Privacy policy

Last update: 09.01.2025

General information

Information on the responsible body:

Company:
elrest Automationssysteme GmbH
Leibnizstraße 10
73230 Kirchheim unter Teck
Deutschland
Tel.: +49 (0) 7021 92025-0
Website: www.elrest.de

Legal representative:
Gerald Schauer

Contact details of data protection officer:
datenschutz@elrest.de


General Data Processing Information

Thank you for your interest in our company. The primary protection of your personal data is very important to us. We therefore want to provide you with comprehensive information about what information we collect on our websites, for what purpose we use it, to whom we may make it available and what rights you have (Art. 12 and Art. 13 GDPR).

We are guided by the General Data Protection Regulation (GDPR, VO EU 2016/679), which has been in force since 25.05.2018. With the simple parenthetical quotation of a regulation, we want to express on the basis of which norm the data processing is justified if personal data is processed in the respective process.

We take internal data protection very seriously. Our employees and the processors commissioned by us (service companies) have been contractually obliged by us to maintain confidentiality and to comply with IT/security regulations and the applicable data protection regulations.


Safety

We, as well as our contractors, protect your personal information from unauthorized access, loss, use, or disclosure, and ensure that your personal information is in a legally required, controlled, secure environment that prevents unauthorized access, loss, or disclosure.

If processing is carried out on our behalf, we only work with processors who offer sufficient guarantees that appropriate technical and organisational measures are implemented in such a way that the processing is carried out in accordance with the requirements of Art. 28 GDPR and ensures the protection of your rights.

If we jointly determine the purposes and means of processing with one or more contractual partners, we refer to ourselves as joint controllers in accordance with Art. 26 GDPR. To this end, we jointly determine in an agreement which contractual partner has to fulfil which obligation under the GDPR.

In our company, technical and organizational measures have been taken to ensure that our company meets the legal requirements of the GDPR and to protect your data against damage, destruction, falsification, manipulation and unauthorized access.

In order to avoid unnecessary amounts of data, we collect, process and use your personal data only to the extent that this is necessary within the scope of our range of services.

elrest Automationssysteme GmbH is part of the international WAGO Group (WAGO). WAGO is a globally active company. Personal data is stored and processed by our employees, national production sites and sales companies and service providers commissioned by us preferably within the EU. In exceptional cases, processing may also take place outside the EU, e.g. in the USA. In such cases, your personal data will be transmitted in accordance with Art. 44 et seq. GDPR. Information on data protection at WAGO can be found here: https://www.wago.com/de-en/privacy-policy.

In some cases, it may happen that commissioned service providers (e.g. in the context of IT services) also have to access personal data outside the EU. We carefully select these providers and ensure an appropriate level of data protection through contractual, technical and organisational measures. As a rule, we agree on the EU standard contractual clauses, if necessary with supplementary contractual rules.

For some countries outside the EU, such as Canada, the United Kingdom, the United States of America, Switzerland, the EU has already established a comparable level of data protection. Due to the comparable level of data protection, the transfer of data to these countries does not require any special permission or agreement.


Your rights to information, correction, blocking, deletion, completion, restriction and data portability (rights of data subjects)

You will receive information free of charge without giving reasons as to whether personal data concerning you is being processed. In accordance with Art. 15 GDPR, you have the right to information about this personal data as well as further information about the processing of your data stored by us.

Within the scope of your legal rights pursuant to Art. 16, Art. 17 GDPR, you can have your data stored by us blocked, corrected or deleted.

Your personal data will be deleted if this is not precluded by statutory retention obligations and if you assert a claim for deletion in written or text form.

Furthermore, you have the right to have incomplete data completed and, in the cases regulated by law in accordance with Art. 18 GDPR, to demand the restriction of processing if the accuracy of the personal data is not given.

In accordance with Art. 20 GDPR, you also have a right to data portability, insofar as we have named Art. 6 para. 1 a), b) or 9 para. 2 a) GDPR as the basis for data processing in this declaration. When exercising the right to data portability, you have the right to request that the personal data be transferred directly from the controller to another controller, to the extent technically feasible.

