The “Regulation of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data, on the free movement of such data and repealing Directive 95/46/EC” – General Data Protection Regulation (GDPR) for short and the Federal Data Protection Act (BDSG) in its new version of 2018.
Groups of data subjects
2. General information and mandatory information
The responsible party for the processing of personal data at Wilhelm Sihn jr. GmbH & Co. KG, within the meaning of the applicable data protection law, including the EU General Data Protection Regulation (Regulation (EU) 2016/679) is:
Wilhelm Sihn jr. GmbH & Co. KG
WISI Communications GmbH & Co. KG
WISI Automotive GmbH & Co. KG
Contact details of the data protection officer
If you have any questions regarding the handling of your data under data protection law, there are two ways in which you can clarify your questions or submit your concerns:
1. Directly to the above-mentioned offices of the data controller.
2. For general enquiries about data protection and requests for information, please contact us, giving precise details of your concern and your contact address:
Ioannis Dimas (ETES GmbH, Stuttgart)
Data Protection Officer
Change of data protection guidelines
We therefore ask you to visit this page from time to time in order to inform yourself about any changes that we may make here.
3. Data protection at a glance
How do we handle personal data and what data is collected?
The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data is any data that can be used to identify you personally. For more detailed information on data protection, please refer to our data protection statement below this text.
Data collection on our website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find his contact details in the imprint of this website.
How do we collect your data?
On the one hand, your data is collected by you providing it to us. This may, for example, be data that you enter in a contact form.
Other data is collected automatically by our IT systems when you visit the website. This is mainly technical data (e.g. internet browser, operating system or time of page view). This data is collected automatically as soon as you enter our website.
What do we use your data for?
Data is collected in order to ensure error-free provision of the website.
What rights do you have regarding your data?
You have the right to receive information free of charge at any time about the origin, recipient and purpose of your stored personal data. You also have the right to demand the correction, blocking or deletion of this data. You can contact us at any time at the address given in the imprint for this purpose and for further questions on the subject of data protection. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.
Analysis tools and tools from third-party providers
We do not statistically analyse your surfing behaviour when you visit our website.
Customer data / prospective customer data
As a customer, we collect not only information about your company, but also information about you personally (such as contact details), or other persons within your company in order to provide services for you.
Your personal data is mainly collected directly from you (e.g. through orders) or in the course of processing by us, if this is necessary for the execution of the order.
How is your personal customer data / prospective customer data used?
The main reason for the use of your personal data is the creation and execution of communication between you and us.
This involves the exchange of offers, order confirmations or even delivery notes, invoices, as well as other communication in the form of letters, e-mails, notes, messages, etc. between you and us. In addition, both you and we have a legitimate interest in ensuring that contractual agreements are implemented and that a smooth business relationship is guaranteed.
- First name & surname
- Address data
- Academic title
- Telephone & fax number
- E-mail data
- Bank details
To whom will your personal customer data / prospective customer data be passed on?
As a rule, the personal data collected remains exclusively within our company. And is only stored with us – within the European Union.
Since we, as a technology company, have to comply with special legal and contractual requirements, we are obliged to cyclically compare our domestic and foreign business contacts (companies as well as private individuals) with sanctions lists (e.g. EU anti-terrorism regulations). This comparison is carried out by a third-party provider.
The data is deleted after the check has been completed, taking into account the necessary retention periods and deadlines.
For new customers, a creditworthiness check is always carried out with a credit agency. Should you require more information on this, please do not hesitate to contact your contact person at WISI or one of the above-mentioned contact addresses.
As a supplier, in addition to information about your company, we also collect information about you (such as contact details) or other persons within your company in order to ensure a smooth order process and further processing.
How is your personal supplier data used?
The main reason for using your personal data is to create and carry out communication between you and us.
This involves exchanging enquiries, orders or even incoming invoices, as well as other communication in the form of letters, e-mails, notes and messages between us. In addition, both you and we have a legitimate interest in ensuring that contractual agreements are implemented and that a smooth business relationship is guaranteed.
- First name & surname
- Address data
- Academic title
- Telephone & fax number
- E-mail data
- Bank details
Who do we share your personal supplier data with?
