We are pleased that you are using our website. The protection of your personal data is important to us and we want you to feel safe when using our website.
Item 1 Information on the collection of personal data
(1) In the following text, we wish to inform you about the collection of personal data during the use of our website. Personal data are all data which can be related to you personally, such as name, address, e-mail address, usage.
(2) Controller pursuant to. Article 4 (7) EU General Data Protection Regulation (GDPR) is:
Autohaus J. Wiest & Söhne GmbH
Tel.: +49 (0) 6151 864-123
Fax: +49 (0) 6151 864-403
(see our Legal Notice http://darmstadt.wiest-autohaeuser.de/impressum/).
Data protection officer:
Kölner Strasse 12
Tel +49 6196 97344 – 10
Fax +49 6196 97344 – 29
Frankfurt Local Court, HRB 110047
Managing Directors Oliver Greiner, Carsten Linz
VAT No.: DE253894328
Contact address: datenschutz @wiest-autohaeuser.de
(3) When you contact us by e-mail or using a contact form, the data provided by you (your e-mail address, where relevant your name and your telephone No.) will be stored by us in order to respond to your queries. The contact form is an additional service provided by us in order to permit you to contact us quickly and easily (legal basis is point f, Article 6 (1) GDPR).The data collected in this context are deleted as soon as their storage is no longer necessary or, where a statutory retention obligation applies, their processing restricted.
(4) If, for individual functions in our offer, we draw on commissioned service providers or wish to use your data for commercial purposes, we will inform you in detail below of the respective transactions. We also specify the criteria laid down for the duration of storage.
Item 2 Your rights
(1) You have the following rights vis-a-vis us with regard to the personal data relating to you:
• Right to information and access pursuant to Article 15 GDPR,
• Right to rectification pursuant to Article 16 GDPR,
• Right to erasure pursuant to Article 17 GDPR,
• Right to restriction of processing pursuant to Article18 GDPR,
• Right to data portability pursuant to Art 20 GDPR,
• Right to object to the processing pursuant to Article 21 GDPR.
(2) You can address your concerns exclusively by post to the following address. Please use only the following address:
Autohaus J. Wiest & Söhne GmbH
State your name, address and, where applicable, your customer No. and the context of your personal data. Please submit your concerns by post only. Should these details be missing, we will be unable to authenticate your identity and guarantee the safeguarding of our rights pursuant to GDPR.
(3) In addition, you have the right to complain to a data protection supervisory authority regarding our processing of your personal data.
Item 3 Collection of personal data when you visit our website
(1) When our website is used for purely informative purposes, i.e. when you do not register or provide us with other information, we collect only the personal data sent to our server by your browser. If you wish to view our website, we collect the following data which is technically necessary for us to show you our website and ensure stability and security (legal basis is point f, sentence 1, Article 6 (1) GDPR):
• IP address
• Date and time of the visit
• Time zone difference to Greenwich Mean Time (GMT)
• Content of the inquiry (specific site)
• Access status/HTTP status code
• Data volume transferred
• Website from which the enquiry originates
• Operating system and its user interface
• Language and version of the browser software
(2) In addition to the data specified above, cookies are stored on your computer when you use our website. Cookies are small text files which are sent to your hard drive which can be attributed to the browser you use on your computer and which send certain information to the site setting the cookies (in this case, to us). Cookies cannot execute programmes or infect your computer with a virus. They serve to make the overall internet offer more user-friendly and effective.
1. a) This website uses the following types of cookies, the scope and function of which are explained in the following:
• Transient cookies (see b)
• Persistent cookies (see c).
1. b) Transient cookies are deleted automatically when you close the browser. These include, in particular, session cookies. These cookies are what is known as session ID, which allows various inquiries from your browser to be assigned to the joint session. As a result, your computer can be recognised when you return to our website, for example, to prevent your having to register anew each time you change page. Session cookies are deleted when you log out or close the browser.
2. c) Persistent cookies are deleted automatically after a specified time which can vary depending on the cookie. How long the cookie remains on your device depends on the duration or the storage period of the respective cookie and your browser settings. You can delete the cookies in the security settings of your browser at any time.
With these cookies, the website remembers your information and settings when you next visit the site. As a result, you have fast and easy access to the website as, for example, you do not need to set the language once again.
1. d) You can configure your browser settings to suit yourself and, for example, refuse to accept third party cookies or all cookies. We would point out that in this case you may not be able to use all the functions of this website.
