Data Protection Declaration in accordance with Articles 13 and 14 GDPR (information obligations)
This data protection regulation informs you of the type, scope and purpose of the personal data we process in the context of our online offering as well as the websites, functions and content associated with it. With regard to the terminology used, such as 'personal data' or 'processing', please refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).
1. Name and contact data of the controller who is responsible for processing the data as well as the data protection officer
This data protection information applies to data processing by:
Controller: Märkisches Werk GmbH, Haus Heide 21, 58553 Halver, AG Iserlohn, HRA 3754, USt-ID DE125 802 745, represented by the managing directors Christiane Dahlhaus und Bruno Posset: E-Mail: firstname.lastname@example.org, Telefon: +49 2353 917-0
The data protection officer of Märkisches Werk GmbH is Markus Thiele: E-Mail: email@example.com, Telefon: +49 2353 917-0
2. Collection and storage of personal data as well as the type and purpose of use
When you visit our website - https://www.mwh.de, the browser used on your device automatically sends information to our website server. This information is stored temporarily in what is known as a log file. This log file is sent in an encrypted format.
The following information is collected without your involvement and is saved until its automatic deletion:
- IP address of the computer making the request
- Date and time of access
- Name and URL of the file accessed
- Website from which access occurs (referrer URL)
- Browser used and if necessary also the operating system of your computer as well as the name of your access provider.
- Access status
- Transferred data volume.
We process the aforementioned data for the following purposes:
- To ensure the connection process to the website runs smoothly
- To ensure our website is easy to use
- Evaluate system security and stability as well as
- for additional administrative purposes
The legal basis for processing data is Art. 6 Para. 1 P. 1 f GDPR. Our legitimate interest follows from the data collection purposes listed above. Under no circumstances will we use the collected data to identify you personally.
The data is anonymized after no more than 30 days by shortening the IP address at domain level to prevent its use to identify an individual user. The anonymized data is also processed for statistical purposes where required. At no point is the data stored together with other personal data of the user, nor is it compared to other data or passed to third parties.
3. Disclosure of data to third parties
There is no disclosure of your personal data to third parties for any reason other that those in the following section.
We will only pass your personal data to third parties if:
- We explicitly indicated on that in the description of the particular data processing.
- You have given us your express consent to do so in accordance with Art. 6 Para. 1 P. 1 a GDPR.
- Disclosure is required in accordance with Art. 6 Para. 1 P. 1 f GDPR to make, or defend legal claims and there is no reason to assume that you have a legitimate and overriding interest in the non-disclosure of your data.
- A legal obligation requires disclosure in accordance with Art. 6 Para. 1 P. 1 c GDPR.
- This is legally permissible and is required to administer contractual relationships in accordance with Art. 6 Para. 1 P. 1 b GDPR.
Information is stored in the cookies which arises in connection with the specific device in use. But this does not mean that this gives us direct access to information about your identity.
Using cookies allows, on the one hand, making our website more pleasant for you. We use what are known as session cookies to see that you have already visited a number of pages on our site. These are automatically deleted once you leave our site.
In addition to this we also use temporary cookies to optimise user friendliness which are stored on your device for a certain period of time. If you visit our site again to use a service, then the system recognises that you have already visited as well as the entries and settings you made so that you do not have to input them again.
The data processed using cookies is required to protect our legitimate interests as well as those of third parties in accordance with Art. 6 Para. 1 P. 1 f GDPR.
5. Analysis tools
The tracking measures described in the following section are carried out in accordance with Art. 6 Para. 1 P. 1 f GDPR. By using the coming tracking measures we want to ensure our website is designed according to your needs and that it is continually improved. On the other hand, we use the tracking measures to record the use of our website statistically and to evaluate it to optimise our offer for you. These interests are legitimate within the scope of the aforementioned regulations.
The respective data protection purposes and data categories can be taken from the corresponding tracking tools.
We use Google Analytics for customised design and the continual optimisation of our site. Google Analytics is a web analysis service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). In this context pseudonymised user profiles are created and cookies (see under 4) are used. The information created by the cookie on the use of this website, such as
- Browser type / version,
- Operating system used,
- Referrer URL (the previously visited site),
- Host name of the accessing computer (IP address),
- Time of the server request,
is transmitted to a Google server in the USA and saved there. The information is used to look at how the website is used, to produce reports on website activity and to provide other services connected with the use of the website and the Internet for the purposes of market research and customised design of these Internet sites. This information may also be passed to third parties if this is stipulated by law or third parties process this data on their behalf. Under no circumstances would your IP be brought together with other data from Google. The IP addresses are anonymised so that allocation is not possible (IP masking). This means that in member states of the European Union and in other states party to the Agreement on the European Economic Area the IP address of the user is abbreviated by Google which prevents data from being related to a person. Google Inc. whose headquarters are in the USA is certified under the US-European data protection convention Privacy Shield, which ensures compliance with the level of data protection applicable in the EU.