Furthermore, you have the right to revoke your consent to us at any time in accordance with Art. 7 (3) GDPR. As a result, we are no longer allowed to continue the data processing that was based on this consent for the future.


Purpose, legal basis and categories of data

In general, it is not necessary for you to provide personal data to visit our website. Technically, however, the IP address transmitted by your system is required to transmit the data from our website to you. In addition to the freely accessible area of our website, e.g. as part of your registration, we may need: your personal data in order to be able to respond to you personally.

We need a legal basis for processing your data. A non-exhaustive list of legal bases can be found in Art. 6 GDPR. According to Art. 6 GDPR, processing is permitted if:

  • you have given us your consent to the processing of personal data concerning you for one or more specific purposes (Art. 6 para. 1 a) GDPR)
  • the processing becomes necessary for the performance of a contract to which the data subject is a party. This also applies to pre-contractual measures that are taken at the request of the data subjects (Art. 6 para. 1 b) GDPR)
  • the processing is necessary for compliance with a legal obligation to which we are subject (Art. 6 para. 1 c) GDPR)
  • the processing is necessary for the protection of the vital interests of the data subject or of another natural person. This can be the rare case if a data subject is seriously injured and his or her personal data is therefore passed on, e.g. to a doctor (Art. 6 para. 1 d) GDPR)
  • the processing is necessary to safeguard the legitimate interests of the controller or a third party, unless the interests or fundamental rights and freedoms of the data subject which require the protection of personal data prevail (Art. 6 para. 1 f) GDPR). Processing operations that are not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary to safeguard a legitimate interest of our company or of a third party, provided that the interests, fundamental rights and freedoms of the data subject do not prevail. We are permitted to carry out such processing operations in particular because they have been specifically mentioned by the European legislator. In this respect, it took the view that a legitimate interest could be assumed if the data subject is a customer of the controller (recital 47 sentence 2 GDPR).


Data Affected

Personal data is only collected if you provide it to us voluntarily. Beyond that, no personal data is collected. Any processing of your personal data beyond the scope of the statutory grounds for permission will only be carried out on the basis of your express consent.


Specific information about the website

Usage

When you visit our website, we receive your full IP address from your IT system. Only with this IP address can we transmit the data of our website to you so that the website is displayed to you (Art. 6 para. 1 b), f) GDPR). In addition to the processing for the transmission of the retrieved data, the full IP address is only stored for two (2) days in order to be able to initiate defensive measures, e.g. blocking of IP addresses, and, if necessary, criminal prosecution in the event of attacks on our IT (Art. 6 para. 1 f) GDPR).

We store the date and time of the page view and the page from which you accessed our website. We do not store any other personal data as long as you do not log in.
To the extent that the programming of our website causes your browser to load data from servers operated by third parties, we ourselves are not involved in these data transfers.

The following data is recorded during an ongoing connection to communication between your internet browser and our web server:

  • Date and time of the request
  • Name of the requested file
  • Page from which the file was requested
  • Access status (file transferred, file not found, etc.)
  • Web browser and operating system used
  • Full IP address of the requesting computer
  • amount of data transferred

For reasons of technical security, in particular to defend against attack attempts on our web server, this data is stored by us for a short time. We are not able to draw conclusions about individual persons on the basis of this data. After 30 days at the latest, the data is anonymized by shortening the IP address at the domain level, so that it is no longer possible to establish a reference to the individual user. In anonymised form, the data is also processed for statistical purposes; there will be no comparison with other databases or disclosure to third parties, even in excerpts.
(Source of the wording: Bavarian State Office for Data Protection Authority)


Use of own "cookies" necessary for the website display

This website uses its own "cookies" to store settings necessary for the website display ("cookies" are data sets that are sent from the web server to the user's browser and stored there for later retrieval). No personal data is stored in our own "cookies". You can generally prevent the use of "cookies" if you prohibit the storage of "cookies" in your browser.


