google AdWords conversion tracking, an online advertising service provided by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Ads and Google Conversion Tracking is an analytical service provided by Google. When you click on an advertisement placed by Google, a so-called “cookie”, a text file, is stored on your device, which enables an analysis of the use of the websites you visit. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States and other countries. These cookies lose their validity after 30 days. If you visit certain pages of our website and the stored cookie has not expired, Google and we can recognize that someone has clicked on the advertisement and thus been forwarded to our website. Every AdWords customer receives a different cookie. Cookies can thus be tracked on the websites of AdWords customers.

The legal basis for the processing of personal data described here is Art. 6 para. 1 lit. a) DSGVO.

 

Revocation of consent

You can revoke your consent at any time and without giving reasons at datenschutz@wigedis.de. Your revocation does not affect the lawfulness of the processing that took place on the basis of your consent until the revocation.

You can also deactivate the settings for personalized advertising at https://support.google.com/ads/answer/2662922?hl=de. Furthermore, you can change your cookie settings (e.g. delete cookies, block cookies, etc.).

You can find more detailed information in Google’s data protection information, which you can access here: www.google.com/policies/privacy/.

You can find information about Google’s privacy settings at https://privacy.google.com/take-control.html?categories_activeEl=sign-in.

 

17. Google analytics

We use Google Analytics on our website, a web analytics service provided by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. Google Analytics may also use so-called web beacons (invisible graphics). These web beacons can be used to evaluate information such as visitor traffic on websites. The information generated by cookies and web beacons about the use of our website (including the IP address of the user) is transferred to a Google server, possibly in the USA or other third countries, and stored there. This information may be passed on by Google to contractual partners of Google.

The following types of data are processed by Google:

In addition, you can find more detailed information about the information processed at https://www.google.com/intl/de/policies/privacy/# infocollect under “Data we receive as a result of your use of our services” and at https://privacy.google.com/businesses/adsservices/.

We only use Google Analytics with activated IP anonymization (“anonymous IP”). As a result, your IP address will be truncated by Google within member states of the European Union or in other states that are party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there.

Furthermore, we have concluded a contract with Google for the use of Google Analytics for order processing (Art. 28 DSGVO). Google processes the data on our behalf in order to evaluate your use of the website, to compile reports on website activities for us and to provide us with further services related to the use of the website and the Internet. Google may transfer this information to third parties if required by law or if third parties process this data on behalf of Google.

Through the integration of Google Analytics, we pursue the purpose of analyzing the user behavior on our website and to be able to react to it. This enables us to continuously improve our offer.

The legal basis for the processing of personal data described here is Art. 6 para. 1 lit. a) DSGVO.

Within the scope of order processing, Google is entitled to engage subcontractors. A list of these subcontractors can be found at https://privacy.google.com/businesses/subprocessors/.

 

Revocation of consent

You can revoke your consent at any time and without giving reasons at datenschutz@wigedis.de. Your revocation does not affect the lawfulness of the processing that took place on the basis of your consent until the revocation.

Furthermore, you can prevent the processing of your data by Google by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de. An opt-out cookie is set, which prevents the future collection of your data when you visit this website: Disable Google Analytics.

In addition, you can prevent the collection of data by web beacons by downloading and installing the add-on available at the following link for the respective browser: https://adblockplus.org/. You can also change your cookie settings (e.g. delete cookies, block cookies, etc.).

For more information on data handling in connection with Google Analytics, please refer to the Google privacy policy: https://support.google.com/analytics/answer/6004245?hl=de. You can find information on Google’s privacy settings at https://privacy.google.com/take-control.html?categories_activeEl=sign-in. The processed information is only stored as long as it is necessary for the intended purpose or as long as it is legally required.

 

18. Registration and purchase

In order to use the digital file folder, as well as to purchase our briefs, you must first register.

The registration form includes the following data as mandatory

When the form is submitted, the following data is also saved:

In addition, depending on the payment method chosen (direct debit, credit card, online payment services, etc.), the data required to process the payment will be forwarded to the appropriate payment service providers.