Your personal data is mainly collected when you become a supplier. Due to changes of contact persons in your company, personal data may also be collected subsequently in connection with employees of your company.
As a rule, the personal data collected remains exclusively within our company. And is only stored with us.
As we are a technology company and have to comply with special legal and contractual requirements, we are obliged to cyclically compare our domestic and foreign business contacts (companies as well as private individuals) with sanctions lists (e.g. EU anti-terrorism regulations). This comparison is carried out by a third-party provider.
The data is deleted after the check has been completed, taking into account the respective necessary retention periods and deadlines.
We are very pleased if you are interested in a job to complement our team. To enable us to form an initial picture of your person, professional suitability, etc., various mandatory details such as name, address, date of birth, contact details, education, work history, nationality, residence status if applicable, and certificates are required within an application. Where appropriate and permitted by local laws and regulations, we may also require information about your health.
Your personal data is essentially collected by you in the form of application documents and sent to us. Subsequently, we may become aware of further personal information from you during a telephone interview, or job interview, which will be added to your existing information.
How is your personal applicant information used?
The main reason for using your personal data is to evaluate you and your skills as part of the applicant screening or selection process.
- First name & surname
- Address data
- Telephone & fax number
- E-mail data
- Previous and prior job/occupation
- Job title (training)
- School history
- Academic titles
- Date of birth
- Health data (Only if this should have an impact on the requested position)
- Bank details (in case of reimbursement of travel expenses)
- Employment data on previous employment (possibly in connection with the position to be filled)
- Information on legal representatives (for underage applicants)
To whom will your personal applicant data be passed on?
The personal data obtained will remain exclusively within our company.
The employees of our company are internally provided with the leaflet “Handling of personal data of employees”.
Visitors to this website / Other communication partners
Data is collected from visitors to our website in two ways.
1. we collect the following data on our website:
- Cookies (we have provided information on this further down in this privacy statement).
- Personal data (surname, first name and e-mail address) for contact purposes (contact form).
2. in the case of merely informative use of the website, i.e. if you do not register or otherwise transmit information to us, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure its stability and security (legal basis is Art. 6 para. 1 p. 1 lit. f GDPR):4
- IP address
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status/HTTP status code
- Amount of data transferred in each case
- Website from which the request came
- Operating system and its interface
- Language and version of the browser software
How is your personal visitor data used?
We only use your data if it is technically necessary to display our website to you and to ensure the stability and security of our website.
How is your data stored and transmitted internationally?
WISI is a company that operates internationally and has subsidiaries and representative offices in several countries – this is the only way we can offer our customers the level of service they are used to. In order for us to continue to operate in this way in the future, we may need to transfer, process and store your data abroad in order to comply with contractual arrangements we have entered into with you and to meet any requirements or requests you may have of us.
How is your personal data protected?
We ensure the protection of your information and in particular the protection of personal data by taking appropriate technical and/or organisational measures to prevent unauthorised access to your personal and other data in our company.
How long is your personal data stored?
The legislator has enacted various storage obligations and periods. After these periods have expired, the corresponding data is deleted if it is no longer required for the fulfilment of the contract or for prescribed verification purposes and/or on the basis of legal requirements.
Should the data subject have given their consent in writing, the information may be retained beyond this until the data subject revokes their consent.
How can you access, change or withdraw personal data that you have given us?
If we are already in possession of your personal data, you have various rights. You are welcome to contact us in this regard and we will endeavour to process your request as quickly as possible and in accordance with the law.
In certain circumstances, we may need to obtain your consent to process your personal data in connection with certain activities, operations or offers.
This depends on the purpose for which your data is required and is to be used. We will obtain this consent explicitly from you by means of opt-ins.
This consent must be given voluntarily by you and the necessary steps, e.g. ticking the appropriate checkboxes or confirming links you receive by email, must be carried out by you personally.
In doing so, we ensure that you have control over these processing operations and can give, refuse or withdraw (revoke) consent given.
We keep records of the consent you have given in this way.
You are entitled to withdraw consent at any time.
Right of objection
If we use your personal data in an unauthorised manner and you do not consent to this, you have the right to object. We will respond to your request within 30 days. As a rule, we will only object to your data in specific, narrowly defined circumstances.
