Privacy Policy

WEYLAND GRUPPE Haid 26, 4782 St. Florian am Inn

Weyland GmbH
Weyland Logistik und Service GmbH & Co KG
August Weyland GmbH & Co. KG
Weyland d.o.o., SL
Weyland Stahl + Holz d.o.o., HR
Weyland Holz spol, CZ
SLC Stahl Logistik Center GmbH
Weyland Stahlhandel s.r.o., CZ
Ferrochema GmbH & Co KG
Ferroservice W.Miklitsch GmbH
Steel and Metal Trading & Consulting GmbH
Arwey Stahl GmbH
DSH Danube Stahlhandel GmbH
Arxon Handels GmbH

Data Privacy Statement Weyland Group

Version 1.4

Our commitment to your protection.

1. Data protection at a glance

General Information
The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to personally identify you. Detailed information on data protection can be found in our privacy policy below.

Introduction
For the Weyland Group, the responsible handling of personal data is a key criterion. We are particularly committed to respecting and protecting the privacy of our customers, business partners, and employees, and we process all data in accordance with applicable legal regulations.

No data protection officer has been appointed, as this is not legally required. However, if you have any questions or concerns, you can contact us at any time by email at datenschutzweyland.at.

Data collection
We process personal data to ensure order processing, to strengthen our business relationship, and to fulfill legal obligations. Under no circumstances will your collected data be sold or otherwise marketed.

Data collection on the website
Every time you access our websites

Data collection on this website

Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find their contact details in the “Note on the responsible body” section in this data protection declaration.

How do we collect your data?
Your data is collected, firstly, because you provide it to us. This could include, for example, data that you enter into a contact form.

Other data is collected automatically or with your consent by our IT systems when you visit the website. This is primarily technical data (e.g., internet browser, operating system, or time of page access). This data is collected automatically as soon as you access this website.

What do we use your data for?
Some data is collected to ensure the website functions correctly. Other data may be used to analyze your user behavior. If contracts can be concluded or initiated via the website, the transmitted data will also be processed for contract offers, orders, or other inquiries.

What rights do you have regarding your data?
You have the right to obtain information free of charge at any time regarding the origin, recipients, and purpose of your stored personal data. You also have the right to request the correction or deletion of this data. If you have given your consent to data processing, you can revoke this consent at any time for the future. Furthermore, you have the right, under certain circumstances, to request the restriction of the processing of your personal data. You also have the right to lodge a complaint with the competent supervisory authority.

You can contact us at any time with regard to this and other questions concerning data protection.

Analytics tools and third-party tools
When you visit this website, your browsing behavior may be statistically analyzed. This is done primarily using so-called analytics programs.

Detailed information about these analytics programs can be found in the following privacy policy.

2. Hosting

We host the content of our website with the following provider:

External hosting
This website is hosted externally. The personal data collected on this website is stored on the servers of the hosting provider(s). This may include, in particular, IP addresses, contact requests, metadata and communication data, contract data, contact information, names, website access data, and other data generated via a website.

External hosting is used for the purpose of fulfilling our contractual obligations to our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast, and efficient provision of our online services by a professional provider (Art. 6 para. 1 lit. f GDPR). If corresponding consent has been requested, processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and Section 25 para. 1 of the German Telemedia Act (TDDG), insofar as the consent includes the storage of cookies or access to information on the user's device (e.g., device fingerprinting) within the meaning of the TDDG. Consent can be withdrawn at any time.

Our hosting provider(s) will only process your data to the extent necessary to fulfill its contractual obligations and will follow our instructions regarding this data.

We use the following hosting provider(s): Microsoft Azure

3. General information and mandatory disclosures

Data protection
The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

When you use this website, various personal data will be collected.

Personal data is data that can be used to identify you personally. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.

Please note that data transmission over the internet (e.g., when communicating via email) can have security vulnerabilities. Complete protection of data against access by third parties is not possible.

Note regarding the responsible body
The responsible body for data processing on this website can be found at the end of the privacy policy.

Storage duration
Unless a more specific retention period is stated within this privacy policy, your personal data will remain with us until the purpose for processing the data no longer applies. If you submit a legitimate request for erasure or withdraw your consent to data processing, your data will be deleted, provided we have no other legally permissible grounds for storing your personal data (e.g., tax or commercial law retention periods); in the latter case, the data will be deleted once these grounds cease to apply.

