Privacy policy of WHEELS Logistics GmbH & Co. KG

NAME AND ADDRESS OF RESPONSIBLE PARTY

The responsible person within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:

WHEELS Logistics GmbH & Co. KG
Hansestraße 6
48165 Münster

Telephone: +49 2501 803-0
Fax: +49 2501 803-192

Website: www.wheelslogistics.com

Data Protection Officer
We have appointed a data protection officer for our company.
You can reach our data protection officer via our postal address with the addition of “the data protection officer” or via the following channels:

To the data protection officer
DSB Münster GmbH, Martin-Luther-King-Weg 42-44, 48155 Münster, Germany
Telephone: +49251 / 71879-110
E-mail: datenschutz@wheelslogistics.com

Scope of the data protection statement
The following declaration gives you an overview of how we guarantee data protection, what kind of data is collected and processed, for what purpose and on what legal basis. It applies in principle to all websites operated by WHEELS Logistics GmbH & Co. KG or if you contact us via other communication channels

THE PRIVACY POLICY CONSTIS OF 8 PARTS:

VISITORS

The first part of the data protection declaration applies to visitors to WHEELS Logistics GmbH & Co. KG.

Purposes for which the personal data are processed and the legal basis for the processing
We process the data insofar as it is necessary to record a visit by data subjects to our company and thereby document which visitors are on the business premises (visitor registration or list). The processing is carried out to protect the legitimate interests of the data controller pursuant to Art. 6 (1) lit. f DS-GVO (e.g. security for employees and visitors, protection against theft and damage to property, access control). In addition, your consent pursuant to Art. 6 para. 1 lit. a DS-GVO may also be considered as a legal basis (e.g. for self-security).

Categories and sources of personal data processed
We process personal data that we receive from your employers in advance of your visit or from you when you enter our business premises or that we collect in this context. This is usually your surname, first name, address, telephone number (if applicable) and e-mail address.

Recipients or categories of recipients of the personal data
Within the company, those departments receive access to the data that need it to fulfil their tasks (e.g. reception, responsible specialist department).
Data is only passed on to recipients outside the company if this is permitted or required by law, if the transfer is necessary to fulfil legal obligations or if we have your consent. In individual cases, recipients of personal data may be e.g. rescue services and authorities.

Duration for which the personal data is stored and the criteria for determining this duration
If the data is no longer required for the purposes for which it was collected, it will be deleted. This is regularly the case after a period of one week.

Is there an obligation to provide data?
When visiting our business premises, you are only required to provide the personal data that is necessary for collection and documentation. There is no obligation to provide this data. Failure to provide the data for the visitor registration or list may, under certain circumstances, result in visitors not being able to be registered and thus not being able to visit the company.

BUSINESS PARTNER

The second part of the privacy policy applies to business partners.

Purposes for which the personal data are processed and the legal basis for the processing
We process personal data insofar as this is necessary for the establishment, execution and fulfilment of a contract as well as for the implementation of pre-contractual measures (Art. 6 para. 1 lit. b DS-GVO, e.g. in connection with the initiation, execution and administration of orders), for the fulfilment of a legal obligation (Art. 6 para. 1 lit. c DS-GVO, e.g. compliance with commercial and tax retention obligations according to § 257 HGB (German Commercial Code) and § 147 AO (German Tax Code)), for the protection of the legitimate interests of the responsible party or a third party (Art. 6 para. 1 lit. f DS-GVO, e.g. storage of data for a reasonable period of time for acquisition efforts or for the assertion of legal claims and defence in legal disputes) as well as on the basis of consent of the data subjects (Art. 6 para. 1 lit. a DS-GVO, e.g. forwarding of data to affiliated companies or third parties, evaluation for marketing purposes or addressing by e-mail for advertising purposes).