Right to withdraw consent
You have the right to withdraw your consent to us processing your personal data for certain activities at any time.
Data subject request for access to personal data (DSAR)
You have the right to obtain information about your personal data held by us at any time. You also have the right to ask us to amend, update or delete this information.
In addition, we have the right to ask you to confirm your identity or to ask you for more information about your request. We may also refuse your request if this is permitted by law. You will of course be informed of the reasons.
Right of rectification
Of course, you also have the right to have your personal data corrected by us immediately if it is incorrect, incomplete or has changed.
Right to deletion
If we have processed your personal data unlawfully, you can ask us to delete it. We will respond to your request within 30 days and may only object in certain circumstances.
Provided we agree to the request for erasure, we will delete your data.
Right to restrict processing
You have the right to request that we restrict (block) the processing of your data. In particular, you have this right if one of the following reasons exists
- You dispute the completeness and accuracy.
- The processing is unlawful and you refuse to delete the data.
- The data is no longer required by us, but you still need this data to assert or exercise claims.
- You have objected to the processing and we are still reviewing whether we have legitimate grounds to object to your request.
Right to information
If you have given us the right to rectify, erase or restrict processing, we are obliged to inform all recipients to whom we have disclosed your personal data of these changes, unless this would be impossible or would involve a disproportionate effort.
Of course, you also have the right to inform us of your change requests via these recipients.
Right to data portability
You have the right to transfer your data from us to another data controller. We will assist you in this by transferring your data directly for you or by providing you with a copy in a standard machine-readable format.
Right to complain
You have the right to complain to us or to the relevant supervisory authority about our use of your personal data. You can do this in writing, by email, telephone or in person, either directly to our company or through our data protection officer, whose contact details can be found under “Contact details of the data protection officer”.
How is your data stored and transferred internationally?
WISI is a company that operates internationally and has subsidiaries and representative offices in several countries – this is the only way we can offer our customers the level of service they are used to. In order for us to continue to operate in this way, we may need to transfer, process and store your data abroad.
If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. No further data is collected or only on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties.
The data entered in the newsletter registration form is processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the “unsubscribe” link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.
The data you provide for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted after you unsubscribe from the newsletter. Data stored by us for other purposes (e.g. e-mail addresses for the members’ area) remain unaffected by this.
5. Data collection on our website
What are cookies and how are they used?
A cookie is a small file that stores internet settings. Almost every website uses cookie technology. Cookies are downloaded by your web browser the first time you visit a website. The next time you visit this website with the same terminal device, the cookie and the information stored in it is either sent back to the website that generated it (first party cookie) or sent to another website to which it belongs (third party cookie). This allows the website to recognise that you have been visited before with that browser and then, in some cases, varies the content displayed.
Some cookies are extremely useful as they can improve the user experience when you return to a website that you have already visited several times. Provided you are using the same terminal and browser as before, cookies remember, for example, your preferences for how you use a page and tailor the offers displayed more relevantly to your personal interests and needs.
Depending on their purpose and function, cookies can be divided into four categories:
Essential Cookies, Performance Cookies, Functional Cookies and Marketing Cookies.
Types of cookies
You can also check which types of cookies are accepted or change. You can usually do this in your browser settings.
Of course, you can also change your browser settings so that you only receive cookies that are absolutely necessary to perform the basic functions of the website – all other cookies would then no longer be accepted.
Most browsers accept cookies. However, if you prefer that we do not collect any data using cookies, you can set your browser privacy settings to accept some or all cookies, or to reject all cookies.
However, if all cookies are rejected, not all features and content of our websites may be available to you.
As every browser is different, we recommend that you check the help menu of your browser to find out how to change your cookie settings.
Further general information on the subject of cookies, including the options for deactivating cookies, can be found at aboutcookies.org. It also describes how you can delete cookies from your computer.
6. Social media
Sharing content via plugins (LinkedIn, Facebook & Co.)
We do not share data with social media, such as Facebook, Twitter & Co.
7. Analysis tools and advertising
Our partner for online marketing activities is HubSpot, Inc. We cover various aspects of our online marketing via their integrated software solution.