Item 4 Further functions and offers of our website
(1) In addition to purely informative use of our website, we offer various services which you can use if they are of interest to you. As a rule, you have to provide further personal data which we use to provide the respective service and for which the data protection principles specified above apply.
(2) In some cases, we avail of the services of external service providers for the processing of your personal data. These have been carefully selected and commissioned by us, are bound by our instructions and are monitored regularly.
(3) Furthermore, we can pass your personal data on to third parties when we offer participation in campaigns, competitions, and the conclusion of contracts or similar services together with partners. Further information can be obtained when you provide your personal data or below in the description of the offer.
(4) If our service providers or partners are based in a state outside of the European Economic Area (EEA), we will inform you of the consequences of this circumstance in the description of the offer.
Item 5 Objection to or revocation of the processing of your data
(1) If you have consented to the processing of your personal data, you can revoke this at any time. A revocation of this kind affects the permissibility of the processing of your personal data, once it has been issued to us.
(2) When we base the processing of your personal data on an assessment of interests, you can submit an objection to the processing. This is the case, in particular, when the processing is not necessary for the fulfilment of a contract with you, which we now show in the following description of the functions. When exercising a right to object of this kind, we request an explanation of the reasons why your personal data should not be processed as executed by us. In the event of a substantiated objection, we examine the circumstances and then either discontinue or adapt the data processing or inform you of our vital reasons for continued processing.
(3) Of course you can object at any time to the processing of your personal data for purposes of advertising and data analysis (e. g. the analysis of the data for advertising purposes). You can inform us of your objection to advertising using the following contact data: datenschutz @wiest-autohaeuser.de
Item 6 Use of our web shop
(1) If you wish to place an order in our web shop, the conclusion of the contract makes it necessary for you to provide the personal data which we require for the handling of your order. Mandatory data necessary for the processing of the contracts are marked specifically; other details are voluntary. We process the data provided by you to process your order. To this end, we pass your payment details on to the bank we do business with. When we supply you with goods, we pass your data on to the mail order firm commissioned by us, where these are required for shipping. The legal basis is point b, sentence 1, Article 6 (1) GDPR. Non-provision of this data can result in an inability to conclude the contract. According to the stipulations of trading and tax law, your address, payment details and details of the order must be stored for ten years.
If you wish, you can set up a customer account through which we can store your data for any later purchases. When setting up an account under “My account” the data supplied by you will be stored in a revocable way.
In addition, we can process the details supplied by you to inform you of further interesting products from our portfolio or send you e-mails with technical information.
(2) To prevent unauthorised access to your personal data by third parties, in particular financial data, the order process is encrypted by means of TLS technology.
Item 7 Customer account
(1) When you set up a customer account, the data provided by you will be stored in a revocable way. [All further data, including your user account, can always be deleted in the customer section.] For registration, we use what is known as double-opt-in, i.e. your registration is only concluded when you have confirmed your registration through the link contained in a confirmation e-mail sent to you for this purpose.
(2) When you use our customer account, we store your data required for the fulfilment of the contract until such time as we finally delete your access. Furthermore, we store the data provided voluntarily for the period during which you are using the account, unless you previously delete it. You can administer and change all the details in the protected customer section. Legal basis is point f, sentence 1 Article 6 (1) GDPR.
Item 8 Newsletter
(1) With the following details we wish to inform you of the content of our newsletter and the registration, dispatch and statistical analysis process as well as your right to object. By subscribing to our newsletter, you declare your consent to receiving it and to the process described.
(2) Content of the newsletter: We send newsletters, e-mails and other electronic communication with commercial information (hereinafter “newsletter”) only with the agreement of the recipient or with statutory consent. Where, in the context of a registration for the newsletter, its contents are specifically described, these are decisive for the consent of the user. For the rest, our newsletters contain information on our products, offers and campaigns and on our company.
(3) Double-opt-in and logging: Registration for our newsletter ensues in what is known as a double-op-in process. This means that, following registration, you receive an e-mail requesting confirmation of your registration. This confirmation is necessary so that nobody can register using a third party’s e-mail address. Registration for the newsletter is logged, in order to be able to prove compliance of the registration process with the legal requirements. This includes recording the time of registration and confirmation as well as the IP address. Similarly, changes to your data stored with the mailing service are also logged.
