J. Wagner GmbH Privacy notice and information obligations

1.1 General notes

J. Wagner GmbH (further legal information can be found in the Legal Information section) is the entity responsible for complying with data protection legislation relating to this website. We appreciate your interest in our website and want you to feel safe and comfortable when you visit our website. J. Wagner GmbH (hereinafter referred to as "WAGNER") therefore takes the protection of your personal data very seriously and treats your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy. The following information provides a simple overview of what happens to your personal data when you visit our website. We will inform you in detail about what personal data we collect from you when you use our website and for what purposes we process and use it.

We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.

WAGNER reserves the right to adapt the data protection declaration to changes in legal provisions and regulations or to make other updates at any time. Please keep yourself informed about changes to the data protection declaration by accessing it via the corresponding link on our website. For general questions about our website, please contact us directly: 

Department: Digital marketing
Telephone: +49 7544 505-0
E-mail: info@wagner-group.com
 

1.2 Data collection on our website

How do we collect your data?

On the one hand, your data is collected when you provide it to us. This may be data that you enter in a contact form, for example. Other data is collected automatically by our IT systems when you visit the website. This is mainly technical data (e.g. Internet browser, operating system or time of the page view). This data is collected automatically as soon as you enter our website.

What do we use your data for?

We use the data provided by you in order to be able to carry out the processing purposes requested by you (processing your inquiries, ordering newsletters, using InfoNet, etc.). Some of the data is collected to ensure that the website is provided without errors. Other data may be used to analyze your user behavior.

When do we pass on your data?

your personal data will only be passed on or transmitted to third parties or processors if this is necessary for the purpose of processing and there is a corresponding authorization.

Analysis tools and tools from third-party providers

When you visit our website, your surfing behavior can be statistically evaluated. This is mainly done using cookies and so-called analysis programs. When you visit our website for the first time, a banner is displayed alerting you to the use of cookies. If you click on the "Accept all cookies." button, you agree to our use of cookies. The analysis of your surfing behavior is usually anonymous; the surfing behavior cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. Detailed information on this can be found in the following privacy policy.

2.1 Note on the responsible body

The controller responsible for data processing on this website is

J. Wagner GmbH

Otto-Lilienthal-Str. 18
88677 Markdorf
Telephone: +49 7544 505-0
Fax: +49 7544 505-200
E-mail: info@wagner-group.com

Data Protection Officer

We have appointed a data protection officer for our company. You are welcome to contact them if you have any questions regarding the use of your personal data or the enforcement of your rights as a data subject.

E-mail: Datenschutz.Deutschland@wagner-group.com
 

2.2 Your rights as a data subject

First of all, we would like to inform you here about your rights as a data subject. These rights are standardized in Art. 15 - 22 GDPR standardized. This includes: 

• Right to information (Art. 15 GDPR),

• Right to erasure (Art. 17 GDPR),

• Right to rectification (Art. 16 GDPR),

• Right to data portability (Art. 20 GDPR),

• Right to restriction of data processing (Art. 18 GDPR),

• Right to object to data processing (Art. 21 GDPR).

To assert these rights, please contact: Datenschutz.Deutschland@wagner-group.com.

The same applies if you have any questions about data processing in our company or wish to withdraw your consent. You also have the right to lodge a complaint with a data protection supervisory authority.

Rights of objection 

Please note the following in connection with rights of objection: 

If we process your personal data for the purpose of direct advertising, you have the right to object to this data processing at any time without giving reasons. This also applies to profiling insofar as it is associated with direct advertising. 

If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes. The objection is free of charge and can be made informally, if possible to: Datenschutz.Deutschland@wagner-group.com.

In the event that we process your data to protect legitimate interests, you can object to this processing at any time for reasons arising from your particular situation; this also applies to profiling based on these provisions. 

We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims. 
 

2.3 SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
 

2.4 Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are

• Browser type and browser version

• operating system used

• Referrer URL

• Host name of the accessing computer

• Time of the server request

• IP address

This data is not merged with other data sources. The basis for data processing is Art. 6 para. 1 p. 1 lit. b GDPR, which permits the processing of data for the performance of a contract or pre-contractual measures.

3.1 General information on data collection & data processing

When processing your personal data, we comply with the provisions of the GDPR and all other applicable data protection regulations. The legal basis for data processing arises in particular from Art. 6 GDPR. 

We use your data to initiate business, to fulfill contractual and legal obligations, to implement the contractual relationship, to offer products and services and to strengthen the customer relationship, which may also include analyses for marketing purposes and direct advertising. 

Your consent to data processing may also constitute a data protection authorization provision. Before you give your consent, we will inform you about the purpose of the data processing and your right to withdraw consent. 

If the consent also relates to the processing of special categories of personal data, we will expressly point this out to you in the consent. Processing of special categories of personal data pursuant to Art. 9 GDPR is otherwise only carried out if this is required by law.

From time to time, we also base data processing on our legitimate interest in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, e.g. when using fraud management tools.

Disclosure to third parties

We will only pass on your data to third parties within the framework of the statutory provisions or with the appropriate consent. Otherwise, it will not be passed on to third parties unless we are obliged to do so due to mandatory legal provisions (disclosure to external bodies such as supervisory authorities or law enforcement authorities). 

Recipients of the data / categories of recipients

Within our company, we ensure that only those persons receive your data who need it to fulfill contractual and legal obligations. In certain cases, service providers support our specialist departments in the fulfillment of their tasks. The necessary data protection contracts were concluded with all service providers. 

Transfer to a third country / intention to transfer to a third country

Data will only be transferred to third countries (outside the European Union or the European Economic Area) if this is necessary for the performance of the contractual relationship, is required by law or if you have given us your consent to do so. 

We would also like to point out that your data may be processed outside the European Union. Appropriate contractual regulations and guarantees ensure compliance with the European level of data protection for data transfer and processing in third countries. Data processing or storage in third countries may also take place on the basis of your consent (Art. 49 para. 1 sentence 1 lit. a GDPR), in which case you will be informed of this separately when your consent is obtained, as well as the possibility of revocation.

Storage duration of the data

We store your data for as long as it is required for the respective processing purpose. Please note that numerous retention periods mean that data (must) continue to be stored. This applies in particular to retention obligations under commercial or tax law (e.g. German Commercial Code, German Fiscal Code, etc.). If there are no further retention obligations, the data will be routinely deleted once the purpose has been achieved. 

In addition, we may retain data if you have given us your permission to do so or if legal disputes arise and we use evidence within the framework of statutory limitation periods, which can be up to thirty years; the regular limitation period is three years. 

Secure transfer of your data

We use appropriate technical and organizational security measures to protect the data stored by us against accidental or intentional manipulation, loss, destruction or access by unauthorized persons. The security levels are continuously reviewed in collaboration with security experts and adapted to new security standards.

The exchange of data to and from our website is encrypted. We offer HTTPS as the transmission protocol for our website, in each case using the current encryption protocols. It is also possible to use alternative communication channels (e.g. by post).

Obligation to provide the data

Various personal data are necessary for the establishment, execution and termination of the contractual relationship and the fulfillment of the associated contractual and legal obligations. The same applies to the use of our website and the various functions it provides. 

We have summarized the details for you in the point above. In certain cases, data must also be collected or made available due to legal provisions. Please note that it is not possible to process your request or execute the underlying contractual relationship without providing this data. 