General information on the legal basis for data processing on this website
If you have consented to data processing, we process your personal data on the basis of Article 6(1)(a) GDPR or Article 9(2)(a) GDPR if special categories of data pursuant to Article 9(1) GDPR are processed. In the case of explicit consent to the transfer of personal data to third countries, data processing also takes place on the basis of Article 49(1)(a) GDPR. If you have consented to the storage of cookies or to access to information on your device (e.g., via device fingerprinting), data processing additionally takes place on the basis of Section 25(1) of the German Telemedia Act (TMG). You can withdraw your consent at any time. If your data is required for the performance of a contract or for taking steps prior to entering into a contract, we process your data on the basis of Article 6(1)(b) GDPR. Furthermore, we process your data if it is necessary for compliance with a legal obligation, on the basis of Article 6(1)(c) GDPR. Data processing may also be based on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR. Information on the applicable legal bases in each individual case is provided in the following paragraphs of this privacy policy.

Recipients of personal data
As part of our business activities, we collaborate with various external parties. This sometimes requires the transfer of personal data to these external parties. We only disclose personal data to external parties if this is necessary for the performance of a contract, if we are legally obligated to do so (e.g., disclosure of data to tax authorities), if we have a legitimate interest in the disclosure pursuant to Article 6(1)(f) GDPR, or if another legal basis permits the data transfer. When using data processors, we only transfer our customers' personal data on the basis of a valid data processing agreement. In the case of joint processing, a joint processing agreement is concluded.

Revocation of your consent to data processing
Many data processing operations are only possible with your explicit consent. You can revoke your consent at any time. The legality of data processing carried out before the revocation remains unaffected by the revocation.

Right to object to data processing in special cases
and to direct marketing (Art. 21 GDPR)

If data processing is based on Article 6(1)(e) or (f) of the GDPR, you have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you; this also applies to profiling based on these provisions. The specific legal basis for each processing operation can be found in this privacy policy. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the purpose of establishing, exercising or defending legal claims (objection pursuant to Art. 21 para. 1 GDPR).

If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing; this also applies to profiling insofar as it is related to such direct marketing. If you object, your personal data will subsequently no longer be processed for direct marketing purposes (objection pursuant to Article 21(2) GDPR).

Right to lodge a complaint with the competent supervisory authority
In the event of violations of the GDPR, those affected have the right to lodge a complaint with a supervisory authority, in particular in the member state of their habitual residence, their place of work or the place of the alleged violation. The right to lodge a complaint exists without prejudice to any other administrative or judicial remedies.

Right to data portability
You have the right to receive the data that we process automatically based on your consent or in fulfillment of a contract, either for yourself or for a third party, in a commonly used, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done if technically feasible.

Information, correction and deletion
Under applicable law, you have the right to request information, free of charge, about your stored personal data, its origin and recipients, and the purpose of the data processing, as well as the right to rectification or erasure of this data. You can contact us at any time with regard to this and any other questions concerning personal data.

Right to restriction of processing
You have the right to request the restriction of the processing of your personal data. You can contact us at any time to do so. The right to restrict processing exists in the following cases:

If you dispute the accuracy of your personal data stored with us, we generally need time to verify this. For the duration of the verification process, you have the right to request the restriction of the processing of your personal data.
If the processing of your personal data was/is unlawful, you can request restriction of processing instead of erasure.
If we no longer need your personal data, but you require it for the establishment, exercise, or defense of legal claims, you have the right to request restriction of processing instead of erasure.
If you have objected to processing pursuant to Article 21(1) GDPR, a balancing of interests between your interests and ours must be carried out. Until it is determined whose interests prevail, you have the right to request restriction of processing of your personal data.

If you have restricted the processing of your personal data, this data – apart from being stored – may only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.

SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator.

You can recognize an encrypted connection by the fact that the browser's address bar changes from "http://" to "https://" and by the padlock symbol in your browser bar.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

4. Data collection on this website

Cookie-Consent Tool
Our website uses the cookie consent tool from the advertising agency Hauer-Heinrich GmbH. This tool ensures that scripts and services that are not technically necessary are only loaded after you have actively given your consent via the cookie banner. These technologies will not load without your consent.

