Privacy Policy

We are very delighted that you have shown interest in our enterprise. Data protection is of a particularly high priority for the management of the WedaCon Informationstechnologien GmbH. The use of the Internet pages of the WedaCon Informationstechnologien GmbH is possible without any indication of personal data; however, if a data subject wants to use special enterprise services via our website, processing of personal data could become necessary. If the processing of personal data is necessary and there is no statutory basis for such processing, we generally obtain consent from the data subject.

The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject shall always be in line with the General Data Protection Regulation (GDPR), and in accordance with the country-specific data protection regulations applicable to the WedaCon Informationstechnologien GmbH. By means of this data protection declaration, our enterprise would like to inform the general public of the nature, scope, and purpose of the personal data we collect, use and process. Furthermore, data subjects are informed, by means of this data protection declaration, of the rights to which they are entitled.

As the controller, the WedaCon Informationstechnologien GmbH has implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed through this website. However, Internet-based data transmissions may in principle have security gaps, so absolute protection may not be guaranteed. For this reason, every data subject is free to transfer personal data to us via alternative means, e.g. by telephone.

1. Definitions

The data protection declaration of the WedaCon Informationstechnologien GmbH is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our data protection declaration should be legible and understandable for the general public, as well as our customers and business partners. To ensure this, we would like to first explain the terminology used.

In this data protection declaration, we use, inter alia, the following terms:

    a) Personal data

    Personal data means any information relating to an identified or identifiable natural person ("data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

    b) Data subject

    Data subject is any identified or identifiable natural person, whose personal data is processed by the controller responsible for the processing.

    c) Processing

    Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

    d) Restriction of processing

    Restriction of processing is the marking of stored personal data with the aim of limiting their processing in the future.

    e) Profiling

    Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.

    f) Pseudonymisation

    Pseudonymisation is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.

    g) Controller or controller responsible for the processing

    A Controller or controller responsible for the processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

    h) Processor

    A Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

    i) Recipient

    A Recipient is a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.

    j) Third party

    A Third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

    k) Consent

    Consent of the data subject is any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

2. Name and Address of the controller

Controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union and other provisions related to data protection is:

WedaCon Informationstechnologien GmbH
Salzstraße 14/15
48143 Münster
Deutschland

Phone: +49-251-3996780
Email: privacy@wedacon.net
Website: www.wedacon.net

Social Media

1) Social Media Profiles

We maintain online presence on social networks and platforms in order to communicate with our customers, interested parties, and users and to inform them about our services.

The social media providers are:

  1. LinkedIn
  2. Xing
  3. Bluesky

When visiting each of these platforms, you as a user agree to the terms and conditions and the data processing guidelines of the corresponding operator.

  1. LinkedIn
    Provider:LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
    Privacy Policy: https://www.linkedin.com/legal/privacy-policy
    Opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
    Commitment to privacy shield: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active
  2. Xing
    Provider: XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany
    Privacy Policy: https://privacy.xing.com/de/datenschutzerklaerung
  3. Bluesky
    Provider: Bluesky Social Networking Services
    Privacy Policy: https://bsky.social/about/blog/5-19-2023-user-faq

2) Use of Social Media Buttons

Our website uses social media buttons of various providers (mentioned above).

When you click on one of the social media buttons, your browser establishes a direct connection to the servers of the respective provider. The content of the plugin is directly transmitted to your browser which integrates it into the website.

Please note, that the connection is only established when you click on the button. We do not implement any tracking plugins directly on our site that establish a connection without your consent.

Contact Possibility via the website

The website of the WedaCon Informationstechnologien GmbH contains information that enables a quick electronic contact to our enterprise, as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If a data subject contacts the controller by e-mail or via a contact form, the personal data transmitted by the data subject are automatically stored. Such personal data transmitted on a voluntary basis by a data subject to the data controller are stored for the purpose of processing or contacting the data subject. There is no transfer of this personal data to third parties.

Job Application

If you send us job application documents ( e. g. curriculum vitae, cover letter, certificates etc.) we will save and process these pieces of data. Application documents from job applicants that do not result in hires are deleted after 3 months. Other legitimate interest in this relation is, e.g. a burden of proof in a procedure under the General Equal Treatment Act (AGG).

You have the right to have your application documents deleted before this period. In this case please send an E-mail to privacy@wedacon.net

If your application results in hires, the documents will be forwarded to our HR department. The legal basis for the processing of your personal data in the job application process is primarily Section 26 of the German Data Protection Act (BDSG).

Server-Logfiles

If you access www.wedacon.net, our web server collects certain information about your visit:

e. g.

  1. the domain you are accessing: www.wedacon.net
  2. the ip address of your computer: 127.0.0.1 (as the IP address is considered personal information this is just a local example of how an IP address looks like)
  3. Access time and date: Day/Month/Year:Time
  4. HTTP-Request Type: GET
  5. The URL, you are visiting: /impress
  6. The website you are coming from (referrer-url): https://www.wedacon.net
  7. HTTP-Statuscode: 200
  8. Browser information and your computer’s operation system (User-Agent): Mozilla/5.0 (Windows NT 6.1; Win64; x64) Gecko/X Firefox/X

This data is processed for the following reasons:

  1. Ensuring a stable website connection
  2. Evaluation of the system security and stability

The legal basis for the use is Art. 6 Para. 1 S.1 lit. f GDPR. We will never use the data to identify you personally or merge the information with other data.

The server log will be deleted automatically within 30 days.

Cookies

The Internet pages of the WedaCon Informationstechnologien GmbH do not use cookies.

Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, every data subject shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement if the data subject considers that the processing of personal data relating to him or her infringes this Regulation.

Address:

Landesbeauftragte für Datenschutz und Informationsfreiheit
Nordrhein-Westfalen
Postfach 20 04 44
40102 Düsseldorf

Tel.: 0211/38424-0 Fax: 0211/38424-10
E-Mail: poststelle@ldi.nrw.de

Legal basis for the processing

Art. 6(1) lit. a GDPR serves as the legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is neccessary for the performance of a contract to which the data subject is party, as is the case, for example, when processing operations are neccessary for the supply of goods or to provide any other service, the processing is based on Article 6(1) lit. b GDPR. The same applies to such processing operations which are neccessary for carrying out pre-contractual measures, for example in the case of inquiries concerning our products or services. Is our company subject to a legal obligation by which processing of personal data is required, such as for the fulfillment of tax obligations, the processing is based on Art. 6(1) lit. c GDPR. In rare cases, the processing of personal data may be neccessary to protect the vital interests of the data subject or of another natural person. This would be the case, for example, if a visitor were injured in our company and his name, age, health insurance data or other vital information would have to be passed on to a doctor, hospital or other third party. Then the processing would be based on Art. 6(1) lit. d GDPR. Finally, processing operations could be based on Article 6(1) lit. f GDPR. This legal basis is used for processing operations which are not covered by any of the above mentioned legal grounds, if processing is neccessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data. Such processing operations are particularly permissible because they have been specifically mentioned by the European legislator. He considered that a legitimate interest could be assumed if the data subject is a client of the controller (Recital 47 Sentence 2 GDPR).

The legitimate interests pursued by the controller or by a third party

Where the processing of personal data is based on Article 6(1) lit. f GDPR our legitimate interest is to carry out our business in favor of the well-being of all our employees and the shareholders.

Provision of personal data as statutory or contractual requirement; Requirement neccessary to enter into a contract; Obligation of the data subject to provide the personal data; possible consequences of failure to provide such data

We clarify that the provision of personal data is partly required by law (e.g. tax regulations) or can also result from contractual provisions (e.g. information on the contractual partner). Sometimes it may be neccessary to conclude a contract that the data subject provides us with personal data, which must subsequently be processed by us. The data subject is, for example, obliged to provide us with personal data when our company signs a contract with him or her. The non-provision of the personal data would have the consequence that the contract with the data subject could not be concluded. Before personal data is provided by the data subject, the data subject must contact our Data Protection Officer. Our Data Protection Officer clarifies to the data subject whether the provision of the personal data is required by law or contract or is neccessary for the conclusion of the contract, whether there is an obligation to provide the personal data and the consequences of non-provision of the personal data.

Existence of automated decision-making

As a responsible company, we do not use automatic decision-making or profiling.

Data Security / Data Handling

The data on the website is self-hosted on Wedacon Informationstechnologien GmbH servers (apache httpd/php).

If you visit this website an encrypted connection will be established. Therefore we are using TLS (Transport-Layer-Security) in Version TLS 1.2. You can check if the connection is encrypted by checking the key symbol in your browser navigation.

We have thought about technical and organisational measures to ensure a level of security appropriate to the risk by using this website:

  • all data is self-hosted
  • TLS certificate is version 1.2
  • Enabled Forward Secrecy
  • no use of 3rd party resources

This Privacy Policy has been partly generated by the Privacy Policy Generator of the External Data Protection Officer from DGD Deutsche Gesellschaft für Datenschutz GmbH, which has been developed in cooperation with WILDE BEUGER SOLMECKE | Lawyers and the used hardware dealer RC GmbH.

Last updated: 17.02.2020

Privacy Policy Addendum (for Blog Area)

Last Updated: 16. December 2024

1. Analytics on the Blog Section of Our Website

While the general website of WedaCon Informationstechnologien GmbH does not use cookies for analytical purposes, we use analytics tools in the blog section of our website to analyze user interactions and improve the user experience.

This only applies to the blog area and does not extend to other pages on the WedaCon website.

What we track on the blog section:

  • User activity on the blog (such as which articles are viewed most frequently).
  • General interaction data such as time spent on the blog pages, page views, etc.

Cookies used on the blog page:

We use Matomo to collect data in an anonymous form, which is solely used for the purpose of improving the blog content and user experience.

Cookie Consent for Blog Section:

When you visit the blog page, you will be prompted with a cookie banner or consent request to confirm that you agree to the use of these cookies. You can withdraw your consent at any time by adjusting your cookie preferences in your browser settings.

If you do not wish to have your activity tracked, you may choose to not visit the blog section, or disable cookies through your browser settings.

2. Use of Analytics Tools

We use an analytics tool on the blog pages to collect non-personalized data, which is used to evaluate the performance of the blog content. This helps us understand which topics are of most interest to our readers and optimize our blog for better engagement.

The collected data is not used to identify you personally and is only applied to the blog section.

3. Exclusion of Analytics from Other Parts of the Website

Please note that no cookies or tracking mechanisms are used on any other parts of the WedaCon website, including the main homepage or other service areas, outside of the blog section. Your personal data is not tracked or stored unless you interact with the blog area specifically.

Important GDPR Compliance Notes:

Consent for Cookies:

In accordance with GDPR, cookies and analytics used on the blog section are implemented only after obtaining explicit consent from users. Users will be asked to agree to the use of cookies when visiting the blog.

Data Minimization:

Any data collected through tracking mechanisms is minimal, anonymized, and used only for improving the blog's content and user experience.

Withdrawal of Consent:

Users may withdraw their consent at any time by adjusting their browser settings or by not using the blog area of the website.