Categories, sources and origin of the data

Which data we process is determined by the respective context: This depends on whether, for example, you place an order online or enter an inquiry in our contact form, whether you send us an application or submit a complaint. 

Please note that we may also provide information for special processing situations separately in a suitable place, e.g. when uploading application documents or when making a contact request. 

We collect and process the following data when you visit our website:

• Name of the Internet service provider

• Information about the website from which you are visiting us

• Web browser and operating system used

• The IP address assigned by your Internet service provider 

• Requested files, transferred data volume, downloads/file export

• Information about the websites you visit on our site, including date and time

3.2 Cookies 

Our website uses so-called cookies. They serve to make our website more user-friendly, effective and secure. Cookies are small text files that are stored on your end device and saved (locally) by your browser. Cookies only contain pseudonymous, usually even anonymous data. Some cookies remain in place for the duration of a browser session (so-called session cookies), others are stored for longer periods (so-called persistent cookies, e.g. consent settings). The latter are automatically deleted after the specified time (usually 6 months). In addition to our own cookies, we also use cookies that are controlled by third-party providers. These use the information contained in the cookies, e.g. to show you content or to record the pages you have visited. 

On the basis of our legitimate interest (Art. 6 para. 1 sentence 1 lit. f GDPR), we set technically necessary cookies, which are absolutely necessary for the operation of the website and to ensure its functionality. Furthermore, we use cookies without your consent if their sole purpose is to store or access information stored in the terminal device for the transmission of messages or if they are absolutely necessary to provide the service you have expressly requested, § 25 para. 2 TDDDG.

The cookies we use on our website are

Necessary

__cf_bm [12x]
Domain name: .hs-scripts.com, .hsadspixel.net, .hs-analytics.net, .hs-banner.com, .hubspot.com, .hsforms.com, .hs-sites-eu1.com, .hubspotusercontent-na1.net, .hubspotusercontent-eu1.net, .hsforms.net, .fs.hubspotusercontent00.net, .hsappstatic.net
Procedure: 30 minutes
Type: Cookie
Provider: Cloudflare
The __cf_bm cookie is a cookie that is required to support Cloudflare Bot Management and is currently in private beta. As part of our bot management service, this cookie helps manage incoming traffic that matches the criteria associated with bots.

_cfuvid [2x]
Domain name: .hubspot.com, .hsforms.com
Process: Session
Type: Cookie
Provider: Cloudflare
This cookie is part of the services provided by Cloudflare - including load balancing, providing website content and providing the DNS connection for website operators.

cookiefirst-consent
Domain name: wagner-group.com
Expiry: one year
Type: Cookie
Provider: Cookie First
This cookie saves your cookie settings for this website. You can change this at any time or withdraw your consent.

cookiefirst-consent
Domain name: wagner-group.com
Process: Persistent
Type: Local Storage
Provider: Cookie First
This cookie saves your cookie settings for this website. You can change this at any time or withdraw your consent.

cookiefirst-id
Domain name: wagner-group.com
Process: Persistent
Type: Local Storage
Provider: Cookie First
This cookie contains your unique ID so that CookieFirst can identify unique visitors to this website.

Performance

__hssc
Domain name: .wagner-group.com
Procedure: 30 minutes
Type: Cookie
This cookie name is linked to websites based on the HubSpot platform. This name is reported by them as being used for website analysis.

__hssrc
Domain name: .wagner-group.com
Process: Session
Type: Cookie
Each time HubSpot changes the session cookie, this cookie is also set to determine whether the visitor has restarted their browser. If this cookie is not present when HubSpot manages cookies, it is considered a new session.

__hstc
Domain name: .wagner-group.com
Expiry: 6 months
Type: Cookie
This cookie name is linked to websites based on the HubSpot platform. This name is reported by them as being used for website analysis.

_ga
Domain name: .wagner-group.com
Expiry: 2 years
Type: Cookie
Provider: Google LLC.
Registers a unique ID for a website visitor to track how the visitor uses the website. The data is used for statistics. Data transfer to third countries: USA. Google LLC. is certified under the Data Privacy Framework, which means that your rights as a data subject can be guaranteed.

_ga_********
Domain name: .wagner-group.com
Expiry: 2 years
Type: Cookie
Provider: Google LLC
This cookie stores a unique ID for a website visitor and tracks how the visitor uses the website. The data is used for statistics. Data transfer to third countries: USA. Google LLC. is certified under the Data Privacy Framework, which means that your rights as a data subject can be guaranteed.

_gat_UA-****
Domain name: .wagner-group.com
Procedure: one minute
Type: Cookie
Provider: Google LLC
The _gat_UA cookie is a variation of the _gat cookie from Google Analytics. It is used to restrict the collection of data on highly frequented websites. The cookie is set by the Google Analytics tracking code and contains the unique ID of the tracking account or website to which it relates. The _gat_UA cookie is normally used to throttle the request rate, which means that it limits the amount of data that Google Analytics can collect from the website.

_gid
Domain name: .wagner-group.com
Procedure: one day
Type: Cookie
Provider: Google LLC
Registers a unique ID for a website visitor to track how the visitor uses the website. The data is used for statistics. Data transfer to third countries: USA. Google LLC. is certified under the Data Privacy Framework, which means that your rights as a data subject can be guaranteed.

_hjSession_******
Domain name: .wagner-group.com
Procedure: 30 minutes
Type: Cookie
Provider: Hotjar Ltd
A cookie that contains the current session data. As a result, subsequent requests within the session window are assigned to the same Hotjar session.

_hjSessionUser_******
Domain name: .wagner-group.com
Expiry: one year
Type: Cookie
Provider: Hotjar Ltd
Hotjar cookie that is set when a user lands on a page with the Hotjar script for the first time. It is used to keep the Hotjar user ID, which is unique for this site, in the browser. This ensures that the behavior on subsequent visits to the same site is assigned to the same user ID.

hjActiveViewportIds
Domain name: wagner-group.com
Process: Persistent
Type: Local Storage
Provider: Hotjar
This element is defined by Hotjar for performance and analysis purposes.

Functional

hubspotutk
Domain name: .wagner-group.com
Expiry: 6 months
Type: Cookie
This cookie name is linked to websites created on the HubSpot platform. This cookie is used to track the identity of a visitor. This cookie is transferred to HubSpot when the form is submitted and is used when deduplicating contacts.

li_gc
Domain name: .linkedin.com
Expiry: 6 months
Type: Cookie
Provider: Linkedin
This is a cookie from LinkedIn and is used to store visitors' consent to the use of cookies for non-essential purposes

VISITOR_INFO1_LIVE
Domain name: .youtube.com
Expiry: 6 months
Type: Cookie
Provider: YouTube
This cookie enables YouTube to check bandwidth usage.

YSC
Domain name: .youtube.com
Process: Session
Type: Cookie
Provider: YouTube
Register unique IDs and keep statistics on which videos users have watched on YouTube.

Advertising

_fbp
Domain name: .wagner-group.com
Expiry: 3 months
Type: Cookie
Provider: Meta Inc.
This cookie is used by Facebook for advertising purposes and for conversion tracking.

_gcl_au
Domain name: .wagner-group.com
Expiry: 3 months
Type: Cookie
Provider: Google LLC
This cookie is set by Google Adsense for cross-site advertising trials.

