Mäurer & Wirtz

Data privacy statement

Thank you for visiting our website. In the following you will find our data privacy statement including legally required information. In addition, you will find data protection information for applicants here:

General data protection information (as at December 2023)

Part 1: Information on data protection regarding our processing under Articles 13, 14 and 21 General Data Protection Regulation (GDPR)

We take data protection seriously and hereby inform you on how we process your data and what claims and rights you are entitled to under data protection rules. Applicable as of 25 May 2018.


1.    Office responsible for data processing and contact data

responsible office within the meaning of data protection law:
DALLI-WERKE GmbH & Co. KG 
or MÄURER & WIRTZ GmbH & Co. KG
or NICCO-Werke GmbH
(responsible office in each case is the company whose website you are 
visiting according to the imprint or who you addressed with your request)

Zweifaller Str. 120
52224 Stolberg 
Telephone: +49[0]2402 89-0 
E-Mail-address: 
kontakt@dalli-group.com 
or info@m-w.de 

Contact data of our data protection officer:

DALLI-WERKE GmbH & Co. KG
or MÄURER & WIRTZ 
GmbH & Co. KG
Data protection officer
Zweifaller Str. 120
52224 Stolberg 

E-Mail-address: datenschutz@dalli-group.com
or datenschutz@m-w.de


2.    Purposes and legal basis on which we process your data 
We process personal data in accordance with the stipulations of the General Data Protection Regulation (GDPR) and national data protection laws as well as other applicable data protection provisions (details are provided in the following). The details of which data are processed and how they are used mostly depend on the services requested or agreed in each case. Further details or additions for the purposes of data processing can be found in the respective contract documents, forms, a declaration of consent and/or other information provided to you (e. g. in the context of the use of our website or our terms and conditions). In addition, this data protection information may be updated from time to time, as you may find out from our websites www.dalli-group.com/ www.dalli-group.de/ www.mydalli.de/ www.m-w.de.

 

2.1    Purposes to perform a contract or pre-contractual measures (Art. 6 para. 1 sentence 1 lit. b GDPR)

The processing of personal data is carried out in order to perform our contracts with you and to execute your orders as well as to carry out measures and activities in the framework of pre-contractual  relations, e. g. with interested parties. In particular, the processing thus serves to provide services according to your orders and wishes and includes the necessary services, measures and activities. This essentially includes contractrelated communication with you, the corresponding billing and associated payment transactions, credit checks, the verifiability of transactions, orders and other agreements as well as quality control by means of corresponding documentation, goodwill procedures, measures to control and optimize business processes as well as the fulfilment of general duties of care, control and supervision by affiliated companies (e. g. parent company), statistical evaluations for corporate management, cost recording and controlling, reporting, internal and external communication, emergency management, accounting and tax assessment of operational services, risk management, assertion of legal claims and defense in the event of legal disputes, ensuring IT security (inter alia system and plausibility tests) and general security, including building and plant security, securing and exercising domestic authority (e. g. by means of access controls), guaranteeing the integrity, authenticity and availability of data, prevention and investigation of criminal offences, control by supervisory bodies or supervisory authorities (e. g. auditing). 

 

2.2    Purposes within the framework of a legitimate interest on our part or of third parties (Art. 6 para. 1 sentence 1 lit. f GDPR)
In addition to the purpose to fulfil the (pre-)contract, we might process your data when necessary to protect legitimate interests of our own or of third parties, in particular for the following purposes:

  • advertising or market and opinion research, as far as you have not objected to the use of your data;
  • obtaining information from and exchanging data with operators/ agencies where this goes beyond our economic risk;
  • the examination and optimization of processes for needs analysis;
  • the further development of services and products as well as of existing systems and processes
  • the disclosure of personal data in the framework of due diligence in the course of company sale negotiations;
  • for comparison with European and international anti-terrorist lists, insofar as this goes beyond the legal obligations;
  • the enrichment of our data, e. g. by using or researching publicly accessible data;
  • statistical evaluations or market analysis;
  • benchmarking;
  • the assertion of legal claims and defense in legal disputes which are not directly attributable to the contractual relationship;
  • the limited storage of data, if a deletion is not possible or only possible with disproportionate efforts due to the special type of storage; 
  • the development of scoring systems or automated decision-making processes;
  • the prevention and investigation of criminal offences, if this is not exclusively to fulfil legal requirements;
  • the anonymization of personal data
  • building and plant security (e. g. by means of access control and video surveillance), insofar as this goes beyond the general duties of care;
  • internal and external investigations, safety reviews;
  • internal fraud or abuse prevention in connection with the fulfillment of a contract and pre-contractual measures, unless exclusively to fulfill legal requirements
  • any monitoring or recording of telephone conversations for quality control and training purposes;
  • preservation and maintenance of certifications of private-law or official nature;
  • the securing and exercise of our domestic authority by means of appropriate measures as well as by video surveillance for the protection of our customers and employees as well as for securing evidence in the framework of criminal offences and their prevention.

 

2.3    Purposes within the framework of your consent (Art. 6 para. 1 sentence 1 lit. a GDPR)
Your personal data can also be processed for certain purposes (e.g. use of your e-mail-address for marketing purposes) on the basis of your consent. As a rule, you can revoke this consent at any time. This also applies to the revocation of consent that was given to us before the GDPR came into effect, i.e. prior to 25 May 2018. You shall be separately informed about the purposes and about the consequences of revocation or refusal to give consent in the respective text of the consent.    
Generally, revocation of consent only has effect for the future. Processing that has taken place prior to revocation is not affected by such and remains lawful.

