Data Protection Statement

Data privacy policy for this website and further information on the obligation pursuant to Art. 13 of the GDPR to provide information to the party concerned whenever personal data is collected

This privacy policy ( GDPR version 1.0 of 01.07.2019) was created by:

Deutsche Datenschutzkanzlei Datenschutz-Office München – www.deutsche-datenschutzkanzlei.de

Data protection

We, the WALA Foundation, are responsible for this website and, as the provider of a teleservice, must inform you as soon as you visit our website about the type, scope and purpose of the collection and use of personal data in a precise, transparent, comprehensible and easily accessible form, using clear and simple language. You must be able to view the contents of this information at any time. We are therefore obliged to inform you as to what personal data is collected or used. Personal data is any information relating to an identified or identifiable natural person.

We place great importance on the security of your data and on compliance with data protection regulations. The collection, processing and use of personal data is subject to the provisions of the European and national laws currently in force.

With the following data privacy policy, we would like to show you how we handle your personal data and how you can get in contact with us:

WALA Foundation

Bosslerweg 2
73087 Bad Boll/Eckwälden
Germany
Foundation register: 14-0563
Authorised representative: Dr Wolfgang Schuster (Chairman)
Telephone: +49 (0)7164 930-168
E-mail: stiftung@wala.de

Our data privacy officer

Sven Lenz
German data privacy office – Datenschutzkanzlei Lenz GmbH & Co. KG
Bahnhofstraße 50
87435 Kempten
Germany

If you have any questions regarding data privacy or other data protection concerns, you are welcome to send an e-mail to the following e-mail address: datenschutz@wala.de

A. General

The definition of terms used, such as “personal data” and “processing”, can be found in Article 4 of the EU’s General Data Protection Regulation (GDPR).

The personal user data processed in relation to use of this website includes inventory data (e.g. names and addresses of customers), contractual data (e.g. services used, names of responsible persons, payment information), usage data (e.g. web pages visited from our website, interest in our products) and content data (e.g. entries in the contact form).

The term “user” includes all categories of data subjects involved in data processing. This includes, for example, our business partners, customers, interested parties and other visitors to our website.

B. Specifics

Data privacy statement

We guarantee that we will only collect, process, store and use your data to help process your enquiries as well as for internal purposes and to provide the services or content you have requested.

The basis of data processing

We only process users’ personal data in compliance with the applicable data protection regulations. User data will only be processed for the following legally stipulated purposes:

  • to perform our contractual services (e.g. processing of orders) and online services
  • on the basis of our legitimate interests (i.e. the optimisation and economic operation and security of our website)

Here are the sections of the GDPR where the above legal bases are regulated:

Processing for the performance of a contract or to take steps prior to entering into a contract

Art. 6, paragraph 1(b) of the GDPR

Processing for the purposes of safeguarding our legitimate interests

Art. 6, paragraph 1(f) of the GDPR

Data transfer to third parties

There is no data transfer to third parties.

Data transfer to a third country or an international organisation

A third country is any country where the GDPR is not a directly applicable law. This basically includes all countries outside the EU or the European Economic Area.

No data will be transferred to a third country or an international organisation without your consent or without a legal basis for doing so.

Duration of storage of your personal data

We adhere to the principles of data reduction and data economy. This means that we only store the data you make available to us for as long as is necessary to fulfil the aforementioned purposes or in accordance with the various storage periods stipulated by law. When the respective purposes no longer apply or as the corresponding periods expire, your data is routinely blocked or deleted in accordance with the legal provisions.

We have created an internal company concept to ensure this procedure is implemented consistently.

Communications

If you contact us by e-mail, telephone, fax, etc., you agree to electronic communication. Personal data is collected whenever you contact us. The information you provide will be stored exclusively for the purposes of processing your inquiry and for possible follow-up questions.

Here is the legal basis for such data collection:

Processing for the performance of a contract or to take steps prior to entering into a contract

Art. 6, paragraph 1(b) of the GDPR

We would like to point out that e-mails can be read or changed without authorisation and without this being noticed during transmission. We would also like to draw your attention to the fact that we use software to filter unwanted e-mails (spam filters). This filter can reject e-mails that have been falsely identified as spam due to certain characteristics.