Categories and sources of personal data processed
We process personal data that we receive from you or from public sources such as commercial registers, the Internet and directories or from third parties such as credit or credit agencies or business partners in the course of contacting you and in the course of our business relationship, e.g. for processing an enquiry or an order.

Relevant personal data are in particular personal data (such as surname, first name, address, bank details, invoice address, tax number or VAT ID number) and other contact data (such as telephone number, e-mail address). In addition, this may also be contract or order data (e.g. turnover data, order volume), information about your financial situation (e.g. creditworthiness data) as well as data about your person (e.g. profession, position, tasks and powers) as well as other data comparable with the aforementioned categories.

Recipients or categories of recipients of the personal data
Within the company, only those departments that need the data to fulfil contractual and legal obligations or to implement our legitimate interests (e.g. sales) will have access to the data. We may transfer your personal data to companies affiliated with us, insofar as this is permissible within the framework of the purposes and legal bases set out in section 3 of this data protection information sheet. Processors appointed by us in accordance with Art. 28 DS-GVO may also process data for these purposes, such as IT service providers, cloud providers and data destruction disposal companies. All service providers are contractually obliged to treat your data confidentially.

Data is only passed on to recipients outside the company in compliance with the applicable data protection regulations. Recipients of personal data can be, for example, companies in the logistics sector, service providers, suppliers, subcontractors, tax consultants, auditors, credit and financial service providers, credit rating agencies, debt collection companies, lawyers and authorities. In such cases, information is passed on to these companies or individuals in order to enable them to continue processing.

Transfer to a third country (outside the EU / EEA) or to an international organisation
The transfer of personal data to a third country in the context of order processing is generally carried out on the basis of an EU adequacy decision and the signing of standard data protection clauses, taking into account contractual, technical and organisational measures to comply with the level of data protection in the EU. If data is transferred to a third country that does not meet the above criteria, this will be done in exceptional cases on the basis of a legal obligation or consent by the data subject.

Duration for which the personal data are stored and the criteria for determining this duration
The required personal data will be stored for the duration of the existence of warranty and guarantee claims. In addition, the personal data is stored in accordance with the legally prescribed periods. Corresponding proof and storage obligations result from the German Commercial Code (HGB) and the German Fiscal Code (AO). The retention and documentation periods specified there are up to ten years. If the data is no longer required for the fulfilment of contractual or legal obligations, it is regularly deleted.

Is there an obligation to provide data?
Within the framework of the contractual relationship or the initiation of the contract, you must provide the personal data that is required for the commencement, implementation and termination as well as for the fulfilment of the associated contractual obligations or which we are legally obliged to collect. Without this data, we will generally not be able to carry out the necessary pre-contractual measures or the contractual relationship with you.

APPLICANTS

We are pleased that you are applying or have applied for a position in our company. In accordance with Art. 13, 14 of the EU General Data Protection Regulation (EU GDPR), we would like to inform you below about the purposes for which we process the application documents (data) received from you on a voluntary basis and what rights you have in this regard.

Purposes for which the personal data are processed and the legal bases for the processing
We process the data you have sent us in connection with your application in order to assess your suitability for the job (or other vacancies in our companies, if applicable) and to carry out the application process.

The legal basis for the processing of your personal data in this application procedure is primarily Section 26 BDSG. According to this, the processing of data required in connection with the decision on the establishment of an employment relationship is permissible.

Furthermore, we may process personal data about you if this is necessary for the fulfilment of legal obligations (Art. 6 para. 1 lit. c DS-GVO, e.g. reimbursement of travel expenses) as well as for the defence of asserted legal claims against us arising from the application procedure. The legal basis for this is Art. 6 para. 1 lit. f DS-GVO; the legitimate interest is, for example, a duty to provide evidence in proceedings under the General Equal Treatment Act (AGG). If there is a need for longer-term storage (e.g. for further vacant positions or positions that become vacant), this is done on the basis of your consent in writing (pursuant to Art. 6 para. 1 lit. a DS-GVO). The same applies to the transfer of your application data to other companies in our group of companies.