_gcl_ls
Domain name: wagner-group.com
Process: Persistent
Type: Local Storage
Provider: Google LLC
The "_gcl_ls" cookie is used for conversion tracking in Google Ads and Google Tag Manager to measure ad performance.

_pin_unauth
Domain name: .wagner-group.com
Expiry: one year
Type: Cookie
Provider: Pinterest
This cookie is set in relation to Pinterest marketing

_pinterest_ct_ua
Domain name: .ct.pinterest.com
Expiry: one year
Type: Cookie
Supplier: Pinterest
This cookie is set in relation to Pinterest marketing

ar_debug
Domain name: .pinterest.com
Expiry: one year
Type: Cookie
Provider: Pinterest
This cookie stores and tracks conversions

bcookie
Domain name: .linkedin.com
Expiry: one year
Type: Cookie
Provider: Linkedin
Cookies from LinkedIn used by share buttons and advertising tags.

IDE
Domain name: .doubleclick.net
Expiry: one year
Type: Cookie
Provider: DoubleClick (Google)
Cookie from Double Click (Google), with which we can analyze and optimize our advertising campaigns.

lastExternalReferrer
Domain name: wagner-group.com
Process: Persistent
Type: Local Storage
This element is used to determine the origin of your visit.

lastExternalReferrerTime
Domain name: wagner-group.com
Process: Persistent
Type: Local Storage
This element is used for visitor evaluation

lidc
Domain name: .linkedin.com
Procedure: one day
Type: Cookie
Provider: Linkedin
Cookies from LinkedIn used by share buttons and advertising tags.

test_cookie
Domain name: .doubleclick.net
Procedure: 15 minutes
Type: Cookie
Provider: Google LLC
This cookie is set by DoubleClick net (owned by Google) to determine whether the website visitor's browser supports cookies. Data transfer to third countries: USA. Google LLC. is certified under the Data Privacy Framework, which means that your rights as a data subject can be guaranteed.

VISITOR_PRIVACY_METADATA
Domain name: .youtube.com
Expiry: 6 months
Type: Cookie
Provider: Youtube (Google LLC)
This cookie is used to track and extend the user's privacy settings on YouTube.

Subject to your consent, other cookies are used that enable us or third parties to analyze how our services are used, for example. This allows us to design the content according to user needs. Cookies also enable us to measure the effectiveness of a particular advertisement and to place it according to the thematic interests of the user, for example. The legal basis for this is your express consent (Art. 6 para. 1 p. 1 lit. a GDPR, § 25 para. 1 TDDDG).

You can revoke your consent via our consent banner at any time with effect for the future and change the cookie settings. Please note that changes must be made separately for each end device.

If you have accounts with the third-party providers we use and are logged in there, your data may be linked to the respective account. You can avoid such a combination by not giving or revoking your consent to the relevant cookies or by logging out of the respective third-party providers in advance. 

Most browsers accept cookies automatically. You can also deactivate, restrict or delete cookies on your end device manually via your browser settings or with the help of software. If you deactivate the setting of cookies, you will not be able to use our website to its full extent or only to a limited extent. 

Please also note our information in the section of the respective service that uses cookies.

For reasons of technical security (in particular to defend against attempted attacks on our web server), this data is stored in accordance with Art. 6 para. 1 p. 1 lit. f GDPR. After 7 days at the latest, anonymization takes place by shortening the IP address so that no reference to the user is established.
 

3.3 We collect and process the following data as part of a contact request:

• Surname, forename

• Contact details

• Salutation

• Your interest/concern

• Information on wishes and interests

• Company

• Customer number

There is a contact form on our website that can be used to contact us electronically. If you write to us via the contact form, we will process the data you provide in the contact form to contact you and answer your questions and requests, Art. 6 Para. 1S. 1 lit. a, b GDPR. 

The principle of data minimization and data avoidance is observed in that you only have to provide the data that we absolutely need to contact you. These are your e-mail address, surname and first name, company and the message field itself. In addition, your IP address is processed for technical reasons and for legal protection. All other data are voluntary fields and can be entered optionally (e.g. to answer your questions more individually). 

In order to protect the security and confidentiality of your data in the best possible way, we implement appropriate security measures. Your request will be transmitted to us in encrypted form.

If you contact us by e-mail, we will process the personal data provided in the e-mail solely for the purpose of processing your request. If you do not use the forms offered to contact us, no further data collection will take place. 

If your enquiry relates to a complaint, warranty claim or similar, we will also transfer this data together with your personal details to the distributor from which you purchased the device, or to another distributor near you so that your request can be dealt with.

3.4 We collect and process the following data for newsletters:

• Surname, forename

• E-mail address

• Salutation 

You can subscribe to a free newsletter on our website to receive regular information about our products, new products and special offers. The e-mail address and your name provided when registering for the newsletter will be used to send you the personalized newsletter. 

The principle of data minimization and data avoidance is observed here, as only the e-mail address (or name in the case of personalized newsletters) is a mandatory field is marked. For technical reasons and for legal protection, your IP address is also processed when you subscribe to the newsletter.

We use the so-called double opt-in procedure for sending newsletters by e-mail. This means that you will only receive advertising by e-mail if you have previously expressly confirmed that we should activate the newsletter service. We do this by sending you a notification e-mail and asking you to confirm that you wish to receive our newsletter at this e-mail address by clicking on a link contained in this e-mail.

You can of course unsubscribe at any time using the unsubscribe option provided in the newsletter and thus revoke your consent. It is also possible to unsubscribe from our newsletter at any time directly via our website. 

The services of MailChimp are used to send newsletters. The provider is Intuit Mailchimp, 405 N Angier Ave. NE, Atlanta, GA 30308 USA. MailChimp is a service that can be used to organize and analyse the sending of newsletters, among other things. If you enter data for the purpose of subscribing to the newsletter (e.g. e-mail address), it will be stored on MailChimp's servers in the USA.

With the help of MailChimp we can analyze our newsletter campaigns. For this purpose, we use technologies that record how users read our newsletter, which information is clicked on particularly frequently and which is not. The purpose is to optimize our newsletter so that it is even more appealing, easier to read and more informative for you. The data collected is stored anonymously and is not assigned to your person. The data collected is of a purely statistical nature, as it is only collected anonymously and is not linked to your other personal data.

The necessary contract for data processing by Intuit Mailchimp has been concluded.

If you do not wish to be analyzed by MailChimp, you must unsubscribe from the newsletter. You will find a link to cancel your subscription at the end of each newsletter or you can send an informal message via the contact form or send an e-mail to our data protection officer.

The data processing is based on your consent (Art. 6 para. 1 sentence 1 lit. a GDPR). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.

For more information, please refer to MailChimp's privacy policy at: https://mailchimp.com/legal/terms/.

3.5 Processing of data (customer and contract data)

We process the following data in customer contact:

• Salutation

• Surname, forename

• Date of birth

• Delivery address

• Invoice address

• E-mail address

• Phone number

• Payment information

We collect, process and use personal data only insofar as it is necessary for the establishment, content or modification of the legal relationship. This is done on the basis of Art. 6 para. 1 p. 1 lit. b GDPR, which permits the processing of data for the performance of a contract or pre-contractual measures.

