Privacy policy for the use of the www.auktionshauswendl.de website and participation in auctions

We take the protection of your data seriously!

Below you will find an overview of the purposes for which we collect, process and store personal data - naturally in accordance with the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).
By using our website, you consent to the collection, processing and use of data in accordance with the following description. Our website can generally be visited without registration. Data such as pages called up or the name of the file called up, date and time are stored on the server for statistical purposes without this data being directly related to your person. Personal data, in particular name, address or e-mail address, are collected on a voluntary basis as far as possible. The data will not be passed on to third parties without your consent or if necessary for the fulfillment of the contract.

Name and contact details of the controller
Kunst-Auktionshaus Wendl

Julia Marie Wendl
August-Bebel-Straße 4
07407 Rudolstadt
Phone: +49 (0) 3672 424350
Fax: +49 (0) 3672 412296

E-mail: kontakt@auktionshaus-wendl.de
Web: www.auktionshauswendl.de

Responsible: Julia Marie Wendl
For the processing of your personal data
Eve Elschner has been appointed as data protection officer (datenschutz@auktionshauswendl.de)

General information

This privacy policy fulfills the legal requirements for transparency in the processing of personal data. This is any information relating to an identified or identifiable natural person. This includes, for example, information such as your name, age, address, telephone number, date of birth, e-mail address, IP address or user behavior when visiting a website. Information for which we cannot (or only with disproportionate effort) establish a connection to your person, e.g. through anonymization, is not personal data. The processing of personal data (e.g. the collection, retrieval, use, storage or transmission) always requires a legal basis and a defined purpose.

Stored personal data will be deleted as soon as the purpose of the processing has been achieved and there are no legitimate reasons for further storage of the data. We will inform you about the specific storage periods or criteria for storage in the individual processing operations. Irrespective of this, we store your personal data in individual cases for the assertion, exercise or defense of legal claims and in the event of statutory retention obligations.

Information according to Art. 13 GDPR

This information is intended for customers, interested parties, suppliers and employees. Your personal data will be processed by us for the following purposes:

• To fulfill our contractual obligations to which we are committed to you (Art. 6 para. 1 lit. b GDPR).
• For the performance of pre-contractual obligations (Art. 6 para. 1 lit. b GDPR).
• To answer inquiries (Art. 6 para. 1 lit. b GDPR).
• If you have given us your consent to process your personal data for specific purposes (e.g. to receive our newsletter), the data processing takes place on the basis of your consent (Art. 6 para. 1 lit. a GDPR).
• To fulfill legal obligations to which our company is subject (Art. 6 para. 1 lit. c GDPR).
• If necessary, we also process your data to safeguard our legitimate interests, in particular to assert legal claims and defend ourselves in legal disputes or to ensure IT security, to consult and exchange data with credit agencies to determine creditworthiness and default risks, for direct advertising and market research unless you have objected to the use of your data for this purpose, for measures for business management and further development of services and products, for measures for product and sales optimization, for measures for risk management, for the prevention or investigation of criminal offenses (Art. 6 para. 1 lit. f GDPR).

Categories of recipients of the personal data

Within our company, only those employees have access to the data who absolutely need it to perform their tasks (need-to-know principle). Individual processes and services are carried out by carefully selected service providers based within the EEA and commissioned in accordance with data protection regulations. If service providers commissioned by us are given access to personal data when carrying out your services, order processing contracts have been concluded with them in accordance with Art. 28 para. 3 GDPR.

Duration of data storage

The data processed by us is stored for the duration of the existence and processing of the contractual relationship and in compliance with statutory retention periods. These are in particular commercial and tax retention obligations under the German Commercial Code (HGB) and the German Fiscal Code (AO). The regular retention and documentation periods are up to ten years. If there is no contractual relationship, we only process the data for as long as required for the specific purpose.