When you visit our website, a banner will appear allowing you to choose which categories of cookies and services you wish to accept. The available categories are: "Essential Cookies", "Marketing", and "Media and Services". You can adjust or withdraw your selection at any time via the cookie banner.

To save your consent, the consent tool itself sets a cookie. This cookie only records the status of your consent decision and does not contain any personal data about your usage behavior. It is stored for 14 days. After this period, you will be asked for your consent again.

Server log files
The website provider automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. This information includes:

Browser type and version
Operating system used
Referrer URL
Hostname of the accessing computer
Date/time of the server request
IP address and DNS name of the requesting device

This data will not be combined with other data sources.

This data is collected on the basis of Article 6(1)(f) GDPR. The website operator has a legitimate interest in the technically flawless presentation and optimization of its website – for this purpose, the server log files must be recorded.

Contact form
If you send us inquiries using the contact form, your details from the inquiry form, including the contact details you provided there, will be stored by us in order to process the inquiry and in case of follow-up questions. We will not pass on this data without your consent.

The processing of this data is based on Article 6(1)(b) GDPR if your request is related to the performance of a contract or is necessary for taking steps prior to entering into a contract. In all other cases, processing is based on our legitimate interest in the effective handling of inquiries addressed to us (Article 6(1)(f) GDPR) or on your consent (Article 6(1)(a) GDPR), if such consent has been obtained; you may withdraw your consent at any time.

The data you enter in the contact form will remain with us until you request its deletion, revoke your consent to its storage, or the purpose for data storage no longer applies (e.g., after your inquiry has been processed). Mandatory legal provisions – in particular, retention periods – remain unaffected.

Inquiry via email, telephone
When you contact us by email or telephone, your inquiry, including all resulting personal data (name, inquiry), will be stored and processed by us for the purpose of handling your request. We will not share this data without your consent.

The data you send us via contact requests will remain with us until you request its deletion, revoke your consent to its storage, or the purpose for data storage no longer applies (e.g., after your request has been processed). Mandatory legal provisions – in particular, statutory retention periods – remain unaffected.

Communication via WhatsApp
We use the instant messaging service WhatsApp, among others, to communicate with our customers and other third parties. The provider is WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Communication takes place via end-to-end encryption (peer-to-peer), which prevents WhatsApp or other third parties from accessing the content of the communication. However, WhatsApp does have access to metadata generated during the communication process (e.g., sender, recipient, and time). We would also like to point out that, according to WhatsApp, it shares its users' personal data with its US-based parent company, Meta.

Further details on data processing can be found in WhatsApp's privacy policy at: https://www.whatsapp.com/legal/#privacy-policy.

The use of WhatsApp is based on our legitimate interest in communicating with customers, prospective customers, and other business and contractual partners as quickly and effectively as possible (Art. 6 para. 1 lit. f GDPR). If corresponding consent has been requested, data processing is carried out exclusively on the basis of this consent; this consent can be revoked at any time with effect for the future.

The communication content exchanged between you and us on WhatsApp will remain with us until you request its deletion, revoke your consent to its storage, or the purpose for data storage no longer applies (e.g., after your request has been processed). Mandatory legal provisions – in particular, retention periods – remain unaffected.

The company is certified under the EU-US Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the USA designed to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF commits to adhering to these data protection standards. Further information is available from the provider at the following link: https://www.dataprivacyframework.gov/participant/7735.

Data transfers to the USA are based on the EU Commission's Standard Contractual Clauses. Details can be found here: https://www.whatsapp.com/legal/business-data-transfer-addendum.

5. Analytics tools and advertising

Google Analytics
This website uses features of the web analytics service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics allows the website operator to analyze the behavior of website visitors.

The website operator receives various usage data, such as page views, time spent on the site, operating systems used, and the user's origin. This data is assigned to the respective user's device. It is not linked to a user ID. Furthermore, we can use Google Analytics to record your mouse movements, scrolling, and clicks, among other things. Google Analytics also uses various modeling approaches to supplement the collected data and employs machine learning technologies for data analysis.

Google Analytics uses technologies that enable user recognition for the purpose of analyzing user behavior (e.g., cookies or device fingerprinting). The information collected by Google about the use of this website is generally transmitted to and stored on a Google server in the USA.