 

2.4    Purposes relating to compliance with a legal obligation (Art. 6 para. 1 sentence 1 lit. c GDPR) or in the public interest 
(Art. 6 para. 1 sentence 1 lit. e GDPR)

Just like anyone who takes part in business life, we are subject to a large number of legal obligations. These are primarily statutory requirements (e.g. commercial and tax laws), but possibly also supervisory law or other official requirements. The purposes of processing may include identity and age checks, prevention of fraud and money laundering, the prevention, combating and education regarding terrorism financing and crime with a risk for property, comparisons with European and international anti-terror lists, compliance with control and notification obligations under tax law as well as the archiving of data for the purposes of data protection and data security and of audits by tax/fiscal and other authorities. In addition, it may be necessary to disclose personal data in the framework of official government/court measures for the purposes of collecting evidence, law enforcement and criminal prosecution or the enforcement of civil law claims.


3.    The categories of data that we process insofar as we do not receive data directly from you, and its origin
If necessary for the performance of our services, we may process data that we have lawfully received from other companies or other third parties (e.g. information offices). In addition, we process personal data that we have lawfully collected, received or acquired from publicly accessible sources (e.g. telephone registers, commercial and association registers, civil registers, the press, the internet and other media) and that we are allowed to process.

Relevant personal data categories may in particular be:

  • personal data (name, date of birth, place of birth, nationality, marital status, occupation/trade and comparable data)
  • contact data (address, e-mail address, telephone number and similar data)
  • Address data (population register data and comparable data)
  • payment confirmation/confirmation of cover for bank and credit cards
  • information about your financial situation (credit-worthiness data including scoring, i.e. data for assessing the economic risk)
  • customer history
  • data about your use of the telemedia offered by us (e. g. time of access to our websites, apps or newsletters, clicked pages/links or entries and comparable data)
  • Video data.

 
4.    Recipients or categories of recipients of your data
Within our company, your data is received by those internal offices or organizational units that need such to fulfil our contractual and statutory obligations or to process and implementing our legitimate interests. Your data is disclosed/passed on to external offices and persons exclusively
•    in connection with the execution of the contract;
•    to fulfil legal obligations that require us to provide information, give notice or forward data or where the forwarding of data is in the public interest (see section 2.4); 
•    to the extent that external service-providers process data on behalf of us as contract processors or providers of certain functions (e.g. external data centers, support and maintenance of DP/IT applications, archiving, document processing, call center services, compliance services, controlling, data screening for anti-money laundering purposes, data validation and plausibility check, data destruction, purchasing/procurement, customer administration, lettershops, marketing, media technology, research, risk controlling, billing, telephony, website management, auditing services, credit institutions, printing companies or companies for data disposal, courier services, logistics);
•    on the basis of our legitimate interest or the legitimate interest of the third party within the purposes cited in section 2.2 (e.g. to authorities, credit agencies, collection agencies, attorneys, courts of law, appraisers, companies affiliated to company groups as well as bodies and control instances);
•    if you have given us consent to transmit data to third parties.

Beyond this, we shall refrain from transmitting your data to third parties. Insofar as we commission service providers within the framework of processing an order, your data will be subject to the same security standards that we have stipulated. In all other cases, recipients may only use the data for purposes for which the data has been sent to them.


5.    Period of time your data is stored for 

We process and store your data for the duration of our business relationship. This also includes the initiation of a contract (pre-contractual legal relationship) and the phaseout.

In addition, we are subject to various retention and documentation obligations that emanate inter alia from commercial and tax laws. The periods and deadlines for retention and/or documentation stipulated therein range between six, seven and ten years from the end of the contractual relationship or the pre-contractual relationship, and in exceptional cases even 50 years – depending on the applicable national law.

Further, special statutory provisions may require longer retention such as for example the preservation of evidence in connection with statutory time-barring provisions.

If the data is no longer required to meet contractual or statutory obligations and rights, it is regularly deleted unless its further processing - for a limited period - is necessary to fulfil the purposes listed in section 2.2 due to an overriding legitimate interest. Such overriding legitimate interest is deemed to exist, for example, if it is not possible, or only possible with a disproportionate effort, to delete the data as a result of the special type of storage and provided that the processing for other purposes is excluded by appropriate technical and organizational measures.

 

6.    Processing of your data in a third country or by an international organization 

Data is transmitted to offices in countries outside the European Union (EU) or the European Economic Area (EEA) (so-called third countries) if necessary to fulfil your order or the contract with you, if required by law (e.g. notification obligations under tax law), if it is in the legitimate interest of us or of a third party or if you have given us your respective consent.
For that matter, your data may be processed in a third country, possibly also with the involvement of service providers in the framework of processing of the order. Insofar as no decision has been issued by the EU Commission regarding the existence of a reasonable level of data protection for the respective country or for specific sectors in a third country, appropriate contracts (such as EU standard contracts) and additional measures can be used as a basis for the transfer. 
You can request information on the suitable or reasonable guarantees and the possibility to receive a copy of these from the company data protection officer.
 

