Privacy Policy

Career Website of the Wieland Group

Status: 06.03.2023

Wieland-Werke AG and its subsidiaries offer you information on Wieland as an employer, on job vacancies and on how to contact us and apply for jobs on their careers website. In this context, personal data is also processed and, if necessary, stored or read on your terminal device, which we would like to inform you about in detail below.

1. Name and contact details of the Controller and the Joint Controllers

Responsible for data processing when visiting our career website and using the services offered there is the

Wieland-Werke AG
Graf-Arco-Straße 36
89079 Ulm
Germany

Phone: +49 (0)731 944 0
E-Mail: info@wieland.com

Wir betreiben unsere Karriere Website in gemeinsamer Verantwortung mit den einzelnen Gesellschaften der Wieland Gruppe.

We operate our career website under joint control with the individual companies of the Wieland Group. The locations and contact details of the respective companies of the Wieland Group can be found here.

 

 

2. Contact details of the Data Protection Officer

If you have any questions about data processing or data protection in the Wieland Group, you can contact our Group Data Protection Officer at any time. You can reach him by mail to the above address (please note 'Attn. Data Protection Officer' on the envelope), by e-mail at datenschutz@wieland.com or confidentially via our Datenschutz-Portal.

 

 

3. Processing of your (personal) data when visiting and using our career website

In connection with our career website and the offers provided there, we use cookies and possibly other technologies such as browser fingerprinting. Cookies are small text files containing information that are stored on your end device when you visit the Careers website using your browser. When the website is called up again with the same end device and browser, the information stored in cookies can be read and processed. In doing so, we use processing and storage functions of the browser of your end device and collect information from the memory of the browser of your end device. By means of browser fingerprinting and other technologies, we can also identify your terminal device without using cookies, for example by creating a unique hash value based on the information transmitted or on the output of JavaScript codes executed locally on your terminal device.

3.1 Information security

a) Technische Protokolldaten

When you call up our website, your browser automatically transmits a series of technical data. These include the requested page, time of the call, your IP address, details of the browser used, operating system and resolution if applicable, details of the previously visited page if applicable, the amount of data transferred and a technical status code. We use this data for the following purposes:

  • Delivery of the website to your browser,
  • Evaluation for system safety and stability,
  • Misuse detection and attack defense as well as for the
  • Troubleshooting

The legal basis for this data processing is our legitimate interest within the meaning of Art. 6 (1) p. 1 lit. f GDPR. Our legitimate interest is to offer you a functional and secure web presence and to protect our systems from unauthorized access and attacks. Insofar as we retrieve data - possibly also without personal reference - from your terminal device or store it there, this is done on the basis of Section 25 (2) TTDSG. We process the aforementioned log data, for example as part of our web server logs for a period of 30 days; in the event of abuse for the duration of the analysis and possible prosecution of the abuse.

b) Session Cookies

We also use so-called session cookies on our website, which are automatically deleted when you close your browser. Based on the session cookie, we recognize you during a session and can thus, for example, provide you with your selected language preference or keep track of your login status across different pages. The legal basis for this data processing is our legitimate interest within the meaning of Art. 6 (1) p. 1 lit. f GDPR. Our legitimate interest follows from the data processing purposes listed above. Insofar as we retrieve data - possibly also without personal reference - from your terminal device or store it there, this is done on the basis of Section 25 (2) TTDSG.

Session cookies are generally deleted when the browser is closed.

3.2 Content from third party sites

a) Google Maps

Our websites use the service 'Google Maps' from Google (Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland), e.g. to visualize our locations on a map and to enable you to plan a route. We have integrated Google Maps in a way that ensures that only with your consent (i.e. by actively clicking on the map icon) the map is built and thus data is transmitted to Google. This is then the technical protocol data already mentioned in section 2.1 lit. a or also, upon release, your current location (for more information, see https://policies.google.com/technologies/location-data?hl=de) or a departure point entered by you for route planning. Google's data protection provisions apply to this service (https://www.google.com/intl/de_de/policies/privacy/), supplemented by the separate terms of use for Google Maps (https://www.google.com/intl/de_de/help/terms_maps.html). Recipient of the data: Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. In exceptional cases, the data processed by Google may also be transferred to a third country, e.g. the USA. There, the level of protection of the GDPR is not guaranteed and, if applicable, government authorities (even without your / our knowledge) may have access to the data in accordance with the regulations applicable there. You also expressly agree to this possible transfer, taking into account the associated risks, if you consent to the extended data processing and thus also to the use of Google Maps by us. The legal basis for this data processing is your consent within the meaning of Art. 6 para. 1 sentence 1 lit. a, 49 para. 1 sentence 1 lit. a GDPR. Insofar as Google retrieves data from your terminal device in the context of map use or stores it there, this is done on the basis of your consent within the meaning of Section 25 (1) TTDSG. For more information on how long Google stores data, please visit https://policies.google.com/privacy?hl=de#inforetaining.