The use of this service is based on your consent pursuant to Art. 6 para. 1 lit. a GDPR and Section 25 para. 1 TDDDG. You may withdraw your consent at any time. Data transfers to the USA are based on the EU Commission's Standard Contractual Clauses. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

The company is certified under the EU-US Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the USA designed to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF commits to adhering to these data protection standards. Further information is available from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.

Google Tag Manager
Google Tag Manager: We use Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager is a tool that allows us to integrate tracking and statistics tools and other technologies into our website. Google Tag Manager itself does not create user profiles, store cookies, or perform independent analyses. It serves only to manage and deploy the tools integrated through it. However, Google Tag Manager does collect your IP address, which may also be transferred to Google's parent company in the United States. The use of Google Tag Manager is based on Article 6(1)(f) GDPR. The website operator has a legitimate interest in the quick and easy integration and management of various tools on its website. If consent has been requested, processing is carried out exclusively on the basis of Article 6(1)(a) GDPR and Section 25(1) TDDDG, insofar as the consent includes the storage of cookies or access to information on the user's device (e.g., device fingerprinting) within the meaning of the TDDDG. Consent can be withdrawn at any time. The company is certified under the EU-US Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the USA that aims to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF is obligated to comply with these data protection standards. Further information can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.

IP anonymization
Google Analytics IP anonymization is activated. This means that your IP address is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity, and to provide other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

Browser Plugin
You can prevent Google from collecting and processing your data by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

For more information on how Google Analytics handles user data, please see Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.

Matomo
This website uses the open source web analytics service Matomo.

With the help of Matomo, we are able to collect and analyze data about how visitors use our website. This allows us to determine, among other things, when page views occurred and from which region they originated. We also collect various log files (e.g., IP address, referrer, browser and operating system used) and can measure whether our website visitors perform certain actions (e.g., clicks, purchases, etc.).

The use of this analytics tool is based on Article 6(1)(f) GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising. If consent has been obtained, processing is carried out exclusively on the basis of Article 6(1)(a) GDPR and Section 25(1) of the German Telemedia Act (TMG), insofar as the consent includes the storage of cookies or access to information on the user's device (e.g., device fingerprinting) within the meaning of the TDDG. Consent can be withdrawn at any time.

Hosting
We host Matomo exclusively on our own servers, so all analytics data remains with us and is not shared.

Google Ads
The website operator uses Google Ads. Google Ads is an online advertising program of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Ads allows us to display advertisements in the Google search engine or on third-party websites when users enter specific search terms into Google (keyword targeting). Furthermore, targeted advertisements can be displayed based on user data available to Google (e.g., location data and interests) (audience targeting). As website operators, we can quantitatively evaluate this data by, for example, analyzing which search terms led to the display of our advertisements and how many advertisements resulted in clicks.

The use of this service is based on your consent in accordance with Article 6 Paragraph 1 Letter a GDPR and Section 25 Paragraph 1 TDDDG. Consent can be revoked at any time.
Data transfer to the USA is based on the EU Commission's standard contractual clauses.

Details can be found here: https://policies.google.com/privacy/frameworks and https://business.safety.google/controllerterms/.

Google Ads Remarketing
This website uses the features of Google Ads Remarketing. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

With Google Ads Remarketing, we can assign people who interact with our online offering to specific target groups in order to subsequently display interest-based advertising to them in the Google advertising network (remarketing or retargeting).

Furthermore, advertising audiences created with Google Ads Remarketing can be linked to Google's cross-device features. This allows interest-based, personalized advertising messages, tailored to you based on your previous usage and browsing behavior on one device (e.g., mobile phone), to also be displayed on another of your devices (e.g., tablet or PC).

If you have a Google account, you can opt out of personalized advertising via the following link: https://adssettings.google.com/anonymous?hl=de.
The use of this service is based on your consent pursuant to Art. 6 para. 1 lit. a GDPR and Section 25 para. 1 TDDDG. You may withdraw your consent at any time. Further information and the data protection regulations can be found in Google's privacy policy at: https://policies.google.com/technologies/ads?hl=de.

