List of active policies
|Data Privacy / Cookies
To ensure the functionality of our website, we use technically necessary cookies that do not require consent.
Data privacy statement for the knowledge platform FreshLab
under the domain wurm.de
We are delighted at the interest you have shown in our company. Data privacy has particularly high importance for Wurm GmbH und Co. KG Elektronische Systeme. With this data protection declaration, our company would like to inform the public about the type, scope, and purpose of the personal data which is collected, used and processed by us. This data protection declaration also explains what your related rights are. If we need to process personal data and there is no legal basis for this in a particular case, we always ask for your consent first.
This data protection declaration applies to the knowledge platform FreshLab at the aforementioned domain of Wurm GmbH & Co. KG Elektronische Systeme. We also meet our information obligations as defined in the EU General Data Protection Regulation (GDPR).
- Responsible body
- Name and address of the data protection officer
- Data processing on this website
- Processing of personal data
- Transmission of data to third parties
- Notes concerning the use of external links ("Disclaimer")
- Note concerning the security and confidentiality of personal data
- Legal bases for the processing of personal data
- Your rights
- Standard deadlines for the deletion of the data
- Automated decision making
- Right of appeal to a supervisory authority
- Note on changes and updates
Wurm GmbH & Co. KG
Phone: +49 (0) 2191 - 8847 300
Name and address of the data protection officer
Wurm GmbH & Co. KG has appointed an external data protection officer:
Mr. Arndt Halbach of GINDAT GmbH
Wetterauer Straße 6
Data processing on this website
Each time the website of Wurm GmbH und Co. KG Elektronische Systeme is accessed by a particular person or an automated system, it collects a general set of data and information about them. This general data and information is stored in log files on the server. This information can include
- the types and versions of browser used,
- the operating system running on the system accessing our website,
- the website sub-pages you have viewed,
- the date and time of access to the website,
- the internet protocol address (IP address),
- the name and size of the up- or downloaded files
- other similar data and information to be used for the purpose of security in case of attacks on our IT systems.
In using this general data and information, Wurm GmbH und Co. KG Elektronische Systeme draws no conclusions about the person concerned. This information is actually required for
- presenting content correctly on our website,
- optimising the content on our website,
- ensuring the long-term functionality of our IT systems and technology on our website, and
- providing the law enforcement authorities with the information necessary for prosecution in the case of cyber attacks.
The collected data and information are therefore
evaluated by Wurm GmbH und Co. KG Elektronische Systeme primarily for the
purpose of increasing the data protection and data security in our company, and
finally ensuring an optimal level of protection for the personal data which is
processed by us.
The IP address of your computer is deleted after 30 days.
Processing of personal data
Personal data is only processed via the automatic logging described above when you inform us about this yourself, e.g. using the contact form, or when you decide to use products requiring registration or when you want to use the online services of Wurm GmbH & Co. KG Electronic Systems.
Access to the knowledge platform “FreshLab”
The data collected and
processed by us when using “FreshLab” can generally be divided into the
- Contact information such as name, address, telephone number, email address, title, place of work, etc.
- Profile information if you create a profile or account with us, including username and password
- Technical information such as technical data on use and display, including IP addresses, when you visit our websites or applications, also on third-party websites
- Transaction information such as calling up of knowledge content
Access to the online services or the use of products requiring registration is only possible by means of corresponding license agreements. This presupposes that a corresponding user account already exists or a new account is created. For this purpose you will be asked to provide personal details (name, email address) and further information. Only information required for establishing the contractual relationship or for carrying out the services is designated as mandatory information.
Access to FreshLab requires that you have an account in the Wurm Infocenter and log into FreshLab with these access data. If you do not have an account yet or if you have problems/questions in connection with our Infocenter, you can contact the sales partners (contact persons) named there. Clicking on the respective link will open an e-mail form and you can send your request by entering your name, company and e-mail address (mandatory fields) as well as other optional information. Any further processing will be carried out only in order to fulfil your request and will be carried out by the contact person named in each case. When you log in to FreshLab, your username, the IP address currently used by your PC and the login time are stored for verification purposes.
The usage of the FreshLab knowledge platform is possible via various login procedures, as with the InfoCenter.
- Login with OneID: With OneID you can use your mobile device for authentication for FreshLaband other applications. To use OneID, you need a unique, personally identifiable email address or mobile phone number and a mobile device running the iOS or Android operating system. Authentication is realized via an application (app) that has to be installed and set up on your mobile device. If the installation was successful, you can bind the used device to your OneID access data via the key symbol and immediately log in to all applications that have been activated for you.
- user name and password (admins only)
If you get in contact with Wurm GmbH & Co. KG Elektronische Systeme by email, please note that we use the STARTTLS encryption process. If your server supports this encryption process, this will ensure secure communication between our email server and yours. Otherwise the data will usually be sent unencrypted. In this case, the confidentiality of the transferred information cannot be guaranteed. We have no control over the path taken by your email over the public internet to our company and cannot therefore guarantee the security of your data. Once your email has reached our email server, we protect your data with highly technical and organisational measures.
Transmission of data to third parties
Wurm GmbH & Co. KG Electronic Systems will not as a matter of principle transmit your personal data to third parties outside the company network, unless:
- transmission is
necessary for the purpose of carrying out or billing services, if the service
involves making use of the products or services of an independent partner
company or if the data is needed for the purpose of carrying out the service
for a partner company (if you are not advised otherwise, such vicarious agents
are only authorized to use the data that is absolutely necessary for this
service); an automatic email is generated and sent to the relevant sales
partner for the billing (personal user contract).
- you have given your consent to transmit the
information, or prosecuting authorities or courts demand information based on
applicable laws for the purpose of prosecution.