b) Youtube videos

Our websites include video material that is stored on the video platform 'Youtube'. Youtube is a service of Google (Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland). We have integrated Youtube in a way that ensures that the video is only loaded with your consent (i.e. by actively clicking on the video icon or consent within the scope of consent management) and that data is thus transmitted to Google. With your consent, data is transmitted to Google, e.g. the technical protocol data already mentioned in section 2.1 lit. a as well as the ID of the accessed video. We use Youtube in the extended data protection mode, so that only the data transmission is minimized as far as possible. You can find more information on data protection at Youtube at https://support.google.com/youtube/answer/2801895?hl=de. Recipient of the data: Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland In exceptional cases, the data processed by Google may also be transferred to a third country, e.g. the USA. There, the level of protection of the GDPR is not guaranteed and, if applicable, government authorities (even without your / our knowledge) may have access to the data in accordance with the regulations applicable there. You also expressly agree to this possible transfer, taking into account the associated risks, if you consent to the extended data processing and thus also to the use of Youtube by us. The legal basis for this data processing is your consent within the meaning of Art. 6 para. 1 sentence 1 lit. a, 49 para. 1 sentence 1 lit. a GDPR. Insofar as Google retrieves data from your terminal device in the context of the video playout or stores it there, this is done on the basis of your consent within the meaning of Section 25 (1) TTDSG. For more information on the storage period of data at Google in the context of Youtube integration, please visit https://policies.google.com/privacy?hl=de#inforetaining.

c) Social media links and social wall

You can also find us on selected social networks. We have designed the references to them as simple links and do not use the corresponding link plugins of the providers, so that no data is automatically transmitted to them. We provide an overview of our publications in social media by means of a local proxy, so that no data transmission to social networks takes place at this point either, as long as you do not actively click on corresponding content.

 

3.3 Contact forms

For questions of any kind, we offer you the opportunity to contact us via a form provided on the website. It is necessary to provide a valid e-mail address so that we can answer your inquiry. Further information can be provided voluntarily. In addition, when sending the contact request, we record the IP address of your computer and the time of sending. Recipient of the data: Addressed company of the Wieland Group The legal basis for this data processing is your consent within the meaning of Art. 6 (1) p. 1 lit. a GDPR. You can revoke your consent to the use of your data in the context of contacting us at any time with effect for the future. To do so, please contact us by e-mail at datenschutz@wieland.com. The personal data collected by us for the use of the contact forms will be deleted after the final processing of your request, unless this conflicts with a legal obligation to retain data. In this case, the deletion takes place after the end of the respective period. Insofar as data is retrieved from your terminal device within the framework of the contact form or stored there, this is done on the basis of the consent you have given within the meaning of Section 25 (1) TTDSG.

 

3.4 Web analytics and usage analysis

a) Web analytics by Google Analytics

For the purpose of web analytics, page optimization and to learn more about your interests when using our websites, we use the web analysis tool 'Google Analytics' from Google (Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland) on some of our websites. This is done in pseudonymized and, as far as possible, anonymized form; of course, also using the IP anonymization function (i.e., the IP address transmitted by your browser is anonymized by shortening, i.e., deleting the last octet of the IPv4 address or the last 80 bits of the IPv6 address before storage). The data processing is essentially carried out by Google, but we have deactivated the functions for further data processing by Google for its own purposes as well as the Google marketing functions. Nevertheless, it cannot be ruled out that Google may combine the collected data, for example, if you are logged into your browser with a Google account. In addition to the technical data already mentioned in section 2.1 lit. a, further categories of data are processed:

  • Google Analytics end-device data (this is data generated by Google Analytics and assigned to your end-device: this includes a unique ID for (re-)recognizing returning visitors (so-called 'client ID') and certain technical parameters for controlling data collection for web analytics).
  • Google Analytics measurement data (device-related raw data (so-called 'dimensions' and 'measurements') that are collected and analyzed by Google Analytics when our websites are used. This includes information about the sources through which visitors reach our websites, information about the location, the browser and the end device used, information about the use of the website (in particular page views, call frequency and dwell time on the respective page called up) as well as information about the fulfillment of certain objectives. The data is in each case assigned to the client ID assigned to your end device. This results in device-related usage profiles in which all device-related raw data are combined into one client ID. The data we collect using Google Analytics does not allow us to identify you directly on a personal level (i.e., by name). We also do not combine the raw device-related data and the resulting device-related usage profiles with data that directly identifies you personally without your consent).
  • Google Analytics report data (data included in aggregated segment- and device-related reports generated by Google Analytics based on analysis of raw device-related data).

 

Recipient of the data: Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

In exceptional cases, the data processed by Google may also be transferred to the USA. There, the level of protection of the GDPR - despite our risk minimization measures such as IP anonymization - is not guaranteed, and government authorities (even without your / our knowledge) may be able to access the data in accordance with the regulations applicable there. You also expressly agree to this possible transfer, taking into account the associated risks, if you consent to the extended data processing and thus also to the use of Google Analytics by us. The legal basis for this data processing is your consent within the meaning of Art. 6 para. 1 sentence 1 lit. a, 49 para. 1 sentence 1 lit. a GDPR. Insofar as Google retrieves data from your terminal device within the scope of web analysis or stores it there, this is done on the basis of your consent within the meaning of Section 25 (1) TTDSG. The personal data we collect as part of the web analysis is stored for 14 months and then deleted. Of course, our website is fully usable even if you do not give consent to web analytics.

 

b) Web analytics by Mouseflow

We use - subject to your consent - Mouseflow, a web analytics tool provided by Mouseflow ApS, Flaesketorvet 68, 1711 Copenhagen, Denmark. Using Mouseflow, randomly selected individual visits (only with anonymized IP address) to our website are recorded. This creates a log of mouse movements and clicks with the purpose of replaying individual website visits and deriving potential improvements for the website from them. The data collected with Mouseflow is not used to personally identify the visitor to our website and is not merged with personal data about the bearer of the pseudonym. The legal basis for this data processing is your consent within the meaning of Art. 6 para. 1 p. 1 lit. a GDPR. Insofar as we retrieve data from your terminal device within the scope of web analysis or store it there, this is done on the basis of your consent within the meaning of Section 25 (1) TTDSG. The personal data collected by us as part of the web analysis will be deleted after the analysis. Of course, our website is fully usable even if you do not give consent to web analytics.

 

 

4. Your Rights

You have a number of legal rights vis-à-vis us as the responsible party (or also vis-à-vis the jointly responsible parties of the Wieland Group), which we would like to point out to you below.

The easiest way to exercise your rights is to use our online data protection portal, which you can access via https://privacy.wieland.com/wieland/anfrage_meldung.html?key=khupwYzouWRLtVgY erreichen.

You can, of course, also contact us (and any company in the Wieland Group jointly responsible with us) by letter post. Please note 'Attn. Data Protection Officer' on the envelope to ensure rapid allocation and forwarding. You can reach our data protection officer by e-mail at datenschutz@wieland.com.