 

7.    Your data protection rights – you can assert your data protection rights against us under certain conditions and under consideration of possible specific national rules
•    You have the right pursuant to Art. 15 GDPR to receive information from us on the data concerning your person that we store.
•    If you so request, we shall correct stored data on you in accordance with Art. 16 GDPR if such data is incorrect or flawed.
•    If you so desire, we shall delete your data in accordance with the principles of Art. 17 GDPR if such is not prevented by other statutory provisions or an overriding interest on our part (e.g. to defend our rights and claims). 
•    Under the conditions laid down in Art. 18 GDPR, you can demand that we restrict the processing of your data.
•    Further, you can file an objection to the processing of your data in accordance with Art. 21 GDPR, as a result of which we have to stop processing your data. This right of objection only applies, however, in the event of extraordinary circumstances in your personal situation, whereas the rights of our company may run counter to your right of objection. 
•    You also have the right to receive your data in accordance with the conditions of Art. 20 GDPR in a structured, commonplace and machine-readable format or transmit such data to a third party. 
•    You further have the right to revoke your consent to process personal data that has been issued to us at any time with effect for the future (see section 2.3). 
•    In addition you are entitled to file a complaint with a data protection supervisory authority (Art. 77 GDPR). We recommend, however, to always send a complaint to our data protection officer before.
 
If possible, your applications concerning the exercise of your rights should be sent in writing to the address stated above or be addressed directly to our data protection officer. 

 

8.    Scope of your obligations to provide us your data

You only need to provide data that is necessary for the commencement and performance of the business relationship or for a pre-contractual relationship with us or the collection of which we are required by law. Without this data, we will regularly not be able to conclude or fulfil the agreement. This may also relate to data required at a later stage within the business relation. If we request data from you above and beyond this, you shall be informed about the voluntary nature of the information separately


9.    Presence of an automated decision-making in individual cases (including profiling)

We do not use any purely automated decision-making procedures as set out in Article 22 GDPR. However, should we institute such a procedure in individual cases in the future, we shall inform you pursuant hereto separately if this is required by law.

Under certain circumstances, we may process your data partly with the aim of evaluating certain personal aspects (profiling). 
In order to provide you with targeted information and advice on products, we may use evaluation tools. These enable a needs-oriented product design, communication and advertising including market and opinion research.

Such procedures can also be used to assess your solvency and credit-worthiness as well as to combat money laundering and fraud. "Score values" can be used to assess your solvency and credit-worthiness. In the case of scoring, the probability with which a customer will meet his payment obligations in accordance with the contract is calculated using mathematical methods. Such score values thus support us, for example, in assessing the credit-worthiness, in our decision-making in the context of product deals and are incorporated into our risk management. The calculation is based on mathematically and statistically acknowledged and proven methods and is based on your data, in particular income, expenditure, existing liabilities, profession, employer, length of service, experience from the previous business relationship, repayment of previous loans in accordance with the contract and information from credit agencies.

Information on nationality and special categories of personal data according to Art. 9 GDPR is not processed.

Information on your right of objection under Art. 21 GDPR

1.    You have the right to file an objection at any time against processing of your data which is performed on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR (data-processing on the basis of a weighing out of interests) or Art. 6 para. 1 sentence 1 lit. e GDPR (data-processing in the public interest), provided that there are reasons for your objection emanating from your special personal situation. This also applies to profiling based on this provision in the meaning of Art. 4, no. 4 GDPR.

If you file an objection, we shall no longer process your personal data unless we can demonstrate compelling reasons for the processing that outweigh your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims.

2.    We may also use your personal data in order to perform direct advertising. If you do not want to receive any advertising, you have the right to file an objection to such at any time. This also applies to the profiling to the extent that it is connected with such direct advertising. We shall respect this objection with effect for the future. 

We shall no longer process your data for the purpose of direct advertising if you object to processing for this purpose.

The objection can be filed without to any form requirements and should, if possible, be sent to:

DALLI-WERKE GmbH & Co. KG
or MÄURER & WIRTZ GmbH & Co. KG
or NICCO-Werk GmbH

Zweifaller Str. 120
52224 Stolberg 

E-Mail-address: kontakt@dalli-group.com 
or info@m-w.de

 

Part 2: Additional data protection information regarding the website

Thank you for visiting our website. In the following we set out which data we collect during your visit on our website and how exactly this data is used. This data privacy statement applies to all websites accounted for by DALLI-WERKE GmbH & Co. KG or affiliated companies, or by Mäurer & Wirtz GmbH & Co. KG or affiliated companies, respectively.

1.    Data collection and processing 
When you visit our website, our webservers temporarily save every access in a log file. The following data will be collected and stored until automatically deleted:

• Date and time of access
• Name and URL of the retrieved file
• Transferred data volume
• Notification on whether the call was successful
• Identification specification data of the used browser- and operating system
• IP address of the calling processor
• Website from which access is made
• Name of your internet access provider.

Processing of this data takes place in order to enable the use of the website (connection establishment), for system security and for technical administration of the network infrastructure.
The IP address will only be analyzed in the event of attacks on our network infrastructure or for other data security reasons.

 

2.    Use of personal data
The personal data you provide us via our website (e.g. your name and address or your e-mail-address) is processed for correspondence with you as well as for the purpose for which you have provided us with the data (e.g. in the framework of a request, an order of dosing aids or a promotional competition).
If you order services or products from us, without your separate consent your personal data will only be used insofar as it is necessary for the provision of the service or for the performance of the contract.
This includes, in particular, the forwarding of your data to transport companies, credit companies or other service providers used for the provision of the service or for the fulfillment of the contract. 
Beyond this, a use of this data for occasional offers to you via post or e-mail in order to inform you about new products or other services that might be of interest to you or about sales promotions of our company, only occurs insofar as legally permissible or where you have given us prior consent. Any use of your personal data shall be only in accordance with the before-mentioned purposes and only to the extent necessary to achieve these objects.
You can object to the receipt of advertisement from DALLI-WERKE GmbH & Co. KG or affiliated companies, or from Mäurer & Wirtz GmbH & Co. KG or affiliated companies, respectively, at any time by informing us correspondingly under the below-mentioned contact or e-mail-address. Consent given can also be revoked at any time by information to the below-mentioned contact or e-mail-address.

