Privacy policy

Privacy Policy
We are pleased that you are visiting our website and appreciate your interest in our company and services. The protection of personal data is of particular importance to us. Generally, our website can be used without providing any personal data. However, if a data subject wishes to make use of certain services offered through our website, the processing of personal data may become necessary. Where such processing is required and there is no statutory legal basis for it, we will generally obtain the data subject’s consent before processing their personal data.

General

Data controller

The data controller within the meaning of data protection laws, in particular the EU General Data Protection Regulation (GDPR), is:

Kraftverkehr Münsterland C. Weilke GmbH & Co KG
Hansaring 26
48268 Greven

Telephone: +49 2571 501-0
Fax: +49 2571 501-54
Email: info@weilke.de

Management: Cornelius Weilke, Peter Weilke, Ralf Rensmann

Data Protection

If you have any questions regarding data protection, please contact our Data Protection Officer at: datenschutz@weilke.de .

General information on data processing

In principle, personal data of our website visitors is only processed if and to the extent that this is necessary to provide a functional website and our content and services. The collection and use of personal data of our website visitors generally takes place only with consent. An exception applies if obtaining prior consent is not possible for practical reasons and the processing of the data is permitted by law.
Legal basis for the processing of personal data

a. Article 6(1)(a) of the GDPR for data processing based on your consent; in such cases, consent is obtained from you separately.
b. Article 6(1)(b) of the GDPR for data processing necessary for the performance of a contract to which the data subject is a party. This also applies to data processing necessary for the implementation of pre-contractual measures.
c. Article 6(1)(c) of the GDPR for data processing is necessary to comply with a legal obligation to which we are subject.
d. Article 6(1)(f) of the GDPR for data processing based on our legitimate interests.

Data processing based on legitimate interests pursuant to Article 6(1)(f) of the GDPR may only take place insofar as this is necessary to safeguard our legitimate interests or those of third parties and does not override your interests or fundamental rights and freedoms which require the protection of personal data.
Where third-party technologies (such as cookies) are used, the processing of personal data is also based on consent. The legal basis is Article 6(1)(a) of the GDPR in conjunction with Section 25(1) of the TDDDG.
In the case of cookies that are necessary to provide explicitly requested telemedia services, Section 25(2) of the TDDDG applies.

Your rights as a data subject


If your personal data is processed, you are a “data subject” within the meaning of the GDPR and you are entitled to the following rights vis-à-vis us as the controller. You may exercise your rights by sending an email to the contact details provided above, stating your request.

a. Right of access

In accordance with Article 15 of the GDPR, every data subject has the right to receive, at any time and free of charge, information from us regarding the personal data stored about them, as well as a copy of this data.
You may request confirmation from us as to whether we are processing personal data relating to you.

b. Right to rectification

In accordance with Article 16 of the GDPR, every data subject has the right to request the immediate rectification of inaccurate personal data concerning them. Furthermore, the data subject has the right to request the completion of incomplete personal data – including by means of a supplementary statement – taking into account the purposes of the processing.

c. Right to restriction of processing

Every data subject has the right to request that we restrict processing if a condition provided for by the legislator in Article 18 of the GDPR is met.

d. Right to erasure

Every data subject has the right to request that we erase personal data concerning them without undue delay, provided that one of the grounds set out in Article 17 of the GDPR applies.

e. Right to data portability

In accordance with Article 20 of the GDPR, every data subject has the right to receive the personal data concerning them, which has been provided to us by the data subject, in a structured, commonly used and machine-readable format. They also have the right to transmit this data to another controller without hindrance from the controller to whom the personal data was provided, provided that the processing is based on consent pursuant to Article 6(1)(a) of the GDPR or on a contract pursuant to Article 6(1)(b) of the GDPR and the processing is carried out by automated means.