(4) Mailing service: The newsletter will be sent by means of “MailChimp”, a newsletter mailing platform of the US service provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. The data protection terms of the mailing service can be viewed here: https://mailchimp.com/legal/privacy/. The Rocket Science Group LLC d/b/a MailChimp is certified under the Privacy Shield Agreement and therefore offers a guarantee that the European data protection levels are observed
(5) Furthermore, by its own account, the mailing service can use this data in pseudonymised form, i.e. without attributability to a user, to optimise or improve its own services, e.g. for technical optimisation of dispatch and the presentation of the newsletter or for statistical purposes, in order to determine the country from which the recipient comes. However, the mailing service does not use the data of recipients of our newsletter to address these in its own interests or to pass them on to third parties.
(6) Registration details: In order to register for the newsletter, you need only give your e-mail address. As an optional point, we ask you to give your name to allow us to address you personally in the newsletter.
(7) Performance measurement – The newsletter contains what is known as a web beacon, i.e. a pixel-sized file which is accessed by the mailing service’s server when the newsletter is opened. In the context of this call-up, technical information is first collected such as information on the browser and your system as well as your IP address and the time of access. This information is used for technical improvement of the service based on the technical data or the target group and its reading habits as indicated by the place of access (which can be determined with the aid of the IP address) or the times of access. The survey also includes determining whether the newsletters are opened, when they are opened and the links clicked. For technical reasons, this information can be attributed to specific newsletter recipients. However, it is neither our intention nor that of the mailing service to monitor individual users. Rather, the analyses serve to allow us to recognise the reading habits of our users and adapt our content accordingly or dispatch different content in line with the interests of our users.
(8) The mailing of the newsletter and the performance measurement ensue on the basis of the consent of the recipient pursuant to point a, sentence 1, Article 6 (1), Article 7 GDPR in conjunction with Section 7, Sub-section 2, No. 3 UWG or on the basis of statutory consent pursuant to Section 7, Sub-section 3 UWG.
(9) E-mail advertising without registration for the newsletter and your right to object: If we receive your e-mail-address in the context of the sale of goods or services and you have not objected, we reserve the right, on the basis of Section 7, Sub-section 3 UWG, to send you regular e-mails with offers of products from our range similar to those you have purchased. In the context of an evaluation of interests, this serves to safeguard our overriding legitimate interest in advertising to our customers.
You can object to this use of your e-mail-address at any time by using one of the contact options listed below or through the relevant link in the marketing mail, without incurring costs in excess of the transmission costs in accordance with the basic rates.
(10) The logging of the registration process ensues on the basis of our legitimate interests pursuant to point f, Article 6 (1) GDPR and serves to prove consent to the receipt of the newsletter.
(11) You can revoke your consent to receipt of the newsletter at any time, and cancel the newsletter subscription. You can declare the revocation by clicking on the link shown in every newsletter e-mail or by using the contact data shown in the Legal Details. The information will be stored for as long as you subscribe to the newsletter. Following cancellation of the subscription, we store the data for purely statistical reasons and anonymously.
Item 9 Use of Google Analytics
(1) This website uses Google Analytics, a web analysis service of Google Inc. (“Google”). Google Analytics uses “cookies”, i.e. text files that are stored on your computer and that permit analysis of your use of the website. The information produced by the cookie regarding your use of this website is usually transmitted to a server of Google in the USA and stored there. If IP address anonymisation was activated on this website, your IP address will be shortened by Google, however, within the member states of the European Union or in other states that are party to the Treaty on the European Economic Area. Only in exceptional circumstances will your full IP address be transmitted to a server of Google in the USA and abbreviated there. On behalf of the provider of this website, Google will use this information to evaluate your use of the website, in order to compile reports on website activities and to provide further services connected to website use and internet use to the website operator.
(2) The IP address transmitted by your browser within the context of Google Analytics will not be combined with any other data by Google.
(3) You can prevent the installation of cookies by setting our browser accordingly; we would point out, however, that in this case you may not be able to make full use of all the functions of this website. Furthermore, you can prevent recording of the data generated by the cookie and referring to your use of the website (including your IP address) and processing of these personal data by Google by downloading and installing the browser plug available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
You can prevent recording by Google Analytics by clicking the following link. This sets an opt-out cookie that will prevent the future recording of your personal data when visiting this website: Deactivate Google Analytics:
Further information on Google Analytics’ handling of user data can be found in the Google data protection declaration: https://support.google.com/analytics/answer/6004245?hl=de.
