Blickle Räder+Rollen GmbH u. Co. KG, Heinrich-Blickle-Straße 1, 72348 Rosenfeld, Germany, registered with the District Court of Stuttgart under HRA 410183, is the owner and operator of the websites blickle.com, blickle.de, blickle.at, blickle.co.uk, blickle.fr, blickle.es, blickle-raeder.ch, blickle.se, blickle.it, blickle.us, blickle.ca, blickle.cn, blickle.nl, blickle.be, blickle.cz, blickle.no, blickle.fi, blickle.dk, blickle.com.ro, blickle.com.tr, blickle.ru, blickle.pl, blickle.hu, blickle.jp, blickle.kr, blickle.pt, blickle.lt, blickle.bg, blickle.com.hr, blickle.rs, blickle.lv, blickle.ee, blickle.si, blickle.com.ua, blickle.com.au. On behalf of the entire Blickle Group, thank you for visiting our website and for your interest in our company and services. More information about our international Group companies is available under clause 3 and here. Protecting your privacy when handling your data is important to us. Because of this, your personal data will only be processed in accordance with European data protection legislation and any relevant national data protection requirements.
We only process the personal data of our users if this is required in order to provide a functional website, content or services, or if the processing of this data is justified under the GDPR.
2. Your data protection rights as a user of this website or customer (rights of the data subject)
Under data protection law, you are considered a data subject as a visitor to this website or as a customer. You have certain rights as a data subject. These rights are as follows:
At any time you have the right to obtain information without any charge about your stored personal data, its origins and recipients and the purpose of data processing - without having to give any justification for this request. You are also entitled to have this data corrected, rectified, blocked or deleted. You may also request specific personal data and reuse it for your own purposes with different organisations. You can also restrict the processing of your data and/or object to the processing for reasons related to your specific situation at any time. If you have granted your consent for us to process your data, you can withdraw this consent at any time. You are also entitled to lodge a complaint with the supervisory authority in accordance with Article 77 of the GDPR.
3. Controller / (Joint) Controllership
a) Controller / Joint Controllership pursuant to Article 26 GDPR
Blickle Räder+Rollen GmbH u. Co. KG, Heinrich-Blickle-Straße 1, 72348 Rosenfeld, Germany, is the controller in the sense of Article 4(7) of the GDPR for the personal information (defined below) collected on the aforementioned websites.
We are jointly responsible with group companies and/or distributors to the extent that we pass on personal data to group companies and/or distributors or receive personal data from them (joint controllership, pursuant to Article 26 of the GDPR). Joint controllership may also arise with other natural or legal persons (e.g. payment service providers); the following applies accordingly to these relationships.
b) Information pursuant to Article 26 (2) GDPR
Joint controllership exists with the following companies of the Blickle Group:
- Blickle Castors & Wheels Ltd, Milton Keynes, United Kingdom of Great Britain and Northern Ireland
- Blickle Wielen B.V., Houten, The Netherlands
- Blickle B.V., Lier, Belgium
- Blickle Hispania S.A., Madrid, Spain
- Blickle Italia S.r.l., Desio, Italy
- Blickle a.s., Brno, Czech Republic
- Blickle Räder + Rollen GmbH, Grödig, Austria
- Blickle Räder + Rollen GmbH, Lyssach, Switzerland
- Blickle France SAS, Herrlisheim, France
- Blickle Romania S.R.L., Cluj-Napoca, Romania
- Blickle Australia Holding Pty Ltd, Australia
- QHDC Blickle Australia Pty Ltd, Arundel, Australia
- Blickle AB, Helsingborg, Sweden
- Blickle Oy, Vantaa, Finland
- Blickle Norge AS, Horten, Norway
- Blickle Sanayi Tekerlekleri Tic. Ltd. Sti, Istanbul, Turkey
- Blickle Castors (Taicang) Co., Ltd. Taicang, China
- Blickle Canada Inc, Candiac, Canada
- Blickle U.S.A. Wheels and Casters Inc., Newnan, USA
as well as with our distribution companies. You can find them here.
The transfer of personal data to group and/or distribution companies, as well as the receipt of such data, takes place in the context of business cooperation as well as the promotion and distribution of Blickle products and services. This may also involve the processing of your personal data. The parties have jointly determined the sequence of processing of this data for this case in individual process sections. The parties are jointly responsible for the protection of your personal data within the process sections described below (Article 26 of the GDRP).