In order to avoid bad debts, we may, depending on the means of payment you choose, on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR, in accordance with our legitimate interest, after you have placed an order, we may transmit your data to Coface Finanz GmbH, Isaac-Fulda-Allee 1, 55124 Mainz, Germany, for a credit check. A credit check uses a mathematical procedure to calculate a so-called score value, which provides information about your ability to pay. This usually happens as soon as a credit limit of 1.000 € is exceeded. We would like to point out that Coface Finanz GmbH uses the transmitted data for its own purposes. You can object to the transmission of this data to Coface Finanz GmbH at any time, but it may then not be possible to execute the purchase contract.

The customer data collected will be deleted after completion of the order or termination of the business relationship. Statutory retention periods remain unaffected.
 

3.6 Applicant portal 

We collect and process the following data for online applications:

• Surname, first name, other first names

• Address

• Contact details

• Current job title

• Availability

• Desired annual salary

Thank you for your interest in working for the Wagner Group. We are aware of the importance of your data and process the personal data you provide in the application form only for the purpose of effective and correct handling of the application procedure and for contacting you as part of the application process.  No data will be passed on to third parties without your consent. 

You will be asked to provide personal data as part of the application form. We observe the principle of data minimization and data avoidance in that you only have to provide us with the data that we need to fully review your application documents, e.g. your CV, or that we are legally obliged to collect. This mandatory information is marked with an * (asterisk). Your IP address is also processed for technical reasons and for legal protection.

Unfortunately, we cannot check your application documents without this data, which is why our application system will not allow you to upload your application documents in this case. Of course, you have the option of providing voluntary information in the application form. The legal basis for this is Art. 6 para. 1 p. 1 lit a, b GDPR. As a service provider, we use SAP SuccessFactor, developed by SAP Deutschland SE & Co. KG, Hasso-Plattner-Ring 7, 69190 Walldorf, Germany. 

In order to protect the security and confidentiality of your data in the best possible way, we implement appropriate security measures. Your application documents will be transmitted to us in encrypted form via our application system.

We store your data for the above-mentioned purposes until the application process has been completed and the relevant deadlines have expired - at the latest six months after receipt of a decision. In the case of an unsolicited application, you have the option of us saving your application documents for six months and comparing them with other vacancies that match your profile. For this we need your consent, which you can give us by clicking on the checkbox before uploading your application documents. You can of course revoke your consent at any time without giving reasons with effect for the future by calling +49 7544 505-0, by e-mail to personal@wagner-group.com or by post to J. Wagner GmbH Otto-Lilienthal-Straße 18 88677 Markdorf  

4.1 Social media 

On our website you will find links to the social media services of Facebook, Instagram, Pinterest, YouTube, Xing and LinkedIn. You can recognize links to the websites of social media services by the respective company logo. If you follow these links, you will reach our company presence on the respective social media service. When you click on a link to a social media service, a connection to the servers of the social media service is established. This tells the servers of the social media service that you have visited our website. In addition, further data is transferred to the provider of the social media service. These are for example:

• Address of the website on which the activated link is located

• Date and time the website was accessed or the link was activated

• Information about the browser and operating system used

• IP address

Responsible for the company's websites within the meaning of the GDPR and other data protection regulations is, in addition to us, the

• XING: New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany

• LinkedIn: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland

• Facebook: Facebook Inc, 1 Hacker Way, Menlo Park, California 94025, USA

• Instagram: Instagram Inc, 1601 Willow Road, Menlo Park, CA 94025, USA

• YouTube: YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA

• Pinterest: Pinterest Inc, 808 Brannan Street, San Francisco, CA 94103-490, USA

If you are already logged in to the relevant social media network when you activate the link, the provider of the social media network may be able to determine your user name and possibly even your real name from the data transmitted and assign this information to your personal user account with the social media network. You can exclude this possibility of assignment to your personal user account if you log out of your user account beforehand.

Some of the servers of the social media networks are located in the USA and other countries outside the European Union. The data may therefore also be processed by the provider of the social media network in countries outside the European Union. Please note that companies in these countries are subject to data protection laws that may not protect personal data in general to the same extent as is the case in the Member States of the European Union.

Purpose and legal basis

We maintain the fan pages ourselves in order to communicate with visitors to these pages and to inform them about our offers in this way.

We also collect data for statistical purposes in order to further develop and optimize the content and to make our offer more attractive. The data required for this (e.g. total number of page views, page activities and data provided by visitors, interactions) are processed by the social networks and made available to us. We have no influence on the generation and presentation.

In addition, your personal data is processed by the social media providers, but also by us, for market research and advertising purposes. For example, it is possible that user profiles are created based on your usage behavior and the resulting interests. Among other things, this allows advertisements to be placed inside and outside the platforms that match your interests. As a rule, cookies are stored on your computer for this purpose. Irrespective of this, data that is not collected directly on your end devices may also be stored in your usage profiles. Storage and analysis also takes place across devices; this applies in particular, but not exclusively, if you are registered as a member and logged in to the respective platforms.

The processing of your personal data by us is based on our legitimate interests in effective information and communication in accordance with Art. 6 para. 1 p. 1 lit. f. GDPR.

If you are asked for consent to data processing, i.e. if you declare your consent by confirming a button or similar (opt-in), the legal basis for processing is Art. 6 para. 1 p. lit. a., Art. 7 GDPR.

Your rights / option to object

Please note that we have no influence on the scope, type and purpose of data processing by the provider of the social media network. For more information on the use of your data by the social media networks integrated on our website and the options to object, please refer to the following links:

• XING
  • Privacy statement: https://privacy.xing.com/en/privacy-policy  
  • Opt-out: https://www.youronlinechoices.com/
• LinkedIn
  • Privacy statement: https://www.linkedin.com/legal/privacy-policy
  • Opt-out: https://www.linkedin.com/legal/cookie-policy
• Facebook
  • Privacy policy: https://www.facebook.com/policy.php
  • Opt-out: https://www.youronlinechoices.com/
• Instagram
  • Privacy policy: https://instagram.com/about/legal/privacy/
  • Opt-out: https://www.youronlinechoices.com/
• YouTube
  • Privacy policy: https://policies.google.com/privacy
  • Opt-out: https://www.youronlinechoices.com/
• Pinterest
  • Privacy statement: https://policy.pinterest.com/en/privacy-policy
  • Opt-out: https://www.youronlinechoices.com/

You have the following rights with regard to the processing of your personal data:

Right of access; right to rectification; right to erasure; right to restriction of processing; right to object; right to data portability; right to lodge a complaint about unlawful processing of your personal data with the competent data protection authority.

However, since we do not have full access to your personal data, you should contact the social media providers directly if you wish to make a claim, as they have access to the personal data of their users and can take appropriate measures and provide information.

If you still need help, we will of course try to support you. Please contact Datenschutz.Deutschland@wagner-group.com.

4.2 Pinterest tag

We use Pinterest tags on our website, which are provided by Pinterest Europe Ltd. When you call up a page that contains such a code snippet, the browser establishes a direct connection to the Pinterest servers. The plugin then transmits log data to the Pinterest server in the USA. This log data may include your IP address, the address of the websites visited that also contain Pinterest functions, the type and settings of the browser, the date and time of the request, your use of Pinterest and cookies. The legal basis for this is your consent in accordance with Art. 6 para. 1 p. 1 lit a GDPR. 

