Privacy policy
We respect
your personal data
In the following, we describe how personal data is processed within the scope of our websites, functions and content as well as external offers (such as social media). We also describe what types of personal data are processed, to what extent and for what purpose.
1. Name and address of the data controller
The data controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:
ERWE Projekt Krefeld GmbH
Herriotstrasse 1
60528 Frankfurt am Main
Represented by/Management: Rüdiger Weitzel, Nils Peters, Philipp Weitzel
If you have any questions about privacy policy, please contact us by datenschutz@erwe-ag.com.
2. General information on data processing
2.1 Scope oft he processing of personal data
When you contact us as a customer or interested party, we collect personal data. This happens when you are interested in our products, contact us by e-mail or telephone or when you use our products and services in the context of existing business relationships.
In these contexts, we process personal data, e.g. first and last name, address, email address, telephone number.
In addition, we process contractual data (e.g. subject matter of contract, term, customer category) and payment data (e.g. bank details, payment history) of our customers, prospective customers and business partners for the provision of contractual services and for the purpose of service and customer care.
In addition, we process personal data such as communication and address data for marketing and advertising purposes as well as for sending Christmas cards, invitations to events and newsletters.
2.2. Legal basis for the processing of personal data
If a processing of personal data is based on the consent of the data subject, Art. 6 (1) (a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis. If personal data are processed in order to fulfil a contract with the data subject, Art. 6 (1) (b) GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures. If we process personal data in order to fulfil a legal obligation, Art. 6 (1) c GDPR serves as the legal basis. If vital interests of the data subject or another natural person make it necessary to process personal data, Art. 6 (1) (d) GDPR serves as the legal basis. If we process data to protect the legitimate interests of our company or a third party and the interests, fundamental rights and freedoms of the data subject are not more important, Art. 6 (1) f GDPR serves as the legal basis for the processing.
2.3. Cooperation with data processors and third parties
If, in the course of our processing, we disclose data to other persons and companies (processors or third parties), transmit it to them or grant them access to the data, this will only be done on the basis of a legal permission (e.g. a transmission to payment service providers required for the performance of a contract pursuant to Art. 6 (1) lit. b GDPR), consent, a legal obligation or on the basis of our legitimate interests (e.g. when using agents, web hosts). If we commission third parties with the processing of data on the basis of a so-called “data processing agreement”, this is done on the basis of Art. 28 GDPR.
2.4. Transfers to third countries
If we process data in a third country (i.e. outside the European Union or the European Economic Area) or if this is done in the context of using third-party services, this is only done if it is done to fulfil our (pre-)contractual obligations, on the basis of consent, due to a legal obligation or on the basis of our legitimate interests. We process data subject to legal or contractual permissions only if the requirements of Art. 44 et seq. GDPR are met: Data is therefore only processed if, for example, special guarantees exist, such as official recognition of a level of data protection corresponding to the EU (e.g. adequacy decision) or compliance with officially recognised contractual obligations (so-called standard contractual clauses).
2.5. Data deletion and storage period
As soon as the purpose of storage ceases to apply, personal data of a data subject will be deleted or its processing restricted (“blocked”). If European or national regulations, laws or other provisions to which we are subject require longer storage, the personal data will be stored in accordance with these legal provisions for longer than the original purpose intended.
2.6. Data deletion upon revocation
All data collected up to the point of revocation will be deleted immediately – unless a legal requirement requires retention.
3. Rights of the data subject
You have the right to gain access to the stored personal data.
You can obtain information from us about your stored data at any time (in accordance with Art. 15 GDPR).
You have the right to rectification.
You can request the correction of your data (in accordance with Art. 16 GDPR).
You have the right to erasure.
You can request the deletion (pursuant to Art. 17 of the GDPR) or a restriction of the processing of your data (pursuant to Art. 18 of the GDPR).
You have the right to data portability.
You can receive personal data that you have given us in a transferable format (in accordance with Article 20 of the GDPR).
You have the right to lodge a complaint.
You have the right to lodge a complaint with the competent supervisory authority (pursuant to Art. 77 DSGVO).
4. Data collection on our website
4.1 Server and log files
Our hosting provider collects the following data for statistical analysis: IP address of your computer at the time of access, date, time, retrieved content, the page from which you reached our homepage, operating system and browser.
4.2 Forms that require input (e.g. contact form, checklist)
You can fill out a contact form on our website. We store the data transmitted via the contact form from the input mask. We only process the data for the purpose of contacting you. The following data is collected: E-mail address. The legal basis for processing the data that you transmit to us via the contact form is a (pre-)contractual obligation or your consent by transmitting your data for the purpose of contacting you. You can revoke this consent at any time with effect for the future (informally by e-mail or post).