(4) This website uses Google Analytics expanded by the code “_anonymizeIp()”. As a result, IP addresses are processed in abbreviated form, so that personal attributability can be ruled out. If the data collected gives rise to a personal reference, this is automatically excluded and the personal data deleted immediately.
(5) We use Google Analytics to enable us to analyse and regularly improve your use of our website. The statistics obtained allow us to improve our offer and make it more interesting for you as a user. For the exceptional cases in which personal data in transferred to the US, Google has signed up to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. Legal basis for the use of Google Analytics is point f, sentence 1, Article 6 (1) GDPR.
(6) Information of third-party suppliers: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001.
Conditions of use: http://www.google.com/analytics/terms/de.html,
Overview of data protection: http://www.google.com/intl/de/analytics/learn/privacy.html, and the data protection declaration: http://www.google.de/intl/de/policies/privacy.
(7) This website also uses Google Analytics for an analysis of streams of visitors across all devices, which is carried out using user-ID. You can deactivate the analysis of your use across all devices in your customer account under “My data”, “Personal details”.
Item 10 Inclusion of Google Maps
(1) On this website, we avail of the services of Google Maps. This allows us to show you an interactive map directly on the website and you to make convenient use of the map function.
(2) When you visit the website, Google receives the information that you have accessed the corresponding subpage on our website. Furthermore, the data listed under Item 3 of this declaration are transferred. This happens regardless of whether Google has provided a user account through which you have logged in or whether no user account exists. If you log into Google, your data is directly attributed to your account. If you do not wish your profile to be attributed by Google, you must log out before activating the button. Google stores your data as a user profile and uses it for the purpose of advertising, market research and/or market needs-driven design of its website. An evaluation of this kind ensues, in particular, (even for users who are not logged in) to provide tailored advertising and to inform other users of the social network of your activities on our website. You have the right to object to the generation of this user profile, but must contact Google in order to exercise it.
(3) Further information on the purpose and scope of data collection and its processing by the plug-in provider can be obtained in the provider’s data protection declaration. Here you will also obtain further information on your relevant rights and setting options to protect your privacy: http://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the US and has signed up to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
Item 11 Use of Google Adwords Conversion
(1) We use Google Adwords to help advertise our attractive range on external sites with the aid of advertising material (what are known as Google Adwords). By analysing the data of the advertising campaign, we can determine the success of the individual advertising measures. In doing so, we pursue the legitimate interest of showing you advertising which is of interest to you, making our website more interesting and achieving a fair calculation of advertising costs.
(2) These ads are delivered by Google through what are known as “Ad Servers”. To do so, we use Ad Server cookies, which allow certain performance measurement parameters such as pop-up ads or user clicks to be measured. If you reach our website through a Google ad, a cookie will be stored on your computer by Google Adwords. As a rule, these cookies become invalid after 30 days and are not intended to identify you personally. For this cookie, as a rule, the analysis values stored are: unique cookie-ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions) and opt-out information (marker indicating that the user does not wish to be approached again).
(3) These cookies permit Google to recognise your internet browser again. When a user visits certain pages on the website of an Adwords customer, and the cookie stored on his computer has not yet expired, Google and the customer recognise that the user has clicked the ad and been passed on to this site. A different cookie is attributed to every Adwords customer. Therefore cookies cannot be tracked through the websites of Adwords customers. We ourselves collect and process no personal data in the advertising measures specified. Google provides us only with statistical analyses. On the basis of these analyses we can see which of the advertising measures deployed are particularly effective. We receive no further data from the deployment of the ads; in particular, we cannot identify the user on the basis of this information.
(4) Due to the marketing tools used, your browser automatically establishes a direct connection with the Google server. We have no influence over the scope and other use of the data collected by Google using these tools and are therefore informing you to the best of our knowledge: As a result of the inclusion of AdWords Conversion, Google receives the information that you have accessed the corresponding section of our website or clicked on one of our ads. If you are registered with a Google service, Google can attribute the visit to your account. Even if you are not registered with Google, or have not logged in, the possibility exists that the provider can determine and store your IP address.