The legal basis for the processing is Art. 6 para. 1 sentence 1 letter b) and Art. 6 para. 1 sentence 1 letter f) DSGVO. The purpose of the processing of personal data within the scope of registration is the provision of the digital file folder as well as in fulfilment of our services owed to you with regard to purchases made in our web store.

The recipient of the data is our server host, who works for us within the framework of an order data agreement.

 

Right of objection

You have a right of objection. You can notify us of your objection at any time at datenschutz@wigedis.de or by telephone on 0231/952 980 5 or by fax on 0231/229 209 06.

If you exercise your right of objection, your registration will be cancelled and the digital file folder, including all data/documents and other contents therein, will be irretrievably deleted. If the data is required for the fulfillment of a contract or for the implementation of pre-contractual measures, an early deletion of the data is only possible if there are no contractual or legal obligations (e.g. tax or commercial law obligations to retain data) that prevent deletion.

 

19. Social networks & external links

In addition to this website, we also maintain presences in various social media, which you can reach by clicking on the corresponding buttons on our website. If you visit such a presence, personal data may be transmitted to the social network provider. Please note that user data may also be transferred to a server in a third country and thus be processed outside the European Union. US providers certified under the Privacy Shield have undertaken to comply with the EU data protection standards. Further information can be found at https://www.privacyshield.gov/Program-Overview.

It is possible that in addition to the storage of the data you specifically entered in this social medium, other information may also be processed by the social network provider.

In addition, the social network provider may process the most important data of the computer system from which you visit it, for example your IP address, the type of processor used and the browser version including plug-ins. If you are logged in during your visit to such a website with your personal user account of the respective network, this network can assign the visit to this account.

The purpose and scope of data collection by the respective medium as well as the further processing of your data there and your rights in this regard can be found in the respective provisions of the respective responsible party, e.g. at

Facebook (Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA): For fan pages: Agreement on joint processing of personal data (Art. 26 DSGVO) https://www.facebook.com/legal/terms/page_controller_addendum ; Privacy Policy Facebook: https://www.facebook.com/about/privacy/ ;Opt-Out possibility: https://www.facebook.com/settings?tab=adsund http://www.youronlinechoices.com/, Privacy Shield Certification: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active

Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA); Privacy Policy https://twitter.com/de/privacy; ;Opt-out option: https://twitter.com/personalization;Privacy Shield Certification: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active

Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA; privacy policy and opt-out option: https://help.instagram.com/155833707900388

 

20. Privacy policy for our Facebook fanpage Insights

Facebook Ireland Ltd (“Facebook”) provides us as Facebook fan page operator with so-called “Facebook Insights” (“Insights”). The “Insights” are various statistics that provide us with information about the use of our Facebook fan page. You can find detailed information about this at https://www.facebook.com/business/a/page/page-insights.

In order to create these statistics, various information provided by you (including personal data) is processed by Facebook. The personal data is processed by Facebook and us as jointly responsible parties in accordance with Art. 26 DSGVO. In the following we provide you with the essential information of the agreement concluded between Facebook and us in accordance with Art. 26 DSGVO (https://www.facebook.com/legal/terms/page_controller_addendum).

1. Designation of the jointly responsible persons

Jointly responsible for the processing

Facebook Ireland Ltd
4 Grand Canal Square
Dublin 2
Ireland

and

LEXAL LAW \ CONSULTINGS
Zinkhüttenweg 11
44143 Dortmund

2. Responsibility with regard to the processing of the Insights data

Facebook has assumed primary responsibility (assumption of all obligations under the DSGVO) for data processing. This means in particular: Facebook assumes the necessary information obligations (e.g. Art. 13 DSGVO). Data subjects’ rights can be asserted against Facebook (e.g. claim for information or deletion, objection to data processing or revocation of any consent granted; ensuring technical and organizational measures for data processing: Facebook provides comprehensive information regarding data processing at www.facebook.com (Art. 13 DSGVO). In order to provide you with an overview of the essential information, we also refer to the content provided by Facebook in the context of this data protection notice.

