Privacy & Data Protection Policy

In this privacy policy, we inform you about the collection of personal data when using this Website (hereinafter referred to as: “Website”/“our Website”). We explain which personal data we collect, how and for what purposes we process these data as well as what rights you are entitled to whenever you visit the Website and use its individual features. Protecting your personal data is important to us.

According to the General Data Protection Regulation of the EU, “personal data” refers to any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a login or name, an identification number, location data, an online identifier or to one or more specific personal factors. Your personal data includes, i.e., your name, mailing address or your email address as well as any technical data produced or processed when using the Website which can be associated with you, i.e., your IP address, operating system or the browser on your end device or your user behaviour and personal data collected by a cookie.

1. Identity of the Data Protection Controller

In accordance with data protection regulations, the responsible body for the collection and processing of your personal data when visiting and using our Website is

Würth Elektronik ICS GmbH & Co. KG
Waldzimmern business park
Würthstraße 1
74676 Niedernhall
Germany

2. Contact data of the Data Protection Officer

If you have questions, concerns or suggestions on privacy policy as it regards our Website, you can contact our Data Protection Officer:

Data Protection Officer at Würth Elektronik ICS GmbH & Co. KG
Würthstraße 1
74676 Niedernhall
Germany

E Mail: data-protection@we-online.com

You may exercise your rights as a data subject with our Data Protection Officer. You can find more detailed information regarding this in Section 8.

3. Automatic data processing when visiting our Website – purposes and legal basis

It is possible to visit and use our Website for information purposes only without having to specify personal data (either by registering or filling out online forms) or without us collecting your personal data. In order for you to be able to view and easily, effectively and securely use our Website, we automatically collect and process (pseudonymised) technical data in conjunction with your end device and your browser.

a. Automatic data collection and processing by the web server

In order to be able to display the individual pages on our Website, our web servers automatically collect and process the following personal data, which are transmitted from your browser

  • The viewed address on the web server (URL)
  • The “user-agent” ID that contains additional information depending on the browser
    • Operating system used
    • Browser type and version
  • Referrer URL (last visited page, if this page provides this information)
  • Date and time of server request
  • IP address

These data are stored temporarily in so-called server log files. These data are not evaluated based on your person, and they are not associated with other data sources.

The legal basis for the processing of these data is Article 6 (1) sentence 1. lit. f) GDPR. The data processing operations are required for steps prior to entering into a contract carried out based on your request, since such pre-contractual measures form a part of such visits to the Website.

The (pseudonymous) technical communication data collected and processed to enable the use of the Website (connection setup) are temporarily stored in so-called server log files on our web servers. We use the server log files for internal system-related purposes, in particular for technical administration and to ensure the stability and security of our web server and Website, for example, to identify and track any invalid or abusive attempts to access our web server via the saved IP address. The legal basis for the data processing of these server log files is Article 6 (1) sentence 1, lit. f) GDPR, which allows the processing of personal data within the framework of our legitimate interests, provided you do not have any overriding fundamental rights, freedoms or interests. Our legitimate interests lie in the simple administration and the safe operation of our Website.

b. Use of cookies

In order to ensure our Website is user friendly and attractive to users and to allow the use of certain features, we sometimes use so-called “cookies” on our Website. These are small text files that are assigned to the browser you are using and stored on your device and through which the body that places the cookie (in this case: we) can obtain certain data. Cookies cannot run any programmes, transmit any viruses onto your end device nor do any other damage to your end device.

Some of the cookies we use are deleted after the end of the browser session, i.e., after you close your browser (so-called session cookies). Session cookies can attribute various requests from your browser in the same session. As a result, we can recognise your browser when you use multiple web pages on our Website or return to our Website without closing your browser. We use session cookies to provide certain features used by you. A different kind of cookie (so-called persistent cookies) remain on your device for a specified time and allow us to recognise your browser the next time you visit our site. Persistent cookies have an expiration date and thus are automatically deleted after a certain period of time. In addition, you can always manually delete them in your browser’s security settings.

c. Use of web analytics tools

(1) Google Analytics

This Website uses Google Analytics, a web analysis service of Google Inc., Mountain View, CA, USA. (“Google”). Google Analytics uses various methods to analyse the use of a website, such as “cookies” (see Section 3b. above). The information collected by Google Analytics about the use of the Website will usually be transmitted to and stored by Google on servers in the United States. By activating the IP anonymisation, before transferring the data to the servers in the United States Google will truncate the last octet of the IP address for Member States of the European Union as well as for other parties to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address sent to and truncated by Google servers in the United States. On our behalf, Google will use this information for the purpose of evaluating your use of the Website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage to us.