Insofar as special categories of personal data within the meaning of Art. 9 Para. 1 DS-GVO are voluntarily provided within the scope of the application procedure, their processing will also be carried out in accordance with Art. 9 Para. 2 lit. b DS-GVO in conjunction with § 26 Para. 3 BDSG (e.g. severely disabled status). Insofar as special categories of personal data within the meaning of Art. 9 (1) DS-GVO are requested from applicants within the scope of the application procedure, their processing is additionally carried out in accordance with Art. 9 (2) lit. a DS-GVO in conjunction with Section 26 (2) and (3) sentence 2 BDSG (e.g. health data if this is necessary for the exercise of the profession).

Categories and sources of personal data processed
We process personal data that we receive from you or recruiters as part of the application process, such as, in particular, personal master data (name, address and other contact details, date and place of birth, nationality), bank details (for the purpose of reimbursement of travel expenses), qualification documents (e.g. certificates, evaluations and other proof of training), IP addresses and photographs.

Recipients or categories of recipients of the personal data
If provided, applicants can submit their applications to us using an online form on our website. The data is transmitted to us in encrypted form in accordance with the state of the art. Furthermore, applicants can send us their documents by e-mail. Please note, however, that e-mails are generally not encrypted and applicants must ensure that they are encrypted themselves. We cannot therefore accept any responsibility for the transmission route of the application between the sender and receipt on our server and therefore recommend that you use an online form or send it by post.

Your data will be screened by the HR department after receipt of your application. Suitable applications will then be made available internally to the persons responsible for the respective open position, and if necessary also to the works council. In principle, only those persons in the company have access to your data who need it for the proper conduct of the application process.

We may transfer your personal data to companies affiliated with us, insofar as this is permissible within the scope of the purposes and legal bases set out in section 3. Otherwise, your personal data will be processed on our behalf on the basis of order processing contracts in accordance with Art. 28 DS-GVO; this applies in particular to IT service providers, cloud computing and applicant management systems and software. In the context of the application process, recruitment agencies may also be commissioned if necessary. All service providers are contractually obliged to treat your data confidentially.
Otherwise, data is only passed on to recipients outside the company if this is permitted or required by law, if the transfer is necessary to fulfil legal obligations or if we have your consent.

Transmission to a third country (outside the EU / EEA) or to an international organisation
A transfer to a third country does not take place and is not intended.

Duration for which the personal data is stored and the criteria for determining this duration
If no employment relationship is established as a result of your application, we retain applicant data for a maximum of six months from receipt of the rejection decision so that we can answer any follow-up questions about the application and meet our obligations to provide evidence under the General Equal Treatment Act (AGG). This does not apply if legal provisions prevent deletion (e.g. archiving of travel expense reimbursements in accordance with tax law requirements for up to 10 years), further storage is necessary for the purpose of providing evidence or you have expressly consented to longer storage. In the event that you have given your consent to a longer storage of your personal data, we will transfer your data to our applicant pool. There, the data will be deleted after one year.

If you are accepted for a position during the application process, the relevant and necessary data will be transferred from the applicant data system to our personnel data system.

Is there an obligation to provide data?
As part of the application process, you only have to provide the personal data that is required for the application process. There is no obligation to provide this data. Without this data, we will generally not be able to carry out the application procedure and make a decision on the establishment of the employment relationship.

PROVISION OF LOG FILES

This part of the privacy policy deals with the provision of log files.

Description and scope of data processing
Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer.

The following data is collected:

  • Information about the type of browser and the version used.
  • The user’s operating system
  • The user’s internet service provider
  • The IP address of the user
  • Date and time of access
  • Websites from which the user’s system accesses our website
  • Websites that are accessed by the user’s system via our website

This data is also stored in the log files of our system. This data is not stored together with other personal data of the user.

