Privacy Policy

1. An Overview of Data Protection

General Information

This privacy policy provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to personally identify you. Detailed information on data protection can be found in our privacy policy below.

Data Collection on This Website

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. The operator’s contact details can be found in the “Controller Information” section of this privacy policy.

How do we collect your data?

Some data is collected when you provide it to us — for example, through a contact form.

Other data is collected automatically or after your consent by our IT systems when you visit the website. This mainly includes technical data (e.g. browser, operating system, or time of access). This data is collected automatically as soon as you enter this website.

What do we use your data for?

Some data is collected to ensure the proper functioning of the website. Other data may be used to analyze your usage behavior. Where applicable, personal data is also processed to prepare or fulfill contracts initiated via the website.

What rights do you have regarding your data?

You have the right to receive information about the origin, recipients, and purpose of your stored personal data at any time. You also have the right to request correction or deletion of your data. If you have given consent to data processing, you may revoke this consent at any time for the future. Under certain circumstances, you have the right to request restriction of processing. You also have the right to file a complaint with the competent supervisory authority.

You can contact us at any time with questions about data protection.

Analytics and Third-Party Tools

When visiting this website, your surfing behavior may be statistically analyzed. This is done primarily with analytics programs. For more details, please refer to the privacy policy below.

2. Hosting

External Hosting

This website is hosted externally. The personal data collected on this website is stored on the servers of the hosting provider. This may include IP addresses, contact requests, metadata and communication data, contractual data, contact details, names, website access logs, and other data generated via the website.

External hosting is carried out for the purpose of fulfilling contracts with our prospective and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of secure, fast, and efficient provision of our online services by a professional provider (Art. 6 para. 1 lit. f GDPR). If consent has been obtained, processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, if this consent includes the storage of cookies or access to information on the user’s device (e.g. device fingerprinting). Consent can be revoked at any time.

Our hosting provider will only process your data to the extent necessary to fulfill its service obligations and will follow our instructions regarding this data.

We use the following hosting provider:

Kinsta Inc.
8605 Santa Monica Blvd #92581
West Hollywood, CA 90069
United States

3. General Information and Mandatory Disclosures

Data Protection

The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the applicable data protection laws and this privacy policy.

When you use this website, various personal data is collected. Personal data is any data that can be used to identify you personally. This privacy policy explains which data we collect and what we use it for. It also explains how and for what purpose this is done.

We point out that data transmission over the internet (e.g. communication by email) may have security vulnerabilities. Complete protection of data against access by third parties is not possible.

Controller Information

The controller responsible for data processing on this website is:

Westfalia Mobil GmbH
Gleichenstraße 20
99867 Gotha
Germany
Phone: +49 (0) 3621 2260800
Email: info@westfalia-mobil.com

The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data.

Storage Duration

Unless a specific storage period has been stated in this privacy policy, your personal data will remain with us until the purpose for the data processing no longer applies. If you request deletion or revoke your consent, your data will be deleted unless there are legally permissible reasons for storing it (e.g. tax or commercial retention periods); in this case, deletion will take place after these reasons cease to apply.

Legal Bases for Data Processing

If you have consented to data processing, we process your personal data based on Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR if special categories of data are processed. In the case of explicit consent to the transfer of personal data to third countries, data processing is also based on Art. 49 para. 1 lit. a GDPR. If you have consented to the storage of cookies or access to information in your terminal device, processing is also based on § 25 para. 1 TTDSG. Consent may be revoked at any time.

If your data is necessary for the performance of a contract or for the implementation of pre-contractual measures, we process it on the basis of Art. 6 para. 1 lit. b GDPR. Furthermore, we process your data if necessary to fulfill a legal obligation on the basis of Art. 6 para. 1 lit. c GDPR. Data processing may also be based on our legitimate interest under Art. 6 para. 1 lit. f GDPR. The relevant legal basis is explained in the respective sections of this privacy policy.

Recipients of Personal Data

In the course of our business activities, we work with various external parties. This may require the transfer of personal data to third parties. We only pass on personal data if this is necessary for contract fulfillment, if we are legally obligated to do so, if we have a legitimate interest in the data transfer, or if another legal basis allows it. When using processors, we only transfer personal data on the basis of a valid data processing agreement.

Revocation of Your Consent

You may revoke your consent at any time. The legality of the data processing carried out before the revocation remains unaffected.

Right to Object to Data Collection in Special Cases and to Direct Marketing (Art. 21 GDPR)

You have the right to object at any time to the processing of personal data based on Art. 6 para. 1 lit. e or f GDPR, including profiling. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing.

If your personal data is processed for direct marketing purposes, you have the right to object at any time to such processing. This also applies to profiling related to direct marketing.

Right to Lodge a Complaint with a Supervisory Authority

In case of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the EU member state of their habitual residence, place of work or the place of the alleged infringement. This right exists regardless of other administrative or judicial remedies.

Right to Data Portability

You have the right to receive data that we process on the basis of your consent or in fulfillment of a contract in a commonly used, machine-readable format, and to have this data transmitted to another controller upon request, where technically feasible.

Access, Correction and Deletion

You have the right to obtain information about your stored personal data, its origin and recipients, and the purpose of data processing, as well as a right to correct or delete your data in accordance with the legal provisions.

Right to Restriction of Processing

You have the right to request restriction of processing of your personal data under the following conditions: if you contest the accuracy of the data, if processing is unlawful and you oppose deletion, if we no longer need the data but you require it for legal claims, or if you have objected pursuant to Art. 21 GDPR and it is not yet clear whether our legitimate grounds override yours.

SSL/TLS Encryption

This website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as contact requests. You can recognize an encrypted connection by the lock icon in your browser and the use of “https://” in the address bar.

Objection to Promotional Emails

We hereby object to the use of contact data published in the legal disclosure for sending unsolicited advertising and information materials. We reserve the right to take legal action against the unsolicited sending of promotional materials, such as spam emails.