What are my rights?

a) Right to information

You have the right to obtain free information about your stored data. Upon request, we will inform you in writing as to which of your personal data we have stored in accordance with applicable law. This also includes the origin and recipients of your data as well as the purpose of any data processing.

b) Right to correction

You have the right to correct any of your personal data stored by us if it is incorrect. In doing so, you can demand a restriction of the processing, e.g. if you dispute the correctness of your personal data.

c) Right to block

You can also have your data blocked. To ensure that it is possible for your data to be blocked at any time, this data must be kept in a blocking file for control purposes.

d) Right to deletion

You can also request the deletion of your personal data, as long as there are no legal storage obligations. If such obligations exist, you can request that your data be blocked. We will also delete your personal data even if you do not request us to do so, as long as all relevant legal requirements are met.

e) Right to data transferability

You are entitled to demand that we provide you with the personal data you have provided to us in a format that allows it to be transferred to another location.

f) Right of appeal to a supervisory authority

You have the right to lodge a complaint with a data protection supervisory authority.

The data protection and freedom of information authority of the state of Baden-Württemberg
Postal address: Postfach 10 29 32, 70025 Stuttgart, Germany

Street address: Königstraße 10a, 70173 Stuttgart, Germany
Tel. +49 (0)711 615541-0
Fax: +49 (0)711 615541-15
E-mail: poststelle@lfdi.bwl.de
Website (German only): https://www.baden-wuerttemberg.datenschutz.de

You can use the following link to open the complaints form:
https://www.baden-wuerttemberg.datenschutz.de/online-beschwerde

g) Right to revocation

You have the option to revoke the use of your data for internal purposes at any time with future effect. Simply send an email stating your wish to do so to datenschutz@wala.de. Such a revocation does not, however, affect the legality of the processing operations carried out by us up to that point. This does not affect data processing with regard to all other legal bases, such as the initiation of a contract (see above).

Protection of your personal data

We take contractual, organisational and technical security measures according to the state of the art to ensure that the provisions of the data protection laws are complied with and to protect the data processed by us against access by unauthorised persons as well as against accidental or intentional manipulation, loss or destruction.

These security measures include, in particular, the encrypted transmission of data between your browser and our server. We employ 256-bit SSL (AES 256) encryption technology for this purpose.

Your personal data is protected within the scope of the following points (excerpt):

a) Protecting the confidentiality of your personal data

In order to protect the confidentiality of your personal data stored by us, we have taken various measures to control access and admission.

b) Protecting the integrity of your personal data

In order to protect the integrity of your personal data stored by us, we have taken various measures to control disclosure and input.

c) Protecting the availability of your personal data

In order to protect the availability of your personal data stored by us, we have taken various measures to control assignment and availability.

The security measures in use are continuously improved in line with technological developments. Despite these precautions, we cannot completely guarantee the security of any data you send to our website due to the insecure nature of the internet. As a result, any data you send to our website is at your own risk.

Protection of minors

Persons under the age of 16 may only provide us with personal information with the express consent of a parent or guardian. Their data will be processed in accordance with our data privacy policy.

Server log files

The provider of web pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. This information is:

  • Browser type and version
  • Operating system used
  • Referrer URL
  • Time of server request
  • IP address

This data will not be merged with other data sources.

The basis for data processing is Art. 6, paragraph 1(f) of the GDPR, which permits data processing to safeguard our legitimate interests.

Cookies

Cookies are small text files that are stored locally in the cache of your internet browser. These cookies enable, for example, the internet browser to be recognised. The files are used to help the browser navigate a website and to be able to use all functions to the full extent.

Our website does not use cookies.

Changes to our privacy policy

We reserve the right to change our privacy policy from time to time to reflect current legal requirements or to incorporate changes to services included in the privacy policy. This could include, for example, the introduction of new services. Your subsequent website visits would then be subject to the new data privacy policy.

Brand protection

Any company or band name mentioned herein is the property of its respective owners. Any mention of bands and names is for informational purposes only.

C. Russia-specific regulations

The following applies to users living in the Russian Federation:

Our aforementioned website services are not intended for citizens of the Russian Federation who are currently residing in Russia.

If you are a Russian citizen living in Russia, you are hereby expressly informed that any personal data you provide to us via this website is at your own risk and responsibility. You further agree that you will not hold us responsible for any failure to comply with the laws of the Russian Federation.