Datenschutz
Privacy Policy
1. Data protection at a glance
General information
The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data is any data that can be used to identify you personally. For detailed information on the subject of data protection, please refer to our privacy policy listed below this text.
Data collection on our website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. Their contact details can be found in the legal notice on this website.
2. General information on data processing
We process personal data only in accordance with the applicable data protection regulations (GDPR, BDSG).
Data processing is generally only carried out on the basis of a legal basis in accordance with Art. 6 GDPR (e.g., consent, contract fulfillment, legal obligation, or legitimate interest).
3. Cookies & consent management
Our website uses cookies. Some are technically necessary for operation, while others are used for statistics, marketing, or convenience functions.
- Technically necessary cookies (e.g., shopping cart, login) are stored on the basis of Art. 6 (1) lit. f GDPR.
- Analysis & marketing cookies (e.g., Google Analytics, Ads, Facebook Pixel) are only set with your consent in accordance with Art. 6 (1) lit. a GDPR.
You can withdraw your consent at any time by sending an email to info@whirlpool-center.de with the subject line “Cookie settings.”
4. Collection of access data
When you visit our website, the following data is automatically stored in server log files:
- Browser type and version
- Operating system used
- Referrer URL
- Host name/IP address of the accessing computer
- Time of the server request
Some of the data is collected to ensure the error-free provision of the website. Other data may be used to analyze your user behavior.
This data is not merged with other data sources and is deleted after 30 days at the latest.
Legal basis: Art. 6 (1) lit. f GDPR (legitimate interest in the secure and technically flawless provision of the website).
Further information on the responsible handling of business data can be found here: https://business.safety.google/privacy/
5. Contact form and communication
If you contact us via the contact form or by email, your details will be stored for the purpose of processing your enquiry.
Legal basis: Art. 6 (1) (b) GDPR (contract/initiation) or (a) (consent).
6. Newsletter
We use Salesforce (USA) for our newsletter.
- Registration is done via a double opt-in procedure.
- Your data (email address, name) will be used exclusively for sending information.
- Legal basis: Art. 6 (1) (a) GDPR (consent).
Data transfer to the USA:
Salesforce is certified under the EU-US Data Privacy Framework (DPF). If this does not apply, data is transferred on the basis of standard contractual clauses of the EU Commission.
You can unsubscribe from the newsletter at any time using the unsubscribe link in each email.
7. Analysis and marketing tools
7.1 Google Analytics
We use Google Analytics 4.
Data (e.g., IP address, click behavior) is only processed with your consent. IP addresses are stored anonymously.
Legal basis: Art. 6 (1) (a) GDPR.
Storage period: up to 24 months or until revoked.
Revocation: possible at any time via the cookie settings.
7.2 Google Ads & Remarketing
We use Google Ads (conversion tracking & remarketing).
These services enable personalized advertising.
Legal basis: Art. 6 (1) lit. a GDPR (consent).
7.3 Facebook Pixel
Our website uses the Meta Pixel for conversion measurement.
Data is transferred to the USA.
Legal basis: Art. 6 (1) (a) GDPR.
7.4 Hotjar
We use Hotjar to analyze user behavior.
Clicks, mouse movements, scrolling behavior, etc. are recorded, but no personal content.
Legal basis: Art. 6 (1) (a) GDPR (consent).
8. Integration of third-party content
8.1 Google Fonts
Our website uses Google Fonts to display fonts.
The fonts are integrated locally or loaded from Google servers only after your consent.
Legal basis: Art. 6 (1) (a) GDPR.
8.2 Google Maps
Google Maps is integrated to display interactive maps.
This only happens with your consent.
Legal basis: Art. 6 para. 1 lit. a GDPR.
8.3 YouTube
For embedded videos, we use YouTube in “extended data protection mode.”
Data is only transferred to Google with your consent.
Legal basis: Art. 6 para. 1 lit. a GDPR.
9. Data transfer to the USA
When using Google, Meta, or MailChimp services, data may be transferred to the USA.
- Google and Meta are certified under the EU-US Data Privacy Framework (DPF).
- If there is no DPF certificate, the transfer is based on the Standard Contractual Clauses (SCCs).
10. Storage period
- Cookies: Session cookies are deleted at the end of the session; others remain stored for up to 24 months or until you revoke your consent.
- Contract and business data: 6 to 10 years (tax and commercial law retention obligations).
- Applications: no later than 6 months after completion of the process.
11. Your rights
You have the following rights under the GDPR:
- Information (Art. 15 GDPR)
- Rectification (Art. 16 GDPR)
- Erasure (Art. 17 GDPR)
- Restriction of processing (Art. 18 GDPR)
- Data portability (Art. 20 GDPR)
- Objection (Art. 21 GDPR)
- Withdrawal of consent (Art. 7 (3) GDPR)
Right to lodge a complaint with the competent supervisory authority
In the event of violations of data protection law, the data subject has the right to lodge a complaint with the competent supervisory authority in accordance with Article 13 GDPR. The competent supervisory authority for data protection issues is the state data protection officer of the federal state in which our company is based. A list of data protection officers and their contact details can be found at the following link:
https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
To assert your rights, you can contact us at the following email address:
12. Security
We use SSL/TLS encryption to securely transmit your data.
13. Changes
We reserve the right to amend this privacy policy as necessary to comply with current legal requirements or changes to our services.
Information security
Whirlpool Center GmbH uses appropriate technical and organizational security measures in accordance with the current state of knowledge to protect the data you provide to us from accidental or intentional manipulation, loss, destruction, or access by unauthorized persons. Your data is stored in a secure operating environment that is not accessible to the public.
Our security measures are reviewed at regular intervals and continuously improved in line with technological developments.
________________________________________________________
This privacy policy was last updated in September 2025.