Within the framework of joint controllership under data protection law, we have agreed with the aforementioned companies who fulfils which obligations under the GDPR. This relates in particular to the exercise of your rights as a data subject and the fulfilment of the information obligations pursuant to Articles 13 and 14 of the GDPR.
This agreement is necessary because personal data is processed in different process sections and systems in the course of entrepreneurial cooperation as well as advertising and sales, which are operated either by Blickle Räder+Rollen GmbH u. Co. KG or a group or distribution company.
Data transfer with distribution companies takes place with regard to marketing and sales, and with group companies additionally for the purposes of controlling, accounting, personnel management, business operations in general and internal organization.
Even if there is joint controllership, the parties fulfil the data protection obligations for the data processing carried out by them within the scope of joint controllership.
Both Blickle Räder+Rollen GmbH u. Co. KG and the aforementioned group and/or distribution companies shall make the information required under Articles 13 and 14 of the GDPR available to the data subjects free of charge in a precise, transparent, comprehensible and easily accessible form in clear and simple language. In doing so, each party shall provide the other with all necessary information from its sphere of activity. The parties shall inform each other without delay of legal positions asserted by data subjects. They shall provide each other with all information necessary to respond to requests for information.
Data protection rights can be asserted both at Blickle Räder+Rollen GmbH u. Co. KG and at the aforementioned group and distribution companies. In principle, data subjects will receive the information from the office where the rights were asserted. However, in order to speed up the procedure, we recommend that you assert your rights against Blickle Räder+Rollen GmbH u. Co. KG.
4. Contact / Contact Options - Data Protection Coordinators - Data Protection Officer
We recommend sending an email to our data protection coordinators (email@example.com). You can also contact us by post. We also have an external data protection officer. They can be contacted by sending an email to firstname.lastname@example.org.
If you want to contact us by email, we wish to point out that the confidentiality of the information transmitted is not guaranteed for unencrypted emails. The content of unencrypted emails can be viewed by third parties (see “Information security” section).
You can also contact us via contact forms on our website. Information you provide in a contact form, including your contact details, will then be encrypted, forwarded to us and stored by us for the purpose of processing the request and for follow-up queries.
To exercise your right to lodge a complaint in accordance with Article 77 of the GDPR, please contact the relevant supervisory authority.
5. Retention period
We delete or make unavailable the personal data of data subjects or restrict the processing of this data as soon as it is no longer required. Data may be retained past this point if this is required under European or national directives, legislation or other requirements to which the controller is subject. Personal data will also be deleted, made unavailable or have its processing restricted at the end of any retention period required by the aforementioned standards, unless this data is required in order to enter into a contract or for the performance of a contract.
6. Legal principles with regard to the processing of personal data
If a data subject grants consent for their personal data to be processed, the legal basis for the processing is Article 6(1)(1)(a) of the GDPR.
The legal basis for the processing of personal data for the performance of a contract to which the data subject is a party is Article 6(1)(1)(b) of the GDPR. The same legal basis applies for the processing of personal data for the implementation of pre-contractual measures.
The legal basis for the processing of personal data for compliance with a legal obligation of our company is Article 6(1)(1)(c) of the GDPR.
The legal basis for the processing of personal data for the purposes of the legitimate interests of our company or a third party when those interests are not overridden by the interests or rights and freedoms of the data subject is Article 6(1)(1)(f) of the GDPR.
a) Purpose of data processing
Our website can be used without entering personal data. However, personal data is required in order to use certain services on our website. These are explained separately below and in particular inform you of the nature, scope and purpose of the collection, use and processing of personal data. We generally only process personal data if this is required in order to provide a functional website, content or services. Personal data may be collected for the purpose of providing and optimising our online content, for information and contact purposes, for customer service and support, for marketing, advertising and sales, for meeting contractual and legal obligations, for security measures, or for filling positions in response to applications. Any use of your personal data takes place only for the stated purposes and to the extent necessary to achieve these purposes.
We process personal data to meet contractual obligations in accordance with Article 6(1)(1)(b) of the GDPR. This includes:
- Purchase and delivery of products
- guaranteeing functionality
- processing orders
- creating user accounts
- providing services, e.g. repeat orders, changing an address, complaints, etc.
