Since May 25, 2018, the requirements of the EU General Data Protection Regulation (hereinafter: DSGVO) apply throughout Europe. In the following, we would like to inform you about the processing of personal data carried out by Saint-Gobain Weber GmbH in accordance with this new regulation (compare Article 13 DSGVO). Please read our data protection information carefully. If you have any questions or comments about this data protection information, you can address them at any time to the offices indicated in section 2.
Table of contents
- name and contact details of the data controller and the company data protection officer
- purposes of data processing, legal basis and legitimate interests pursued by Saint-Gobain Weber GmbH or a third party as well as categories of recipients. 3.1 Calling up our website or application. 3.2 Conclusion, execution or termination of a contract 3.3 Data processing for advertising purposes 3.4 Online presence and website optimization
- transfer to recipients outside the EU
- your rights
- data security measures
The following data protection information informs you about the nature and extent of the processing of so-called personal data by Saint-Gobain Weber GmbH. Personal data is information that can be directly or indirectly attributed to you or can be attributed to you. The data processing by Saint-Gobain Weber GmbH can essentially be divided into three categories:
For the purpose of contract processing, all data required for the performance of a contract with Saint-Gobain Weber GmbH is processed. If external service providers are also involved in the execution of the contract, e.g. logistics companies or subcontractors, your data will be passed on to them to the extent necessary in each case. For the purpose of correspondence, all data required for the processing of inquiries and contacting Saint-Gobain Weber GmbH will be processed. If external service providers are also involved in the processing, e.g. logistics companies or subcontractors, your data will be passed on to them to the extent necessary in each case. When you call up the Saint-Gobain Weber GmbH website/application, various pieces of information are exchanged between your terminal device and our server. This may also involve personal data. The information collected in this way is used, among other things, to optimize our website or to display advertising in the browser of your end device. In accordance with the provisions of the GDPR, you have various rights that you can assert against us. These include the right to object to selected data processing, in particular data processing for advertising purposes. If you have any questions about our data protection information, you are welcome to contact our company data protection officer at any time. You will find his contact details below.
2. name and contact details of the data controller and the company data protection officer
This data protection information applies to data processing by Saint-Gobain Weber GmbH, Schanzenstr. 84, 40549 Düsseldorf, Germany (“data controller”). It also applies to the following websites or applications: www.sg-weber.de, www.de.weber, Weber-App, www.bestellung.weber, export.de.weber. The company data protection officer of Saint-Gobain Weber GmbH can be reached at the above address.
3. purposes of data processing, legal basis and legitimate interests pursued by Saint-Gobain Weber GmbH or a third party as well as categories of recipients.
3.1 Calling up our website/application.
When you access our website/application, information is automatically sent to the server of our website/application by the browser used on your end device and temporarily stored in a so-called log file. We have no influence on this. The following information is also collected without your intervention and stored until automated deletion:
the IP address of the requesting internet-capable device, the date and time of access, the name and URL of the file accessed, the website/application from which the access was made (referrer URL), the browser you use and, if applicable, the operating system of your Internet-enabled computer as well as the name of your access provider. The legal basis for the processing of the IP address is Article 6(1)(f) DSGVO. Our legitimate interest follows from the purposes of data collection listed below. From the collected data, we are not able to draw any direct conclusions about your identity, nor will we do so. The IP address of your terminal device and the other data listed above are used by us for the following purposes:
- Ensuring a smooth connection setup,
- Ensuring a comfortable use of our website/application,
- Evaluation of system security and stability.
The data is stored for a period of one year and then automatically deleted. Furthermore, we use so-called cookies, tracking tools and social media plug-ins for our website/application. The exact procedures involved and how your data is used for this purpose are explained in more detail below in section 3.4. If you have consented to geolocation in your browser or operating system or other settings on your end device, we use this function to offer you individual services based on your current location (e.g., the location of the nearest store). We process your location data processed in this way exclusively for this function. If you terminate the use, the data will be deleted.