f. Right to object (Article 21 GDPR)
Your right to object
Any data subject affected by the processing of personal data has the right to object, on grounds relating to their particular situation, at any time to the processing of personal data concerning them which is carried out on the basis of Article 6(1)(e) or (f) of the GDPR. This also applies to profiling based on these provisions.
In the event of an objection, we will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves to establish, exercise or defend legal claims.
Should we process data for the purpose of direct marketing, the data subject has the right to object at any time to the processing of personal data for the purposes of such marketing. This also applies to profiling insofar as it is related to such direct marketing. If the data subject objects to processing for the purposes of direct marketing, the personal data will no longer be processed for these purposes.

g. Right to withdraw consent under data protection law

Any data subject affected by the processing of personal data has the right to withdraw their consent to the processing of personal data at any time with effect for the future. Withdrawal of consent does not affect the lawfulness of processing carried out on the basis of consent prior to its withdrawal.

h. Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right under Article 77 of the GDPR to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or the place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.
A list of supervisory authorities (for the non-public sector) with addresses can be found at: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Data erasure and retention period

The personal data of data subjects will be erased or restricted from further processing as soon as the purpose for which the personal data was collected no longer applies. Storage may also take place if this is provided for by European or national legislation in EU regulations, laws or other provisions to which we are subject. The restriction or erasure of data also takes place when a retention period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or performance of a contract.

Cooperation with data processors and third parties / Transfer to third countries

Where, in the course of our data processing, we disclose data to other individuals and/or companies (data processors or third parties), transfer it to them or otherwise grant them access to the data, this is done only on the basis of a legal authorization, because you have given your consent, a legal obligation requires it, or on the basis of our legitimate interest.

Where we engage third parties to process data on the basis of a so-called “data processing agreement”, this is always done in accordance with Article 28 of the GDPR.

Should we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)), or should this occur in the context of using third-party services or the disclosure or transfer of data to third parties, this will only take place if it is necessary to fulfil our (pre-)contractual obligations, on the basis of your consent, due to a legal obligation or on the basis of our legitimate interests. Subject to statutory or contractual permissions, we process or have the data processed in a third country only if the specific conditions of Articles 44 et seq. of the GDPR are met. This means that processing takes place, for example, on the basis of specific safeguards, such as the officially recognized determination of a level of data protection equivalent to that of the EU (e.g. Data Privacy Framework) or compliance with officially recognized specific contractual obligations (so-called ‘EU Standard Contractual Clauses’).

SSL or TLS encryption
This website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the website operator. You can recognize an encrypted connection by the fact that the address bar of the browser changes from “http://” to “https://” and by the padlock symbol in your browser bar.
When SSL or TLS encryption is enabled, the data you transmit to us cannot be read by third parties.

Objection to promotional emails

We hereby object to the use of contact details published in accordance with our legal obligation to provide an imprint for the purpose of sending unsolicited advertising and information material. The operators of this website expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, for example via spam emails.

Data collection on our website

Server log files

When you visit our website, a range of general information is automatically collected each time you access the site. This general data and information is stored in the server’s log files.
This includes, among other things, the following information:

• Domain accessed
• Client IP
• Time of visit
• URL accessed
• Amount of data transferred
• Website from which you accessed the requested page (referrer)
• as well as product and version information of the browser used (User-Agent)

When using such general data and information, we do not draw any conclusions about the identity of the data subject. Rather, this information is required to correctly deliver the content of our website, to optimize the content of our website, to ensure the long-term functionality of our IT systems and website technology, and to provide law enforcement authorities with the information necessary for prosecution in the event of a cyberattack. When you visit our website, your IP address is anonymized. The anonymized data and information collected are evaluated by us for statistical purposes and with the aim of improving data protection and data security, thereby ensuring an optimal level of protection for the personal data we process. The anonymized data contained in the server log files are stored separately from any personal data provided by a data subject. Pursuant to Article 6(1)(f) GDPR, we have a legitimate interest in improving the stability, security, and functionality of our website.

