The controller responsible for data processing on this website is:
Ulrich Weyel GmbH & Co
Schiffenberger Weg 17
35394 Gießen
Germany
Phone: +49 641-975660
E-Mail: info@weykick.de
We are very delighted that you have shown interest in our company. Data protection is of a particularly high priority for us. It is possible to use our website without providing any personal data. However, if a data subject wishes to make use of special services of our company via our website, it may be necessary to process personal data. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the data subject.
The processing of personal data, such as the name, address, e-mail address or telephone number of a data subject, is always carried out in accordance with the General Data Protection Regulation and in accordance with the country-specific data protection regulations applicable to us. By means of this data protection declaration, our company would like to inform the public about the type, scope and purpose of the personal data we collect, use and process. Furthermore, data subjects are informed of their rights by means of this privacy policy.
As the controller, we have implemented technical and organisational measures to ensure that the personal data processed via this website is protected as completely as possible. Nevertheless, Internet-based data transmissions can generally have security gaps, meaning that absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us by alternative means, for example by telephone.
Insofar as we refer or link to third-party websites from our website, we cannot assume any guarantee or liability for the accuracy or completeness of the content and data security of these websites. As we have no influence on compliance with data protection regulations by third parties, you should check the respective data protection declarations offered separately.
This Privacy Policy is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our privacy policy should be easy to read and understand for the public as well as for our customers and business partners. To ensure this, we would like to explain the terms used in advance.
We use the following terms in this privacy policy:
Personal data is any information relating to an identified or identifiable natural person (hereinafter “data subject”). A natural person is considered identifiable if he or she can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
A data subject is any identified or identifiable natural person whose personal data is processed by the controller.
Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
Restriction of processing is the marking of stored personal data with the aim of limiting its future processing.
Profiling is any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.
Pseudonymization is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
Controller or Processor is the natural or legal person, public authority, agency, or other body which, alone or jointly with others, decides on the purposes and means of processing personal data. Where the purposes and means of such processing are specified by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
Processor is a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.
Recipient is a natural or legal person, public authority, agency, or other body to whom personal data is disclosed, whether a third party or not. However, authorities that may receive personal data in the context of a specific investigation under Union or Member State law are not considered recipients.
A third party is a natural or legal person, public authority, agency, or body other than the data subject, the controller, the processor, and the persons authorized to process the personal data under the direct authority of the controller or processor.
Consent is any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which the data subject, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data concerning him or her.
This website does not use automatically set third-party cookies. Cookies are small text files that web browsers store on a device. These help make the service more user-friendly, effective, and secure. We do not set or evaluate any cookies for analysis functions or similar purposes. Any functional cookies of the shop may be set and used automatically in accordance with applicable law.
After you have authorized the playback of a YouTube video (see below), YouTube or Google may store various cookies on your device. The cookies remain on your device until they expire or you delete them.
With a modern web browser, you can monitor, restrict, or prevent the setting of cookies. Many web browsers can be configured to automatically delete cookies when you close the program.
Our website collects a series of general data and information each time it is accessed by a data subject or an automated system. This general data and information is stored in the server’s log files. The following may be collected: (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (so-called referrers), (4) the sub-websites accessed via an accessing system on our website, (5) the date and time of access to the website, (6) an Internet protocol address (IP address), (7) the Internet service provider of the accessing system, and (8) other similar data and information that serve to avert dangers in the event of attacks on our information technology systems.
When using this general data and information, we do not draw any conclusions about the data subject. Rather, this information is required to (1) correctly deliver the content of our website, (2) optimize the content of our website and its advertising, (3) ensure the long-term functionality of our information technology systems and the technology of our website, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in the event of a cyberattack. The anonymous data in the server log files are stored separately from all personal data provided by a data subject.
The data subject has the option of registering on the controller’s website by providing personal data. The personal data transmitted to the controller is determined by the respective input mask used for registration. The personal data entered by the data subject are collected and stored exclusively for internal use by the controller and for its own purposes. The controller may arrange for the personal data to be transferred to one or more processors, such as a parcel service provider, who will also use the personal data exclusively for internal use attributable to the controller.