3.2. conclusion, execution or termination of a contract
3.2.1. Data processing upon conclusion of a contract
The object of activity of Saint-Gobain Weber GmbH is the development, manufacture and sale of building materials, construction machinery and equipment as well as the performance of all related services. In this context, we process the data required for the conclusion, execution or termination of a contract with you. This includes:
Company, first name, last name Invoice and delivery address e-mail address, if applicable Invoice and payment data Date of birth, if applicable Telephone number, if applicable The legal basis for this is Article 6(1)(b) DSGVO, i.e. you provide us with the data on the basis of the contractual relationship between you and us. Insofar as we do not use your contact data for advertising purposes (see section 3.3. below), we store the data collected for the purpose of processing the contract until the expiry of the statutory or possible contractual warranty and guarantee rights. After expiry of this period, we retain the information required by commercial and tax law relating to the contractual relationship for the periods specified by law. For this period (regularly ten years from the conclusion of the contract), the data is processed again solely in the event of an audit by the tax authorities.
3.2.2 Identity, creditworthiness and transmission to credit agencies
Where necessary, we verify your identity by using information from service providers. The legal basis for this is Article 6 (1) (b) and (f) DSGVO. The authorization for this results from the protection of your identity and the prevention of fraud attempts at our expense. The circumstance and the result of our inquiry will be added to your customer account for the duration of the contractual relationship. If you have already made a purchase from us, the data we have stored about you may be supplemented by so-called score values. Scoring is the creation of a forecast about future events based on information collected and past experience. On the basis of the data stored about you, an assignment is made to statistical groups of people who have had similar entries in the past. The underlying procedure used is a well-founded mathematical-statistical method for forecasting risk probabilities that has been tried and tested in practice for a long time. In the event of a delay in payment, we transmit the necessary data to a company commissioned to enforce the claim if the other legal requirements are met. The legal bases for this are both Article 6(1)(b) and Article 6(1)(f) DSGVO. The assertion of a contractual claim is considered a legitimate interest within the meaning of the second-mentioned provision. We also transmit information about the delay in payment or any bad debt to credit agencies cooperating with us if the other legal requirements are met. The legal basis for this is Article 6 (1) (f) DSGVO. The legitimate interest required here results from our interest and the interest of third parties in reducing contractual risks for future contracts.
3.2.3. My Weber Account
At “My Weber” you can create a personal customer account. We will set up password-protected access for those who have registered accordingly, if you have given us your express consent to do so within the meaning of Article 6(1)(a) DSGVO. For this purpose, we process the data deposited by you to create your customer account. We process the following data in this respect:
- First and last name
- Telephone number
- Email address
- Category of your profession
In your customer account, in addition to managing your user data, you can also receive extended information on products and application assistance. Furthermore, you have the possibility to save and rate blog posts. By using your customer account, you agree to keep your personal access data confidential and not to make it available to any unauthorized third party. We cannot accept any liability for misused passwords, unless we are responsible for the misuse. Unless you log out, you will automatically remain logged in. This feature allows you to use some of our services without having to log in again each time. For security reasons, however, you will be asked to enter your password again if, for example, your personal data is to be changed. You can revoke your consent at any time free of charge, unless the relevant laws permit data processing, among other things, for the fulfillment of a contract pursuant to Article 6(1)(b) DSGVO or there is a legal obligation to retain data for this purpose.
3.3 Data processing in the application process
Insofar as you send us your application documents electronically or by post or transmit them to us via the applicant portal, you are providing us with your personal data about a specific application for the purpose of the job search in accordance with Article 6(1)(b) DSGVO. Your data will be processed on our systems. During the application process, the following personal data, among others, will be processed.
- First name and surname
- residential address
- e-mail address
- telephone numbers
- Cover letter
- Letter of motivation
- curriculum vitae
- Information provided during the interview
will be stored by us. This data is only stored, evaluated, processed or forwarded internally as part of your application. They are only accessible to employees of the personnel department and the decision-makers of the respective specialist departments. Under no circumstances will your data be passed on to companies or persons outside the Saint-Gobain Weber group of companies or used for other purposes. The data may be processed for statistical purposes (e.g. reporting). In doing so, it is not possible to draw conclusions about individual persons. We store your information in our applicant management system until the application process is completed, but no longer than 6 months. After the above-mentioned period has expired, your information will be completely deleted. If you take up employment with the Saint Gobain Weber Group of Companies, your personal data, or at most an extract thereof, will be placed in your personnel file.