- to provide you with relevant information about your orders
- to contact you if we have or want to establish a business relationship with you or your employer (business contacts)
- handling job applications (covered in detail below).
We also process data for the purpose of our legitimate interests in accordance with Article 6(1)(1)(f) of the GDPR,
- to put together statistical information for the purpose of improving products and services
- to prevent, investigate and report criminal offences
- to assert legal claims (including debt collection procedures) and defend against legal claims
- to conduct audits
- for advertising purposes, unless you have instructed us not to use your data for this purpose
- to put together statistical information for the purpose of improving products and services. We may on occasion process order and usage data to create groups of users for this purpose - these groups are anonymised immediately and are not used to analyse or predict your personal preferences.
You can object to the processing of your personal data at any time. Please refer to “Right of objection” below for more information.
We may process your data on the basis of your consent in accordance with Article 6(1)(1)(a) of the GDPR for certain purposes, particularly:
- to put together statistical information for the purpose of improving products and services
- to enable personalised use of the website, provide personalised offers and optimise online content
- to send you newsletters with regular offers
- to provide special information and offers
- for market research
- for surveying customers
- to help visitors use the website with reminder functions
- for analysis purposes so that we can improve our offer for you.
You can withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
The legal basis for storing or accessing cookies, device identifiers or other information on your device for processing purposes is the European ePrivacy Directive in conjunction with Section 12 et seq. of the German Telemedia Act and Articles 6(1)(1)(a) and 6(1)(1)(f) of the GDPR.
The legal basis for the processing of personal data for job application purposes is Article 6(1)(1)(b) of the GDPR (establishing a contract) and Section 26 of the German Data Protection Act (Processing of Data for the Purposes of the Employment Relationship). We also use consent as a legal basis for the processing of data in the context of the application process (Article 6(1)(1)(a) of the GDPR.
This consent is granted voluntarily and is used for the purpose of staff recruiting and the transfer of your data to an internal talent pool. You can revoke any consent which you have granted at any time in whole or in part. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
As part of the application process, special categories of personal data of applicants in the sense of Article 9(1) of the GDPR (in particular health data) may be disclosed, transmitted and/or requested so that the controller can fulfil their obligations under labour law, social security and social protection law. The data subject (usually the applicant) can also disclose special categories of personal data in order to exercise their rights. In such cases, personal data will be processed on the basis of Article 9(2)(b) of the GDPR. The legal basis for the processing of personal data to assess the ability of the applicant to work, for the purpose of a medical diagnosis, the provision of health or social care or the administration of health or social care systems and services is Article 9(2)(h) of the GDPR.
Additional information about the processing of personal data is provided on our applicant portal.
7. Right of objection and withdrawal of consent
If we process your personal data for the purpose of legitimate interests pursued by us or a third party in accordance with Article 6(1)(1)(e) or (f) of the GDPR, you are entitled to object to the processing in accordance with Article 21 of the GDPR.
Article 21(1) of the GDPR entitles you to object to the processing of your personal data at any time. We will cease to process your personal data from the time that you object unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or if the purpose of the processing is to establish, exercise or defend legal claims.
You also have the right to withdraw consent with effect for the future in accordance with Article 7(3) of the GDPR.
If you would like to object to the processing of your personal data or withdraw your consent (particularly in connection with the technologies outlined below), you can contact us at any time. One way you can do so is to send an email to email@example.com.
Our website uses so-called cookies, which are designed to make our website more user-friendly, effective and secure – for example, by facilitating navigation on our website. In addition, cookies enable us to measure the frequency of page views and the generic use of the website.
Cookies are small text files that are stored on your computer system. Cookies do not harm your computer and do not contain viruses. We would like to point out that some of these cookies are transferred from our server to your computer system, these mostly being so-called “session cookies”. “Session cookies” are automatically deleted from your hard disk after the end of the browser session. Other cookies remain on your computer system and allow us to recognise your computer system on your next visit (so-called persistent cookies). Of course you can refuse to accept cookies at any time, provided that your browser allows this. Please note that if you do this, you will not be able to use all the features of our website to the fullest extent possible.
The help function in the menu bar of most web browsers tells you how to prevent your browser from accepting new cookies, how to let your browser know when to accept a new cookie or how to deactivate all cookies received.
You can also delete cookies. Exactly how this is done will depend on your browser and operating system. As a result, we cannot provide instructions about how to delete cookies on your system here.