By registering on the controller’s website, the IP address assigned to the data subject by the Internet service provider (ISP), the date, and time of registration are also stored. This data is stored because it is the only way to prevent misuse of our services and, if necessary, to enable the investigation of committed crimes. In this respect, the storage of this data is necessary to protect the controller. This data will generally not be passed on to third parties unless there is a legal obligation to do so or the transfer serves the purposes of criminal prosecution.
The registration of the data subject by voluntarily providing personal data allows the controller to offer the data subject content or services that, due to the nature of the matter, can only be offered to registered users. Registered individuals are free to change the personal data provided during registration at any time or to have it completely deleted from the controller’s database.
The controller will provide each data subject with information about which personal data about the data subject is stored at any time upon request. Furthermore, the controller will correct or delete personal data at the data subject’s request or notification, provided this does not conflict with statutory retention periods. All employees of the controller are available to the data subject as contact persons in this regard.
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator.
You can recognize an encrypted connection by the browser’s address line changing from “http://” to “https://” and by the lock symbol in your browser bar. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Due to legal regulations, our website contains information that enables quick electronic contact with our company and direct communication with us, which also includes a general address for so-called electronic mail (email address). If a data subject contacts the controller by email or via a contact form, the personal data transmitted by the data subject will be automatically stored. Such personal data voluntarily transmitted by a data subject to the controller will be stored for the purpose of processing or contacting the data subject. This personal data will not be passed on to third parties.
The use of contact data published as part of the imprint obligation to send unsolicited advertising and information materials is hereby prohibited. The operators of the website expressly reserve the right to take legal action in the event of unsolicited advertising information being sent, for example through spam emails.
Our website uses content that is loaded directly from the servers of the providers listed below. The purpose of integrating this content is to make our website more attractive. This purpose also constitutes our legitimate interest in using such third-party content. The legal basis for using the following services is our legitimate interests pursuant to Art. 6 (1) (f) GDPR.
Our website uses media content from the YouTube platform. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter “Google”). After clicking the play button of an embedded video, thus consenting to data transfer, a data exchange takes place. Your IP address and, if applicable, other data required by Google for YouTube are recorded. The information generated about your use of this website may be stored on a server in the USA. This information may also be transferred to third parties if required by law or if third parties process this data on behalf of Google.
Furthermore, YouTube may store various cookies on your device after you have authorized the video to start. These cookies allow YouTube to receive information about visitors to this website. This information is used, among other things, to collect video statistics, improve user-friendliness, and prevent fraud.
If you are logged into your YouTube account, you allow YouTube to assign your browsing behavior directly to your personal profile. You can prevent this by logging out of your account beforehand.
Information on how Google handles your personal data can be found in Google’s privacy policy: https://policies.google.com/privacy.
Our website includes tools from companies based in the USA. If these tools are active, your personal data may be transferred to the US servers of the respective companies. We would like to point out that the USA is not a safe third country within the meaning of EU data protection law. US companies are obligated to disclose personal data to security authorities without you, as the data subject, being able to take legal action. It cannot therefore be ruled out that US authorities (e.g., intelligence agencies) may process, evaluate, and permanently store your data on US servers for surveillance purposes. We have no influence over these processing activities.
The controller processes and stores the personal data of the data subject only for the period necessary to achieve the storage purpose, or as far as this is provided for by the European legislator or other legislator in laws or regulations to which the controller is subject.
If the storage purpose no longer applies, or if a storage period prescribed by the European legislator or other competent legislator expires, the personal data will be routinely blocked or deleted in accordance with legal requirements.
Many data processing operations are only possible with your express consent. You can revoke your consent at any time. The legality of the data processing carried out up to the time of revocation remains unaffected by the revocation.
In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, place of work, or place of the alleged violation. This right to lodge a complaint is without prejudice to other administrative or judicial remedies.
You have the right to have data that we process automatically based on your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done if technically feasible.
Within the scope of the applicable legal provisions, you have the right at any time to obtain free information about your stored personal data, its origin and recipient, and the purpose of the data processing, and, if applicable, the right to rectification or deletion of this data. You can contact us at any time at the address provided in the imprint for this purpose and for other questions regarding personal data.