 

3.    Newsletters
If we send you a newsletter upon your request, you thereby receive information on our offers and promotions or – insofar as mentioned – offers and promotions of our cooperation partners. You can cancel the newsletter at any time via the cancellation link on the newsletter without incurring any cost apart from the transfer cost according to the standard rates.

 

4.    Transfer of personal data
The transfer of personal data to state offices or authorities only occurs in accordance with legal provisions or when the transfer is necessary for claiming our rights or for law enforcement in the event of attacks on our network infrastructure. Service-providers possibly involved in the framework of the execution only receive the data necessary to fulfil their tasks and they are equally subject to confidentiality obligations as our own staff members are. A transfer to other third parties only occurs insofar as legally permissible. Beyond this, your data will not be transferred to third parties.

 

5.    Security
DALLI-WERKE GmbH & Co. KG and Mäurer & Wirtz GmbH & Co. KG use appropriate technical and organizational security measures to protect your personal data administered by us from accidental or deliberate manipulation, loss, destruction and unauthorized access. Our security measures are continually improved according to technological development. 

 

6.    Cookies 

Cookies are small text data files which are saved on the computer of the internet user. They serve the steering of the internet connection during your visit on our websites. At the same time we receive information via these cookies that allow us to analyze your use of the website in order to optimize our website with a view to the needs of our visitors. Cookies are partly saved by your browser only for the duration of your visit on the website (session cookies), but partly for a longer period (persistent cookies). 
The session cookie which is set with each page view is only existent during your online session and becomes inactive as soon as you close your browser software. It is only needed for the technical communication between browser and webserver. When our website is accessed, and where it is required under data protection law, we ask for your consent to the use of cookies. You can revoke your cookie-consent at any time with effect for the future and you can individually adapt your cookie-settings (selection & deselection of cookies). To do this, on the respective website please click the button “Cookie-settings” or the symbol on the left bottom of the screen and make your choice. You can also view our websites – possibly with limited functionality - without cookies. You can also prevent the saving of cookies if you set this up in your browser settings. If you do not accept any cookies, this may, however, lead to a limitation of the functions of our offers.
 

 

7.    Use of Google Analytics 

On some of our websites we use functions of the web analysis service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyze the behavior of website visitors. The website operator receives various usage data, such as: E.g. page views, length of stay, operating systems used and origin of the user. This data is summarized in a user ID and assigned to the website visitor's respective device.
Furthermore, we can use Google Analytics, among other things. Record your mouse and scroll movements and clicks. Furthermore, Google Analytics uses various modeling approaches to complement the data sets collected and uses machine learning technologies in data analysis.
Google Analytics uses technologies that enable user recognition for the purpose of analyzing user behavior (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is usually transferred to a Google server in the USA and stored there.
The use of this service is based on your consent in accordance with Article 6 Paragraph 1 Letter a GDPR and Section 25 Paragraph 1 TTDSG. Consent can be revoked at any time.
Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here: privacy.google.com/businesses/controllerterms/mccs/.
The company is certified according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards when data is processed in the USA. Every DPF certified company undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

IP anonymization
We have activated the IP anonymization function on this website. This means that your IP address will be shortened by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area before it is transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

Browser plugin
You can prevent Google from collecting and processing your data by downloading and installing the browser plug-in available at the following link: tools.google.com/dlpage/gaoptout.
You can find more information about how Google Analytics handles user data in Google's privacy policy: support.google.com/analytics/answer/6004245.
The personal or pseudonymous data will be deleted or anonymized after 14 months.

Google signals
We also use Google signals on some of our websites. When you visit our website, Google Analytics collects, among other things: Your location, search history and YouTube history as well as demographic data (visitor data). This data can be used for personalized advertising with the help of Google Signal. If you have a Google account, Google Signal's visitor data will be linked to your Google account and used for personalized advertising messages. The data is also used to create anonymized statistics on the user behavior of our users.

Demographic characteristics in Google Analytics
Some of our websites also use the “demographic characteristics” function of Google Analytics to show website visitors appropriate advertisements within the Google advertising network. This allows reports to be created that contain information about the age, gender and interests of site visitors. This data comes from interest-based advertising from Google and third-party visitor data. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as described in the section “Objection to data collection”.

Order processing
We have concluded an data processing contract with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

Google Analytics eCommerce measurement
Some of our websites also use the “E-Commerce Measurement” function of Google Analytics. With the help of e-commerce measurement, the website operator can analyze the purchasing behavior of website visitors to improve their online marketing campaigns. Information such as orders placed, average order values, shipping costs and the time from viewing a product to purchasing it are recorded. This data can be summarized by Google under a transaction ID that is assigned to the respective user or their device.
 