Your rights as a data subject

As the data subject, you have the following rights vis-à-vis us with regard to your personal data:

• Right to information about your personal data processed by us.
• Right to rectification or erasure if they are incorrect, out of date or unlawfully collected by us.
• Right to restriction of processing if complete erasure is not possible, e.g. because we have to comply with statutory retention obligations.
• Right to object to processing if the data processing is based on a balancing of interests (the so-called legitimate interest), as described above under "Purpose of processing". This is the case if, in particular, the processing is not necessary for the performance of a contract with you. When asserting your right to object, we ask you to explain the reasons why we should not process your data as we have done.

Of course, you can also object to the processing of your personal data for advertising purposes at any time. To do so, please send your objection to our address given in the legal notice or send us an e-mail to the address given in the legal notice.

• Right of revocation if you have given us your consent to process your data. You can assert your revocation against our company at any time without giving reasons. To do so, please contact the address given in the legal notice.
• In addition, you have the right to complain to a data protection supervisory authority about the processing of your personal data by our company.

If you have any questions about data protection, you are welcome to contact us by e-mail at the address given in the legal notice.

Data processing in accordance with the Money Laundering Prevention Act

In accordance with Section 2 (1) of the German Money Laundering Prevention Act (GwG), we are obliged to comply with measures to prevent money laundering and terrorist financing. The measures prescribed by law include the identification of contractual partners (Section 11 GwG) if a certain transaction amount is exceeded. Under certain circumstances, we are also obliged to report suspicious transactions or transaction intentions (Sections 27 ff. GwG). As part of the prescribed identification and/or reporting, we collect personal data and, if necessary, pass it on to the Financial Intelligence Unit (FIU). The legal basis for the collection and forwarding of data is Art. 6 para. 1 lit. c) GDPR in conjunction with the respective statutory provisions of the GwG. Unless other statutory provisions on recording and retention obligations provide for a longer period in individual cases, we are obliged to retain the data for five years. Once the retention period has expired, the data will be destroyed in accordance with data protection regulations without the need for a separate request to do so.

Proof of identity can be an identity card or passport, etc.

Collection and storage of personal data and the nature and purpose of its use

a) When visiting the website

When you visit our website www.auktionshaus-wendl.de, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is collected without any action on your part and stored until it is automatically deleted -
IP address of the requesting computer,
- date and time of access,
- name and URL of the accessed file,
- website from which the access was made (referrer URL),
- the browser used and, if applicable, the operating system of your computer and the name of your access provider.

We process the aforementioned data for the following purposes: -
ensuring a smooth connection to the website,
- ensuring convenient use of our website,
- evaluating system security and stability and
- for other administrative purposes.

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest follows from the purposes for data collection listed above. Under no circumstances do we use the data collected for the purpose of drawing conclusions about your person.

We also use cookies and analysis services when you visit our website. You can find more detailed explanations on this in sections 4 and 5 of this privacy policy.

b) When registering for our newsletter

If you have expressly consented in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, we will use your e-mail address to send you our newsletter on a regular basis. It is sufficient to provide an email address to receive the newsletter. You can unsubscribe at any time, for example via a link at the end of each newsletter. Alternatively, you can also send your unsubscribe request at any time to kontakt@auktionshaus-wendl.de by email or use the unsubscribe form on our website.

Brevo
We send our newsletters via Brevo - an internet marketing service provider committed to GDPR-compliant work and data protection (an offer from SendinBlue, SAS, 47, Rue de la Chaussée d'Antin, 75009 Paris, France ("SendinBlue"). Brevo's privacy policy can be found at www.brevo.com/de/legal/privacypolicy/. The data stored during registration is transmitted to Brevo and stored by Brevo. Brevo undertakes not to transmit the data entered during registration to third parties and to store it exclusively on servers within the EU. After registration, Brevo will send you an e-mail to confirm your registration (double opt-in procedure). The IP address and the date and time of your registration are also stored. This serves as a safeguard on our part in the event that a third party misuses your e-mail address and subscribes to our newsletter without your knowledge. Brevo
also offers various options for analyzing how the newsletters sent are opened and used, e.g. how many users an e-mail was sent to, whether e-mails were rejected and whether users unsubscribed from the list after receiving an e-mail. These analyses are group-related and are not used by us for individual evaluation. The data collected in this way is also not compared with data that may be collected by other components of our website. We also use the link or plug-in to Google Analytics offered by SendinBlue to track and improve the effectiveness of our email campaigns. The legal basis for this data processing is our legitimate interest in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR. Information on how Google Analytics collects, processes and stores data can be found under the corresponding point.