You can prevent cookies being installed by changing your browser settings, however if you do so, then some functions of this website might not work in full.
You can also prevent the collection of the data relating to use of the website, which is created by the cookie, (including your IP address) as well as the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=en).
As an alternative to the browser add-on, in particular for browsers on mobile devices, you can prevent collection by Google Analytics by clicking on this link. OPT-OUT An opt-out cookie is created to prevent the future collection of your data when visiting this website.
If you delete the cookies in this browser, then you have to create the opt-out cookie again.
You can find further information on data protection with Google Analytics e.g. at Google Analytics Help (https://support.google.com/analytics/answer/6004245?hl=en).
The opt-out cookie only applies in this browser and only for this website and is stored on your device.
6. Right of affected individuals
You have the right:
- in accordance with Art. 15 GDPR to request your personal data we have processed. In particular, you can request information on the processing purpose, the category of personal data, the categories of recipient to whom your data has been or will be disclosed, the planned storage duration, the existence of a right to rectification, to erasure, to restrict processing, the right to object, the origin of your data if it was not collected with us, as well as the existence of automatic decision making including profiling and if necessary meaningful information on the individual details;
- in accordance with Art. 16 GDPR you can request the immediate correction of your inaccurate or incomplete personal information stored with us;
- in accordance with Art. 17 GDPR you can request the erasure of your personal information stored with us providing it is not required to assert a right of freedom of expression and information, to fulfil a legal obligation, for the public interest or to make or defend legal claims;
- in accordance with Art. 18 GDPR the restriction of the processing of your personal data if the accuracy of your data is contested, processing is unlawful, the deletion of which, however, you reject and we no longer require the data where you require it to make or defend legal claims or you have made an objection to its processing in accordance with Art. 21 GDPR;
- in accordance with Art. 20 GDPR to receive your personal data that you have made available to us in a structured, common, machine-readable format or to request it is sent to another controller;
- in accordance with Art. 7 Para. 3 GDPR to revoke your one-ff consent in respect of us. The consequence of this is that we are no longer permitted to process the data subject to this consent and
- in accordance with Art. 77 GDPR to lodge a complaint with a supervisory authority. Generally you can contact a supervisory authority at your regular place of residence or work or at our company headquarters.
7. Duration of personal data storage
The duration of personal data storage is measured according to the relevant legislative storage period (e.g. following the commercial- and tax laws). The relevant data are routinely deleted upon expiry of the respective deadline. As far as the data for contractual performance or contract initiation are required or in case there is a justified interest in further storage on our side, these data will be deleted if they are not anymore required for these purposes or you make use of your right of withdrawal or objection.
8. Right of objection
If your personal data is processed for legitimate interests in accordance with Art. 6 Para. 1 P. 1 f GDPR, then you have the right in accordance with Art. 21 GDPR to object to the processing of your personal data providing there are reasons for this arising from the specific situation, or if the objection is against direct advertising. In the latter case you have a general right of objection which is implemented by us without having to provide information on a specific situation.
If you would like to assert your right of revocation or objection, then just send an email to firstname.lastname@example.org.
9. Data security
Within the website visit we use the popular SSL procedure (Secure Socket Layer) in combination with the highest level of encryption supported by your browser. This is generally 256 bit encryption. If your browser does not support 256 bit encryption, then we use 128 bit v3 technology. If a page of our Internet site is transmitted to you in an encrypted format, then you can recognise this by the closed key or lock symbol in the bottom status bar of your browser.
10. Security measures
We take suitable technical and organizational steps in accordance with Art. 32 GDPR taking into consideration the state of the art, implementation costs and the type, scope, situation and purposes of processing as well as the different probabilities of occurrence and severity of the risks to the rights and freedoms of natural persons in order to ensure a level of protection commensurate with the risk. These measures include in particular ensuring the confidentiality, integrity and availability of data by checking physical access to the data as well as the access, input, disclosure and the assurance of availability and separation which concerns you.
The security measures include in particular the encrypted transmittance (No. 9) of data between your browser and our server.
11. Currentness and alteration of this data protection declaration
This data protection declaration of October 2020 is the current valid version
It might be necessary to make alterations to this data protection declaration through the further development of our website and offers or due to altered legal or official regulations.
The current data protection regulation can be accessed, downloaded and/or printed from the website at https://www.mwh.de/en/privacy-policy/ at any time.