 

8.    Use of YouTube Videos

On some of our websites we embed videos from the YouTube website. The website is operated by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
We use YouTube in extended data protection mode. According to YouTube, this mode means that YouTube does not store any information about visitors to this website before they watch the video. However, the extended data protection mode does not necessarily exclude the passing on of data to YouTube partners. This way, regardless of whether you watch a video, YouTube establishes a connection to the Google Marketing Network.
As soon as you start a YouTube video on this website, a connection to YouTube's servers is established. The YouTube server is informed which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.
Furthermore, after starting a video, YouTube can store various cookies on your device or use comparable recognition technologies (e.g. device fingerprinting). In this way, YouTube can receive information about visitors to this website. This information is, among other things, used to collect video statistics, improve user experience and prevent fraud attempts.
If necessary, further data processing operations may be triggered after starting a YouTube video, over which we have no influence.
The use of YouTube is in the interest of an attractive presentation of our online offerings. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit TTDSG, insofar as the consent includes the storage of cookies or access to information on the user's end device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.
Further information about data protection at YouTube can be found in their data protection declaration at: policies.google.com/privacy.

The company is certified according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards when data is processed in the USA. Every DPF certified company undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: www.dataprivacyframework.gov/s/participant-search/participant-detail
 

 

9.    Google reCAPTCHA
On some of our websites we use the service Google “reCAPTCHA”. Provider of reCAPTCHA is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”) (Parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA)). With reCAPTCHA we check whether the data input on our respective websites (e.g. a contact form) is done by a human being or else by a bot or an automated program. To this the conduct of a website visitor is analyzed by reCAPTCHA on the basis of different characteristics. The analysis is carried out as soon as the user selects our respective website and runs fully-automated in the background. In the framework of the analysis reCAPTCHA evaluates different types of information (e.g. the IP address, the residence time of the user on the website or the user’s mouse movements). The data gathered in the framework of the analysis are forwarded to Google. 
Legal basis for the use of reCAPTCHA is our legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR. As website operator we have a legitimate interest to protect our websites from abusive automated spying or spam. Further details and information on reCAPTCHA as well as Google’s data protection statement are available under https://www.google.com/recaptcha/ or https://www.google.com/intl/en/policies/privacy/ respectively.

 

10.    Use of Google Maps
On some of our websites we use Google Maps of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). Google Maps is a web service for the display of interactive maps to visually depict geographic information. The use of this service makes it possible to show you our location and to facilitate a possible approach.
As soon as the subsides that are integrated into the map of Google Maps are called up, information of your use of our website (such as your IP address and location data) is transferred to servers of Google and saved there. This may also lead to a transfer to the servers of the parent company Google LLC. in the USA. This happens irrespective of whether Google provides a user account over which you are logged in or whether a user account even exists. If you are logged in at Google your data will be directly allocated to your account. If you do not wish for an allocation with your profile you have to log off before activating the button. Google saves your data as user profiles (even for users that are not logged in) and evaluates them. The collection, storage and evaluation are based on the legitimate interests of Google in the pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR in showing personalized advertisement, the market research and/or the tailored design of Google websites. You have the right of objection against the formation of such user profiles for the exercise of which you have to address Google.
If you do not agree with the future transfer of your data to Google in the framework of the use of Google Maps you can also completely deactivate the web service of Google Maps by switching off JavaScript in your browser. Google Maps and thereby, the depiction of the map on this internet site, cannot be used. Detailed information on data protection in relation to the use of Google Maps are available on the internet site of Google: https://policies.google.com/privacy?hl=en-GB&gl=de . As far as legally required we have asked for your consent to the processing of your data as described above pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR. You can withdraw your given consent at any time with effect for the future.

 

11.    Use of Webfonts by MyFonts.com or Adobe 

We use MyFonts on some of our websites. These are fonts that are loaded into your browser when you access our website in order to ensure a uniform typeface when displaying the website. The provider is Monotype Imaging Holdings Inc., 600 Unicorn Park Drive, Woburn, Massachusetts 01801, USA.
In order to check compliance with the license terms and the number of monthly page views, MyFonts transfers your IP address together with the URL of our website and our contract data to its servers in the USA. According to Monotype, your IP address will be anonymized immediately after transmission so that no personal reference can be made (anonymization).
Details can be found in Monotype's privacy policy at www.monotype.com/de/rechtspflichten/datenpolitik/datenpolitik-zum-tracking-von-webschriften 
On some of our websites, web fonts from Adobe are used to uniformly display certain fonts. The provider is Adobe Systems Incorporated, 345 Park Avenue, San Jose, CA 95110-2704, USA (Adobe).
When you access this website, your browser loads the required fonts directly from Adobe in order to display them correctly on your device. Your browser establishes a connection to Adobe’s servers in the USA. This gives Adobe knowledge that this website was accessed via your IP address. According to Adobe, no cookies are stored when the fonts are provided.
The storage and analysis of the data is based on Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in the uniform presentation of the typeface on his website. If appropriate consent has been requested, processing is carried out exclusively on the basis of Art. 6 Para. 1 lit . B. Device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.
Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here: www.adobe.com/de/privacy/eudatatransfers.html.
Further information about Adobe Fonts can be found at: www.adobe.com/de/privacy/policies/adobe-fonts.html. 
Adobe's privacy policy can be found at: www.adobe.com/de/privacy/policy.html.
The company is certified according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards when data is processed in the USA. Every DPF certified company undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: www.dataprivacyframework.gov/s/participant-search/participant-detail

 

