Data Protection Policy
As part of the Serafin Group, we, Weso Aurorahütte GmbH (hereinafter ‘Weso’ or ‘we’), attach great importance to the protection of your personal data, adhering strictly to the rules laid down in the applicable data protection laws, including most importantly the General Data Protection Regulation (hereinafter ‘DS-GVO’), regulation (EU) 2016/679 of the European parliament and council.
On our webpages and when our apps and services are used, personal data are collected only to the extent necessary and processed only for a specific purpose. Personal data are data by which you can be recognised personally as well as other data that relate to you.
Responsible within the meaning of the Federal Data Protection Act /DS-GVO:
Weso Aurorahütte GmbH
Tel +49 64 62 / 921 – 0
Fax +49 64 62 / 921 – 299
Data processing within the Viessmann Group
The Viessmann Group consists of the enterprises associated with Viessmann Werke GmbH & Co. KG.
We disclose your personal data to the following company as a technical service provider:
- Viessmann IT Service GmbH for the operation of backend systems
The data gathered may be processed by or communicated to other companies belonging to the Viessmann Group if:
- you have expressly agreed, having been informed elsewhere (e.g. a note on the enquiry form),
- it is required by the specificity of purpose and the division of labour within the Viessmann Group, related contractual agreements having been concluded within the Viessmann Group,
- the data have been anonymised by the department in charge before being made available, and if the department in charge warrants that the Group company commissioned is unable to de-anonymise these data, or
- the data are saved in anonymised form by the department in charge and the data thus saved are no longer subject to the requirements of the data protection laws.
Communication to third countries
The data made available by you will be processed/communicated by Weso and the companies of the Viessmann Group at locations in Germany, the European Union, and in third countries, including the USA, which offer an adequate level of data protection according to Art. 45 DS-GVO or suitable guarantees in conformance with Art. 46 DS-GVO.
Scope of the Data Protection Policy
The policy that follows presents you with an overview of the way in which we assure data protection, which kinds of data we gather and process for what purpose and on which legal basis. It basically applies to all webpages and apps for which Weso is responsible. Whenever a Weso webpage or app does not conform to these principles of data processing or adds principles of its own, this will be noted on the webpage or app in question in a suitable manner.
This Data Protection Policy comprises five parts:
- The first part (regulations for private users) applies to private users of Weso’s services.
- The second part (regulations for business users) applies to business users of the services of Weso.
- The third part (regulations for applicants) applies to private persons who use the services of Weso in conjunction with job applications.
- The fourth part (general information and regulations for the Viessmann webpages and apps) applies to all persons who use Weso’s services, webpages or apps.
- The fifth part (information regarding the rights of affected persons) applies to all users whose data are subject to data protection laws but not, however, to legal entities.
Furthermore, our webpages may contain links to webpages of other providers which are not covered by this Data Protection Policy.
I. Regulations for private users
This part of the Data Protection Policy applies to the private users of Weso’s services. The legal foundation for processing your data is based on your consent to this Data Protection Policy signifying agreement and/or to permit providing information or products requested by you as per DS-GVO Art. 6 Par.1.b).
As a general rule, our webpage may be used without providing personal data.
Use and verification of personal data
The personal data quoted by you include the following, among others:
- Your name
- Your e-mail address
- Your phone and/or mobile number
- Your country
Any personal data you give us will be used to answer your enquiries, to manage and carry out your requests for consultation, for technical administration, for login activities and the services made available within the webpage or app in question. Legally this is based on Art. 6 Par. 1.1b DS-GVO and/or your consent. You may withdraw your consent to the use of the data made available by you at any time. Please communicate with email@example.com quoting, if possible the service(s) used
Telephone contact by Weso
If you have consented to our Data Protection Policy and have given us your phone number, we will contact you by telephone to verify your data before forwarding them, discuss your project, and connect you to the right department.
Further processing and deletion of your data
Beyond the above, your data will not be passed on or sold to third parties, i.e. persons or companies that do not belong to Weso or the Viessmann Group. Personal data saved by us will be deleted if you retract your consent to your data being saved, if the data are no longer required to fulfil the original purpose of their storage, or if their storage should be inadmissible for other legal reasons.
Advertising and consent to advertising
We will only inform you about our products and services by e-mail, mail, or phone and ask you about them when the occasion arises if you have expressly consented to us using your personal data for advertising purposes (Opt-In).
If you have given your consent to such use but do not wish to receive any more advertising materials or questionnaires from Weso in the future, you may withdraw your consent any time, to take effect in the future. In that event, your data will be deleted or stored for accounting and bookkeeping purposes in case of need. To withdraw your consent, send an e-mail to firstname.lastname@example.org
Use of personal data when subscribing to e-mail newsletters
If you subscribe to one of our newsletters on the Weso webpage, your e-mail address will be used for information and advertising purposes until you cancel your subscription to that newsletter. When we receive your subscription, we will save your e-mail address, your IP address, and the date of your subscription. These data will be stored solely to serve as evidence in case some third party misuses an e-mail address and subscribes to a newsletter without the knowledge of the entitled person.