Contact form

On our website, you have the option to use our contact form for the ‘Request a daily price quote’. In doing so, we process, among other things, your company name, contact person details, address, contact details, information on the loading point including the address, and details of the shipment. In addition, we may request further information such as delivery times and other specific details.
The processing of this data is based on Article 6(1)(b) of the GDPR, provided that your enquiry relates to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective handling of enquiries addressed to us (Article 6(1)(f) of the GDPR). Your data will not be disclosed without your prior consent. The data you enter in the contact form will remain with us until you request its deletion or the purpose for storing the data no longer applies (e.g. once your enquiry has been processed). Mandatory legal provisions – in particular retention periods – remain unaffected.

Enquiries by email, telephone or fax

If you contact us by email, telephone or fax, your enquiry, including all personal data contained therein (name, enquiry, time, etc.), will be stored and processed by us for the purpose of dealing with your request. We will not disclose this data without your consent.
The processing of this data is based on Article 6(1)(b) of the GDPR, provided that your enquiry relates to the performance of a contract or is necessary for the implementation of pre-contractual measures, or on our legitimate interests (Article 6(1)(f) of the GDPR), as we have a legitimate interest in the effective processing of enquiries addressed to us. The data you send to us via contact enquiries will remain with us until you request its deletion, withdraw your consent to its storage, or the purpose for storing the data no longer applies (e.g. once your enquiry has been processed). Mandatory legal provisions – in particular statutory retention periods – remain unaffected.

Job applications

We offer you the opportunity to apply for a job with us (e.g. by email, post or via the online application form). Below, we provide information on the scope, purpose and use of your personal data collected as part of the application process. We assure you that the collection, processing and use of your data is carried out in accordance with applicable data protection law and all other legal provisions, and that your data will be treated as strictly confidential.
We process data relating to your application. This may include general personal details (such as your name, date of birth, address and contact details), information regarding your professional qualifications and educational background, details of any further professional training, or other information you provide to us in connection with your application. We process your personal data solely for the purposes of recruitment or the application process. If you apply to us or provide us with your contact details so that we may contact you, we will use your data for internal review or to get in touch with you. Technical and organizational measures are being taken to protect your data against accidental or deliberate manipulation and unauthorized access.
Should you be offered a position, we will use your data to comply with legal requirements and thus establish the employment relationship. Upon your departure, your data will be used to process your departure. This may be due to either resignation or reaching retirement age.
If you have applied for a position with us, your application documents will remain internal. The documents will only be forwarded to the relevant staff members for consultation. In the event of employment or resignation, your data will be forwarded to the relevant authorities to ensure a smooth process. These include, for example, the authorities required by law such as health insurance, pension insurance, tax office, tax advisors, etc. Your data will not be transferred to a third country. Third countries refer to countries that do not belong to the EU.
As part of the application process, we process your data in accordance with Article 6(1)(b) of the GDPR, in the context of pre-contractual measures.
Should the processing of your personal data pursuant to Article 6(1)(a) of the GDPR be based on consent, we will obtain this from you separately. For example, if we are permitted to contact you again at a later date following a rejection.
Furthermore, we may process personal data about you to the extent necessary to defend against legal claims asserted against us arising from the application process. The legal basis for this is Article 6(1)(f) of the GDPR; the legitimate interest is, for example, a duty to provide evidence in proceedings under the General Equal Treatment Act (AGG).
We will only store your data for as long as is necessary for the purposes mentioned above. If one or more of these purposes no longer apply, your data will be deleted, unless statutory retention periods prevent this. Once these periods have expired, your data will be deleted. Should you not be considered for the role in the further recruitment process, your application documents will be deleted after a period of 6 months. This does not apply if you have given us your consent to retain your data for longer than the period required by law.