We will only use the personal data collected from you as part of the e-mail newsletter internally to optimize and deliver the newsletter you have expressly requested. Your personal data will not be sold or passed on to third parties for the purposes of advertising, market or opinion research. However, if you do not agree to this analysis, you must unsubscribe from our newsletter as described above.

c) When using our contact form

If you have any questions, you can contact us using the form provided on the website.

Please note that by submitting this form, you are sending an e-mail and are giving us your consent under data protection law to store and process the data you provide. Please also note that the e-mail is not sent in encrypted form. This is not a secure transmission method. For example, we cannot rule out the possibility that third parties may gain unauthorized knowledge of the content of the message by illegally accessing the mail server connections. If in doubt, choose a secure transmission method (e.g. letter, encrypted e-mail not via the contact form, telephone) using the contact details below.

It is necessary to provide a valid e-mail address so that we know who sent the request and can respond to it. Further information can be provided voluntarily. Data processing for the purpose of contacting us is carried out in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR on the basis of your voluntarily given consent. The personal data collected by us for the use of the contact form will be deleted after your inquiry has been dealt with.

Forwarding of data

Your personal data will not be transferred to third parties for purposes other than those listed below. We only pass on your personal data to third parties if: -
you have given your express consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR,
- the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR is necessary for the assertion, exercise or defense of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data,
- in the event that there is a legal obligation for the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. c GDPR, and -
this is legally permissible and necessary for the processing of contractual relationships with you in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR.

Registration of a user account

Type and scope of processing

You have the option of registering a user account to use certain areas of our website. The information collected during registration via the mandatory fields is required to provide access to the user account. You can also voluntarily provide additional information for supplementary (convenience) functions.
 When registering a user account, your personal data will only be passed on in accordance with this privacy policy.

Purpose and legal basis

We process your data for the purpose of providing a user account to fulfill a contract with you in accordance with Art. 6 para. 1 lit. b GDPR.
 In addition, the processing of additional voluntarily provided information for the purpose of providing further (convenience) functions is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR. By deactivating the functions or by deleting the voluntary information in the user account, you can declare your revocation at any time with effect for the future in accordance with Art. 7 para. 3 GDPR.

Storage duration

We store your personal data as part of the provision of the user account for as long as you are registered on our site. After deletion of the user account, your data will only be stored further if there are statutory retention obligations (e.g. tax and commercial law).

Registration of a customer account

Processing of customer and contract data

We collect, process and use your personal data only insofar as it is necessary for the establishment, amendment or fulfillment of a legal relationship. This is done to fulfill a contract or pre-contractual measures in accordance with Art. 6 para. 1 lit. b GDPR.

The customer data collected will be deleted after completion of the order or termination of the business relationship. Statutory retention periods remain unaffected.

When you place an order in our store, we may initially collect the following data:

• Title, first name, last name,
• a valid e-mail address,
• Address,
• Telephone number (landline and/or mobile)

This data is collected,

• to be able to identify you as our customer;
• in order to process, fulfill and process your order;
• for correspondence with you;
• for invoicing;
• for the settlement of any existing liability claims and the assertion of any claims against you;
• to ensure the technical administration of our website;
• to manage our customer data.

To prevent unauthorized access by third parties to your personal data, in particular financial data, the order process is encrypted using TLS technology.
Data transmission when concluding contracts for online stores, retailers and goods dispatch.