Google Conversion-Tracking
This website uses Google Conversion Tracking. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

With the help of Google conversion tracking, Google and we can recognize whether a user has performed certain actions. For example, we can analyze which buttons on our website are clicked most frequently and which products are viewed or purchased most often. This information is used to create conversion statistics. We learn the total number of users who clicked on our ads and what actions they performed. We do not receive any information that allows us to personally identify the user. Google itself uses cookies or similar recognition technologies for identification.

The use of this service is based on your consent pursuant to Art. 6 para. 1 lit. a GDPR and Section 25 para. 1 TDDDG. You can withdraw your consent at any time. More information about Google Conversion Tracking can be found in Google's Privacy Policy: https://policies.google.com/privacy?hl=de.

Meta-Pixel (formerly Facebook Pixel)
This website uses the Meta pixel for conversion tracking. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Meta, the collected data is also transferred to the USA and other third countries. This allows the behavior of website visitors to be tracked after they have been redirected to the provider's website by clicking on a Meta ad. This enables the effectiveness of Meta ads to be evaluated for statistical and market research purposes and for the optimization of future advertising campaigns.

The data collected is anonymous for us as the operators of this website; we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Meta, so a connection to the respective user profile on Facebook or Instagram is possible, and Meta uses the data for its own advertising purposes, in accordance with the Meta Data Usage Policy (https://de-de.facebook.com/about/privacy/ ) Meta can use this data. This allows Meta to display advertisements on Facebook or Instagram pages and other advertising channels. We, as the page operator, have no control over this use of data.

The use of this service is based on your consent pursuant to Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. This consent can be revoked at any time.

To the extent that personal data is collected on our website using the tool described here and forwarded to Meta, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, are jointly responsible for this data processing (Art. 26 GDPR). This joint responsibility is limited exclusively to the collection of the data and its transfer to Meta. The processing carried out by Meta after the transfer is not part of the joint responsibility. Our joint obligations are set out in a joint processing agreement. The text of the agreement can be found at:

https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing data protection information when using the Meta tool and for ensuring its data protection-compliant implementation on our website. Meta is responsible for the data security of its products. You can assert your data subject rights (e.g., requests for information) regarding data processed by Facebook or Instagram directly with Meta. If you assert your data subject rights with us, we are obligated to forward them to Meta.

Data transfers to the USA are based on the EU Commission's standard contractual clauses.

Details can be found here:
https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.

You can find further information on protecting your privacy in Meta's privacy policy: https://de-de.facebook.com/about/privacy/.

You can also use the "Custom Audiences" remarketing feature in the ad settings section under https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen deactivate. You must be logged into Facebook to do this.

If you do not have a Facebook or Instagram account, you can disable interest-based advertising from Meta on the European Interactive Digital Advertising Alliance website: http://www.youronlinechoices.com/de/praferenzmanagement/.

Meta Conversion API
We have integrated the Meta Conversion API into this website. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Meta, however, the collected data is also transferred to the USA and other third countries.

The Meta Conversion API allows us to capture the interactions of website visitors with our website and pass them on to Meta in order to improve advertising performance on Facebook and Instagram.

For this purpose, the following data is collected: the time of access, the website accessed, your IP address and user agent, and possibly other specific data (e.g., purchased products, shopping cart value, and currency). A complete overview of the data collected can be found here: https://developers.facebook.com/docs/marketing-api/conversions-api/parameters.

The use of this service is based on your consent pursuant to Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. This consent can be revoked at any time.

Insofar as personal data is collected on our website and forwarded to Meta using the tool described here, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 GDPR).

The joint responsibility is limited exclusively to the collection of the data and its transfer to Meta. The processing carried out by Meta after the transfer is not part of the joint responsibility. Our joint obligations are set out in a joint processing agreement. You can find the text of the agreement here:

https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing data protection information when using the Meta tool and for ensuring its data protection-compliant implementation on our website. Meta is responsible for the data security of its products. You can assert your data subject rights (e.g., requests for information) regarding data processed by Facebook or Instagram directly with Meta. If you assert your data subject rights with us, we are obligated to forward them to Meta.

Data transfers to the USA are based on the EU Commission's Standard Contractual Clauses. Details can be found here:
https://www.facebook.com/legal/EU_data_transfer_addendum und https://de-de.facebook.com/help/566994660333381.

You can find further information on protecting your privacy in Meta's privacy policy: https://de-de.facebook.com/about/privacy/.

