Privacy Policy
I) GENERAL INFORMATION
We are aware that the protection of your privacy is an important concern to you while visiting our website. We take the protection of your personal data very seriously. Therefore, we want you to you know when we save which data and how we use it. With this data protection declaration, we would like to inform you about our data protection measures.
II) DATA CONTROLLER
GEHOLIT+WIEMER
Lack- und Kunststoff-Chemie GmbH
Sofienstraße 36
76676 Graben-Neudorf, Germany
Phone +49 7255 99 0
Fax +49 7255 99 199
E-mail info@geholit-wiemer.de
Managing Directors: Dr. Frank Bayer, Dr. Hugo Brussaard
Our Data Protection Officer can be reached at the above postal address, attn. "Der Datenschutzbeauftragte", or by e-mail at Datenschutz@geholit-wiemer.de.
III) YOUR RIGHTS
You have the following rights towards us in relation to personal data concerning you:
- Right of access
- Right of rectification or erasure
- Right of restriction of processing
- Right of objection to processing
- Right of data portability
You also have the right to submit complaints to a data protection supervisory authority about our processing of your personal data.
In the German state of Baden-Württemberg, this role is filled by the "Landesbeauftragter für Datenschutz und Informationsfreiheit BW" (i.e. the Baden-Württemberg Commissioner for Data Protection and Freedom of Information), Lautenschlagerstraße 20, 70173 Stuttgart, Germany, resp. Postfach 10 29 32, 70025 Stuttgart, Germany, Phone: +49 711 615541-0, Fax: +49 711 615541-15, e-mail: poststelle@lfdi.bwl.de
If you wish to exercise your data subject rights, simply send an e-mail to
Proof of identification may be required here.
IV) COLLECTION AND STORAGE OF PERSONAL DATA AND THE NATURE AND PURPOSE OF THEIR USE
1. When visting our website
a. When accessing our website on a terminal device, the browser you are using will automatically send information to our website's server. This information will be temporarily stored in a so-called log file. Without your intervention, the following information will be captured and stored until it is automatically deleted, usually after one week:
- IP address
- Date and time of access
- Time zone difference from Greenwich Mean Time (GMT)
- Content of the query (specific page)
- Access status / HTTP status code
- Data volume transferred in each case
- Website from which the request originates
- Browser
- Operating system and its interface
- Language and version of the browser software
b. We process the specified data for the following purposes:
- To ensure a smooth connection buildup of the website
- To ensure the convenient use of our website
- To evaluate system safety and stability
- To clarify any abusive page accesses (DoS/DDoS attacks or similar) if any
- For further administrative purposes
c. The legal basis for this data processing is art. 6 para. 1 p. 1 lit. f DS-GVO (i.e. General Data Protection Regulation, GDPR). Our legitimate interest arises from the aforementioned purposes for collecting your data. In general, we do not use the data collected for the purpose of drawing conclusions about you as a person. However, we reserve the right to do so, at most, should it be necessary to clarify abusive website accesses.
2. When contacting us / ordering documents
a. If you have questions of any kind, including ordering documents, we offer you the possibility of contacting us via phone or e-mail. In addition, you may also use a contact form provided on our website. When using this form, a valid e-mail address is required, your name, as well as the indication of your company. Thus, we know who the request is from and will be able to answer it.
b. Further information like address data, phone number, and the message itself goes beyond what is actually required. With this data provided by you, an encrypted e-mail is generated directly – without intermediate storage – to vek-graben@geholit-wiemer.de, which you transmit to us by sending it. Please note that the e-mail is solely subject to so-called transport encryption. Thus, confidential data should not be sent via this channel.
c. Data processing activities for the purpose of contacting us are based on art. 6 para. 1 p. 1 lit. a GDPR on the basis of your voluntarily given consent, resp. for (pre-)contractual queries (e.g. with regard to future membership, ordering of documents) on the basis of art. 6 para. 1 lit. b GDPR. The data we collect and process in the framework of your contacting us is deleted once your query has been dealt with and, if applicable, after the statutory retention periods have expired.
