The controller within the meaning of the GDPR is:
WOLFFKRAN International AG
+41 (0) 41 766 85 85
Data protection officer:
Dipl.-Inform. Olaf Tenti
GDI Gesellschaft für Datenschutz und Informationssicherheit mbH
Körnerstr. 45, 58095 Hagen, Germany
Tel.: +49 (0) 2331 35 68 32 - 0
I. Overview and data security
The following section contains general information on our data processing activities and data security. Various functionalities, and therefore also various ways of processing your data, may take effect consecutively or simultaneously when using our website. This website uses SSL and/or TLS encryption for security reasons and to protect the transfer of confidential contents. You can recognise an encrypted connection by the address line of your browser changing from "http://" to "https:/" and displaying a lock symbol. When SSL and/or TLS encryption is activated, the data you transfer to us, when subscribing to the newsletter, for instance, cannot be read by third parties.
II. Data processing details
1. Use of our website for information purposes
When accessing our website, the browser on your device automatically sends information to our website server. This information is temporarily stored in a log file. The following information is recorded without your interaction and stored until its automatic deletion:
- IP address of the computer sending the request,
- Date and time of access as well as time difference to Greenwich Mean Time (GMT),
- Name and URL of the accessed file,
- Website from which our website was accessed (referred URL),
- Browser and operating system, if applicable, of your computer as well as name of your access provider,
- Access status / HTTP status code,
- Respective data volume transferred,
- Operating systems and its interface,
- Browser language and version.
The data listed above is stored until a specific purpose has been fulfilled and processed by us for the following purposes:
- Ensuring a smooth website connection,
- Ensuring that the website is easy to use,
- Assessing system security and stability, and
- Further administrative purposes.
The legal basis for the data processing activities is Art. 6 (1) s. 1 lit. f) GDPR. Our legitimate interest arises from the above-listed data processing purposes.
The following types of cookies may be used on this website. Their scope and functions are explained below:
a) Transient cookies
b) Persistent cookies
To a): Our website uses transient and/or necessary cookies. Transient cookies are deleted automatically when you close then browser. The primarily include session cookies. Session cookies store a session ID with which various queries sent by your browser can be allocated to the joint session. This makes it possible to recognise your browser when you return to our website. The session cookies are deleted when you log out or close the browser.
The legal basis for the processing of personal data with the use of transient cookies is Art. 6 (1) lit. f) GDPR. Our legitimate interest is the provision, and improvement of the quality, of our website.
To b): Persistent cookies may also be used on the basis of your consent, which you can freely withdraw at any time. Persistent cookies an automatically deleted after a specified period, which differs for each cookie. You can also delete the cookies at any time in the future in the security settings of your browser. You can also adjust your own browser settings and block the installation of third-party cookies only, for instance. However, we would like to point out that in this case, you may not be able to use all of the functions on our website without limitations.
The legal basis for the processing of personal data with the use of persistent cookies is Art. 6 (1) lit. a) GDPR.
We install the following cookies: https://2020.lifting-lounge.com/cookies
3. Additional information on selected analysis services - Matomo (former Piwik)
Based on your consent in accordance with Art. 6 (1) lit. a) GDPR, which you can withdraw at any time, we use the web analysis service, Matomo, on our website to make it possible to analyse the use of our website and to optimise it using the findings thus obtained. The provider is InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand. Matomo installs cookies on your device for this purpose. This makes it possible to recognise your device during repeated sessions. You can blog the installation of cookies at any time by adjusting your browser settings accordingly. If you do so, you may not be able to use all of the functions on our website.
The information thus created (queried URL, time, abbreviated IP address and approximate location of the querying device, referrer URL, website visit duration, operating system and browser, including version, recurring visit, if applicable) is stored on our Matomo server and used for analysis. The IP address of your device is anonymised and only stored in abbreviated form. The data collected is not transferred to third parties.