(5) You can prevent your participation in this tracking process in a number of ways: a) set your browser accordingly, in particular the suppression of third party cookies results in your receiving no ads from third party applies; b) deactivate the cookies for conversion tracking by setting your browser so that cookies from the domain “www.googleadservices.com”, https://www.google.de/settings/ads are blocked, whereby these settings will be deleted when you delete your cookies; c) deactivate the interest-related ads from suppliers participating in the self-regulation campaign “About Ads” through the link http://www.aboutads.info/choices, whereby these settings will be deleted when you delete your cookies; d) permanent deactivation in your browsers Firefox, Internet Explorer or Google Chrome under the link http://www.google.com/settings/ads/plugin. We would draw your attention to the fact that in this case, you may not be able to use all the functions of this offer.
(6) Legal basis for the processing of your data is point f, sentence 1, Article 6 (1) GDPR. Further information on data protection at Google can be found here: http://www.google.com/intl/de/policies/privacy and https://services.google.com/sitestats/de.html. Alternatively you can visit the website of the Network Advertising Initiative (NAI) under http://www.networkadvertising.org. Google has signed up to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
Item12 Facebook page insight – “Facebook Fanpage”
(1) When you visit our Facebook page, Facebook collects, among other things, your IP address as well as further information stored on your PC in the form of cookies. This information is used to provide us as the operator of the Facebook page with statistical information on the use of the Facebook page. Through what are known as Facebook page “insights”, these statistical data are accessible to us as operator of the page. These statistics are generated and provided solely by Facebook. We as operator have no influence over the generation and presentation. We cannot switch off this function or prevent the generation and processing of data.
Facebook provides further information on “Insights” under the following link: http://de-de.facebook.com/help/pages/insights.
(2) The following data are provided to us by Facebook via “Insights”:
Number of site visits, details of “likes”, page activity, reach, video viewings, interactions with posts, post coverage, comments, shares, answers, gender breakdown, regional distribution of users (origin based on country and city), language, call-ups and clicks in the shop, clicks on route planners and clicks on telephone numbers.
(3) The operation of this Facebook page and the associated processing of the personal data of the users are based on point f, Article 6 (1) GDPR, our legitimate interest in modern and supportive interaction options for and with the users and visitors to our Facebook page.
(4) Together with Facebook, we as the operator of the fan page, are responsible for the processing. Therefore, within the framework of what is known as an insights addendum with Facebook, it was agreed who is to meet which GDPR obligations. The primary responsibility pursuant to GDPR for the processing of insight data lies with Facebook. Facebook therefore meets all GDPR obligations with regard to the processing of insights data (among others Article 12 and 13 GDPR, Article 15 to 22 GDPR and Article 32 to 34 GDPR). Your rights as a data subject can be asserted with us or with Facebook Ireland Limited (“Facebook Ireland”). If you as a data subject pursuant to GDPR wish to contact us with regard to the processing of insights data and obligations assumed by Facebook Ireland within the context of the insights addendum, we are obliged to pass on all relevant information in this regard to Facebook Ireland.
The complete insights addendum with regard to responsibility can be found under: https://www.facebook.com/legal/terms/page_controller_addendum
(5) Addresses of Facebook and URL with the data protection notes:
Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; http://www.facebook.com/policy.php; further information on data collection: http://www.facebook.com/help/186325668085084, http://www.facebook.com/about/privacy/your-info-on-other#applications and http://www.facebook.com/about/privacy/your-info#everyoneinfo. Facebook has signed up to the EU-US-Privacy-Shield, https://www.privacyshield.gov/EU-US-Framework.
Item 13 Use of Trusted Shops Badge – Quality seal with ratings
To show our Trusted Shops quality seal and any ratings, as well as the trusted shops products for purchasers after an order, the Trusted Shops Trustbadge is included on this website.
This serves to safeguard our predominant legitimate interests in optimum marketing of our range in the context of an evaluation of interests pursuant to point f, sentence 1, Article 6 (1) GDPR. The Trustbadge and the services advertised with it are an offer of Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne.
When the Trustbadge is called up, our web server automatically stores the server log file containing, for example, your IP address, date and time of call-up, data volume transmitted and the inquiring provider (access data) and logs the query. These access data are not evaluated and are overwritten automatically within seven days of the end of your visit to the site.
Further personal data are only passed on to Trusted Shops when you have consented, following the completion of an order, to use Trusted Shops products or have already registered to use them. In this case, the agreement concluded between you and Trusted Shops shall apply.