The necessary contractual bases have been concluded. 

Further information on the purpose, scope and further processing and use of the data by Pinterest as well as your rights and options for protecting your privacy can be found in Pinterest's privacy policy: https://policy.pinterest.com/en/privacy-policy.

4.3 YouTube

Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. When you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited.

If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account. The use of YouTube is in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.

Further information on the handling of user data can be found in YouTube's privacy policy at https://policies.google.com/privacy?hl=en&gl=en.

4.4 Google Maps

On our website we use on the basis of your consent in accordance with Art. 6 para. 1 p. 1 lit. a GDPR Google Maps (API) from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Maps is a web service for displaying interactive (land) maps in order to visualize geographical information.

Information about your use of our website (e.g. your IP address) is transmitted to Google servers in the USA and stored there as soon as you access the subpages in which the Google Maps map is integrated. This takes place regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be assigned directly to your account. If you do not wish to be associated with your Google profile, you must log out before activating the button. Google stores your data (even for users who are not logged in) as usage profiles and analyzes them. Such an evaluation is carried out on the basis of your consent in accordance with Art. 6 para. 1 p. 1 lit. a GDPR and enables the display of personalized advertising, market research and/or demand-oriented design of the website.

You can revoke your consent at any time with effect for the future. To do this, simply call up our consent banner and change the settings accordingly. Please note that the change in the content banner settings must be made individually for each end device.

Some of Google's data processing for the provision of content takes place outside the European Union and the European Economic Area. Appropriate contractual regulations and guarantees ensure compliance with the European level of data protection for data transfer and processing in third countries.

If you do not agree to the future transmission of your data to Google in the context of the use of Google Maps, you also have the option of completely deactivating the Google Maps web service by switching off the JavaScript application in your browser. Google Maps and thus also the map display on this website cannot be used in this case.

More detailed information can be found at http://www.google.de/intl/en/policies/terms/regional.html,  https://www.google.com/intl/en_US/help/terms_maps.html and http://www.google.en/intl/en/policies/privacy/ to find. 

4.5 Widgets from Elfsight

We use widgets from Elfsight on our website. The service provider is Elfsight LLC. Paronyana str. 19/3, 201, Yerevan, 0015 Armenia. With Elfsight, we can integrate and manage various widgets on our website, such as social media feeds or customer reviews. These widgets can collect and process data from website visitors.  We have a legitimate interest in making our website and its functions as uncomplicated and appealing as possible. The legal basis for this is Art. 6 para. 1 lit. f GDPR. You can find more detailed information about the use of Elfsight at https://elfsight.com/en/.

4.6 Meta Pixel

Our website uses the visitor action pixel from Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland to measure conversions.

We use this to measure the success of our advertising campaigns by tracking the behavior of website visitors after they have been redirected to our website by clicking on a Facebook ad. The behavior can be evaluated for statistical and market research purposes and future advertising measures can be optimized. The legal basis for this is your consent in accordance with Art. 6 para. 1 p. 1 lit. a GDPR. 

The data collected is anonymous for us as the operator of this website; we cannot draw any conclusions about the identity of the user. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes in accordance with the Facebook Data Usage Policy. This enables Facebook to place advertisements on Facebook pages and outside of Facebook. This use of the data cannot be influenced by us as the website operator.

You can find further information on protecting your privacy in Facebook's privacy policy: https://www.facebook.com/about/privacy/.

You can use the remarketing function "Custom Audiences" for advertisements at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen deactivate. You must be logged in to Facebook to do this. If you do not have a Facebook account, you can view usage-based advertising from Facebook on https://www.youronlinechoices.com/uk/your-ad-choices deactivate.

4.7 Facebook Conversion API

This website uses, if you consent to this in accordance with Art. 6 para. 1 p. 1 lit. a GDPR, the so-called Conversions API of the social network "Facebook" of Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (Meta), an interface between our marketing data and the systems of Facebook. With this use, we want to ensure that the ads we place via Facebook correspond to the interests of our users. This provides us with statistical evaluations that allow us to track the behavior of users on our website and their interaction with our content. We can also determine whether a user is redirected to our website after clicking on an advertisement on Facebook (so-called "conversion").

We are currently integrating the interface to Facebook in what is known as "extended synchronization". This function allows us to access information from your Facebook account after our selection in order to optimize our advertising strategy and tailor it even more precisely to you. Your identity will not be disclosed to us, nor will individual details about you. For example, if we only want to display a campaign for a certain age group, Facebook will recognize in this way whether you should receive the ad.

In this context, the following data in particular may be processed:

• E-mail address

• Phone number

• Gender

• Date of birth

• First and last name

• Postal address

• User ID, click ID, product ID, advertising ID, Facebook login ID

• IP address

• Browser type and version

Due to the tools used (Facebook Pixel and Conversions API), your browser automatically establishes a direct connection with the Facebook server as soon as you have consented to the use of these technologies.

With regard to the USA, the responsible EU Commission has issued a so-called adequacy decision. This formally establishes that your data enjoys adequate protection in the USA. Irrespective of this, we ensure that all other formal requirements for data transfer to the USA as a so-called third country are met by using suitable data protection instruments.

By integrating the Facebook pixel and using the Conversions API, Facebook receives the information that you have accessed the corresponding website of our Internet presence or have clicked on an advertisement from us. If you have a Facebook account or have otherwise registered with the provider, Meta can also assign your interactions with our Facebook ads and our website to your Facebook user account.

Meta processes your data in accordance with Meta's Data Processing Policy. You can find more detailed information at https://en-en.facebook.com/business/help/.

We are jointly responsible with Meta for the described data processing, i.e. with regard to the creation and placement of individualized advertisements. We are therefore not jointly responsible for the following processing, but only Facebook: Any processing by Facebook itself that takes place in accordance with its terms of use beyond the processing described here, such as in particular the creation of reports and analyses relating to your user behavior.

We have concluded a corresponding data protection agreement with Meta regarding joint responsibility. If you have any questions about this data processing, you can contact us as well as Meta. If you wish to contact Meta directly, you can do so using the contact details in Facebook's privacy policy, which can be found at https://www.facebook.com/privacy/policy/ is available. There you can also find out about other aspects of data processing by Meta.

You can use the Conversion API via https://www.youronlinechoices.com/uk/your-ad-choices or deactivate it directly on Facebook.

4.8 TikTok Pixel and Events and Events API

On our website, we use the TikTok Pixel in combination with the Events API, which is operated by TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland. It is used to optimize and further develop advertising campaigns so that we can display advertising in a more targeted manner. 

For this purpose, data on the use of the website and the logging of clicks on individual elements are recorded in order to display the appropriate advertising according to user behavior. In particular, the tool collects data about devices and network connection data such as device model, operating system or IP address, cookies, location information and usage content. This data is also transmitted to the USA. 

When you give your consent, a direct connection to the TikTok server is also established via the built-in pixel on our website in combination with the Events API. TikTok receives the following information in particular: Device information, websites visited, browser type, which TikTok processes and enriches in order to analyze and improve the effectiveness of TikTok advertisements. We have no influence on the data and data processing procedures collected by TikTok, nor are we aware of the full extent of data collection, the purposes of processing or the storage periods.

More detailed information on processing by TikTok and the handling of user data can be found in TikTok's privacy policy: https://www.tiktok.com/legal/page/eea/privacy-policy/en to find.