You can deactivate cookies at any time. However, deactivating strictly necessary cookies may cause certain features on the website to be unavailable. You can choose not to allow cookies at any time. You can object and/or withdraw your consent by sending an email to firstname.lastname@example.org.
9. Services, technologies and cookies used by the website
We use the following services, technologies and cookies to make sure that we can provide the essential features of our website and meet contractual obligations we have with our customers and partners. The legal bases for their use are Article 6(1)(1)(b) (entering into or performance of a contract), 6(1)(1)(c) (compliance with legal obligations) and/or 6(1)(1)(f) (compelling legitimate interests) of the GDPR. The primary legitimate interest is monitoring of the technical performance of the website.
Every visit to this website is recorded and stored in server log files. This data is used extensively for the technical analysis of how the server is being used, e.g. in order to avoid excess load on the server and/or managing the load on the server, and is processed on the basis of Article 6(1)(1)(f) of the GDPR.
The following data is collected:
- host address (IP address)
- the date and time when the website was accessed
- name of the file which was accessed
- HTTP status code
- the amount of data transmitted
- the website from which you accessed our website (referrer URL)
- browser/operating system/interface
- information about the server service which is used
- protocol version
This anonymous data is stored separately from any personal data and therefore cannot be linked to a specific person. This data is only transmitted to third parties if this is legally required or if we are ordered to do so by a court order. This data is not passed on for commercial or non-commercial purposes. However, we reserve the right to review this data subsequently if we have reason to believe that the website has been used illegally, including DDoS attacks on our website.
b) Google technologies
This website uses the following technologies operated by Google Ireland Limited, register number: 368047, Gordon House, Barrow Street, Dublin 4, Ireland (Google).
i. Google Tag Manager
We use this technology to manage our previously described analysis services on the basis of Article 6(1)(1)(f) of the GDPR. Google Tag Manager is used solely to implement tags. This means: No cookies are used and no personal data is collected. Google Tag Manager triggers other tags, which may collect data. However, Google Tag Manager does not access this data. If deactivated at the domain or cookie level, this will apply to all tracking tags if they are implemented with Google Tag Manager. For more information about Google Tag Manager, please refer to: https://support.google.com/tagmanager/answer/7157428?hl=en-GB and https://policies.google.com/privacy?hl=en.
ii. Google Adwords Conversion Tracking
iii. Google Remarketing
iv. Google Maps
If you grant your consent for us to do so (Article 6(1)(1)(a) of the GDPR), this website will use Google Maps to provide you with maps and site plans. Each time Google Maps is accessed, Google sets a cookie to process user settings and data when viewing the page on which Google Maps is integrated. This cookie from Google is usually not deleted by closing the browser but expires after a certain time unless it is manually deleted by you.
v. Google Fonts
If you consent to this in advance (Art. 6 para. 1 sentence 1 lit. a) DSGVO), we use the fonts provided by Google. Google Fonts ensures a high display quality. In addition, Google fonts are automatically optimized for the web, which saves data volume and ensures a fast loading time. Problems caused by different image synthesis systems (rendering) in different browsers, operating systems and mobile devices are largely avoided by using Google Fonts. By using Google Fonts, the fonts are reloaded via a Google server. Through this external call, data is transmitted to the Google servers. In this way, Google also recognizes that you or your IP address is visiting our website. Google Fonts stores CSS and font requests securely at Google.
For more details about Google Fonts, see Frequently Asked Questions | Google Fonts | Google Developers.
d) Facebook Pixel
g) Sitecore Tracking
We cooperate with the webshop provider Ucommerce ApS, Klostergade 28, 2, DK-8000 Aarhus, CVR no. 32267149. If you order from the webshop, it is necessary for business and contract transactions that personal data is processed. The legal basis for this is Art. 6(1)(b) DSGVO. The data is collected, stored and, if necessary, passed on insofar as it is required to provide contractual services. Mandatory information is marked separately in the webshop, without such a conclusion of a contract is not possible. The duration of storage depends on commercial and tax law requirements and can be up to ten years.
For more information on data processing by UCommerce and its data protection provisions please refer to: https://ucommerce.net/contact-us/data-privacy-and-cookie-policy.
10. Our social media presences / data processing by social networks
We maintain the publicly accessible profiles on social networks listed below.