Google will not associate your IP address recorded by Google Analytics with any other data.

You can prevent the collection of data by Google Analytics by not saving a cookie with the name “_ga” or “_gid” in the settings of your browser software.

Furthermore, you can prevent Google’s collection and use of data related to the use of the Website (cookies and IP address) by downloading and installing the browser plug-in available under https://tools.google.com/dlpage/gaoptout?hl=en-GB.

As an alternative to the browser-plugin, you can prevent data collection by Google Analytics by clicking on this link. This saves an “opt-out cookie” (name “_ga_opt_out”) on your device, which prevents the collection of your data whenever you visit this Website in the future. If you delete your cookies, you must click on the link again.

The legal basis for the use of Google Analytics is Article 6 (1) sentence 1, lit. f) GDPR, which allows the processing of personal data within the framework of our legitimate interests, provided you do not have any overriding fundamental rights, freedoms or interests. Our legitimate interests are based on the regular measurement, analysis, evaluation and improvement of our Website and offers. In this respect, Google acts as our processor pursuant to Article 28 GDPR. In exceptional cases in which personal data are transmitted to the United States, Google is subject to the EU-US Privacy Shield, which you can read here: https://policies.google.com/privacy/frameworks?hl=en-GB.

For more information about the terms of service of Google Analytics, go to: https://www.google.com/analytics/terms/gb.html; for more information about privacy at Google Analytics, go to https://www.google.com/intl/en/analytics/learn/privacy.html; and you will find Google’s privacy policy here https://policies.google.com/privacy?hl=en-GB&gl=en-GB.

(2) Google reCAPTCHA

For various services and forms on our Website, we use Google’s reCAPTCHA service, offered by Google Inc., Mountain View, CA, USA (“Google”). Google reCAPTCHA is used to verify whether data entries in online forms are carried out by a human or an automated program, script or the like. For this purpose, Google reCAPTCHA analyses input behaviour of the person entering the data entry based on the various features. This analysis starts automatically as soon as the corresponding website is accessed. In its analysis, Google reCAPTCHA evaluates various pieces of information (e.g., IP address, identification data of the browser used, browser settings, browser plugins, URL of the referring website, time spent on that website, mouse movements, input behaviour of the person entering the data such as input speed, order of entry and selection of inputs etc., Google cookies). The data collected during this analysis are forwarded to a server of Google in the United States, where they are stored and evaluated. The personal data from the online forms is not evaluated or stored.

The legal basis for the use of Google reCAPTCHA is Article 6 (1) lit. f) GDPR, which allows the processing of personal data within the framework of our legitimate interests, provided you do not have any overriding fundamental rights, freedoms or interests. Our legitimate interests lie in protecting our Website and online forms from automated abuse, spying and spam.

Google is subject to the EU-US Privacy Shield, which you can read here: https://policies.google.com/privacy/frameworks?hl=de. For more information on Google reCAPTCHA as well as Google’s privacy policy, go to https://www.google.com/recaptcha/intro/android.html and https://policies.google.com/privacy?hl=en.

4. Collection and processing of your data provided by you – purpose and legal basis

The use of certain features of our site, such as the contact forms or the email newsletters, requires the collection and processing of personal data. We process such data on our Website only if you provide us with these data yourself and it is legally permissible.

If your consent is also required for the collection and processing of certain data, we will ask you for your consent at the appropriate passage on our Website. This declaration of consent is logged by us. You are entitled to revoke any declarations of consent at any time, in part or in full, with effect for the future. Such a revocation is also logged by us.

a. Contact and request forms

On our Website, we provide a form in which you can ask us questions on a range of topics.

In order to process and respond to your request, we require at least the categories of data that are marked with an asterisk in the form. The legal basis for the processing of these data is Article 6 (1) sentence 1. lit. f) GDPR. The data processing is required for steps prior to entering into a contract carried out based on a request, since such measures form a part of such contact requests.

You can help us respond to your request and contact you by voluntarily providing additional contact information. The legal basis for this is Article 6 (1) sentence 1, lit. f) GDPR, which allows the processing of personal data within the framework of the “legitimate interests” of the controller, provided you do not have any overriding fundamental rights, freedoms or interests. Our legitimate interests lie in being able to process your contact request more easily, more efficiently and more quickly and to directly contact you. If you do not want this, please do not fill out the fields marked with an asterisk.