3. Newsletter
a. After submitting your consent, you may subscribe to our newsletter, which will provide you with our current interesting offers. The products and services advertised are listed in the declaration of consent.
b. The subscription process for our newsletter uses the so-called double opt-in process. This means that after your registration, we will send you an e-mail to the e-mail address you provided in which we ask you to confirm that you would like to receive the newsletter. If you fail to confirm your registration within 72 hours, your information will be blocked and automatically deleted after one month. Furthermore, we will store the IP addresses you used and the points in time at which you registered and confirmed your registration. The purpose of this process is to prove your registration and, if applicable, to enable us to clarify any possible misuse of your personal data.
c. The only mandatory information for receiving the newsletter is your e-mail address. [The provision of further, separately marked data is voluntary and will be used to address you personally.]
d. Following your confirmation, we will save your e-mail address for the purpose of sending you our newsletter. The legal basis for this is art. 6 para. 1 p. 1 lit. a GDPR.
e. You may withdraw your consent to us sending you our newsletter anytime and thus unsubscribe from our newsletter. You may declare your revocation by either clicking the link provided in every newsletter e-mail, by using this form on the website, via e-mail to newsletter@geholit-wiemer.de, or by sending a message to the contact details provided in the legal notice (i.e. "Impressum").
4. Organisation and implementation of events (symposia, training courses, specialist conferences, and trade fairs)
With this data protection notices, we inform you about the handling of your personal data that you provide to us as part of your registration and participation in our events. Information about your rights according to the General Data Protection Regulation (GDPR) can be found in section III) of this privacy policy.
a) Description and purposes of data processing:
The processing of your data is necessary for the organisation and implementation of events (symposia, training courses, specialist conferences, and trade fairs) and for processing your registration and participation. The processing procedures and purposes are as follows:
- Organisation and proper realisation of our events
- Invitation, registration and ensuring proper participation, processing of specific enquiries, provision of information material
- Documentation, creation, and follow-up reporting on our social media platforms / on our website
- Statistical analyses and evaluation of events
b) Groups of persons affected:
- Employees of GEHOLIT+WIEMER GmbH
- Employees of business partners
- Participants of an event
- Speakers at an event
- External participants of an event
c) Types and categories of processed data:
- Contact and participation data according to the registration form: name and contact details, information on employment relationship (company, function)
- Participation data (ratings, certificates)
- Possibly arrival / departure dates, possibly data for enabling overnight accommodation
- Possibly information on allergies and intolerances for catering
- Data on disabilities, physical impairments
- Billing data
- Pictures of the event
d) Legal bases for processing, right to withdraw consent, legitimate interests pursued:
- Art. 6 para. 1 p. 1 lit. a GDPR – Consent – the person concerned has given their consent to the processing of their personal data for one or several specific purposes.
- Art. 6 para. 1 p. 1 lit. b GDPR – the processing is necessary for the performance of a contract to which the person concerned is party, or in order to take measures prior to entering into a contract.
- Art. 6 para. 1 p. 1 lit. c GDPR – processing is necessary for compliance with a legal obligation to which the controller is subject.
- Art. 6 para. 1 p. 1 lit. f GDPR – our legitimate interest follows from the data collection purposes listed above. Generally, we do not use the data collected for the purpose of drawing conclusions about your person.
e) Place of processing, transfer to a third country or to an international organisation:
- Your data will be processed by our locations in Germany.
- In the context of using joint group systems of our affiliate KABE Swiss Group, data may be transferred to Switzerland. This data transfer takes place based on the group affiliation and is regulated in a separate contract for order processing / in declarations of commitment.
f) Recipients or categories of recipients of personal data, order processing relationship:
- As the case may be, we use service providers who are strictly bound by our instructions and who support us, for example, in the areas of IT, marketing or image processing and with whom separate contracts for order processing / declarations of commitment have been concluded.
e) Duration of storage resp. deadline for deletion of personal data:
- Storage in accordance with the statutory retention periods (10 years) as well as for the duration of the fulfilment of the purpose.
5. Processing of data and information via social media platforms
Our group of companies is present on several social media platforms in order to get in touch with our registered customers and interested parties and to inform them about our products and services. The use of these platforms and their functions (such as sharing, commenting, rating) is the responsibility of the platform user.
Please note that your data may be processed outside the EU by the social media networks concerned. The legal basis for the data processing that you carry out on your own responsibility can be found in the data privacy notice of the respective social media network.
It is possible that your data may be used for advertising and market research purposes. User profiles can be created from your user behaviour, which serve as the basis for advertisements in social media networks and on third-party platforms. In general, cookies and other identifiers are stored on your computer for this purpose.