Legal basis for data processing
The legal basis for the temporary storage of the data and the log files is Art. 6 para. 1 lit. f DSGVO.

Purpose of the data processing
The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session.

The storage in log files is done to ensure the functionality of the website. In addition, we use the data to optimise the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.

These purposes are also our legitimate interest in data processing according to Art. 6 para. 1 lit. f DSGVO.

Duration of storage
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.

In the case of storage of data in log files, this is the case after seven days at the latest. Storage beyond this period is possible. In this case, the IP addresses of the users are deleted or alienated so that an assignment of the calling client is no longer possible.

Possibility of objection and removal
The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility for the user to object.

COOKIES

Description and scope of data processing
Our website uses cookies, which enable an analysis of the user’s surfing behaviour. Cookies are text files that are stored in the internet browser or by the internet browser on the user’s computer system. When a user calls up a website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again.

The user data collected in this way is pseudonymised by technical precautions. Therefore, it is no longer possible to assign the data to the calling user. The data is not stored together with other personal data of the user. When calling up our website, users are informed by an information banner about the use of cookies for analysis purposes and referred to this data protection declaration. In this context, there is also an indication of how the storage of cookies can be prevented in the browser settings.

Legal basis for data processing
The legal basis for the processing of personal data using cookies for analysis purposes is Art. 6 para. 1 lit. a DSGVO if the user has consented to this, otherwise Art. 6 para. 1 lit. f DSGVO.

Purpose of data processing
The analysis cookies are used to improve the quality of our website and its content. Through the analysis cookies, we learn how the website is used and can thus continuously optimize our offer. This is also our legitimate interest in processing the personal data in accordance with Art. 6 para. 1 lit. f DSGVO.

Duration of storage, possibility of objection and removal
Cookies are stored on the user’s computer and transmitted to our site by the user. Therefore, you as a user also have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all the functions of the website to their full extent.

ONLINE MEETING TOOL MICROSOFT TEAMS

In the following, we inform you on the basis of the General Data Protection Regulation (DS-GVO) and the Federal Data Protection Act (BDSG) about the processing of personal data in connection with the conduct of online meetings using the video conferencing tool of “Microsoft Teams”.

Note: If you access the “Microsoft Teams” website, the “Microsoft Teams” provider is responsible for data processing. However, accessing the website is only necessary for the use of “Microsoft Teams” in order to download the software for use.

If you do not want to or cannot use the “Microsoft Teams” app, you can also use “Microsoft Teams” via your browser. The service is then also provided via the “Microsoft Teams” website to this extent.

Purpose of the processing
We use the “Microsoft Teams” tool to conduct telephone conferences, video conferences and webinars (hereinafter: “online meetings”). “Microsoft Teams” is a service of Microsoft Corporation.

Legal basis of data processing
Insofar as personal employee data of WHEELS Logistics GmbH & Co. KG are processed, § 26 BDSG is the legal basis for data processing. If, in connection with the use of “Microsoft Teams”, personal data is not required for the establishment, implementation or termination of the employment relationship, but is nevertheless an elementary component of the use of “Microsoft Teams”, then Art. 6 para. 1 lit. f DS-GVO is the legal basis for the data processing. In these cases, our interest lies in the effective implementation of “online meetings”.

Insofar as the processing of personal data in the context of online meetings is necessary for the performance of a contract to which you are a contracting party or for the implementation of pre-contractual measures that are carried out at your request, Art. 6 (1) lit. b DS-GVO serves as the legal basis for the processing of personal data.

Should no contractual relationship exist, the legal basis is Art. 6 (1) lit. f DS-GVO. Here, too, our interest is in the effective conduct of “online meetings”.

Should video and audio recordings be necessary by way of exception, this will be done exclusively on the basis of the consent given by you in accordance with Art. 6 (1) lit. a DS-GVO.