Irrespective of the agreed primary responsibility of Facebook, you can of course also assert your rights within the scope of the DSGVO directly against us. We will immediately forward this request to Facebook via a form available for this purpose.

3. Legal basis for the processing

The legal basis and the purposes of Facebook’s processing can be viewed at https://www.facebook.com/about/privacy/legal_bases and https://de-de.facebook.com/policy.php.

Our legal basis for the processing of the Insights data is our legitimate interest according to Art. 6 para. 1 lit. f DSGVO. We have a legitimate interest in being able to track user behavior on our Facebook fan page. In particular, this enables us to record the reach and effectiveness of our campaigns, postings and other activities through processed statistics. This enables us to continuously optimize our website and our services according to your needs. This also represents the purpose of processing for us.

4. Data processing on a Facebook fan page

Facebook can process the following data in particular:

User interaction (click behavior, postings, likes, viewing videos, page views, etc.)
Cookies
Demographic characteristics (age, gender, federal state, etc.)
IP address
System and device information (e.g. browser type, operating system, etc.)
The exact processing of your data when you visit our Facebook fan page depends on whether you have a Facebook account or not. If you have an account with Facebook, Facebook can permanently assign the data to your account in order to learn more about you.

Even if you do not have a Facebook account, Facebook can still store your information. This can be done through the use of cookies. These are usually small text files that are stored on your device. Various information is written to this text file, which can be read out again at a later date. In this way, Facebook is able to store and process information about you, even without having a Facebook account. You can find more detailed information about Facebook cookies at https://de-de.facebook.com/policies/cookies/ .

Within the scope of using Insight, we only receive anonymous statistics from Facebook about the use of our fan page. We can only see how many users have carried out certain interactions, but not which user has carried out a certain action. The statistics of the Insights data do not allow us to draw conclusions about a person.

5. Rights of data subjects

In principle, you have the following rights:

Revocation of consent according to Art. 7 DSGVO
Information according to Art. 15 DSGVO
Correction according to Art. 16 DSGVO
Deletion according to Art. 17 DSGVO
Restriction of processing according to Art. 18 DSGVO
Notification according to Art. 19 DSGVO
Data transferability according to Art. 20 DSGVO
Opposition according to Art. 21 DSGVO

You can assert these rights directly against Facebook or against us (see section “II. Responsibility with regard to the processing of Insights data”).

If you would like to assert your rights against us, please contact us at datenschutz@wigedis.de and describe your specific concern as detailed as possible.

You have the right to object to the processing of cookies. You can exercise this right, for example, as follows:

In your browser settings you can restrict or completely prevent the setting of cookies. You can also arrange for the automatic deletion of cookies when closing the browser window. You can find out how to delete cookies in the most common browsers and change the cookie settings here:

Google Chrome: https://support.google.com/accounts/answer/32050?co=GENIE.Platform%3DDesktop&hl=de

Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-und-website-daten-in-firefox-loschen

Apple Safari: https://support.apple.com/de-de/HT201265 and https://support.apple.com/de-de/guide/safari/sfri11471/mac

Microsoft Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies

At https://de-de.facebook.com/policies/cookies/ you can also adjust your settings for the use of cookies. Here you will find under the sections “If you have a Facebook account”. (Facebook account available) and “Public” (no Facebook account available) Information on how you can object to the processing vis-à-vis Facebook. You can determine the storage period of cookies via your browser by displaying the cookies (usually by clicking on the “i” next to the address bar, e.g. in Firefox or Google Chrome).

 

21. Facebook pixel

We also use the “Facebook Pixel” on our website, custom audiences and Facebook conversions from Facebook. Facebook is operated by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. The marketing tool “Custom Audiences” from Facebook helps to reduce wastage in marketing. In the head area of the website we have installed a “counting pixel” from Facebook (“Facebook pixel”), which is called up by the Facebook servers each time our website is accessed and registers the access there. This allows website visitors to be specifically included in a custom audience. The marketing tool is a targeting option that uses the Facebook pixel to match visitors to our website with people on Facebook. We can target visitor groups with Facebook ads.