As part of our social media presences, we have access to information about the use of our profile, such as statistics provided by the respective social media platforms. These aggregated statistics mainly contain demographic information and data on interaction with our company profile and the content we share. For details on the social media platform data that we can access as the operator of a company profile, please refer to the links of the respective social media network.
The legal basis for data processing is based on our legitimate interest in effective information and communication with users in accordance with art. 6 para. 1 p. 1 lit. f) GDPR.
Below we inform you about the social media networks on which we operate a company profile. You will also receive information on the data processing of the respective platform and your options to object (opt-out).
Please note that data protection requests can be made most efficiently with the respective provider of the social media network, as only these providers have access to the data and can take appropriate measures directly.
Facebook, Instagram
General information, legal basis
We operate a so-called fan page on the social networks Facebook and Instagram, which are operated by Meta Platforms, Inc., formerly Facebook Inc., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter "Facebook"). Via this page you may contact us directly and receive up-to-date information about our company.
As the operator of the site, we receive data from Facebook and Instagram, including personal data. We use or process these "insights" – as described below – on the basis of our legitimate interests in accordance with art. 6 para. 1f GDPR. We may retrieve statistical data of various categories from Facebook and Instagram, such as:
- Number of page views
- Information on "Likes"
- Page activities
- Video views
- Post reach
- Comments
- Shared content
- Share male / female
- Origin based on country and city
- Language
- Views
- Clicks
We use this data to optimise our posts. For example, we can determine which types of posts are not successful with the desired target groups and can avoid them in future. In addition, we use the analysis of "Like" information in relation to posts to invite the people concerned to "like" our page.
Moreover, these details provide us with information about what type of posts generate the most interactions at what time of day and on what day of the week. Based on this information, we optimise the times at which we publish our posts.
Shared accountability
The joint responsibility for the protection of your personal data between Meta and us is governed by article 26 GDPR. Facebook / Instagram have published a corresponding contract that regulates this joint responsibility. This contract is referred to by the company as the "Page Controller Addendum". You can read the exact content at https://www.facebook.com/legal/terms/page_controller_addendum. You will find the privacy policy for Meta (Facebook, Instagram) here: https://www.facebook.com/privacy/policy/
Data subject rights
According to the General Data Protection Regulation (GDPR), you also have the right to information, rectification, portability, and erasure of your data towards Facebook and Instagram. You can exercise these rights directly in the Instagram and Facebook settings. In addition, you have the right to object to certain types of data processing. These include:
Right of objection
The right to object to the use of your data for direct marketing purposes
The right to object to the use of your data for "legitimate interest" processing activities by Facebook, Instagram or third parties and for "public interest" tasks of Facebook and Instagram.
To assert these rights, please use this document: https://www.facebook.com/help/contact/367438723733209.
As a member of a social network, you have the option of objecting to the collection of data by the network. For Facebook and Instagram, you can do this via https://www.facebook.com/settings?tab=ads and https://www.youronlinechoices.com.
Further information
We also recommend that you read Facebook's privacy policy carefully before using Facebook / Instagram.
Use of AI on Facebook, Instagram
We would like to point out that your posts on our Facebook and Instagram pages are used by Meta to improve the German language model of the AI at Meta. Meta sees legitimate interest as the legal basis for this use and would like to use the information you publish on Facebook or Instagram. From 26th June 2024, Meta plans to use the content "shared via Meta's products and services" to train its own AI in addition to publicly accessible data on the Internet. This can be seen in the explanation of the use of generative AI (https://www.facebook.com/privacy/genai). Posts, photos, their captions, as well as messages that are visibly posted to friends or specific members are used. The content of private messages is not used.
It is possible to object to the use of your own content by Meta for AI training (with a registered account):
Facebook: https://www.facebook.com/privacy/genai
Instagram: https://help.instagram.com/contact/767264225370182
You must give reasons for your objection.
If you discover that AI-generated content contains personal data about you that you have not shared with Meta, you can use the following form from Meta to find out what data Meta receives from third parties to train its AI: https://www.facebook.com/help/contact/510058597920541
The interest in training Meta AI lies exclusively with Meta for their own purposes. As the provider of the fan page, we merely draw attention to this fact and are otherwise not involved.
LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
We operate a company page on LinkedIn under joint accountability, based on an agreement on the joint processing of personal data ("Page Insights Joint Controller Addendum"), which LinkedIn provides unilaterally. There you will also find information on the page insight data processed and a contact option for data protection issues: https://legal.linkedin.com/pages-joint-controller-addendum
Privacy policy: LinkedIn Privacy Policy
Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
XING AG, Dammtorstraße 29-32, 20354 Hamburg, Deutschland
Privacy policy/Opt-Out: Privacy at XING
6. Cookies
In several places, our website uses so-called cookies. These are small text files that are stored on your computer and by your browser. Cookies can have various different functions. They enable the user to use the internet more conveniently. By placing cookies, the internet obtains some kind of memory – in this way, the web page remembers that a certain user has visited it already before and makes a new login redundant in the case of an encrypted page. Cookies allow for determining a complex usage and surfing behaviour. They can store information on usage behaviour and transmit it to the user. In this way, the use of cookies enables profiling which must be viewed critically in terms of data protection law.
Cookies are primarily used in the field of online marketing, for example, to serve personalised advertising. The keyword "targeting" summarises those activities that are intended to enable the target group-oriented display of advertising on web pages. A continuation of this advertising strategy is the so-called retargeting, in which a provider resp. advertiser marks the customer when he visits the company's own homepage by means of a tracking cookie and follows him on his excursion through the internet. The company's own advertising can then be regularly displayed as an ad banner on external pages to remind the customer of its own products and services.
We reserve the right to use so-called targeting on our site. You have two options to prevent this:
You can prevent cookies from being saved in your browser. The procedure varies depending on the browser. In this case, your settings apply to every page you visit.
You use the cookie banner resp. cookie consent provided by us when you call up our website, with which you are enabled to either accept cookies, only allow necessary cookies or to select or deselect individual cookies. The cookie banner can be called up again any time via the "Cookie settings" link.
Most of the cookies we use are so-called "session cookies". They are automatically deleted at the end of your visit. Please refer to any special explanations regarding a cookie in explicit places of use elsewhere in this data protection declaration or from dialogue / banner messages (e.g. cookie notice when Google products are used by banners).
Depending on the type of cookie, the legal basis for the use of cookies is your consent. The basis for this is the EU Cookie Directive (opt-in) and § 15 para. 3 TMG (= Telemediengesetz, i.e. German Teleservices Act) (opt-out) or our legitimate interest in the use of cookies necessary for the operation of the website. The cookies to be selected in the cookie banner / cookie consent require your consent. Without this consent, they will not be used (e.g. range analysis with Matomo or YouTube).
6.1 Cookies applied:
6.2 Google services
We use various services of the Google company on our website. These services communicate with each other within the Google company and accordingly also evaluate data that you have permitted for tracking.
Below you will find all the Google services we use. The provider of all services is Google Ireland Limited ("Google"):
Google Ireland Limited
Gordon House
Barrow Street
Dublin 4
Ireland
The use of all Google services on this website and the processing of data following consent are carried out on the basis of art. 6 para. 1 lit. a GDPR.
For the processing and storage of data, Google has signed a standard contractual clause (art. 46 para. 2 and 3 GDPR).
You will find more information on this under "Google Controller Data Protection Terms" (information in English).
https://business.safety.google/controllerterms/ and https://business.safety.google/controllerterms/sccs/
More information on the handling of user data can be found in Google's privacy policy (information in English)
https://policies.google.com/privacy?hl=de
6.2.1 YouTube
For integrating and providing videos, we utilize "YouTube" on our website. We use YouTube in extended data protection mode ("YouTube NoCookie"). According to YouTube, this mode ensures that YouTube does not store any information about visitors to this website before they watch the video. The disclosure of data to YouTube partners, however, is not necessarily excluded by the extended data protection mode. Thus, YouTube establishes a connection to the Google DoubleClick network – regardless of whether you watch a video.
As soon as you start a YouTube video on this website, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited. If you are logged in to your YouTube account, you enable YouTube to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account.
Furthermore, after starting a video, YouTube may store various cookies on your end device or utilize comparable recognition technologies (e.g. device fingerprinting). In this way, YouTube can obtain information on visitors of this website. This information is used, among others, in order to capture video statistics, improve user-friendliness, and prevent fraud attempts.