Your rights as a data subject in detail:

  • Right to access (Art. 15 GDPR)
    As a data subject, you have a right to information under the conditions of Art. 15 GDPR.This means in particular that you have the right to request confirmation from us as to whether we are processing personal data relating to you. If this is the case, you also have a right to information about this personal data and to the information listed in Art. 15 (1) GDPR.
  • Right to rectification (Art. 16 GDPR)
    As a data subject, you have a right to rectification under the conditions of Art.16 GDPR. This means in particular that you have the right to demand that we correct any inaccurate personal data relating to you and complete any incomplete personal data without undue delay.
  • Right to erasure ('right to be forgotten') (Art. 17 GDPR)
    As a data subject, you have a right to erasure under the conditions of Art. 17 GDPR. This means that you generally have the right to demand that we delete personal data concerning you without delay, and we are obliged to delete personal data without delay if one of the reasons listed in Art. 17(1) GDPR applies. To the extent that we have made the personal data public and we are obliged to erase it, we are also obliged to take reasonable measures, including technical measures, having regard to the available technology and the cost of implementation, to inform other data controllers which process the personal data that a data subject has requested that they erase all links to or copies or replications of that personal data (Art. 17(2) GDPR). Exceptionally, the right to erasure does not apply insofar as the processing is necessary for the reasons listed in Art. 17(3) GDPR. This may be the case, for example, insofar as the processing is necessary for compliance with a legal obligation or for the assertion, exercise or defense of legal claims (Art. 17 (3) a, e GDPR).
  • Right to restriction of processing (Art. 18 GDPR)
    As a data subject, you have a right to restriction of processing under the conditions of Art. 18 GDPR. This may be the case, for example, if you dispute the accuracy of the personal data. In this case, the restriction of processing is carried out for a period that allows us to verify the accuracy of the personal data (Art. 18 (1) a GDPR ). Restriction means the marking of stored personal data with the aim of limiting their future processing (Art. 4 No. 3 GDPR ).
  • Right to data portability (Art. 20 GDPR)
    As a data subject, you have a right to data portability under the conditions of Art. 20 GDPR. This means that, in principle, you have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format, and you have the right to transfer this data to another controller without hindrance from us, provided that the processing is based on consent pursuant to Art. 6(1)(a) or Art. 9(2)(a) GDPR or on a contract pursuant to Art. 6(1)(b) GDPR and the processing is carried out with the aid of automated procedures (Art. 20(1) GDPR). When exercising your right to data portability, you also have the fundamental right to have the personal data transferred directly from us to another controller, insofar as this is technically feasible (Article 20 (2) of the GDPR).
  • Right of objection (Art. 21 GDPR)
    As a data subject, you have a right of objection under the conditions of Art. 21 GDPR.We will expressly point out your right of objection to you as a data subject at the latest at the time of the first communication with you.
    In detail, the following applies:
    • Right to object on grounds relating to the data subject's particular situation As a data subject, you have the right to object at any time on grounds relating to your particular situation to the processing of personal data concerning you which is carried out on the basis of Article 6(1)(e) or (f) of the GDPR; this also applies to profiling based on these provisions. In the event of an objection on grounds relating to your particular situation, we will no longer process the personal data concerned, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
    • Right to object to direct marketing
      If personal data are processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling, insofar as it is related to such direct marketing.In the event of an objection to processing for direct marketing purposes, we will no longer process the personal data concerned for these purposes.
  • Right to withdraw consent (Art. 7 (3) GDPR)
    If the processing is based on consent within the meaning of Art. 6(1)(a), Art. 9(2)(a) GDPR and / or Section 25(1) TTDSG or another legal basis, you as the data subject have the right to revoke your consent at any time in accordance with Art. 7(3) GDPR. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation. We will inform you of this before you give your consent. You can view your consent to the storage, retrieval and processing of your data within the scope of our websites at any time and revoke it with effect for the future by clicking on the following link:Please click here to check the status of your consent and change it if necessary.
  • Right to complain to the supervisory authority (Art. 77 GDPR) As a data subject, you have the right to lodge a complaint with a supervisory authority under the conditions of Art. 77 GDPR.

Our data protection officer is also available at any time to clarify any questions you may have about data processing with you or to help you further with your data protection concerns.

change privacy settings

The personal data collected by us as part of the web analysis will be stored for 14 months and then deleted.

5. Transfer to Third Countries

If we also transfer personal data to recipients located outside the European Union or the EEA (so-called third countries), we ensure prior to the transfer that an adequate level of data protection exists at the recipient's site by means of appropriate (contractual) guarantees or recognized agreements, or that informed consent has been obtained with reference to possible risks regarding the transfer of personal data.

 

6. Automated Decision Making including Profiling

We do not use profiling within the meaning of Art. 22 GDPR in the context of the use of our websites.