12.    Additional Privacy Notice for our Facebook Fan Pages
Within the scope of the Facebook fan pages operated by DALLI-WERKE GmbH & Co. KG or its affiliates or by Mäurer & Wirtz GmbH & Co. KG or its dependent companies, you also have the opportunity to find out about our services or to contact and interact with us. Our Facebook fan pages are provided on the basis of the agreement reached with Meta (Meta Platforms  Ireland Limited (formerly Facebook Ireland Limited), 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) on the joint processing of personal data pursuant to Art. 26 GDPR ("Page Insights Controller Addendum”). According to this, we ourselves cannot make and implement any decisions regarding the processing of insights data. Meta assumes primary responsibility pursuant to the GDPR for the processing of insights data and the fulfilment of all obligations under the GDPR with respect to the processing of insights data.
Please be informed that when you visit Facebook fan pages, data may be processed regarding you as a user in territories outside the EEA. Meta uses the EU Standard Contractual Clauses in order to ensure that in such cases your data receives a level of protection equivalent to the EU’s.
The company is certified according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards when data is processed in the USA. Every DPF certified company undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: www.dataprivacyframework.gov/s/participant-search/participant-detail;
Your data can be processed for market research and advertising purposes, for example by creating usage profiles and using them for advertising purposes based on the interests arising from your usage behaviour. For this purpose, cookies are usually stored on your computer.
Using the "Page Insights" feature, we can access statistical data from Meta in various categories related to the use of Facebook fan pages, such as the total number of page views, likes, page activities, post interactions, video views, post coverage, comments, shared content, responses, proportion of men and women, country and city of origin, language, views and clicks in the shop, clicks on route planners, and clicks on phone numbers. We use this information to be able to make our pages more attractive and more responsive to needs (e.g. by finding the right time to publish content).
Within the scope of the Facebook fan pages, personal data of the users is processed in order to safeguard our legitimate interests in tailoring our information offerings and communications with the users to needs and target groups (legal basis: Art. 6 para. 1 sentence 1 lit. f GDPR). If Meta, as provider of the platform, asks you for consent to a certain data processing, the processing is carried out in this respect on the legal basis of Art. 6 para. 1 sentence 1 lit. a GDPR.
With regard to the exercise of data subject rights and requests for information, please note that you can most effectively assert these directly with Meta (see https://www.facebook.com/legal/terms/information_about_page_insights_data). 
For more information about the processing and use of data, as well as the rights and settings options in this respect to protect your privacy, including opt-out, please refer to Meta's privacy policy at https://www.facebook.com/about/privacy/ as well as to "Information about Page Insights Data" at https://www.facebook.com/legal/terms/information_about_page_insights_data
Opt-out: www.facebook.com/settings or www.youronlinechoices.com.

 

13.    Use of Meta Pixel (formerly Facebook Pixel)

On some of our websites, the visitor action pixel from Facebook/Meta is used to measure conversions. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the data collected will also be transferred to the USA and other third countries.
This allows the behavior of site visitors to be tracked after they have been redirected to the provider's website by clicking on a Facebook ad. This allows the effectiveness of Facebook advertisements to be evaluated for statistical and market research purposes and future advertising measures to be optimized.
The data collected is anonymous for us as the operator of this website; we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook uses the data for its own advertising purposes in accordance with the Facebook data usage guidelines (https://de-de.facebook.com/about/privacy/). can. This allows Facebook to enable the placement of advertisements on Facebook pages as well as outside of Facebook. As the site operator, we cannot influence this use of data.
The use of this service is based on your consent in accordance with Article 6 Paragraph 1 Letter a GDPR and Section 25 Paragraph 1 TTDSG. Consent can be revoked at any time.
To the extent that personal data is collected on our website using the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Article 26 GDPR). The joint responsibility is limited exclusively to collecting the data and passing it on to Facebook. The processing carried out by Facebook after the forwarding is not part of the shared responsibility. Our joint obligations have been set out in a joint processing agreement. The text of the agreement can be found at: www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing data protection information when using the Facebook tool and for the data protection-safe implementation of the tool on our website. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g. requests for information) regarding the data processed by Facebook directly on Facebook. If you assert your data subject rights with us, we are obliged to forward these to Facebook.

Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here: www.facebook.com/legal/EU_data_transfer_addendum and de-de.facebook.com/help/566994660333381.
You can find further information on protecting your privacy in Facebook's data protection information: de-de.facebook.com/about/privacy/.
You can also deactivate the “Custom Audiences” remarketing function in the ad settings area at www.facebook.com/ads/preferences/. To do this you must be logged in to Facebook.
If you do not have a Facebook account, you can deactivate Facebook usage-based advertising on the European Interactive Digital Advertising Alliance website: www.youronlinechoices.com/de/praferenzmanagement/.
The company is certified according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards when data is processed in the USA. Every DPF certified company undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: www.dataprivacyframework.gov/s/participant-search/participant-detail
 

 

14.    Facebook Custom Audiences 

We use Facebook Custom Audiences. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.
When you visit or use our websites and apps, use our free or paid offers, transmit data to us or interact with our company's Facebook content, we collect your personal data. If you give us your consent to use Facebook Custom Audiences, we will transmit this data to Facebook, which Facebook can use to show you appropriate advertising. Furthermore, target groups can be defined with your data (lookalike audiences).
Facebook processes this data as our processor. Details can be found in the Facebook user agreement: www.facebook.com/legal/terms/customaudience.
The use of this service is based on your consent in accordance with Article 6 Paragraph 1 Letter a GDPR and Section 25 Paragraph 1 TTDSG. Consent can be revoked at any time.
Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here: www.facebook.com/legal/terms/customaudience and www.facebook.com/legal/terms/dataprocessing.
The company is certified according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards when data is processed in the USA. Every DPF certified company undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: www.dataprivacyframework.gov/s/participant-search/participant-detail
You can also deactivate the “Custom Audiences” remarketing function in the ad settings area at www.facebook.com/ads/preferences/. To do this, you must be logged in to Facebook."