Social networks such as Facebook, Xing, etc. may analyse your user behaviour when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). Visiting our social media profiles triggers numerous processing operations relevant to data protection.
In detail: If you are logged into your social media account and visit our social media presence, the operator of the social media portal can regularly assign this visit to your user account. However, your personal data may be collected even if you are not logged in or do not have an account with the respective social media portal. This data collection takes place, among other things, by means of cookies that are stored on your terminal device or by recording your IP address.
With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-based advertising can be displayed to you inside and outside the respective social media presence. Provided you have an account with the respective social network, the interest-based advertising may be displayed on all devices on which you are or were logged in.
a) Legal basis
Our social media presences are intended to ensure the most comprehensive presence possible on the internet. This is a legitimate interest within the meaning of Article 6(1)(1)(f) of the GDPR. The analysis processes initiated by the social networks may be based on deviating legal bases to be indicated by the operators of the social networks (e.g. consent within the meaning of Article 6(1)(1)(a) of the GDPR).
b) Responsible party and assertion of rights
If you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. In principle, you can assert your rights (information, correction, deletion, restriction of processing, data portability and complaint) both vis-à-vis us and vis-à-vis the operator of the respective social media portal (e.g. vis-à-vis Facebook).
Please note that despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing procedures of the social media portals. Our options are largely determined by the corporate policy of the respective provider.
c) Storage period
The data collected directly by us via the social media presence will be deleted from our systems as soon as the purpose for storing it no longer applies, you request us to delete it or revoke your consent to store it. Stored cookies remain on your end device until you delete them. Mandatory legal provisions - in particular retention periods - remain unaffected.
d) d) Social networks in detail
We have a profile on Facebook. The provider is Facebook Inc, 1 Hacker Way, Menlo Park, California 94025, USA.
We have concluded an agreement with Facebook on joint responsibility for the processing of data (Controller Addendum). This agreement defines the data processing operations for which we or Facebook are responsible when you visit our Facebook fan page. You can view this agreement at the following link: www.facebook.com/legal/terms/page_controller_addendum.
We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses standard contractual clauses (or EU model clauses) to transfer personal data out of the EU. LinkedIn uses advertising cookies.
If you would like to deactivate LinkedIn advertising cookies, please use the following link: www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
11. Use and disclosure of personal data to third parties
We will provide your personal data to companies in the Blickle Group and/or distribution companies: (i) for the purpose of providing you with services or information that you request, or (ii) on the basis of your consent. You will be informed in advance if a company in the Blickle Group or a distribution company would like to use your personal data for a new purpose.
If you entrust us with the provision of a service, your personal data will only be used to the extent necessary for the performance of the order (for example, to process requests for information or to order brochures). This also applies for the transfer of your data to transport contractors, credit companies or other service providers used to provide the service or contract management.
No further disclosure, in particular the sale of your personal data to third parties will take place.
12. Transmission of personal data to a third country
Data is only transmitted to third countries with an adequate level of protection or on the basis of specific guarantees, e.g. contractual obligations based on so-called standard contractual clauses of the EU Commission. IP addresses and/or so-called “referral links” or online identifiers, for example, may be transmitted depending on browser settings. Due to the way such data may be combined, for which we are not responsible, it is possible for your personal data to be collected and processed outside of the scope of the GDPR.
14. Information security
We use appropriate technical and organisational security measures according to the current state of the art in order to protect the data made available by you to us against accidental or intentional manipulation, loss, destruction or access by unauthorised persons. Accordingly, your data is saved in a secure operating environment that is inaccessible to the public. Our security measures are periodically reviewed and continually improved in line with technological developments.
If you want to contact us by email, we wish to point out that the confidentiality of the information transmitted is not guaranteed for unencrypted emails. The content of unencrypted emails can be viewed by third parties. We therefore recommend that you send us confidential information either in encrypted form via the contact form on our website or by post.
Your email address will be used exclusively for the purpose of corresponding with you. No other use or disclosure to third parties will occur.
15. Protection of your data by TLS or SSL
For secure data transmission on the Internet, we use the hybrid encryption protocol Transport Layer Security (TLS), more widely known under the predecessor name Secure Sockets Layer Software (SSL). This software encrypts the information that is transmitted by you. All information subject to data protection is stored in encrypted form in a protected database.