4. Transfer and engagement of third-party services and contents and transfer to third countries
Within our scope of responsibility, only the departments and/or persons tasked with processing the affairs and operation of the website have access to your data. We also transfer contents to third parties and/or integrate third-party contents.
a) Data transfer to third parties
The data recipients and/or recipient categories are telecommunication service providers and online service providers. Regarding the latter category, our legitimate interest in the transfer and/or forwarding of personal data is the improvement of the user experience. We do not have any influence over the processing of data by third parties outside the data processing activities. Please refer to the data privacy policies of the respective providers for further information in this respect.
b) Additional recipients / recipient categories and data transfer to non-EEA countries
When using our website, data is also transferred to third parties with headquarters outside the EEA. In such case, we ensure prior to transferring the data that the recipient has an adequate data protection standard (e.g. based on an adequacy decision by the EU Commission for the respective country, the recipient's self-certification for the EU-US Privacy Shield or the agreement of so-called EU standard contractual clauses with the recipient) and/or that our users have given adequate consent.
i. Integration of Google Maps
We use Google Maps, a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"), on this website. This enables us to display easy-to-use interactive maps directly on the website, making it easier for you to find us. The above is our legitimate interest. The legal basis for the processing of personal data with the use of the service is Art. 6 (1) lit. f) GDPR.
Google also processes your personal data in the USA and has agreed to comply with the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
ii. Use of Google Fonts
The website uses external fonts in the form of Google Fonts to ensure a standardised display of fonts. Google Fonts is a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google").
When accessing our website, your browser loads the required web fonts directly from a Google server into your browser cache in order to display text and fonts correctly. Information about which of our websites you have visited is transferred to the server in the process. Google stores the IP address of the bowser on the device of the visitor of this website. Your computer uses a standard font if your browser does not support web fonts. The legal basis for the processing of personal data with the use of this service is Art. 6 (1) lit. f) GDPR. Our legitimate interest arises from our ability to display standardised fonts for you. Die Google LLC. is certified under the EU-US Privacy Shield in order to guarantee a GDPR-compliant data protection standard.
If you do not wish to use the Google Fonts function when visiting our website, and therefore also wish to block the transfer of your IP address to Google, you can block connections by using browser add-ons such as NoScript or Ghostery for Firefox. However, this may result in you not being able to use all of the functions on our website.
5. E-mail advertising
We use the double opt-in method for subscriptions to our newsletter to prevent our newsletter and/or further e-mail advertising from being sent to e-mail addresses of persons who have not requested it. Your IP address is also collected and stored for documentation purposes during this process (Art. 6 (1) lit. c), Art. 7 (1) GDPR).
Your e-mail address is the only mandatory information for sending the newsletter. Any other data is provided on a voluntary basis and is used for addressing you in person.
6. Login-in area
Within the log-in area, we, the controller within the meaning of data protection law, provide you with various online services. We collect certain additional explicitly disclosed personal data for the provision and improvement of the content. We use this data for initiating or fulfilling a contract and for providing certain functions and at most until the above purposes have been fulfilled. The legal basis for such data processing activities is Art. 6 (1) lit. b) GDPR.
Separate registration is required for using the log-in area. Forename, surname, a password, a username to be selected by you and an e-mail address must be entered for this purpose. This information and verification of your e-mail address are required within the scope of the registration process for the performance of the following functions:
- Reset password
- Confirmation of receipt when performing online processes
III. Data subject rights
If your personal data is being processed, you are the data subject within the meaning of the GDPR. You therefore have the following rights against us, the controller. You can contact the persons listed in the contact details in order to exercise your rights:
- Right of access (Art. 15 GDPR)
- Right to rectification or erasure (Art. 16, 17 GDPR)
- Right to restriction of processing (Art. 18 GDPR)
- Right to data portability (Art. 20 GDPR)
- You further have the right to lodge a complaint with a supervisory authority about the processing of your personal data by us (Art. 77 GDPR).
- RIGHT TO OBJECT:
You have the right to object at any time to the processing of your personal data in certain circumstances which is necessary in accordance with Art. 6 (1) lit. e) GDPR due to a task that is in the interest of the public or processing in accordance with our legitimate interests (Art. 6 (1) lit. f) GDPR), e.g. for online marketing purposes. This also applies to any profiling that may be based on these provisions. We will no longer process your personal data, unless we have proof of compelling and protectable reasons for such processing that outweigh your interests, rights and freedom, or the processing serves to enforce, exercise or defend legal claims. If your personal data is processed for direct advertising purposes, you have the right to object to the processing of your personal data for such type of advertising at any time. This also applies to any profiling related to such direct advertising. If you object to the processing of your personal data for the purpose of direct advertising, it will no longer be processed for such purposes. You can exercise your right to object using automated methods that use technical specifications in connection with the use of services provided by the information company, notwithstanding Directive 2002/58/EC.