Data Protection

We are delighted that you are visiting our website. The protection and security of your personal information when using our website is very important to us. We would therefore like to take this opportunity to inform you about which of your personal data we collect when you visit our website and for what purposes it is used.

This privacy policy applies to the Willbrandt KG website, which can be accessed at the domain willbrandt.co.uk and the various subdomains (‘our website’).

Responsible body

The entity responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) and other data protection regulations is:

WILLBRANDT KG
Schnackenburgallee 180
22525 Hamburg
Germany
Telephone +49 40 540093-0
info@willbrandt.de

Data Protection Officer

AGAD Service GmbH
Dr. Nils Helmke
Waldring 43 – 47
44789 Bochum
Germany
datenschutz@agad.de

Hosting and server log files

The servers for our website {website} are operated by the provider {provider_and_location}. We have concluded a data processing agreement with the provider in accordance with Article 28 GDPR. The legal basis for using external hosting is the performance of a contract to our potential and existing customers pursuant to Article 6(1)(b) GDPR, as well as our legitimate interest in the secure and high-performance provision of our website pursuant to Article 6(1)(f) GDPR.

Each time our website is accessed, our system’s web server collects information from the device being used. The following data is collected:

  • Information about the browser type
  • Operating system of the user’s device
  • Date and time of access
  • The previous website from which the user accessed our websites (referrer)

We only collect IP addresses in anonymized form; therefore, we do not store any personal data in our log files within the meaning of the GDPR.

Contact

You can contact us by email, phone, contact form, or letter. This may involve the processing of your personal data. We process your data to handle and process your request. We will not share your data with third parties without your consent.

The legal basis for the processing is our legitimate interest in the effective handling of your request pursuant to Art. 6 para. 1 lit. f GDPR.

When you contact us by email, we store your email address and the information contained in the email. If you use the contact form, we also collect your pseudonymized IP address in addition to the information you provide. If you contact us by letter, we store your return address and the contents of the letter. If you contact us by telephone, we collect personal data depending on the specific circumstances.

We store your data until you request its deletion or the processing purpose (processing your request) has been fulfilled.

Social media profiles

We maintain online profiles on the following social networks (hereinafter referred to as “Social Media”) to communicate with customers, prospects and the public and to draw attention to our services:

  • LinkedIn (LinkedIn Ireland Unlimited Company)

Regarding the scope and purpose of data processing, we refer to the respective applicable data protection regulations of the networks:

  • LinkedIn: (https://de.linkedin.com/legal/privacy-policy?)

The processing is based on Article 6(1)(f) GDPR, as we have a legitimate interest in modern public relations. Where consent is required, the processing is based on Article 6(1)(a) GDPR.

If you transmit additional data (e.g., personal messages) to the services, your consent is generally required. Please note that we have no control over the data processing carried out by the social media providers. For questions or to exercise your data subject rights (e.g., access, erasure), please contact the respective platform operator directly.

You can subscribe to or unsubscribe from our social media profiles at any time. If you do not want social media service providers to collect data about your visit to our profiles, please use the deactivation options (e.g., logging out, ad tracker blocking) in your user account or install appropriate browser add-ons.

sourcebuster.js

We use the ‘Sourcebuster.js’ service on our website to track the origin of our website visitors. Sourcebuster is hosted on our own servers, so no data is shared with third parties.

The legal basis for the use of Sourcebuster is your consent pursuant to Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time with effect for the future.

The data processed by Sourcebuster.js includes information about the source, medium, campaign and referrer of your website visit, as well as the time of the visit; this service also sets cookies to track attribution data.

The purpose of data processing is to track the origin of website traffic and analyze the effectiveness of marketing channels without identifying individual users.

WooCommerce

We use the ‘WooCommerce’ service on our website to manage and process online shop transactions. WooCommerce is hosted on our own servers, so no data is shared with third parties.

The legal basis for the use of WooCommerce is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR to enable and manage the processing of online shop transactions and to provide a functional and user-friendly e-commerce platform.

The data processed by WooCommerce includes your name, billing and shipping address, email address, phone number, payment information, order details, and may set cookies to track shopping cart contents and user sessions.

The purpose of data processing is to enable the operation of the online shop, the processing of customer orders, and the management of payments and shipping.

Borlabs Cookie

We use the “Borlabs Cookie” service on our website to manage our visitors’ cookie settings. The provider is Borlabs GmbH, Rübenkamp 32, 22305 Hamburg, Germany. Borlabs Cookie is hosted on our own servers, so no data is shared with third parties.

The legal basis for the use of Borlabs Cookie is the fulfillment of a legal obligation pursuant to Art. 6 para. 1 lit. c GDPR.