3.4 Data processing for advertising purposes
The following statements relate to the processing of personal data for advertising purposes. The GDPR declares such data processing based on Article 6(1)(f) to be conceivable in principle and a legitimate interest. The duration of data storage for advertising purposes does not follow any rigid principles and is based on the question of whether the storage is necessary for the advertising approach. Please refer to section 3.3.3 for information on how to proceed in the event of your objection.
3.4.1. Advertising purposes of Saint-Gobain Weber GmbH and third parties
Insofar as you have concluded a contract with us, we manage you as an existing customer. In this case, we process your postal contact data outside the existence of a specific consent in order to send you information about new products and services in this way. We process your e-mail address in order to send you information about our own similar products, unless you have given your specific consent.
3.4.2. Interest-based advertising
In order to ensure that you only receive advertising information that is of supposed interest to you, we categorize and supplement your customer profile with the following We categorize and add further information to your customer profile. Statistical information as well as information about you (e.g. basic data of your customer profile) is used for this purpose. The aim is to provide you with advertising that is geared solely to your actual or perceived needs and, accordingly, not to bother you with useless advertising.
3.4.3 Right of objection
You may object to data processing for the above-mentioned purposes at any time, free of charge, separately for the respective communication channel and with effect for the future. For this purpose, it is sufficient to send an e-mail or a postal letter to the contact data mentioned in section 2.If you object, the contact address concerned will be blocked from further data processing for advertising purposes. We would like to point out that in exceptional cases, advertising material may still be sent temporarily after receipt of your objection. This is technically due to the necessary lead time of advertisements and does not mean that we will not implement your objection. Thank you for your understanding.
3.4.4. Newsletter dispatch
On our website we offer you the possibility to register for our newsletter. To ensure that no mistakes are made when entering the email address, we use the so-called double opt-in procedure: After you have entered your email address in the registration field, we will send you a confirmation link. Only when you click on this confirmation link will your email address be added to our distribution list. You can revoke your consent at any time with effect for the future. For this purpose, it is sufficient to send a short note by email to the email address given under 2. In addition, in the respective email in which the newsletter is sent to you, there is a link that you can use to exercise your right of revocation by clicking on it.
3.5. Contact and correspondence
3.5.1. General contacting
As soon as you contact us and provide us with your contact data, we process this contact data by way of correspondence in our CRM system. We process the following data in this process:
- First and last name
- e-mail address
- telephone numbers
The legal bases for this are both Article 6(1)(b) and Article 6(1)(f) DSGVO. The assertion of contact for sales purposes in the business-to-business (B2B) area, taking into account a balancing of interests, can be regarded as a legitimate interest within the meaning of the second-mentioned provision. This data will not be passed on to third parties outside the group of companies and will be deleted immediately after the contact has been made, provided that no further purposes of use arise from this. In the case of Article 6(1)(f) DSGVO, you may object to the processing unless the relevant laws permit data processing, inter alia, for the performance of a contract pursuant to Article 6(1)(b) DSGVO or there is a legal obligation to retain data for this purpose. Please refer to section 3.4.3 for information on how to proceed in the event of your objection.
3.5.2. Electronic contacting
As soon as you contact us electronically (e.g. e-mail or contact form), we process your contact data in our CRM system. The purpose of the processing is the processing of inquiries. The following data is processed by us in this context:
- e-mail address
- First and last name
- Telephone numbers, if applicable
This data will not be passed on to third parties outside the group of companies and will be deleted immediately after the contact has been established, provided that no further purposes of use arise from this.
3.6. online presence and website optimization
3.6.1. cookies - general information
This website uses Mouseflow, a web analytics tool from Mouseflow ApS, Flaesketorvet 68, 1711 Copenhagen, Denmark, to record randomly selected individual visits (but only with anonymized IP addresses). This creates a log of mouse movements and clicks for the sole purpose of randomly replaying individual website visits and deriving potential improvements for the website. As a result of anonymization, the information is not personally identifiable and will not be shared with third parties. If you do not wish your visits to be recorded, you can deactivate this on the aforementioned website that uses Mouseflow by clicking on the following link: www.mouseflow.de/opt-out/.
3.6.3 Piwik advertising analysis service
3.6.4 Google Analytics
For the purpose of demand-oriented design and continuous optimization of our pages, we use Google Analytics, a web analytics service provided by Google Inc. (“Google”). In this context, pseudonymized usage profiles are created and cookies are used. The information generated by the cookie about your use of this website such as.