4.3 Mail
On our website you will find one or more e-mail addresses through which you can contact us. We store the personal data transmitted with the e-mail. We process the data only for the purpose of contacting you. The following data is collected: E-mail address, company, title, surname, first name, telephone number and reason for your contact. The legal basis for the processing of the data that you send us by e-mail is a (pre-)contractual obligation or your consent through the transmission of your data for the purpose of contacting you. You can revoke this consent at any time with effect for the future (informally by email or post).
5. Analysis and online marketing
Cookies are text files that are sent to your computer when you use websites in order to recognise it. Cookies are used to facilitate the use of websites and to make them more individual. You can set your web browser to inform you when cookies are being sent or to reject cookies. You can find information on this in the help function of your web browser (e.g. Firefox, Internet Explorer or Safari).
Our website does use cookies or other tracking technologies.
5.1 Google Analytics
Google Analytics is a web analytics service that allows users to measure the success of their advertising efforts as well as track Flash, video and social media sites and applications.
The processing company is: Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.
The data processing is for analysis and marketing purposes. Cookies and pixels are set for this purpose.
The following (personal) data may be collected by or through the use of Google Analytics:
App updates, browser information, click path, date and time of visit, device information, downloads, Flash version, location information, IP address, JavaScript support, pages visited, purchase activity, referrer URL, usage data, widget interactions.
The legal basis for processing this data is your consent in accordance with Art. 6 (1) lit. a DSGVO.
Information on data recipients, retention period, data protection officer, etc. of Google can be found here:
https://support.google.com/policies/contact/general_privacy_form
It is true that the data processing of Google Analytics data generally takes place in the EU. However, please note that Google Analytics may transfer data outside the EU and the EEA and to a country that does not offer an adequate level of data protection. If the data is transferred to the US, there is a risk that US authorities may process your data for control and monitoring purposes without you possibly having any legal remedy.
For more information on the countries to which the data is transferred and the data processor’s privacy policy, please visit the provider’s website: https://policies.google.com/privacy?hl=de.
A browser add-on to deactivate Google Analytics on all domains of the processing company can be found here: https://tools.google.com/dlpage/gaoptout?hl=de
You can read the cookie policy of the data processor here: https://policies.google.com/technologies/cookies?hl=de.
Storage information: The maximum limit for cookie storage on a device set when using the cookie storage method as well as other methods is 26 months.
6. Online appearances and plug-ins
We maintain an online presence in social media.
Online presence in social media
We maintain an online presence in social networks and platforms in order to communicate with customers, interested parties and users active there and to inform them about our services. When accessing the respective networks and platforms, the terms and conditions and data processing guidelines of the respective operators apply.
7. Third-party services, tools and content
We do use content or service offers from third parties to integrate their content and services (e.g. maps or fonts, hereinafter referred to as “content”). The prerequisite for this is that the third-party providers are aware of your IP address. We endeavour to only use content whose providers only use the IP address to deliver the content.
7.1 Firewall
The firewall plugin “Ninja Firewall” from NinTechNet, 38, Soi Ladprao 94, Wang Thonglang, Bangkok 10310, Thailand stores the IP address required for the firewall function in anonymous form by removing the last 3 characters. These are stored on our own server for 7 days and then deleted. “Ninja Firewall” protects our website from unauthorized access through unwanted network access. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO. No data will be transferred to the developer of the plugin. Cookies: Ninja Firewall uses mandatory authentication cookies to whitelist the administrator. Cookies are only set when an administrator logs in to the admin console, they do not apply to visitors of the Ninja Firewall protected website. No personal data of visitors will be collected, stored or used. More information about privacy at NinTechNet: https://blog.nintechnet.com/ninjafirewall-general-data-protection-regulation-compliance/.
7.2 Google reCAPTCHA
We use Google reCAPTCHA (hereinafter reCAPTCHA) on our websites. This service is provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (Google).
reCAPTCHA is used to check whether the data entered on our website (such as on a contact form) has been entered by a human or by an automated program. To do this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, how long the visitor has been on the website, or mouse movements made by the user). The data collected during the analysis will be forwarded to Google.
The reCAPTCHA analyses take place completely in the background. Website visitors are not advised that such an analysis is taking place.
Data processing is based on Art. 6 (1) (f) DSGVO. The website operator has a legitimate interest in protecting its site from abusive automated crawling and spam.
For more information about Google reCAPTCHA and Google’s privacy policy, please visit the following links: https://www.google.com/intl/de/policies/privacy/ and https://www.google.com/recaptcha/intro/android.html.
7.3 Google Maps
This site uses the mapping service Google Maps via an API. Provider is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.
To use the features of Google Maps, it is necessary to save your IP address. This information is usually transmitted to and stored on a Google server in the United States. The provider of this site has no influence on this data transfer.
The use of Google Maps is in the interest of an attractive presentation of our online offers and an easy findability of the places we have indicated on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO.
For more information on how to handle user data, please refer to Google’s Privacy Policy: https://www.google.com/intl/en/policies/privacy/.
8. Contact the data protection officer
Our company has a data protection officer. You can reach him at the following e-mail address: datenschutz@erwe-ag.com.