Nature and scope of data processing
We use “Microsoft Teams” to conduct “online meetings”. If we want to record “online meetings”, we will transparently inform you in advance and ask for your consent. If it is necessary for the purposes of logging the results of an online meeting, we will log the chat content. However, this will usually not be the case.

Automated decision-making within the meaning of Art. 22 DS-GVO is not used.

The following personal data are subject to processing when using “Microsoft Teams”, whereby the scope of the data in this context also depends on the data details you provide before or when participating in an “online meeting”:
User details (registration information): e.g. user name, activation and conference codes, email address, first and last name, company, organization ID, participant IP, profile picture (optional).

Configuration and communication data: e.g., device name, IP address, geodata, time zone, activity logs, hardware type

Conference information: e.g. date, time, duration, number of participants, dial-in method, diagnostic information

Text, audio and video data: You may have the option of using the chat function in an “online meeting”. To this extent, the text entries you make are processed in order to display them in the “online meeting”. In order to enable the display of video and the playback of audio, the data from the microphone of your terminal device and from any video camera of the terminal device will be processed accordingly for the duration of the meeting. You can turn off or mute the camera or microphone yourself at any time via the “MS Teams” applications.

Recipients / passing on of data
With regard to the processing of personal data in connection with participation in “online meetings”, as a matter of principle no data is passed on to third parties unless it is specifically intended to be passed on. Please note that the content of “online meetings”, as well as personal meetings, is often used to communicate information with customers, interested parties or third parties and is therefore intended to be passed on.

A further recipient is the provider of “Microsoft Teams”, Microsoft Corporation.

Data processing outside the EU / EEA
Data processing in third countries does not take place in principle, as we or the service provider have restricted the storage location to data centers in the EU or EEA.

The legal basis for this data transfer is the adequacy decision for the EU-US Data Privacy Framework adopted by the European Commission on July 10, 2023. The decision creates a framework that is intended to make the transfer of the data between the USA and EU secure. Companies must join the EU-US Data Privacy Framework. This requirement was met by this social media platform for Non-HR-Data and HR-Data.

Storage period
Your personal data that we process as part of your use of “Microsoft Teams” will generally be deleted as soon as it is no longer required for the purposes for which it was collected. A requirement for storage may exist in particular if the data is still needed to fulfill contractual services and to be able to check and grant or defend against warranty or, if applicable, guarantee claims. In the case of statutory retention obligations of 6 years or 10 years according to commercial and tax law, deletion only comes into consideration after expiry of the respective retention obligation. If and insofar as the processing is based on your consent, the data will only be stored until you revoke your consent, unless there is also another legal basis for the processing.

DATA PROCESSING SOCIAL MEDIA

We are represented on various social media platforms with a company profile or a Page. These include the following platforms:

• Instagram
• Facebook
• LinkedIn
• Xing

If you visit one or more of the above-mentioned platforms, personal data about you may be processed. If you are active anonymously or with an already created profile on the respective website, your behavior may be analyzed and evaluated.

The legal basis for the processing is the legitimate interest in effective public relations work, as well as in the exchange with the users of our presences in social media according to Art. 6 para 1 lit.f. DSGVO. The analysis processes initiated by the social networks are based, if applicable, on different legal bases to be indicated by the operators of the social networks (e.g. consent within the meaning of Art. 6 para. 1 lit.a DSGVO.

Most social media platforms use cookies in your browser to store data.

Instagram privacy policy
The privacy policy of Instagram can be found at: https://help.instagram.com/519522125107875

The operator of the social network Instagram is Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, CA, USA.

Instagram is a subsidiary of Meta Platforms Inc. Instagram uses the same or similar technologies as the social network Facebook. Each time you visit Instagram, Meta Platforms Inc. processes data about your behavior and also uses this data for subsidiaries.