The data processed by Borlabs Cookie includes your consent preferences, consent status and cookie settings, with the service placing cookies in your browser to store these preferences.

The purpose of data processing is to manage user consent for cookies and to store user settings regarding cookie usage.

Google Analytics

We use the “Google Analytics” service on our website to analyze user behavior. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

The legal basis for the use of Google Analytics is your consent pursuant to Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time with effect for the future.

The data processed by Google Analytics includes your IP address, browser and device information, location data, time of visit, information on interaction with the website, and cookies are set.

If you are signed in to a Google account, this data can be linked to a user profile.

The purpose of data processing is to analyze and evaluate user behavior in order to optimize the website and marketing measures.

The standard data retention period for Google Analytics is 14 months.

It is possible that personal data may be transferred to insecure third countries (USA) where data protection standards are lower than in the EU. Google is certified under the EU-US Data Privacy Framework, which regulates the secure processing of EU citizens’ data in the USA. We have concluded a data processing agreement (DPA) with Google, which ensures that personal data is processed only according to our instructions and in compliance with the GDPR.

Further information on Google Analytics’ privacy policy can be found at: https://support.google.com/analytics/topic/2919631?hl=en&ref_topic=1008008,3544742,2986333,&sjid=1881441919987619365-EU

Information about the cookies used can be found at: https://policies.google.com/technologies/cookies

You can prevent the processing of your data by clicking this link: https://tools.google.com/dlpage/gaoptout

Google Fonts

We use the “Google Fonts” service on our website to integrate external fonts for improved visual presentation. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

The legal basis for the use of Google Fonts is your consent pursuant to Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time with effect for the future.

The data processed by Google Fonts includes your IP address, browser and device information, and the time of the request.

The purpose of data processing is the optimized and uniform display of fonts on the website.

It cannot be ruled out that personal data may be transferred to insecure third countries (USA) where data protection standards are lower than in the EU. Google is certified under the EU-US Data Privacy Framework, which regulates the secure processing of EU citizens’ data in the USA.

Further information on Google Fonts’ privacy policy can be found at: https://policies.google.com/privacy

Information about the cookies used can be found at: https://policies.google.com/technologies/cookies

You can prevent the processing of your data by clicking this link: https://policies.google.com/privacy#infochoices

Google Maps

We use the “Google Maps” service on our website to visually display geographical information and provide directions. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

The legal basis for the use of Google Maps is your consent pursuant to Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time with effect for the future.

The data processed by Google Maps includes your IP address, location data, device information, browser details, usage data, and cookies may be set.

If you are signed in to a Google account, Google Maps data can be linked to a user profile.

The purpose of data processing is to display interactive maps and provide location-based services to users.

It is possible that personal data may be transferred to insecure third countries (USA) where data protection standards are lower than in the EU. We have concluded a data processing agreement (DPA) with Google, which ensures that personal data is processed only according to our instructions and in compliance with the GDPR. Google is certified under the EU-US Data Privacy Framework, which regulates the secure processing of EU citizens’ data in the USA.

For more information about Google Maps’ privacy policy, please visit: https://policies.google.com/privacy#infocollect

Google Tag Manager

As a data subject, you have the following rights under the EU General Data Protection Regulation (GDPR):

Right of access (Art. 15 GDPR)

You have the right to request information about what personal data is stored about you, for what purpose it is processed, from which recipients it has been received or to whom it is passed on and how long it is stored.

Right to rectification (Art. 16 GDPR)

You can request the immediate correction of inaccurate or the completion of incomplete personal data.

Right to erasure (‘right to be forgotten’) (Art. 17 GDPR)

Under certain conditions, you can request the deletion of your personal data, e.g., if it is no longer necessary for the purposes for which it was collected or if you have withdrawn your consent.

Right to restriction of processing (Art. 18 GDPR)

You have the right to request the restriction of the processing of your personal data, for example if you contest the accuracy of the data or the processing is unlawful, but you wish to restrict its processing instead of deleting it.

Right to data portability (Art. 20 GDPR)

You can request that the personal data concerning you that you have provided to us be transmitted to you in a structured, commonly used and machine-readable format – or that we transfer this data directly to another controller.

Right to object (Art. 21 GDPR)

You have the right to object at any time to the processing of your personal data, provided that the processing is based on the legitimate interests of our company or on a task carried out in the public interest. In the event of a justified objection, we will cease processing unless there are compelling legitimate grounds for the processing.

Withdrawal of consent (Art. 7 GDPR)

If you have given us your consent, you can revoke it at any time without giving reasons for the future.

Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a data protection supervisory authority, in particular in the Member State of your residence, your place of work or the place of the alleged infringement.

Any questions? Our specialists will be happy to advise you.

Contact us