You may withdraw your consent to receiving the newsletter any time, to take effect in the future. If you do not wish to receive the newsletter any more, you may use the deregistration link of the newsletter at any time to delete your name from the Cc list, or send an e-mail to email@example.com
Use of personal data from contact forms
If you use one of our contact forms for an enquiry, we will save your entries in the contact form including the contact data given by you for the purpose of handling your enquiry and any follow-up questions on the same subject. These data will not be passed on to third parties.
You may withdraw your consent to our using the data made available through the contact form at any time. To withdraw your consent, send an e-mail to: firstname.lastname@example.org
II. Regulations for business users
This part of the Data Protection Policy applies only to business users and only to the extent that these personal data are used by contacts on our webpages and in our apps to conclude and perform contracts in conformance with DS-GVO Art. 6 Par.1.b).
Any personal data made available by you will be used to answer your enquiries, to perform contracts concluded with you, for technical administration, for login activities, and the services made available within the webpage or app in question.
Personal data saved by us will be deleted if you retract your consent to your data being saved, if the data are no longer required to fulfil the original purpose of their storage, or if their storage should be inadmissible for other legal reasons. To withdraw your consent, please e-mail email@example.com. In that event, your data will be deleted or stored for accounting and bookkeeping purposes in case of need.
Personal data that are processed as part of the delivery and performance of products and services as per Art. l6 Par. 1.b) are covered by the data protection regulations contained in the relevant conditions of sale.
III. Regulations for applicants
This part of the Data Protection Policy applies to applicants for jobs advertised by Weso or by third parties whom Weso has provided with a platform or partner programme for job advertisements/placements. This applies only to personal data provided by the applicant in the course of the application process on paper, by e-mail, on contact forms with attachments, through portals operated by Weso, or through electronic job exchanges operated by third parties in conformance with national-law and other content requirements. Application documents received on paper will be scanned and the paper disposed of afterwards by certified service providers in a manner conformable with legal requirements.
We will use your personal data only to process your application based on your consent to this Data Protection Policy. Your documents may be accessed by the HR managers of Weso Aurorahütte GmbH and the Serafin Group, their superiors, and other recruiting managers in whose department the job has been advertised. Another anonymised form of processing serves to measure the success of job appointments and the technical application channels used as well as the communicated skills of applicants, again anonymised.
The applicants’ personal data will be deleted automatically after 4 months at the earliest and after 6 months at the latest, counting from the time at which the applicant was informed that he will not be appointed to the job, and that there are no legal obstacles to prevent deletion. The above terms are those specified in the General Act on Equal Treatment. Only if we receive your express consent after a request on our part will your data remain stored in our system so that they may be considered in conjunction with future job advertisements.
If you send us application documents on paper without reference to job advertisements in any of our electronic formats, as part of an unsolicited application, for example, you will receive a summary of this Data Protection Policy together with our receipt for your letter or, at the latest, together with our letter of refusal.
IV. General information and regulations for Weso webpages and apps
These regulations apply together with the regulations for private users and the regulations for business users of Weso’s webpages and apps. Some of our apps are covered by data protection policies of their own.
Data processing by visiting our internet pages and using our apps
Weso automatically collects and stores in its server log files whatever information your browser or app transmits to us. These data cannot be assigned to any individuals by Weso, nor will they be amalgamated with other data. They include:
- Browser type/version
- Operating system
- Referrer URL (the page visited before)
- Host name of the accessing computer (IP address v4 and v6)
- Time of the server request
The IP address is the identification of your computer which is valid worldwide and was unique at the time when it was assigned by your internet provider. In its currently most common configuration (IPv4), it consists of four sets of numbers separated by dots to which further digits may be added (IPv6). Being a private user, you will probably not use the same IP address permanently as it will be assigned to you only temporarily by your provider (so-called ‘dynamic’ IP address’). Whenever an IP address has been assigned permanently (so-called ‘static IP address’), identifying the user data by this characteristic is easy technically.
The data named above will be processed by us for the following purposes:
- Ensuring that webpage connections are made smoothly
- Ensuring that the aforementioned webpage can be used comfortably
- Evaluating the safety and stability of the system
- Other administrative and statistical purposes
Personal data in the server log files will be processed on the basis of Art. 6 Par. 1.f DS-GVO. This permission allows processing personal data within the ‘justifiable interest’ of the person responsible, provided that it is not outweighed by your fundamental rights, fundamental liberties, or interests. Our justifiable interest is to render administration easier and to have a chance of recognising and tracking hacks. You may object to this data processing at any time, provided that there are reasons arising from your personal situation which substantiate your objection. For this purpose, it is sufficient to send an e-mail to the data protection officer. Our justifiable interest derives from the data collection purposes listed above. Under no circumstances will we use the data collected to draw conclusions regarding your person.