- browser type/version,
- operating system used,
- referrer URL (the previously visited page),
- host name of the accessing computer (IP address),
- time of the server request,
3.6.5 Social media plug-ins
We use social plug-ins from the social networks Facebook, Google+, Twitter, Instagram, LinkedIn and Xing [add if necessary] on our website in order to make our company better known via these. The underlying promotional purpose is to be regarded as a legitimate interest within the meaning of the GDPR. The responsibility for data protection compliant operation is to be ensured by their respective providers. The integration of these plug-ins by us takes place by way of the so-called two-click method in order to protect visitors to our website as best as possible: By default, we embed deactivated buttons in our website that do not establish contact with the servers of the social networks. Only when you have activated them and thus declared your consent to communication with Facebook, Google or Twitter etc., the buttons become active and establish the connection. Then you can submit your recommendation with a second click. If you are already logged in to the social network of your choice, this is done without another window for Facebook and Google+. On Twitter, a pop-up window appears in which you can still edit the text of the tweet.
Plug-ins of the short message network Twitter Inc. are also integrated on our website. You can recognize the Twitter plug-ins (“Twitter” button) by the Twitter logo (a white bird on a blue background) and the addition “Twitter”. When you call up a page of our website that contains such a plug-in, a direct connection is established between your browser and the Twitter server. Twitter thereby receives the information that you have visited our site with your IP address. If you click the Twitter button while you are logged into your Twitter account, you can link the content of our pages on your Twitter profile. This allows Twitter to associate the visit to our pages with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Twitter. You can find more information about this here. If you do not want Twitter to be able to associate your visit to our pages, please log out of your Twitter user account.
Plugins of the social network LinkedIn, Wilton Place, Dublin 2, Ireland (“LinkedIn”) are integrated on our website. The plugins are set up as a two-tier solution to protect the privacy of users. When our website is called up, the user’s browser only establishes a direct connection to LinkedIn’s servers when the user activates the LinkedIn button by clicking on it. The content of the plugin is transmitted by LinkedIn directly to the user’s browser and integrated into the website. By activating the plugin, LinkedIn receives, among other things, the information that the respective user has accessed our website. The purpose and scope of the data collection and the further processing and use of the data by LinkedIn, as well as the corresponding rights and setting options of the users to protect their privacy, can be found in the data protection information of LinkedIn under https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv. We expressly point out that we have no influence on the type, scope and use of the data that LinkedIn collects with the LinkedIn button.
Our website uses plugins from the social network XING, which is operated by XING AG, Dammtorstraße 30, D-20354 Hamburg (“XING”). The plugins are set up as a two-tier solution to protect the privacy of users. When our website is called up, the user’s browser only establishes a direct connection to XING’s servers when the user activates the XING button by clicking on it. The content of the plugin is transmitted by XING directly to the user’s browser and integrated into the website. By activating the plugins, XING receives, among other things, the information that the respective user has accessed our website. The purpose and scope of the data collection and the further processing and use of the data by XING, as well as the corresponding rights and setting options of the users for the protection of their privacy, can be found in the data protection notices of XING at https://www.xing.com/privacy. We expressly point out that we have no influence on the type, scope and use of the data that XING collects with the XING button.
We use the provider YouTube, among others, for the integration of videos. YouTube is operated by YouTube LLC with headquarters at 901 Cherry Avenue, San Bruno, CA 94066, USA. YouTube is represented by Google Inc. with headquarters at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
On some of our Internet pages, we use plugins of the provider YouTube. When you call up the Internet pages of our website that are provided with such a plugin - for example, our media library - a connection is established to the YouTube servers and the plugin is displayed. This transmits to the YouTube server which of our Internet pages you have visited. If you are logged in as a member of YouTube, YouTube assigns this information to your personal user account. When using the plugin, such as clicking on the start button of a video, this information is also assigned to your user account. You can prevent this assignment by logging out of your YouTube user account as well as other user accounts of the companies YouTube LLC and Google Inc. before using our website and deleting the corresponding cookies of the companies.