 

 

15.    Use of Adform Pixel
On some of our websites we use the service Adform of the provider Adform, Silkegade 3B, ST. 1, DK-1113 Kopenhagen, Denmark. The purpose of this service is to be able to offer behavior-related internet advertisement. To this end a tracking pixel has been implemented on our website. This will be saved on the visitor’s device when visiting our website concerned or when playing videos on this landing page or another website of an Adform customer. The cookie contains a random identification number or information on advertisement activities on the website of an advertiser. With random identification numbers of the cookies Adform collects and saves in the cookie-based profiles anonymous information such as operating system, browser version, geographical location, URLs on which Adform shows advertisement or information on interaction with advertisement (e.g. number of clicks or views). In the event of requests on Adform’s servers IP addresses of internet users are accessible to Adform; they are anonymized in accordance with local data protection law. A recognition on other websites is possible. Further information provided by Adform about saving, processing and using of your data is available at site.adform.com/privacy-center/platform-privacy/opt-out/ .
 

 

16.    Use of WhatsApp
On some of our websites we provide – possibly via a designated share link/ button and a corresponding logo - links to WhatsApp (WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland), an instant messaging service that is part of Meta Platforms Inc. (formerly Facebook Inc.) We advise you that you use the thereby callable, externally linked services and its functions on your own authority. WhatsApp stores data of its users and might also use those for business purposes. If you do not wish this, please do not click on the respective links or share links/ buttons. Further information on WhatsApps data processing are available at https://www.whatsapp.com/legal/updates/privacy-policy.

 

17.    Use of Instagram
On some of our websites we provide – possibly via a designated share link/ button and a corresponding logo - links to Instagram. We advise you that you use the callable, linked Instagram service and its functions on your own authority. The Instagram service is one of the Meta products provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. For the provision of Meta products information about the users is processed. Meta and Instagram share infrastructure, systems and technology with other Meta companies and might process information about the users beyond the Meta companies. The data collected about you during such use are processed by Meta. If you do not wish this, please do not click on the respective links or share links/ buttons. Further information on the data processing by Meta and on the Instagram settings are available on the internet pages of Instagram (i.a. https://www.instagram.com/ or https://help.instagram.com/519522125107875).

 

18.    Use of Twitter
On some of our websites we provide – possibly via a designated share link/ button and a corresponding logo - links to the platform or the services of Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. We advise you that you use the offered Twitter short message service and its functions on your own authority. Twitter might collect data of the users of its service. If you do not wish this, please do not click on the respective links or share links/ buttons. You can find information on which data is processed by Twitter and for what purposes it is used in Twitter’s privacy statement and under https://help.twitter.com/en/forms/privacy.

 

19.    Use of Pinterest
On some of our websites we provide – possibly via a designated share link/ button and a corresponding logo - links to the platform or services of Pinterest (Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland). We advise you that you use the linked services and its functions on your own authority. Pinterest stores data of its users (e.g. personal information, IP address etc.) and might also use those for business purposes. If you do not wish this, please do not click on the respective links or share links/ buttons. You can find further information on Pinterest’s data processing in Pinterest’s privacy policy under https://policy.pinterest.com/en-gb/privacy-policy.


20.    Use of von Google Tag Manager

On some of our websites we use Google Tag Manager. This is a tag management system that allows various tools or tags to be managed through one user interface. The other tags and tools integrated into Google Tag Manager may collect data from you. Google Tag Manager itself does not access this data. If a deactivation has been made at the domain or cookie level, it will remain in place for all tracking tags implemented with this tool.
The legal basis for the use of the Google Tag Manager is your explicit and voluntary consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR to the processing of your personal data for administrative purposes using Google Tag Manager.
Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here: privacy.google.com/businesses/controllerterms/mccs/.
The company is certified according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards when data is processed in the USA. Every DPF certified company undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: www.dataprivacyframework.gov/s/participant-search/participant-detail
Further information on the purpose and scope of data collection and processing as well as further information on your rights in this regard and setting options for the protection of your privacy can be obtained from: Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA; Data protection conditions: support.google.com/tagmanager/answer/7207086 ; privacy policy: policies.google.com/privacy .


21.    Use of Floodlight Tags Google Ad Tags

On some of our websites we use Google Floodlight from service provider Google in Ireland. Google stores and processes information about your user behaviour on our website and uses, among other things, floodlight tags (code snippets) and cookies, i.e. small text files that are stored locally in the web browser on your device and enable an analysis of your use of our website.
In this context, Google processes, among other things, your IP address, as well as pseudonymized cookie or advertising IDs. In addition, contact or location data such as your e-mail address or GPS coordinates may also be processed.
We use Google Floodlight for marketing and optimization purposes and to find out how you came to our website and what content you use there. This is to help us highlight content that is relevant to you on our website and improve your user experience.
The legal basis for the use of Floodlight Tags Google Ad Tags is your explicit and voluntary consent in accordance with Article 6 para. 1 sentence 1 lit. a GDPR in the processing of your personal data for marketing purposes and Section 25 para. 1 sentence 1 TTDSG in the setting of the cookies and the tags.
Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here: privacy.google.com/businesses/controllerterms/mccs/.
The company is certified according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards when data is processed in the USA. Every DPF certified company undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: www.dataprivacyframework.gov/s/participant-search/participant-detail
Further information on the purpose and scope of data collection and processing as well as further information on your rights in this regard and setting options for the protection of your privacy can be obtained from Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland, data protection conditions policies.google.com/privacy;