The aforementioned contained in the data server log files will be deleted automatically after 30 days or anonymised if used for statistical purposes. We reserve the right to retain the server log files for longer periods if there are facts suggesting unlawful access (like a hacking attempt or a so-called DDOS attack).
Links to external internet pages
This Data Protection Policy applies only to Weso’s webpages and apps. These may contain links to the websites of third parties which are not covered by this Data Protection Policy. If you leave Weso’s webpages or apps to visit the site of an external provider we recommend reading this provider’s data protection policy carefully as well.
Information about cookies and the use of analytical tools
We base our processing of personal data with the aid of cookies and analytical tools on Art. 6 Par. 1.f DS-GVO. This permission allows processing personal data within the ‘justifiable interest’ of the person responsible, provided that it is not outweighed by your fundamental rights, fundamental liberties, or interests. Our justifiable interest is to analyse the use of our webpage.
Weso uses so-called cookies in several places on its webpages and in its apps. They serve to enhance the user-friendliness, effectiveness, and safety of our offering. Cookies are short text files that are stored on your computer and saved by your browser. Most of the cookies used by us are so-called session cookies which are deleted automatically after the end of your visit. Cookies do not cause any damage to your computer and do not contain any viruses.
For the same purpose, Weso also uses analytical tools such as Webtrends or Google Tag Manager (Firebase). The data provided are anonymised completely on collection and stored. These data may potentially be saved outside of Germany or the European Union.
When implementing and using analytical tools and tracking technologies we anonymise personal data as quickly as possible, either through the provider in a process regulated by contracts or ourselves on the occasion of our first use, so that your right to information may not be exercised on all the technologies enumerated below.
By adjusting your browser or your apps and/or the implementing operating system environment (iOS, Android) you can prevent such data being transmitted; this, however, may potentially cause problems relating to calling up and operating the content or service offered or to its functionality.
Google Analytics and Google Tag Manager
This website uses Google Analytics, a web analytics service of Google Inc. (‘Google’). Google Analytics uses so-called ‘cookies’, text files that are stored on your computer and permit analysing your use of the website. The information generated by a cookie about your use of the website will normally be transmitted to one of Google’s servers in the USA and stored there. If the anonymisation of IP addresses has been activated on the website, however, your IP address will first be truncated by Google within member states of the European Union and in other states parties to the Agreement on the European Economic Area. In exceptional cases only, your full IP address may be communicated to a Google server in the USA and truncated there. By order of the website’s operator, Google will use this information to evaluate your use of the website, compile reports about website activities, and provide the operator of the website with further services relating to the use of the website and the internet. The IP address communicated by your browser under Google Analytics will not be amalgamated with other Google data.
You may prevent the storage of cookies by adjusting your browser; however, we wish to point out that in this case you may not be able to use all the functions of this website to the full. Moreover, you may prevent the communication to Google of the data generated by the cookie which relate to your use of the website (including your IP address) and the processing of these data by Google by downloading and installing the browser plugin that is available at the following link:
We wish to point out that to ensure the anonymised collection of IP addresses (IP masking) on this website, the ‘anonymizeIp’ function has been added to Google Analytics.
Besides, this webpage uses the Google Tag Manager. This service permits managing website tags through an interface. The Google Tool Manager only implements tags. This means that no cookies are used and no personal data are collected. The Google Tool Manager initiates other tags which, in turn, may collect data if required. However, the Google Tag Manager will not access these data. If a deactivation has been implemented at the domain or cookie level it will continue to apply to all tracking tags implemented with the Google Tag Manager.
Deactivation of Google Analytics
You can keep Google Analytics from collecting data by clicking on the button below. An opt-
out cookie will be set so that none of your data will be collected when you visit this website in the future:
Weso uses several marketing partners who help us make our internet offering and our websites more interesting to you. This is why cookies of partner companies will also be stored on your hard disc when you visit our webpages. They are temporary/permanent cookies which delete themselves automatically after a predefined time. These temporary as well as the permanent cookies (life: 2 weeks to 10 years) will be stored on your hard disc and will delete themselves after a set period. The cookies of our partner companies also contain only data that are pseudonymous and mostly even anonymous. Such data may relate, for example, to products you have looked at, any purchases you may have made, what products you have searched for, etc.
Some of our marketing partners collect information not contained in the webpages relating to the pages you visited before or the products you were interested in, the objective being to show you advertising material that best corresponds to your interests. At no time will these pseudonymous data be amalgamated with your personal data. Their sole purpose is to enable our marketing partners to approach you with advertisements that might actually be of interest to you.