3.6.12. Google Maps
This website uses Google Maps to display interactive maps and to create directions. Google Maps is a map service provided by Google Inc, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA. It is used on the basis of Art. 6 para. 1 p. 1 lit. f. DS-GVO. By using Google Maps, information about the use of this website, including your IP address and the (start) address entered as part of the route planner function, may be transmitted to Google in the USA If you call up a web page of our website that contains Google Maps, your browser establishes a direct connection with Google’s servers. The map content is transmitted by Google directly to your browser, which then integrates it into the website. Therefore, we have no influence on the scope of the data collected by Google in this way. According to our knowledge, this is at least the following data:
Date and time of the visit to the website in question, Internet address or URL of the website accessed, IP address (start) address entered in the context of route planning. We have no influence on the further processing and use of the data by Google and can therefore not assume any responsibility for this.
By using our website, you consent to the processing of data about you by Google Maps Route Planner in the manner and for the purposes set out above.
3.6.13 Lead Forensics
For marketing and optimization purposes, products and services of the company LeadForensics (http://www.leadforensics.com) are used on this website. LeadForensics is headquartered at Communication House 26 York Street, London, W1U 6PZ United Kingdom. Lead Forensics obtains details of your organization including phone number, web address, SIC code, a description of the company. Lead Forensics will show the actual history of your visit to this site, including all pages visited and viewed by you and how long you spent on the site. Under no circumstances will the data be used to personally identify an individual visitor. If IP addresses are collected, they are anonymized immediately after collection. On behalf of the operator of this website, Lead Forensics will use the collected information for the purpose of evaluating your visit to the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator.
4. recipients outside the EU
With the exception of the processing described in detail under number 3, we do not pass on your data to recipients based outside the European Union or the European Economic Area. Insofar as the processing operations listed under number 3 transfer data to recipients located outside the European Union or the European Economic Area, the respective servers are located in the USA. The corresponding data transfer takes place in accordance with the principles of the so-called Privacy Shield and on the basis of so-called standard contractual clauses of the EU Commission.
5. your rights
In addition to the right to revoke your consent given to us, you are entitled to the following additional rights if the respective legal requirements are met:
- Right to information about your personal data stored by us pursuant to Art. 15 DSGVO; in particular, you may request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the origin of your data, if it has not been collected directly from you,
- Right to have incorrect data corrected or correct data completed in accordance with Art. 16 DSGVO,
- Right to delete your data stored by us in accordance with Art. 17 DSGVO insofar as no legal or contractual retention periods or other legal obligations or rights to further storage are to be observed,
- Right to restrict the processing of your data pursuant to Art. 18 DSGVO, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure; the controller no longer requires the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to the processing pursuant to Art. 21 DSGVO,
- Right to data portability pursuant to Art. 20 DSGVO, i.e. the right to have selected data stored by us about you transferred in a common, machine-readable format, or to request the transfer to another controller,
- The right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters for this purpose.
5.2 Right of objection
Under the conditions of Art. 21 (1) DSGVO, data processing may be objected to for reasons arising from the particular situation of the data subject. The above general right of objection applies to all processing purposes described in this Privacy Notice, which are processed on the basis of Article 6(1)(f) DSGVO. Unlike the specific right of objection directed at data processing for advertising purposes, we are only obliged under the GDPR to implement such a general objection if you provide us with reasons of overriding importance for doing so (e.g., a possible risk to life or health). In addition, you have the option of contacting the supervisory authority responsible for Saint-Gobain Weber GmbH, i.e. the data protection officer in North Rhine-Westphalia.
6. data security
All data transmitted by you personally, including your payment data, will be transmitted using the generally accepted and secure standard SSL (Secure Socket Layer). SSL is a secure and proven standard that is also used, for example, in online banking. You can recognize a secure SSL connection, among other things, by the appended s at the http (i.e. https://…) in the address bar of your browser or by the lock symbol in the lower area of your browser. We also use appropriate technical and organizational security measures to protect your personal data stored by us against manipulation, partial or complete loss and against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments and are certified.
This text has been machine translated as a service to you. The original, legally binding text can be found at https://www.de.weber/agbs-rechtliche-hinweise-datenschutzbestimmungen.
If you have any questions about the use of your personal data, you can contact our data protection officer:
Saint Gobain Weber GmbH Schanzenstr. 84 40549 Düsseldorf
Phone: +49 (0) 211 / 91 369-0 E-mail: Datenschutzbeauftragter@rigips.de