According to Facebook, the pixel plays out browser information, visited websites and the website user’s hashed Facebook ID.

It cannot be excluded that Facebook may also transfer the information to a server in a third country.

You can find more information about the Facebook pixel at https://www.facebook.com/business/help/651294705016616.

Further information about Facebook Custom Audiences can be found at: https://developers.facebook.com/docs/marketing-api/audiences-api/websites and https://developers.facebook.com/docs/facebook-pixel/pixel-with-ads/conversion-tracking.

As evidenced by the privacy shield certification of Facebook, Inc. (which can be found at https://www.privacyshield.gov/list under the search term “Facebook”), Facebook, Inc. has committed to comply with the EU-US Privacy Shield Framework published by the U.S. Department of Commerce and the Swiss-US Privacy Shield Framework regarding the collection, use and storage of personal information from EU member states and Switzerland, respectively. Facebook Inc. has declared by certification that it complies with the Privacy Shield Principles.

Further information on this can be found at: https://de-de.facebook.com/about/privacyshield

Facebook itself explains the following on the subject of data collection:

“Information from partners, advertisers, app developers and publishers can send us information via the Facebook business tools they use, including our social plugins (such as the “Like” button), Facebook Login, our APIs and SDKs or the Facebook pixel. These partners provide us with information about your activities outside of Facebook, including information about your device, websites you visit, purchases you make, ads you see and how you use their services, whether you have a Facebook account or are logged in to Facebook. For example, a game developer might use our API to tell us what games you play, or a company might tell us about a purchase you made at their store. We also receive information about your online and offline transactions and purchases from third-party data providers who are authorized to provide us with your information.

Partners receive your information when you visit or use their services, or through third parties with whom they work. We require each of these partners to have the legal rights to collect, use and share your information before providing any information to us. Learn more about the types of partners from whom we receive information.” (https://de-de.facebook.com/about/privacy/ ).”

By including the Facebook Pixel, using Facebook Custom Audiences and Facebook Conversions, we aim to reduce wastage in marketing and to provide optimized advertising for website visitors.

The purpose of processing the data using Facebook Custom Audiences is to create statistics for the creation of user categories in order to enable the alignment of advertising material or advertising measures on the Internet in line with the interests of the user. This enables us to continuously improve our offer.

The legal basis for the processing of personal data described here is Art. 6 para. 1 lit. a) DSGVO.

 

Revocation of consent

You can revoke your consent at any time and without giving reasons at datenschutz@wigedis.de. Your revocation does not affect the lawfulness of the processing that took place on the basis of your consent until the revocation.

Regarding the storage period of the information, Facebook states that the data will be stored for as long as necessary to provide you with any products and services (https://de-de.facebook.com/about/privacy/ under “Data storage, deactivation and deletion of accounts”).

For further questions, Facebook names the following contact options and provides the following information (as of September 29, 2016)

“1. If you live in the USA or Canada

Please contact Facebook, Inc. online or by mail at

Facebook, Inc.
1601 Willow Road
Menlo Park, CA 94025

2. If you live somewhere else

The data controller of your information is Facebook Ireland Ltd. You can contact this company online or by mail at

Facebook Ireland Ltd.
4 Grand Canal Square
Grand Canal Harbour
Dublin 2 Ireland”

 

22. Right to appeal to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State in which you are resident, your place of work or the place of the alleged infringement, if you consider that the processing of personal data concerning you is in breach of the DPA.

The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and the results of the complaint, including the possibility of a legal remedy under Art. 78 DSGVO.

The supervisory authority responsible for us is:

The State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia Kavalleriestr. 2-4, 40213 Düsseldorf
e-mail: poststelle@ldi.nrw.de
Internet: https://www.ldi.nrw.de/index.php.