Use of Facebook plugins (Like button)
Our pages feature integrated plugins of the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA. Facebook plugins on our page can be recognised by the Facebook logo or the Like button. For an overview of the Facebook plugins, go to: http://developers.facebook.com/docs/plugins/.
When you visit our pages, the plugin will set up a direct link between your browser and the Facebook server. In this way, Facebook will be informed that you have visited our page under your IP address. By clicking on the Like button while you are logged in on your Facebook account, you can link content from our pages to your Facebook profile. This enables Facebook to correlate your visit of our pages with your user account. We should like to point out that we, the providers of our pages, will not be informed about the contents of the data communicated and their use by Facebook. For further information, look up Facebook’s data protection policy at http://de-de.facebook.com/policy.php
If you do not want Facebook to be able to correlate visits to our pages with your Facebook account, log yourself out of your Facebook user account.
V. Information regarding the rights of affected persons
This part of the Data Protection Policy offers additional information on exercising your rights vis-à-vis Weso as an affected person.
In cases where personal data have been collected on the basis of contractual relationships and to comply with the rights of affected persons under the DS-GVO, it may be necessary for Weso to run spot checks or, in cases of justifiable doubt, to demand further information in order to establish your identity This applies especially when a demand for information has been submitted in electronic format without the sender information permitting the identification of an affected natural person.
Your rights include
- To demand information about your personal data that have been processed by us in conformance with Art. 15 DS-GVO. In particular, you may demand information about the purposes of processing, about the category of the personal data processed, about the categories of any recipients to whom your data have been or are being disclosed, about the intended duration of their storage, about the existence of a right to correction, deletion, restriction of processing, or objection, about the existence of a right to complain, about the source of your data if they have not been collected by us, and about the existence of an automated decision-making process including profiling and, if necessary, pithy information about related details;
- To demand the immediate completion or, in case of errors, correction of personal data stored by us in conformance with Art. 16 DS-GVO;
- Under Art. 17 DS-GVO, to demand the deletion of your personal data stored by us, provided that processing these data is not required to exercise the right of free expression and information, to fulfil a legal obligation, to serve the public interest, or to assert, exercise, or defend a legal claim;
- Under Art. 18 DS-GVO, to demand that the processing of your personal data be restricted to the extent that the accuracy of these data is disputed by you, that processing them would be unlawful while you reject their deletion, or we no longer need the data while you need them to assert, exercise, or defend a legal claim, or you have objected to their being processed in conformance with Art. 21 DS-GVO;
- To receive the personal data you have provided to us in a structured, common, and machine-readable format or demand that they be forwarded to another responsible person in conformance with Art. 20 DS-GVO;
To exercise these rights, please contact:
Data protection officer
Weso Aurorahütte GmbH
Tel +49 64 62 / 921 – 0
Fax +49 64 62 / 921 – 299
- Under Art.7 Par. 3 DS-GVO, to revoke the consent previously given to us at any time, the consequence being that we will not be allowed from then on to continue the processing of data that was based on this consent of yours;
To revoke your consent, go to: firstname.lastname@example.org
- To complain to a supervisory authority in conformance with Art. 77 DS-GVO. Normally, you would turn for this purpose to the supervisory authority at your place of residence or at the domicile of our company.
Supervisory authority in charge:
Der Hessische Datenschutzbeauftragte
Tel +49 611 / 1408 – 0
Fax +49 611 / 1408 – 900
Further information – contact data
Your trust is important to us. This is why we want to be ready at any time to answer your questions regarding the processing of your personal data. If you have any questions which this Data Protection Policy could not answer, or if you would like more detailed information about a certain item, please contact us:
Contact data of the data protection officer:
Data protection officer
Weso Aurorahütte GmbH
Tel +49 64 62 / 921 – 0
Fax +49 64 62 / 921 – 299
In conformance with Art. 13 Par. 2d DS-GVO we hereby supply the information which you need to exercise your right of complaint:
Supervisory authority in charge
Der Hessische Datenschutzbeauftragte
PO Box 3163
Tel +49 611 / 1408 – 0
Fax +49 611 / 1408 – 900
We endeavour to make use of technical and organisational options to ensure that your personal data are stored so as to be inaccessible to third parties. When communication is made by e-mail, data protection cannot be assured completely; we therefore recommend using the mail service to communicate confidential information.
Changes to this Data Protection Policy
This Data Protection Policy is currently valid and is dated May 2018.
As we develop our webpage and our product range and/or as legal or regulatory requirements may change, it may become necessary to modify this Data Protection Policy. The current version at may be opened on this webpage and printed out at any given time.
D – 35075 Gladenbach