Further data processing operations may be triggered after the start of a YouTube video, over which we have no control.
6.2.2 YouTube NoCookie
YouTube NoCookie is the extended privacy mode of YouTube. It is a piece of code through which we embed our YouTube videos on our website. YouTube NoCookie prevents personal data from being shared with third parties (such as advertising services), but not the collection of some user data through cookies created by YouTube. This data is passed on to certain Google servers.
6.2.3 YouTube Images
For the display of various images of our YouTube channel, such as thumbnails or our logo, YouTube uses YouTube Images in the background.
4.2.4 Google Photos
Google Photos is a service for displaying images like e.g. the figurative mark of our logo in connection with other Google services like e.g. YouTube.
6.2.5 Google Fonts
For the uniform display of fonts, this website uses so-called web fonts provided by Google. When you visit a page, your browser will load the required web fonts into your browser cache in order to display texts and fonts correctly. If your browser does not support web fonts or you do not consent, a standard font from your computer will be used.
You can find more information about Google web fonts at developers.google.com/fonts/faq and in Google's privacy policy: https://www.google.com/policies/privacy/
6.3 Matomo
With Matomo, we operate a web analytics tool on our server that collects and evaluates data regarding the behaviour of visitors to our website. Based on these findings, we can further improve our website. No data is transferred to third parties.
The information generated by the cookie about the use of the website is stored on our server. The IP address is anonymised before storage.
The information generated by the cookie about the use of this website is not passed on to third parties.
6.4 hCaptcha
In order to ensure that requests are not made by bots but by you as a user, we use a so-called captcha module. For confirmation, you must enter the code here that is displayed and cannot be recognised by machines.
The service provider for hCaptcha is the US company Intuition Machines Inc., 350 Alabama St, San Francisco, CA 94110, USA.
As the legal basis for the transfer, the provider uses the EU standard contractual clauses. It is not certified with the EU-US Data Privacy Framework as of August 2024.
Regarding the storage period, the provider states: Information collected through technical means such as cookies, web page counters, and other analytics tools is discarded as soon as possible but may be retained for a limited period of up to one year after the cookie expires, typically in anonymised and aggregated form, unless we identify potential misuse of our service.
6.5 Matterport
Matterport offers a technology for capturing spaces and objects in 3D, for visualising and sharing them. This is used on our website for displaying the 3D visualisations.
Matterport is a service of Matterport, Inc., 352 E. Java Dr., Sunnyvale, CA 94089, USA. Matterport's representative in Europe in terms of data protection is the European Data Protection Office, Avenue, Huart Hamoir 71, 1030 Brussels, Belgium (https://edpo.com/gdpr-data-request/).
You only need this service if you want to use the visualisations. Matterport collects the following data when you use the service: IP address, device and browser type, visits to previous websites, identifiers associated with the devices.
The transfer to the USA is legitimised via EU standard contractual clauses.
V) SSL ENCRYPTION
For security reasons and in order to protect the transmission of confidential content such as enquiries that you send to us as the site operator, this site uses SSL encryption. You can recognise an encrypted connection by the fact that the address line of the browser displays "https://" and by the lock symbol in your browser line. If SSL encryption is activated, the data you transmit to us cannot be read by third parties.
VI) LINKS TO OTHER WEBSITES
For expedient reasons and for further information, our websites may contain links to other websites. These websites may be operated independently of us. Linked websites may have their own privacy statements or policies, which you should definitely review. If linked websites are not owned or managed by us, we are not responsible for the content of those websites, their use or their privacy practices, even if you reach those websites directly from ours.
VII) DATA STORAGE / DELETION
Unless otherwise specified in the detailed descriptions of the offers, we process and store your personal data as long as it is required for the fulfilment of our contractual and legal obligations. Your personal data is regularly deleted or blocked when it is no longer required for the fulfilment of contractual or legal obligations, you have exercised your right of deletion, all mutual claims have been fulfilled, and there are no other legal retention obligations or legal justification bases for storage.
VIII) CURRENTNESS AND AMENDMENTS TO THIS DATA PROTECTION DECLARATION
This data protection declaration is currently valid and has the status August 2024. Due to the further development of our website or due to changed legal resp. official requirements, it may become necessary to alter this data protection declaration. You can access and print out the current data protection declaration from our website at any time.