You have the right to request that the processing of your personal data be restricted. You can contact us at any time at the address provided in the imprint. The right to restriction of processing applies in the following cases:
If you have restricted the processing of your personal data, this data – apart from its storage – may only be processed with your consent or for the establishment, exercise, or defense of legal claims or to protect the rights of another natural or legal person, or for reasons of important public interest of the European Union or a member state.
The controller has integrated PayPal components on this website. PayPal is an online payment service provider. Payments are processed via so-called PayPal accounts, which are virtual private or business accounts. PayPal also offers the option of processing virtual payments via credit cards if a user does not have a PayPal account. A PayPal account is managed via an email address, which is why there is no traditional account number. PayPal enables you to initiate or receive online payments to third parties. PayPal also assumes escrow functions and offers buyer protection services.
The European operating company of PayPal is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal L-2449, Luxembourg.
If the data subject selects “PayPal” as a payment option during the ordering process in our online shop, the data subject’s data will be automatically transmitted to PayPal. By selecting this payment option, the data subject consents to the transmission of personal data required for payment processing.
The personal data transmitted to PayPal generally includes first name, last name, address, email address, IP address, telephone number, mobile phone number, or other data necessary for payment processing. Personal data related to the respective order is also necessary for processing the purchase contract.
The purpose of transmitting the data is payment processing and fraud prevention. The controller will transmit personal data to PayPal in particular if there is a legitimate interest in the transmission. The personal data exchanged between PayPal and the controller may be transmitted by PayPal to credit reporting agencies. This transmission is for the purpose of identity and credit checks.
PayPal may share personal data with affiliated companies, service providers, or subcontractors if necessary to fulfill contractual obligations or if the data is to be processed on their behalf.
The data subject has the option of revoking their consent to the handling of personal data at any time. A revocation does not affect personal data that must be processed, used, or transmitted for (contractual) payment processing.
PayPal’s applicable privacy policy can be found at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
Art. 6 I lit. a GDPR serves as the legal basis for our company for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary to fulfill a contract to which the data subject is a party, as is the case, for example, with processing operations necessary for the delivery of goods or the provision of other services or consideration, the processing is based on Art. 6 I lit. b GDPR. The same applies to processing operations that are necessary to carry out pre-contractual measures, for example in cases of inquiries about our products or services. If our company is subject to a legal obligation which requires the processing of personal data, such as for the fulfillment of tax obligations, the processing is based on Art. 6 I lit. c GDPR. In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor were injured in our company and their name, age, health insurance data, or other vital information had to be passed on to a doctor, hospital, or other third parties. In that case, the processing would be based on Art. 6(1)(d) GDPR.
Ultimately, processing operations could be based on Art. 6(1)(f) GDPR. This legal basis applies to processing operations that are not covered by any of the aforementioned legal grounds if the processing is necessary to protect a legitimate interest of our company or a third party, provided that the interests, fundamental rights, and freedoms of the data subject do not override these interests. We are permitted to carry out such processing operations, in particular because they were specifically mentioned by the European legislator. In this respect, the legislator considered that a legitimate interest could be assumed if the data subject is a customer of the controller (Recital 47, Sentence 2 GDPR).
If the processing of personal data is based on Article 6(1)(f) GDPR, our legitimate interest is the conduct of our business activities for the benefit of the well-being of all our employees and shareholders.
The criterion for the duration of storage of personal data is the respective statutory retention period. After expiry of this period, the corresponding data is routinely deleted unless it is no longer required for the performance or initiation of a contract.
We clarify that the provision of personal data is partly required by law (e.g., tax regulations) or may also arise from contractual provisions (e.g., information on the contractual partner).
In some cases, it may be necessary for a data subject to provide us with personal data in order to conclude a contract, which we must subsequently process. For example, the data subject is obligated to provide us with personal data if our company concludes a contract with them. Failure to provide the personal data would mean that the contract with the data subject could not be concluded.
Before providing personal data, the data subject must contact one of our employees. Our employee will clarify to the data subject on a case-by-case basis whether the provision of the personal data is required by law or contract or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data, and what consequences non-provision of the personal data would have.
As a responsible company, we do not use automated decision-making or profiling.