4.9 Adobe Fonts

We use Adobe Fonts fonts on our website, which are provided by an Adobe service. The service provider is Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Republic of Ireland. This is used to display   Adobe fonts in the user's browser. This will transmit data to Adobe. You can find more information in the Adobe Fonts privacy policy at https://www.adobe.com/en/privacy/policies/adobe-fonts.html.  

4.10 Cookie First

This website uses the cross-platform cookie consent tool from CookieFirst to obtain your consent to the storage of certain cookies on your end device and to document this in compliance with data protection regulations. The provider of this technology is Digital Data Solutions B.V., Plantage Middenln 42a, 1018 DH Amsterdam. You can find more detailed information at https://cookiefirst.com.

When you visit our website, the following personal data is transmitted to CookieFirst:

• Your consent(s) or the revocation of your consent(s)

• Your IP address

• Information about your browser

• Information about your end device

• Time of your visit to the website

Furthermore, CookieFirst stores a cookie in your browser in order to be able to assign the consents given or their revocation to you. The data collected in this way is stored until you ask us to delete it, delete the CookieFirst cookie yourself or the purpose for storing the data no longer applies. Mandatory statutory retention obligations remain unaffected. CookieFirst is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 p. 1 lit. c GDPR.

5.1 Google Analytics

This website uses functions of the web analysis service Google Analytics on the basis of your consent, Art. Para. 1 p. 1 lit. a GDPR, as well as § 25 para. 1 TDDDG. The provider is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. 

Google Analytics uses so-called "cookies". These are text files that are stored on your device and enable your use of the website to be analyzed. The information stored in this way is usually transferred to a Google server in the USA and stored there. If IP anonymization is activated, your IP address will be shortened before data transmission and within the European Union or contracting states of the European Economic Area. An unabridged transmission of the full IP address to Google only takes place in exceptional cases.

Google will use this information on our behalf for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address communicated by your browser as part of the Google Analytics is not merged with other data by Google.

Sessions and campaigns are ended after a certain period of time. By default, sessions are terminated after 30 minutes without activity and campaigns after six months. Users' personal data is deleted or anonymized after 14 months.

Google processes and stores your data in the USA. Appropriate contractual regulations and guarantees ensure compliance with the European level of data protection for data transfer and processing in third countries. Data processing or storage in third countries may also take place on the basis of your consent (Art. 49 para. 1 sentence 1 lit. a GDPR), in which case you will be informed of this separately when obtaining your consent, as well as the possibility of revocation.

This website uses the "demographic features" function of Google Analytics. This allows reports to be created that contain information on the age, gender and interests of the site visitors. This data comes from interest-based advertising from Google and from visitor data from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as described in the section "Objection to data collection".

Further information on terms of use and data protection can be found at https://www.google.com/analytics/terms/en.html and https://policies.google.com/?hl=en.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=en.

You can revoke your consent at any time with effect for the future. To do this, simply call up our consent banner and select the appropriate consent. Please note that the change in the content banner settings must be made individually for each end device.

We have concluded the necessary data protection agreements. 

You can find more information on this at https://support.google.com/analytics/answer/6004245 (general information on Google Analytics and data protection).

5.2 Hotjar

To improve user-friendliness and the customer experience, we use the web analysis service "Hotjar" from Hotjar Limited on our website. The provider is  Hotjar Limited Dragonara Business Centre 5th Floor, Dragonara Road, Paceville St Julian's STJ 3141 Malta.  With the help of Hotjar Limited technologies, visitor information is collected and transmitted to the Hotjar Limited servers. The technology makes it possible to collect, analyze and visualize the activities of the user during the visit to our website. For example, we can use a "heat map" to recognize which areas of our website are visited and clicked on the most. Cookies and the shortened IP address are also used for this purpose. We cannot establish a direct personal reference from the pseudonymous data used. The legal basis for the processing of your data is Art. 6 para. 1 sentence 1 lit. f GDPR. You can object to the collection, processing and recording of data obtained by Hotjar at any time by following the instructions at https://www.hotjar.com/legal/policies/do-not-track/ follow. Further information on data protection at hotjar.com can be found at https://www.hotjar.com/privacy/.

5.3 Microsoft Clarity 

Our website uses features of the web analytics service Microsoft Clarity based on your consent pursuant to Art. 6 (1) (a) GDPR and § 25 (1) TTDSG. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.

Microsoft Clarity uses cookies and other technologies to record and analyze user behavior on our website. This includes, among other things, mouse movements, clicks, scrolling behavior, interactions with individual elements of the website, technical information about your browser, device, screen resolution, and your IP address (in shortened form). This data helps us better understand how our website is used and continuously improve the user experience. The processing is carried out in a pseudonymized manner, and no direct personal reference is made.

Microsoft processes the collected information on our behalf. Personal data may also be transferred to the USA. Microsoft uses appropriate safeguards in accordance with Art. 46 GDPR (in particular Standard Contractual Clauses) to ensure an adequate level of data protection. For more information about Microsoft’s data processing, please visit: https://privacy.microsoft.com/privacy-statement.

You can prevent the storage of cookies set by Clarity at any time via your browser settings or withdraw your consent for the future using our consent banner. Please note that changes to the consent banner settings must be made separately for each device.

5.4 Google Analytics Remarketing

Our website uses the functions of Google Analytics Remarketing in conjunction with the cross-device functions of Google AdWords and Google DoubleClick. The provider is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. This function makes it possible to link the advertising target groups created with Google Analytics Remarketing with the cross-device functions of Google AdWords and Google DoubleClick. In this way, interest-based, personalized advertising messages that have been adapted to you depending on your previous usage and surfing behavior on one end device (e.g. cell phone) can also be displayed on another of your end devices (e.g. tablet or PC).

Based on your consent, Google will link your web and app browsing history to your Google account for this purpose. In this way, the same personalized advertising messages can be displayed on every device on which you log in with your Google account.

To support this function, Google Analytics collects Google-authenticated user IDs that are temporarily linked to our Google Analytics data in order to define and create target groups for cross-device advertising. You can permanently object to cross-device remarketing/targeting by deactivating personalized advertising in your Google account by following this link: https://www.google.com/settings/ads/onweb/.

The summary of the data collected in your Google account is based exclusively on your consent, which you can give or revoke at Google (Art. 6 para. 1 p. 1 lit. a GDPR and § 25 para. 1 TDDDG). For data collection operations that are not merged into your Google Account (e.g. because you do not have a Google Account or have objected to the merging), the collection of data is based on Art. 6 para. 1 p. 1 lit. f GDPR. Our legitimate interest arises from our interest in the anonymized analysis of website visitors for advertising purposes. Further information and the data protection provisions can be found in Google's privacy policy at: https://policies.google.com/technologies/ads?hl=en.

5.5 Google AdWords and Google conversion tracking

This website uses Google AdWords. AdWords is a tool from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States ("Google"). We use so-called conversion tracking as part of Google AdWords. If you click on an ad placed by Google, a cookie is set for conversion tracking. These cookies lose their validity after 30 days and are not used to personally identify users. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognize that the user clicked on the ad and was redirected to this page. 