For most contact and request forms, we use the service Google reCAPTCHA (see Section 3c.) to protect against abuse.

5. Recipients of personal data

The personal data collected by us within the scope of the visit and purely informative use of our Website (see Section 3) as well as the personal data collected in connection with the use of certain features and services of our Website (see Section 4) are in principle not disclosed or sent in any other way to other recipients. Excepted from this practice are any necessary transfers of personal data to government institutions and authorities as well as private rights holders on the basis of statutory provisions or judicial or administrative decisions as well as the required disclosure to government institutions and authorities in the event of attacks on our legal interests for purposes of law or criminal enforcement.

However, when operating our Website and providing and processing the features of individual pages and services we use in part external technical and other service providers that assist us in the provision of our services and which have been carefully selected by us. Where necessary, these service providers appointed by us process your personal data within the framework of their respective contracts in accordance with our instructions for the purposes stated in this privacy policy. They are contractually committed to strict compliance with this privacy policy, the applicable data protection laws and our directives (so-called processors pursuant to Article 28 GDPR). The same applies to any subcontractors that our processors have contracted with our prior consent.

Processors are contracted by us, in particular, for hosting the site and for web analysis (see Section 3c.).

All processors are contractually obliged to comply with the applicable legislation on data protection and data security.

6. Data security

The personal data collected and stored by us will be handled confidentially and protected by appropriate technical and organisational measures against loss and modification as well as unauthorised access by third parties.

7. Duration of storage

In general, we store personal data only for as long as it is necessary for the fulfilment of the intended purpose of the data processing or until you request us to erase your personal data due to overriding legitimate grounds (see Article 17 (1) GDPR). After the retention periods expire or based on your legitimate request for erasure, we assess each case on whether certain personal data are required for (other) legitimate purposes and, if not, whether any contractual or statutory retention periods stand in conflict with the erasure of the personal data. In these cases, the relevant personal data are stored for these purposes as long as is required for the fulfilment of this (other) legitimate purpose or for the duration of the respective contractual or statutory retention period. For any other purposes, however, they are blocked and then permanently deleted after the last contractual or statutory retention period expires.

The technical communication data (see Section 3a.) stored in the server log files are deleted after 90 days.

The session cookies used by us are deleted when you close your browser. The persistent cookies we use remain on your device until their specified lifetime expires or until you remove these manually (see Section 3b. and our Cookie guideline).

The personal data collected by Google Analytics are deleted immediately by anonymising IP addresses (see Section 3c.). We have reduced the retention period of the anonymised data collected by Google Analytics to a maximum of 26 months by agreement with Google.

The data collected using contact forms (see to Sections 4.a) are stored by us only for as long as is required for the processing of your request and to contact you.

Furthermore, the storage of data may be required for accounting or other legal reasons for the duration of each specific statutory retention periods.

8. Your rights

Insofar as the legal conditions laid out in Articles 15 et seqq. GDPR are in effect, you have the following rights (so-called data subject rights) with respect to your personal data stored by us:

  • You have the right to obtain confirmation from us at any time as to whether personal data and which categories of personal data are stored by us, for what purposes they are being processed and the recipients or categories of recipients who may gain access to them. In addition, you may request information from us on your personal data as laid out in Article 15 GDPR (right of access).
  • In accordance with the statutory requirements, you also have a right to rectification (Article 16 GDPR), a right to erasure (Article 17 GDPR) and a right on restriction of processing (blocking) (Article 18 GDPR) of your personal data.
  • Furthermore, in accordance with Article 20 GDPR you have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format. You may transmit these personal data or have them transmitted to another controller (right to data portability).
  • You are also entitled to revoke your consent at any time.
  • In addition, if all legal requirements have been fulfilled pursuant to Article 21 GDPR, you have the right to object to data processing that is based on the legitimate interests of the controller or a third party pursuant to Article 6 (1) sentence 1. lit. f) GDPR (see Sections 3a., 3b., 3c. and 4.a).

To exercise your rights as a data subject, you can contact us at data-protection@we-online.com at any time or send a letter to the address listed in Item 1.

Furthermore, according to Article 77 (1) GDPR you also have the right to lodge a complaint with a supervisory authority, in particular in the Member State where you reside or work or where the alleged violation takes place if you believe that the processing of your personal data is in violation of GDPR.