 

22.    Content Delivery Network (CDN)
On some of our websites we use the CDN service "Nitropack CDN". The provider is Nitropack LLC, 3 Professor Georgi Bradistilov, entr. A, 3rd fl., Studentski Kompleks, Sofia, postcode 1756, Bulgaria (hereinafter referred to as "Nitropack").
Nitropack provides a globally distributed CDN with Domain Name System (DNS). Technically, the transfer of information between your browser and our website is routed via the Nitropack network. A CDN is an online service that is used in particular to deliver large media files (such as graphics, page content or scripts) through a network of regionally distributed servers connected via the Internet. The use of Nitropack's CDN helps to optimize the loading times of our website. The use of Nitropack is based on our legitimate interest in providing and improving the stability and functionality of our website as error-free, secure and efficient as possible (Art. 6 para. 1 sentence 1 lit. f GDPR).
Further information on security and data protection at Nitropack can be found under nitropack.io/page/privacy.
 

23.    Use of Hotjar  

On some of our websites, we ask you for voluntary consent to the use of Hotjar, which can be revoked at any time: If you have given us your consent, we use Hotjar, an analysis service of Hotjar Limited, Dragonara Business Centre, 5th Floor, Dragonara Road, Pacevill St Julian's STJ 3141, Malta ("Hotjar"), on the respective website. We use Hotjar to better understand the needs of our users and to optimize the offer and experience on this website. Hotjar's technology gives us a better understanding of our users' experiences (e.g. how much time users spend on which pages, which links they click, what they like and don't like, etc.) and this helps us to align our offer with feedback from our users. Hotjar uses cookies and other technologies to collect data about the behavior of our users and their devices, in particular IP address of the device (which is collected and stored during your website use only in anonymous form), screen size, device type (Unique Device Identifiers), information about the browser used, location (country only), preferred language to display our website. Hotjar stores this information on our behalf in a pseudonymized user profile. Hotjar is contractually prohibited from selling the data collected on our behalf.
For more information, see the 'about Hotjar' section on Hotjar's help page https://help.hotjar.com/hc/en-us/categories/115001323967-About-Hotjar."

 

24.    Amendment of the data protection rules
The further development of our website or the implementation of new technologies and other things might require an amendment of this data privacy statement. We therefore reserve the right to amend our data privacy statement at any time with effect for the future. We therefore recommend you to read the current data privacy statement from time to time. 


The information on data protection about our data processing according to Articles 13, 14 and 21 GDPR and the additional data protection information regarding the website, respectively, may change from time to time. All changes will be published on this page. We provide older versions in an archive to be viewed.

Part 3: Additional data protection information for the online shops of Mäurer & Wirtz GmbH & Co. KG (“Mäurer & Wirtz”)

As part of the online shop pages designed and operated by Mäurer & Wirtz, you have the opportunity to find out about products from the Mäurer & Wirtz environment and to purchase them from our partner aixtema GmbH, Philipsstraße 8, 52068 Aachen (“aixtema”).

Mäurer & Wirtz and aixtema have agreed on joint responsibility for this in accordance with Article 26 GDPR. Mäurer & Wirtz and aixtema have concluded a separate agreement for details about the cooperation as jointly responsible parties, in which they also make provisions for the parties to fulfill their obligations under the GDPR with regard to the operation of the online shops.

The joint responsibility essentially extends to the technical collection of personal data from customers of the online shop pages and their transfer to aixtema via a jointly set up interface.

Aixtema is solely responsible under data protection law for the processing of customers' personal data in the context of order processing, delivery, customer contact and customer service. Regarding the contractual relationship, it is made clear that when you place an order on our online shop pages, you as a customer only enter into a purchase contract with aixtema, but not with Mäurer & Wirtz itself.

Mäurer & Wirtz is responsible for the content, product descriptions and design of the online shops. Mäurer & Wirtz is the sole controller under data protection law for the processing of any other personal data that may be collected that is not relevant to the order.

Affected persons can assert the rights to which they are entitled under Articles 15 to 22 GDPR either against Mäurer & Wirtz or aixtema. You will generally receive the relevant information or feedback from the party to which you made the request. However, if you have any data protection questions regarding the ordering process, we ask you to contact aixtema: aixtema GmbH, Philipsstraße 8, 52068 Aachen, telephone: +49 241 70515-0, email: info@aixtema.de. If you have any questions about data processing on our platform (e.g. regarding sending newsletters), please contact Mäurer & Wirtz. The contact details of the respective contact persons can also be found in Part 1 of this Mäurer & Wirtz data protection declaration or in the aixtema data protection declaration linked below.

Further detailed information on data protection at Mäurer & Wirtz, including contact details of the person responsible for data protection and the data protection officer as well as explanations on the purposes and legal basis of data processing, your personal data protection rights, the technologies used by Mäurer & Wirtz and the adjustment/revocation of consent can be found in Parts 1 and 2 of the data protection declaration of Mäurer & Wirtz (https://www.m-w.de/datenschutz/).

You can find further detailed information on data protection at aixtema, including contact details of the data protection officer responsible for data processing, in aixtema's data protection declaration at: www.aixtema.de/de/datenschutz.