This can be used to create conversion statistics for AdWords customers who have consented to this. The individual users cannot be identified. If you do not wish to participate in tracking, you can object to this use by deactivating the Google Conversion Tracking cookie via your Internet browser under user settings. The storage of "conversion cookies" takes place on the basis of Art. 6 para. 1 p. 1 lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising.

You can find more information about Google AdWords and Google Conversion Tracking at https://policies.google.com/privacy?gl=en&hl=en. You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.

5.6 HubSpot

We use HubSpot for marketing activities on our website. HubSpot is a software company from the USA with a branch office HubSpot Ireland Limited in 2nd Floor 30 North Wall Quay, Dublin 1, Ireland.

We use this integrated software solution for our own marketing and for customer service purposes. These include e-mail marketing, social media publishing & reporting, reporting (e.g. traffic sources, hits, etc. ...), Contact management (e.g. user segmentation & CRM), landing pages and contact forms.

You can revoke your consent at any time with effect for the future, simply send an email to Datenschutz.Deutschland@wagner-group.com. If the processing is based on an existing contract, you can object to conversion tracking by sending an email to Datenschutz.Deutschland@wagner-group.com contradict. Please note that in the event of an objection, the main benefit may then no longer apply. You can unsubscribe from the mailing as described above, e.g. at the end of each mailing.

The data will be deleted as soon as it is no longer required for the purpose for which it was collected. The EU is specified as the storage location for the data.

Since HubSpot may transfer personal data to affiliated companies and subcontractors in countries outside the EU and the EEA, further protective mechanisms are required to ensure the level of data protection required by the GDPR. For the USA, there is an adequacy decision by the EU Commission pursuant to Art. 45 para. 1 GDPR with regard to companies with a certification according to the EU-U.S. Data Privacy Framework. HubSpot, Inc. is certified in accordance with the EU-U.S. Data Privacy Framework and is therefore committed to complying with appropriate data protection standards. For potential transfers to other third countries outside the EU and the EEA for which there is no adequacy decision by the EU Commission, standard data protection clauses pursuant to Art. 46 para. 2 lit. c GDPR are agreed. These oblige the recipient of the data in the third country to process the data in accordance with the level of protection in Europe. Data processing or storage in third countries may also take place on the basis of your consent (Art. 49 para. 1 sentence 1 lit. a GDPR), in which case you will be informed separately of this and of possible associated risks.

5.7 Leadfeeder

Our website uses the Leadfeeder service, which is provided to us by Dealfront Group GmbH, Durlacher Allee 73, 76131 Karlsruhe, Germany.   Leadfeeder analyzes the behavior of website visitors by identifying IP addresses and linking them to publicly available information (e.g. company data) in order to identify potential business contacts (leads). Data from publicly accessible registers is used to determine which companies visit our website, which content is accessed and how long they stay on our website. Company-related data is analyzed for this purpose - in particular, no IP addresses are permanently stored or assigned to individual persons. The legal basis for the processing is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in the analysis of user behavior to optimize our website and to address business customers in a targeted manner. Leadfeeder processes and stores the collected data on servers within the EU. The agreements required under data protection law have been concluded with Dealfront Group GmbH. Detailed information on data processing by Leadfeeder can be found at: https://www.dealfront.com/privacy-notice/.

5.8 Sentry

We use the error monitoring tool Sentry on our website in order to quickly identify, diagnose and rectify problems with our website. Sentry is a tool from Functional Software, Inc, 45 Fremont Street, 8th Floor, San Francisco, CA 94105 and is hosted and operated by us in the open source version on our servers. We evaluate error messages with the help of Sentry. We collect and process usage data such as the URL called up, the status of the website and technical data such as browser information and IP address.

We process this data on the basis of our legitimate interest within the meaning of Art. 6 para. 1 p. 1 lit. f GDPR in order to continuously improve our systems and to prevent security gaps.

Responsible is the:

J. Wagner GmbH
Otto-Lilienthal-Str. 18
88677 Markdorf
Telephone: +49 (0) 75 44 / 5 05-0
Fax: +49 (0) 75 44 / 5 05-2 00
E-mail: info@wagner-group.com

You can reach our company data protection officer at:

E-mail: Datenschutz.Deutschland@wagner-group.com
Telephone: +49 (0) 75 44 / 5 05-0
Fax: +49 (0) 75 44 / 5 05-2 00

First and foremost, we process the personal data that we receive or have collected from the data subjects within the scope of the business or customer relationship. We also process data provided on the basis of inquiries / visits / registrations (e.g. Internet shop), consents (e.g. newsletter dispatch) etc. within the legally permitted framework. 

In addition, we also process personal data provided to us in the context of order processing and data from publicly accessible sources (e.g. press, Internet), insofar as this is necessary and permissible for the respective purposes. We also process personal data that are legally transmitted to us by other companies of the Wagner Group or by third parties (e.g. credit insurance, receivables management, indications of criminal acts). 

The personal data processed by us in this context consists of personal data / identification data (name, address, contact data, user ID etc.), data from the fulfilment of our contractual obligations (bank data, history, authorisations etc.), data made available to us within the scope of consents and other data which are comparable with the categories mentioned.

The personal data are processed by us in accordance with the regulations of the EU data protection basic regulation (GDPR) and the Federal Data Protection Act (BDSG) on the basis of the following legal bases:

1. a) For the performance of a contract (Article 6 para. 1 lit. b GDPR)

The processing of personal data is necessary for the fulfilment of a contract to which the data subject is a party or for the implementation of pre-contractual measures taken at the request of the data subject.

If you make use of additional services, your data will be processed to the extent necessary to provide these additional services.

1. b)In the context of contract processing (Article 28 GDPR)

The processing of personal data on behalf of the customer takes place exclusively in accordance with instructions and within the framework of legal regulations.

2.In the context of a balance of interests (Article 6(1)(f) GDPR)

Beyond the actual fulfilment of the contract with you, we process your data to the extent necessary to protect our legitimate interests or the legitimate interests of third parties, provided that your interests do not predominate. Examples are:

• Internal and external communication
• Documentation
• Internal and external monitoring (ICS controls or key figures)
• Internal and external investigations, safety reviews
• Measures for business management and further development of services and products
• Advertising 
• Authorization management 
• IT security measures
• Event Management 
• Assertion / defence of legal claims, also in legal disputes
• Prevention and detection of criminal offences
• Measures for building and system security (e.g. access controls)
• Measures to secure the domiciliary right 
• Risk management via the Wagner Group of Companies

3.On the basis of your consent (Art. 6 (1) lit. a GDPR)

The personal data are processed by us in accordance with the regulations of the EU data protection basic regulation (GDPR) and the Federal Data Protection Act (BDSG) on the basis of the following legal bases:

1. a) For the performance of a contract (Article 6 para. 1 lit. b GDPR)

The processing of personal data is necessary for the fulfilment of a contract to which the data subject is a party or for the implementation of pre-contractual measures taken at the request of the data subject.

If you make use of additional services, your data will be processed to the extent necessary to provide these additional services.

1. b)In the context of contract processing (Article 28 GDPR)

The processing of personal data on behalf of the customer takes place exclusively in accordance with instructions and within the framework of legal regulations.