There is a possibility on Instagram that some of the collected information is also processed outside the European Union, e.g. in the USA. The legal basis for this data transfer is the adequacy decision for the EU-US Data Privacy Framework adopted by the European Commission on July 10, 2023. The decision creates a framework that is intended to make the transfer of data between the USA and the EU secure. Companies must join the EU-US Data Privacy Framework. This requirement was met by this social media platform for Non-HR-Data.

We have concluded an agreement with Facebook on join responsibility for data processing within the meaning of Art. 4. No. 7. Art. 26 DSGVO. This agreement regulates who is responsible for the processing of personal data. You can acess this agreement via the following link: https://www.facebook.com/legal/controller_addendum

Facebook privacy policy
You can find Facebook’s privacy policy at: https://m.facebook.com/privacy/policy/version/20220104/

The operator of the social network Facebook is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. For persons living outside USA or Canada, Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland is responsible.

Facebook is a subsidiary of Meta Platforms Inc.

When you visit our Facebook page, Facebook collects, among other things, your IP address and other information that is present on your PC in the form of cookies. This information is used to provide us, as operators of the Facebook pages, with anonymized statistical information about the use of the Facebook page.

The data collected about you in this context is processed by Facebook Ltd. and may be transferred to countries outside the European Union in the process. Facebook describes what information it receives and how it is used in its data usage guidelines. There you will also find information on how to contact Facebook and on the settings options for advertisements.

It is possible for Instagram to process some of the collected information outside of the European Union, e.g. in the USA. The legal basis for this data transfer is the adequacy decision for the EU-US Data Privacy Framework adopted by the European Commission on July 10, 2023. The decision creates a framework that is intended to make the transfer of data between USA and the EU secure. Companies must join the EU-US Data Privacy Framework. This requirement was met by this social platform for Non-HR-Data.

We have concluded an agreement with Facebook on join responsibility for data processing within the meaning of Art. 4 No. 7 Art 26 DSGVO. This agreement regulates who is responsible for the processing of personal data. You can access this agreement via the following link: https://www.facebook.com/legal/controller_addendum

If personal data of users are processed, they have the right to information, correction, objection, transferability and deletion of the data in accordance with the EU General Data Protection Regulation. Facebook Ireland has committed under the Page Insights Supplement to respond to requests from data subjects in accordance with Facebook’s obligations under the Page Insights Supplement.

Privacy policy on LinkedIn
You can find the privacy policy at: https://de.linkedin.com/legal/privacy-policy

The operator of the social network LinkedIn is LinkedIn corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. For the European Economic Area and Switzerland, the company responsible is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, ireland.

As soon as you visit our LinkedIn company page, LinkedIn processes personal data, regardless of whether you have a profile yourself or interact with the page without a profile. We receive your interactions in the form of so-called page insights, but this data does not allow any conclusions to be drawn about you or other persons, but is anonymized. This processing of personal data in the context of page insights is carried out by LinkedIn and us as joint controllers. The processing serves our legitimate interest to evaluate the types of actions taken on our LinkedIn company page and to improve our company page based on these insights. The legal basis for this processing is Article 6 (1) (f) DSGVO.

It is possible with LinkedIn that some of the collected information is also processed outside the European Union, e.g. in the USA. The legal basis for this data transfer is the adequacy decision for the EU-US Data Privacy Framework adopted by the European Commission on July 10, 2023. The decision creates a framework that is intended to make the transfer of data between the USA and the EU secure. Companies must join the EU-US Data Privacy Framework. This requirement was met by this social media platform for Non-HR-Data and HR-Data. We have concluded an agreement with LinkedIn on join responsibility for data processing within the meaning of Art. 7 No. 7, Art 26 DSGVO. This agreement regulates who is responsible for the processing of personal data. You can access this agreement at the following link: https://legal.linkedin.com/pages-join-controller-addendum

As a basis for data processing with recipients located in third countries or a data transfer there, LinkedIn uses so-called standard data protection clauses (= Art. 46. para. 2 DSGVO).

You can request the deletion of your personal data at any time, you can do this in your LinkedIn settings, among other things you can request a copy of your data there.