You can also use the "Custom Audiences" remarketing feature in the ad settings section under https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen deactivate. You must be logged into Facebook to do this.

If you don't have a Facebook or Instagram account, you can opt out of Meta's behavioral advertising on the European Interactive Digital Advertising Alliance website: http://www.youronlinechoices.com/de/praferenzmanagement/

The company is certified under the EU-US Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the USA designed to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF commits to adhering to these data protection standards. Further information is available from the provider at the following link: https://www.dataprivacyframework.gov/participant/4452.

6. Newsletter

Newsletterdaten
Newsletter distribution to existing customers

When you order goods or services from us and provide your email address, we may subsequently use this email address to send you newsletters, provided we inform you of this beforehand. In such a case, the newsletter will only contain direct advertising for our own similar goods or services. You can unsubscribe from this newsletter at any time. A corresponding link is included in every newsletter for this purpose. The legal basis for sending the newsletter in this case is Article 6(1)(f) GDPR in conjunction with Section 7(3) of the German Unfair Competition Act (UWG).

After you unsubscribe from our newsletter mailing list, your email address may be stored on a blacklist to prevent future mailings to you. The data on the blacklist will only be used for this purpose and will not be combined with other data. This serves both your interest and our interest in complying with legal requirements for sending newsletters (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). Storage on the blacklist is not time-limited. You can object to this storage if your interests outweigh our legitimate interest.

7. Plugins and Tools

YouTube
This website embeds videos from YouTube. The website is operated by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

When you visit one of our websites that includes embedded YouTube videos, a connection is established to YouTube's servers. This informs the YouTube server which of our pages you have visited.

Furthermore, YouTube may store various cookies on your device or use similar technologies for recognition (e.g., device fingerprinting). In this way, YouTube can obtain information about visitors to this website. This information is used, among other things, to compile video statistics, improve user-friendliness, and prevent fraud. The collected data is also processed within the Google advertising network.

If you are logged into your YouTube account, you are allowing YouTube to directly associate your browsing behavior with your personal profile. You can prevent this by logging out of your YouTube account.

The use of YouTube is in our legitimate interest in presenting our online content in an appealing way. This constitutes a legitimate interest within the meaning of Article 6(1)(f) GDPR. If consent has been requested, processing is carried out exclusively on the basis of Article 6(1)(a) GDPR and Section 25(1) of the German Telemedia Act (TMG), insofar as the consent includes the storage of cookies or access to information on the user's device (e.g., device fingerprinting) within the meaning of the TDDG. Consent can be withdrawn at any time.

Further information on how user data is handled can be found in YouTube's privacy policy at: https://policies.google.com/privacy?hl=de.

OpenStreetMap
We use the map service from OpenStreetMap (OSM).

We integrate map data from OpenStreetMap, hosted on the server of the OpenStreetMap Foundation, St John’s Innovation Centre, Cowley Road, Cambridge, CB4 0WS, United Kingdom. The United Kingdom is considered a data protection-safe third country. This means that the UK has a level of data protection equivalent to that of the European Union. When using OpenStreetMap maps, a connection is established to the servers of the OpenStreetMap Foundation. This may involve the transmission of your IP address and other information about your activity on this website to the OSMF. OpenStreetMap may store cookies in your browser or use similar tracking technologies for this purpose.

The use of OpenStreetMap serves the purpose of presenting our online services in an appealing manner and ensuring the easy location of the places we indicate on the website. This constitutes a legitimate interest within the meaning of Article 6(1)(f) GDPR. If corresponding consent has been requested, processing is carried out exclusively on the basis of Article 6(1)(a) GDPR and Section 25(1) of the German Telemedia Act (TMG), insofar as the consent includes the storage of cookies or access to information on the user's device (e.g., device fingerprinting) within the meaning of the TDDG. Consent can be withdrawn at any time.

Mosparo (spam protection)
We use the open-source software Mosparo on our website to protect our forms from spam and abuse. (mosparo - the modern spam protection ) it is operated on our own servers (self-hosting), so no data is transmitted to third parties.

Purpose: The use of Mosparo serves to protect against spam and bot attacks and to ensure the functionality of our contact channels.
Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest)
Storage period: Maximum 14 days, then automatic deletion
Note: Without this processing, the use of our forms is not possible.
Objection: Since the processing is technically essential for the secure operation of the website and the acceptance of form messages, there is generally no option to object without refraining from using the contact forms.