These include, among others:
– Content management (website and blog)
– E-mail marketing (newsletters and automated mailings, e.g. to provide downloads)
– Social media publishing & reporting
– Reporting (e.g. traffic sources, web site calls, etc. …)
– Contact management (e.g. user segmentation & CRM)
– Landing pages and contact forms
Our registration service allows the visitors to our website to learn more about our portal, download content and to provide their contact details and other demographic information.
This information, as well as the content of our website, is stored on servers of our software partner HubSpot, Inc. We may use it to contact our website’s visitors and to determine which of our company’s services are of interest to them.
HubSpot, Inc. is an American software company with a branch in Ireland.
2nd Floor, 30 North Wall Quay
Dublin 1, Ireland
Telephone: +353 1 5187500
As there is a transfer of personal data to the USA, further protection mechanisms are needed to ensure the level of data protection required by the European GDPR. For this purpose, we have agreed standard data protection clauses with the provider in accordance with Art. 46 (2) lit. c GDPR. These oblige the data recipient in the USA to process it in accordance with the level of protection regularised in the European GDPR. In cases where even the contractual extension cannot ensure this, we endeavour to obtain additional regulations and commitments from the data recipient in the USA.
More information from HubSpot regarding EU data protection regulations (Link: https://legal.hubspot.com/data-privacy)
More information about the cookies used by HubSpot can be found here (Link: https://knowledge.hubspot.com/articles/kcs_article/reports/what-cookies-does-hubspot-set-in-a-visitor-s-browser) & here (Link: https://knowledge.hubspot.com/articles/kcs_article/account/hubspot-cookie-security-and-privacy)
8. Use of WISI apps
We provide users with WISI apps to configure and manage your WISI devices. With these apps, which have been programmed by WISI itself, the user is able to access the extensive configuration options.
The apps currently distributed by WISI are designed for the best possible data economy and data security of your personal data. The data processed is used to improve the functionality of our WISI apps and is only recorded and processed as stand-alone events.
What does the app access?
In order for these apps to provide the best possible functionality, the app accesses the camera of your smartphone. This access serves to better identify the serial number of the WISI device to be configured. Images stored on your smartphone are not accessed at any time.
As our apps establish a Bluetooth connection, we also need to request the authorisation for “Location” on the phones. This authorisation is only needed to activate Bluetooth and is technically required.
No location data is used or processed by our apps in the app. We also do not process any other location data.
Is personal data stored?
We do not store any personal data of the app users ourselves. However, WISI has no influence on what data is collected and stored by app shop operators (e.g., Google Play) and operating system manufacturers when you use our apps and how this data is used by these bodies.
- HFC Updater
- HFC Manager+
- OM Manager+
- Quick Configuration
9. Legal basis
The General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and other German and European regulations and laws apply to the processing of personal data. The following points list the legal basis used and the existing legal basis according to GDPR and BDSG. We use this legal basis to process your data.
Art. 6 DSGVO Legality of processing:
ABS (1) Processing is only lawful if at least one of the following conditions is met:
- Consent Art. 6 para. 1 p. 1 a)
The data subject has given his/her consent to the processing of personal data relating to him/her for one or more specific purposes;
- Performance of a contract or implementation of pre-contractual measures Art. 6 para. 1 p. 1 b) GDPR
processing is necessary for the performance of a contract to which the data subject is party or for the performance of pre-contractual measures taken at the data subject’s request;
- Compliance with a legal obligation Art. 6 para. 1 p. 1 c) GDPR
processing is necessary for compliance with a legal obligation to which the controller is subject;
- Legitimate own interests or legitimate interests of third parties Art. 6 para. 1 p. 1 f) GDPR
processing is necessary for the purposes of the legitimate interests of the controller or a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data, in particular where the data subject is a child.
- Decision on the establishment of an employment relationship Art. 88 GDPR in conjunction with. § Section 26 para. 1 sentence 1 BDSG
If you apply online via our website, we will also use your data to decide on the establishment of an employment relationship with you and, if applicable, for the establishment, implementation and termination of the same.
Changes to data protection guidelines
Data protection guidelines change due to technical progress, legal changes or other influences.
Information on changes can be found continuously on this website.