- in order to carry out
the processing and handling process, if we have to make use of service
providers in order to process the contract data, the contractual relations are
regulated as stipulated by Art. 28 GDPR, which contains the legally required
points relating to data privacy and data protection.
The knowledge platform content is stored in the Microsoft Azure Cloud with servers hosted in Europe. Microsoft bases this storage on the EU standard contractual clauses. Your profile data taken from the Infocenter when you first log in to the knowledge portal and any comments in the form of an anonymous rating function are also stored there.
The communication tool integrated in the knowledge platform, which is intended for live training or online seminars, is also located on this cloud server. The data protection settings of this tool have been implemented in a correspondingly user-friendly manner (privacy by default).
Technically necessary cookies help allow you to move around the website by ensuring essential functions such as navigation around the pages and access to secure areas. Without these cookies, the website would not work properly.
The cookies used by our website are deleted from your hard disc at the end of your browser session (these are called session cookies).
If you do not want to have the advantages of cookies, you can change how cookies are handled in the security settings in your browser. Setting options are mostly found in the Tools menu, under Settings or Internet Options.
Notes concerning the use of external links ("Disclaimer")
Where this website contains links to other websites, we must point out that we have no influence whatever on the design and contents of the linked websites, and that their content has not been adopted by us. This applies to all external links appearing on our website and to all content on pages to which advertising material (e.g. banners, text displays, video displays) is linked. For this reason, we dissociate ourselves explicitly from all content on such sites.
Should we become aware of any legal violations, these links will be
removed immediately if the corresponding content makes this necessary. We would
also be pleased to receive any information from you in this regard.
Note concerning the security and confidentiality of personal data
We guarantee the
confidentiality and security of your personal data as follows
- we only use your personal data for fulfilling the purpose described here,
- we have obligated our employees to duties of confidentiality,
- our security provisions correspond to the current state of the art to an appropriate extent,
- our systems are checked regularly for security so that we can effectively protect data retained
- by us from any damage, loss and access,
- and our data protection officer ensures compliance with the "data privacy statement".
Legal basis for the processing of personal data
- Legal basis for the temporary storage of data
(log files) when visiting our
Art. 6, S. 1(f GDPR (see above)
- To the extent that we consent to the processing of personal data, e.g. to obtain our contact form, the legal basis is Art. 6, S. 1(a) GDPR.
- In the context of the use of our online services or the online portal, the processing of personal data serves the fulfillment of a contract or precontractual measures pursuant to Art. 6, S. 1(b) GDPR. This also applies to the case of passing on to third parties, which are involved in the context of the fulfillment of the contract.
- The legal basis for the processing of personal data
via the aforementioned cookies is Art. 6,
S. 1(f) GDPR.
According to Art. 15-21 GDPR you can claim the following rights in relation to the personal data processed by us.
The right to access your personal information
You are entitled to information about the personal data concerning you that are processed by us.
The right to rectification
You may request the correction of incomplete or incorrectly processed personal data.
The right to erasure
You are entitled to have personal data concerning you deleted, especially if one of the following reasons applies:
- Your personal information is no longer necessary for the purposes for which it was collected or otherwise processed.
- You revoke your consent to the processing of your data.
- You have asserted a right to object to the processing.
- Your data was processed unlawfully.
The right to erasure does not exist, however, if if is in conflict with the legitimate interests of the responsible person. This can be, for example, if:
- personal data are required to assert, exercise or defend legal claims.
- deletion is not possible due to storage requirements
However, if data cannot be deleted, there may be a right to restrict processing (see below).
Right to restriction of processing
You have the right to require us to restrict the processing of your personal data if
- you deny the accuracy of the data and we therefore check its accuracy
- the processing is unlawful and you refuse deletion and instead demand the restriction of use
- we no longer need the data, but you need them to assert, exercise or defend your rights.
- you have objected to the processing of your data, and it is not yet clear whether our legitimate reasons outweigh your reasons.
Right to data portability
You have the right to receive the personal information
that you have provided us in a structured, common and machine-readable format
and you have the right to transfer this data to another person without
hindrance from us, provided the processing is based on your consent or a
contract and processing is done by us using automated procedures.
The data subject shall have the right, at any time, to object to the processing of personal data relating to him or her under Art. 6, S. 1(e) or 1(f) for reasons arising out of their particular situation; this also applies to a profiling based on these provisions. If the processing of your personal data is based on a consent, you have the right to revoke this consent at any time.
Standard deadlines for the deletion of the data
Insofar as a statutory retention provision does not exist, the data will be automatically deleted or destroyed if they are no longer necessary for achieving the purpose of the data processing including billing (cf. regulations regarding cookies). There is a legal retention period for data with tax relevance, which is usually 10 years; other data according to commercial regulations (business letters) are usually kept for 6 years. Finally, the storage period can also be based on the statutory limitation periods, which may usually be three years, for example, according to §§ 195 ff. of the German Civil Code (BGB), but also up to thirty years in some cases.
Automated decision making
As a responsible company, we renounce the use of automated decision making or profiling.
Right of appeal to a supervisory authority
Each data subject has a right of appeal to a supervisory authority under Article 77 GDPR if they consider that the processing of personal data concerning them infringes the GDPR.
The supervisory authority responsible for us is:
Landesbeauftragte für den Datenschutz und die Informationsfreiheit Nordrhein-Westfalen
Kavalleriestr. 2 - 4
Note on changes and update
Inasmuch as we roll out new products or services, modify internet procedures or if internet and IT security technology are enhanced, we reserve the right to update the data privacy statement. Any changes will be published here. For that reason, please access this website regularly to obtain information on the current status of the data privacy statement.
Publication date: January 2021