8. Own services

Handling of applicant data
We offer you the opportunity to apply to us (e.g., via our online tool D.Vinci, by email, or by post). Below, we inform you about the scope, purpose, and use of your personal data collected during the application process. We assure you that the collection, processing, and use of your data is carried out in accordance with applicable data protection law and all other legal provisions, and that your data will be treated with strict confidentiality.

Scope and purpose of data collection
When you submit an application to us, we process your associated personal data (e.g., contact and communication data, application documents, notes from job interviews, etc.) to the extent necessary for deciding whether to establish an employment relationship. The legal basis for this is Section 26 of the German Federal Data Protection Act (BDSG) (initiation of an employment relationship), Article 6 Paragraph 1 Letter b of the GDPR (general contract initiation), and – if you have given your consent – Article 6 Paragraph 1 Letter a of the GDPR. You can withdraw your consent at any time. Within our company, your personal data will only be shared with individuals involved in processing your application.

If your application is successful, the data you have submitted will be stored in our data processing systems on the basis of Section 26 BDSG and Article 6 Paragraph 1 Letter b GDPR for the purpose of carrying out the employment relationship.

Data retention period
If we are unable to offer you a position, you decline a job offer, or you withdraw your application, we reserve the right to retain the data you submitted for up to six months from the conclusion of the application process (rejection or withdrawal of the application) based on our legitimate interests (Art. 6 para. 1 lit. f GDPR). After this period, the data will be deleted and any physical application documents destroyed. This retention serves, in particular, as evidence in the event of legal proceedings. If it becomes apparent that the data will be required after the six-month period (e.g., due to threatened or pending legal proceedings), deletion will only occur once the purpose for the extended retention no longer applies.

Longer storage may also take place if you have given your consent (Art. 6 para. 1 lit. a GDPR) or if statutory retention obligations preclude deletion.

Your rights
You have the fundamental rights to information, rectification, erasure, restriction of processing, data portability, withdrawal of consent, and objection. You can exercise your rights at any time by sending an email to datenschutzweyland.at or by sending a notification by post.

As a data subject, you must identify yourself and contribute to the identification process to ensure that any response to your exercise of the respective right is actually addressed to you as the data subject.

If you believe that the processing of your data violates data protection law or that your data protection rights have otherwise been infringed, you can lodge a complaint with the supervisory authority. In Austria, this is the Data Protection Authority.

Verantwortlich:

Weyland Group
consisting of:

Weyland GmbH, Haid 26, A-4782 St. Florian am Inn, Company Registration Number 112207 k
Weyland Logistik und Service GmbH & Co KG, Haid 26, A-4782 St. Florian am Inn, Company Registration Number 269778 h
August Weyland GmbH & Co KG, Haid 26, A-4780 St. Florian am Inn, Company Registration Number 387712 s
SLC Stahl Logistik Center GmbH, Uferstraße 22, A-1220 Vienna, Company Registration Number 292546 s
MIP WEYLAND d. o. o., Puscine, Obrtnicka 5, A-40305 Nedelisce
Weyland Holz spol. s.r.o., CZ-110 00 Praha 1, Haštalská 1072/6
Weyland Stahlhandel s.r.o., Za Pasáží 1609, CZ-530 02 Pardubice
Ferrochema GmbH & Co KG, Industriestraße 20, A-9800 Spittal/Drau
Ferroservice W.Miklitsch GmbH, Industriestraße 20, A-9800 Spittal/Drau
Weyland d.o.o., Tržaška cesta 87a, SI-2000 Maribor
Weyland Metal d.o.o., Gospodarska 12, Vrhovljan, HR-40313 Sveti Martin na Muri
Steel and Metal Trading & Consulting GmbH, Hertha-Firnberg-Strasse 16/17/78, A-1100 Vienna
DSH Danube Stahlhandel GmbH, Gruberstraße 2-4/B1.1, A-4020 Linz
Arwey Stahl GmbH, Moarhofweg 12, A-6116 Weer in Tirol
Arxon Handels GmbH, Betriebsstraße 15/2nd floor/Door 2, A-4213 Unterweitersdorf

Managing Directors: Otto Weyland, Mag. Norbert Thumfart