Privacy policy on Xing
You can find the privacy policy at: https://privacy.xing.com/de/datenschutzerklaerung

The operator of the social network Xing is New Work SE, Am Strandkai 1, 20457 Hamburg, Germany.

As soon as you visit our Xing company page, Xing processes personal data, regardless of whether you have a profile yourself or interact with the page without a profile. We receive your interactions in the form of so-called page insights, but these data do not allow any conclusions to be drawn about you or other persons, but are anonymized. This processing of personal data in the context of page insights is carried out by Xing and us as joint controllers. The processing serves our legitimate interest to evaluate the types of actions taken on our LinkedIn company page and to improve our company page based on these insights. The legal basis for this processing is Article 6 (1) (f) DSGVO.

You can request the deletion of your personal data at any time, you can do this in your xing settings, among other things you can request a copy of your data there.

INFORMATION ON DATA SUBJECT RIGHTS

This part of the data protection declaration provides additional information on exercising your rights as a data subject vis-à-vis WHEELS Logistics GmbH & Co. KG.

Your identity
In order to comply with data subject rights under the GDPR, it may be necessary for WHEELS Logistics GmbH & Co. KG, in cases of personal data collected on the basis of contractual relationships, to request further information to prove your identity on a random basis or in cases of reasonable doubt. This is particularly the case if a request for information is submitted in electronic form, but no conclusion can be drawn about a natural person concerned from the sender details.

You have the following rights:

  • pursuant to Article 15 DS-GVO to request information about your personal data processed by us. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it was not collected by us, as well as the existence of automated decision-making, including profiling, and, if applicable, meaningful information about its details;
  • pursuant to Article 16 DS-GVO, to demand the correction of inaccurate or incomplete personal data stored by us without undue delay;
  • pursuant to Article 17 DS-GVO, to request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims;
  • to request the restriction of the processing of your personal data in accordance with Article 18 DS-GVO, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to the processing in accordance with Article 21 DS-GVO;
  • in accordance with Article 21 DS-GVO, object at any time on grounds relating to your particular situation to the processing of personal data concerning you which is carried out on the basis of Article 6(1)(f);
  • pursuant to Article 20 DS-GVO, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request the transfer to another controller;
  • in accordance with Article 7(3) DS-GVO, to revoke your consent once given at any time without affecting the lawfulness of the processing carried out on the basis of the consent until revocation. This has the consequence that we may no longer continue the data processing based on this consent for the future. You can revoke your consent via: datenschutz@wheelslogistics.com
  • to complain to a supervisory authority in accordance with Article 77 DS-GVO. As a rule, you can contact the supervisory authority of your usual place of residence or our company headquarters for this purpose.

Competent supervisory authority
State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia
P.O. Box 20 04 44
40102 Düsseldorf
Switchboard: +49 (0)211 / 38424 – 0

Separate information about your right to object according to Article 21 DS-GVO

Pursuant to Article 21 (1) of the DS-GVO, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out on the basis of Article 6 (1) (f) of the DS-GVO (data processing on the basis of a balance of interests).

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the assertion, exercise or defense of legal claims.

If the processing is carried out for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing in accordance with Article 21 (2) of the GDPR; this also applies to profiling, insofar as it is related to such direct marketing. If you object to processing for the purpose of direct marketing, we will no longer process your personal data for these purposes.

If you wish to exercise your right of objection or other data subject rights, a notification in text form is sufficient. You can write to us or contact us by e-mail.

WHEELS Logistics GmbH & Co. KG
Hansestraße 6
48165 Münster

Phone: +49 2501 803-0
E-Mail: datenschutz@wheelslogistics.com

Security notice
We make every effort to store your personal data in such a way that it is not accessible to third parties by taking technical and organizational measures. When communicating by e-mail, complete data security cannot be guaranteed, so we recommend that you send confidential information by post.