Cookies

Our website uses so-called ‘cookies’. Cookies are small text files and do not cause any damage to your device. They are stored on your device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or your web browser deletes them automatically.
In some cases, cookies from third-party companies may also be stored on your device when you visit our site (third-party cookies). These enable us or you to use certain services provided by the third-party company (e.g. cookies for processing payment services).
You can configure your browser so that you are notified when cookies are set and only allow cookies on a case-by-case basis, exclude the acceptance of cookies in specific cases or generally, and enable the automatic deletion of cookies when you close your browser. If you disable cookies, the functionality of this website may be restricted.
Where cookies are used by third-party companies or for analytical purposes, we will inform you of this separately within the scope of this privacy policy and, where necessary, seek your consent.

Cookie consent with CCM19

This website uses the cookie consent technology from CCM19 to obtain your consent to the storage of certain cookies on your device and to document this in accordance with data protection regulations. The provider of this technology is Papoo Software & Media GmbH, Auguststr. 4, 53229 Bonn. Website: https://www.ccm19.de/ (hereinafter “CCM19”).

When you visit our website, the following personal data is transmitted to CCM19:
• Button clicked (e.g. “Accept all”, “Reject”, “Save selection”)
• Consent status (which categories have been accepted or rejected)
• Date and time of consent
• Last change to consent status
• Which scripts or cookies have been enabled
• Which iframes (e.g. YouTube, Google Maps) have been approved
• Banner language used
• A unique consent ID (UCID) that can be used to verify consent at a later date

In addition, the consent log may contain the following technical information:

• Truncated or masked IP address
• Browser information (user agent)
• Operating system
• Device type
• URL accessed
• Visitor’s country and language
• Version of the banner or consent text

Furthermore, CCM19 stores a cookie in your browser to enable it to associate the consents you have given or their withdrawal with you. The data collected in this way is stored until you request its deletion, delete the CCM19 cookie yourself, or the purpose for storing the data no longer applies. Mandatory statutory retention obligations remain unaffected.
CCM19 is used to obtain the legally required consents for the use of cookies. The legal basis for this is Article 6(1)(c) of the GDPR.
We have entered into a data processing agreement with CCM19.

Google Fonts

We use fonts from Google Fonts on our website. We have embedded the fonts statically, which means that the fonts are hosted locally and no connection is established to Google servers when you visit our website.
We use Google Fonts in accordance with Article 6(1)(f) of the GDPR on the basis of our legitimate interest in providing you with a user experience using our fonts.

Google Maps

On this website, we use the Google Maps map service via an API, which is provided for users in Europe, the Middle East and Africa (EMEA) by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, and for all other users by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). To use the functions of Google Maps, it is necessary to store the IP address of the device accessing the site. This information is usually transferred to a Google server in the USA and stored there. We have no influence over this data transfer. If Google Maps is activated, Google may use Google Web Fonts for the purpose of displaying fonts consistently. When you access Google Maps, your browser loads the required web fonts into your browser cache to display text and fonts correctly.
The use of Google Maps is in the interest of presenting our online services in an appealing manner and ensuring that the locations specified on our website are easy to find. The use of this service is based on your consent in accordance with Article 6(1)(a) of the GDPR and Section 25(1) of the TDDDG. Consent may be withdrawn at any time and can be adjusted via the cookie settings.

Language Cookie

Our website uses a technically necessary cookie to store your chosen language version. This cookie serves solely to save your language setting during your visit or for future page views and to display the website in the language you have selected.
The cookie is processed on the server side and does not contain any information that allows for your direct identification. It is not used for analysis, tracking or marketing purposes.
The storage of this cookie is necessary to provide the function you have requested (language selection) and is therefore carried out without your separate consent on the basis of Section 25(2)(2) of the German Telemedia Act (TDDDG). Where necessary, the processing of personal data is carried out on the basis of Article 6(1)(f) of the GDPR. Our legitimate interest lies in the user-friendly and consistent presentation of our website in the selected language.

Updating the Privacy Policy

We reserve the right to amend the privacy policy to ensure it complies with current and latest legal requirements, or to modify it if, for example, new services are introduced.