2.In the context of a balance of interests (Article 6(1)(f) GDPR)

Beyond the actual fulfilment of the contract with you, we process your data to the extent necessary to protect our legitimate interests or the legitimate interests of third parties, provided that your interests do not predominate. Examples are:

• Internal and external communication
• Documentation
• Internal and external monitoring (ICS controls or key figures)
• Internal and external investigations, safety reviews
• Measures for business management and further development of services and products
• Advertising 
• Authorization management 
• IT security measures
• Event Management 
• Assertion / defence of legal claims, also in legal disputes
• Prevention and detection of criminal offences
• Measures for building and system security (e.g. access controls)
• Measures to secure the domiciliary right 
• Risk management via the Wagner Group of Companies

3.On the basis of your consent (Art. 6 (1) lit. a GDPR)

If you have consented to certain processing of your personal data (e.g. newsletter dispatch, participation in advertising campaigns), your personal data will be processed lawfully on the basis of this consent. You can revoke your consent at any time with effect for the future. This also applies to declarations of consent that you have given us before the DS-GMO has entered into force, i.e. before May 25, 2018 Since the revocation of a consent is valid for the future, it does not affect the effectiveness of the processing until the time of the revocation.

4. Statutory or legal provisions (Art. 6(1)(c) GDPR or in the public interest (Art. 6(1)(e) GDPR)

In addition, we as a company have various legal obligations (e.g. tax laws, money laundering laws). These include identity checks, fraud and money laundering prevention, the fulfilment of tax control and reporting obligations as well as the assessment and control of risks in the company and the Wagner Group.

If you have consented to certain processing of your personal data (e.g. newsletter dispatch, participation in advertising campaigns), your personal data will be processed lawfully on the basis of this consent. You can revoke your consent at any time with effect for the future. This also applies to declarations of consent that you have given us before the DS-GMO has entered into force, i.e. before May 25, 2018 Since the revocation of a consent is valid for the future, it does not affect the effectiveness of the processing until the time of the revocation.

4. Statutory or legal provisions (Art. 6(1)(c) GDPR or in the public interest (Art. 6(1)(e) GDPR)

In addition, we as a company have various legal obligations (e.g. tax laws, money laundering laws). These include identity checks, fraud and money laundering prevention, the fulfilment of tax control and reporting obligations as well as the assessment and control of risks in the company and the Wagner Group.

The company ensures the implementation of appropriate technical and organisational measures for data security by internal regulations and - if the data are processed by an external service provider - by corresponding contractual agreements, for example by using the EU standard contract clauses for data processing outside the European Union.

Please arrange for any necessary changes to your data in good time. You can contact the relevant departments or the data protection officer to clarify questions about your data and request both information and the correction / deletion of incorrect or no longer required data.

In compliance with the statutory provisions and the existing internal regulations, the departments that require your data to fulfil our contractual and statutory obligations have access to it. Similarly, service providers and vicarious agents (e.g. IT service providers, logistics, telecommunications, debt collection, consulting, financial services, marketing agencies, insurance companies...) employed by us may access your data for these purposes, provided that you maintain the confidentiality and integrity of the data in particular. 

We only pass on personal data to recipients outside our company if and insofar as this is necessary in compliance with the applicable data protection regulations. We may only disclose information about you if required to do so by law, if you have given your consent or if we are authorized to provide such information. Recipients of personal data may be, for example:

• For operational purposes
• To other companies of the Wagner Group
• To service providers / contractors
• To customers, suppliers, partners
• Obligations to report and provide information
• To authorities and other bodies (e.g. tax authorities, auditors)
• To clarify claims and accusations
• Lawyers, prosecution authorities, creditors or insolvency administrators
• For recipients that you have explicitly named
• To credit and financial services institutions 

In addition, your personal data may be transferred to recipients for whom you have given us your consent. The same applies to bodies to which we may transfer personal data on the basis of a balance of interests.

We transfer personal data to bodies in countries outside the European Union (so-called third countries) insofar as 

• it is required by law (e.g. tax reporting obligations)
• you have consented or 
• the transmission is necessary to protect our legitimate interests and your interests or fundamental rights and freedoms do not outweigh the protection of your personal data.

In addition, personal data will be transferred to bodies in third countries in the following cases:

• With the consent of the data subject or on the basis of legal regulations to combat money laundering, the financing of terrorism or other criminal acts and on the basis of a balance of interests, personal data will in individual cases be transmitted to the European Union in compliance with the data protection level.

Your personal data will only be stored or otherwise processed by us for as long as is necessary to achieve the respective purpose.

Once the purpose of the processing has ceased to apply (e.g. legal transaction concluded), the corresponding personal data will be deleted. The deletion may be postponed in the following cases:

• Compliance with legal retention periods (e.g. German Commercial Code (HGB), German Banking Act (KWG), German Money Laundering Act (GwG). The storage periods mentioned there are generally 6 to 10 years.
• Fulfilment of justified retention periods (e.g. for customer service, inquiries, log files).
• Securing of evidence within the statutory statute of limitations. According to §§ 195 ff. of the German Civil Code (BGB), these limitation periods can be up to 30 years. The regular limitation period is 3 years.

If we or a third party process your data on the basis of the above-mentioned weighing of interests, we will delete your personal data as soon as our legitimate interest no longer exists. The above-mentioned exceptions also apply here.

Data deletion takes place within the deletion routines implemented by the process owners.

In the event of consent, the data will be deleted as soon as the consent is revoked for the future, unless one of the above-mentioned exceptions exists.

To protect against the various threats to our IT - e.g. by malware, hacker attacks, spam - and the intellectual property, different procedures are used in which the information exchanged is checked for viruses, for example, and the connection data for anomalies. When anomalies are discovered, the relevant documents and connection data can be analyzed.

In order to comply with existing supply and payment restrictions - for example on companies and persons listed on various government lists - a comparison can be made against this list. 

In addition, in suspicious cases, in official investigations and to defend against claims against our company, an investigation and, if necessary, the surrender of data and documents on the persons concerned may be necessary. 

In all cases, our internal regulations, the legal requirements and the personal rights of those affected are observed.

Under Art. 15 of the GDPR, any person concerned has a right of access. According to Article 16 of the GDPR, the data subject may request the rectification of inaccurate personal data. According to Art. 17 of the GDPR, the data subject has a right of cancellation or, according to Art. 18, a right of processing restriction. Similarly, under the conditions laid down in Art. 21 GDPR, the data subject may object to the processing of personal data concerning him/her. According to Article 20 of the GDPR, the data subject has a right to data transferability. To assert these rights, please contact the data protection officer or the relevant department: In addition, pursuant to Art. 77 GDPR in conjunction with § 19 BDSG, you have a right of appeal to the responsible data protection supervisory authority. A given consent can be revoked at any time.

Within the framework of the legal transaction to be carried out with you, you are obliged to provide the personal data required for the execution of the legal transaction and for the fulfilment of the associated contractual obligations or which we are legally obliged to collect.

If you do not provide certain personal data, you may suffer disadvantages or the legal transaction may not be concluded.

According to Article 22 of the GDPR, automated decisions can only be taken if they are necessary for the conclusion or fulfilment of a contract or if they are permitted by law or if they are legitimised by the express consent of the person concerned. If we use such procedures in individual cases, you will be informed about this and about your associated rights within the framework of legal requirements.

Some of your data will be processed automatically in order to evaluate certain personal aspects (profiling). For example, we are required by law and regulation to combat money laundering, terrorist financing and asset-polluting crimes. In this context, data analyses are also carried out.