Information on other data processing methods

Specific information on the application process

Data concerned:
Application details

Purpose of processing:
Implementation of application procedure

Categories of recipients:

  • Public authorities in the presence of overriding legal provisions
  • External service providers or other contractors, e.g. for data processing and hosting
  • Other external bodies insofar as the data subject has given his consent or a transfer is permissible for the sake of overriding interest.

Third-country transfers:
Processors outside the European Union may also be used in the execution of the contract, including e-mail providers.

Duration of data storage:
Application data will usually be deleted within four months after notification of the decision, unless consent has been given to longer data storage in the context of admission to the applicant pool.

Specific information on the processing of customer data/prospect data

Data concerned:
Data provided for the performance of the contract; if necessary. additional data for processing on the basis of your explicit consent.

Purpose of processing:
Execution of contracts, including offers, orders, sales and invoicing, quality assurance.

Categories of recipients:

  • Public authorities in the presence of overriding legal provisions
  • External service providers or other contractors, including data processing and hosting, shipping, transport and logistics, service providers for printing and sending information.
  • Other external bodies insofar as the person concerned has given his consent or a transfer is permissible for overriding interest, e.g. for credit checks in the case of purchase on account, for the electronic dispatch of information, for quality assurance purposes.

Third-country transfers:
Processors outside the European Union may also be used as part of the performance of the contract, including e-mail providers.Duration of data storage: The duration of data storage is based on the statutory retention obligations and is usually 10 years.

Specific information on the processing of employee data

Data concerned:
Data provided for the performance of the contract; if necessary. additional data for processing on the basis of your explicit consent.

Purpose of processing:
Performance of the contract within the framework of the employment relationship.

Categories of recipients:

  • Public authorities in the case of overriding legal provisions, including the tax office, social security institutions, employers' liability insurance associations.
  • External service providers or other contractors, including for data processing and hosting, payroll accounting, travel expense accounting, insurance services, vehicle use.
  • Other external bodies insofar as the data subject has given his consent or a transfer is permissible for overriding interest, e.g. for order acquisition, insurance services.

Third-country transfers:
Processors outside the European Union may also be used in the execution of the contract, including e-mail providers.

Duration of data storage:
The duration of data storage is based on the statutory retention obligations and is usually 10 years.

Specific information on the processing of supplier data

Data concerned:
Data provided for the performance of the contract; if necessary. additional data for processing on the basis of your explicit consent.

Purpose of processing:
Execution of the contract, including enquiries, purchasing, quality assurance.

Categories of recipients:

  • Public authorities in the presence of overriding legal provisions, e.g. tax office, customs.
  • External service providers or other contractors, including for data processing and hosting, accounting, payment processing.
  • Other external bodies insofar as the data subject has given his consent or a transfer is permissible for the sake of overriding interest.

Third-country transfers:
Processors outside the European Union may also be used in the execution of the contract, including e-mail providers.

Duration of data storage:
The duration of data storage is based on the statutory retention obligations and is usually 10 years


Links to third-party websites

This website contains links to third-party websites (e.g. those of WAGO Group companies). This privacy policy does not extend to data processing on the third party's website.


Contact the Corporate Data Protection Officer

If you have any further questions about the protection of your personal data, this privacy policy, declarations of consent and the processing of your personal data or if you have complaints about data protection, you can also contact our Corporate Data Protection Officer:

WAGO Gruppe GmbH & Co. KG
-Corporate Data Protection Officer-

Hansastr. 27
32423 Minden
E-Mail: dataprotection@wago.com

Irrespective of the provisions of this data protection declaration, you have a right of complaint to the respective competent supervisory authority regulated in Art. 13 para. 2 d) GDPR.


Acceptance of the Privacy Policy, Changes

This data protection declaration is valid from the time of publication on the website of elrest Automationssysteme GmbH until revoked.

In order to use our offer, the confirmation and acceptance of the data protection agreement is indispensable.

Please note that data protection regulations and data protection practices can change continuously and that the contents of this data protection declaration must be adapted. If this is the case, we will present changes to you in a transparent form. It is also advisable to inform yourself about changes in the legal provisions and the practice of our company.