We only transfer personal data if this is necessary in the context of contract processing, for example to shipping service providers or the credit institution responsible for processing payments. Any further transmission of data will not take place or will only take place if you have expressly consented to the transmission.

The basis for data processing is the fulfillment of a contract or pre-contractual measures pursuant to Art. 6 para. 1 lit. b GDPR.

Payment services

We integrate third-party payment services on our website. If you make a purchase from us, your payment data (e.g. name, payment amount, account details, credit card number) will be processed by the payment service provider for the purpose of payment processing; the respective contractual and data protection provisions of the respective providers apply. The basis for data processing is the fulfillment of a contract or pre-contractual measures pursuant to Art. 6 para. 1 lit. b GDPR as well as in the interest of a smooth, convenient and secure payment process (Art. 6 para. 1 lit. f GDPR). If you have previously given your consent to data processing, your data will be processed solely on the basis of Art. 6 para. 1 lit. a GDPR; consent can be revoked at any time.

We use the following payment service providers:

Stripe Payments Europe, Limited The One Building 1 Grand Canal Street Lower Dublin 2 Co Dublin Ireland

at stripe.com/de/privacyakt

Shipping services and offers

Mailboxes etc. Zwickau (MBE)

Type and scope of processing

WENDL has arranged a partnership for the shipping of auction lots with the above-mentioned service provider.

MBE Center Zwickau, Bosestr. 15 A

If you have successfully purchased goods from WENDL, we will provide the MBE-Center with the data required to deliver the goods to you. If notification of delivery is required, we will also transmit this data. The data are: First name, surname, postal address, e-mail address, telephone number, shipping address. For the purpose of contract processing, the data:  Payment amount, invoice number and payment status are transmitted.

Purpose and legal basis

This is done for the purpose of creating a shipping offer. The legal basis for this is Art. 6 para. 1 lit. c DSGVO (GDPR).

Order processing

We have signed an order processing contract (AVV) with the above-mentioned provider. This is a contract prescribed by data protection law, which guarantees that the provider will only process personal data in accordance with our instructions and in compliance with the DSGVO (GDPR).

TeamViewer

We use TeamViewer. The provider is TeamViewer Germany GmbH, Jahnstr. 30, 73037 Göppingen. Details on data processing can be found in TeamViewer's privacy policy: https://www.teamviewer.com/de/datenschutzerklaerung/.

Order processing

In order to ensure that personal data is processed in accordance with our specifications and in compliance with the GDPR, we have concluded an order processing agreement (AVV) with the provider.

Cookiebot

Type and scope of processing

Our website uses Cookiebot's consent technology to obtain your consent to the storage of certain cookies on your end device or to the use of certain technologies and to document this in accordance with data protection regulations. The provider of this technology is Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (hereinafter "Cookiebot").

When you enter our website, a connection is established to the Cookiebot servers in order to obtain your consent and other declarations regarding the use of cookies. Cookiebot then stores a cookie in your browser in order to be able to assign the consents you have given or revoke them.

Purpose and legal basis

Cookiebot is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 lit. c GDPR.

Storage duration

The data collected in this way will be stored until you ask us to delete it, delete the Cookiebot cookie yourself or the purpose for storing the data no longer applies. Mandatory statutory retention obligations remain unaffected.

Order processing

We have concluded a data processing agreement (DPA) with the above-mentioned provider. This is a contract prescribed by data protection law, which ensures that the provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.

Analysis tools

a) Tracking tools

The tracking measures listed below and used by us are carried out on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR. With the tracking measures used, we want to ensure a needs-based design and the continuous optimization of our website. On the other hand, we use the tracking measures to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer for you. These interests are to be regarded as legitimate within the meaning of the aforementioned provision. The respective data processing purposes and data categories can be found in the corresponding tracking tools.

Google Analytics

Type and scope of processing

We use Google Analytics services and functions on this website, which are provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

With the help of Google Analytics, we as website operators can determine how our website is used. As part of the analysis, we learn how often our website is accessed, how long visitors stay on the site and which devices or systems they use to access the website. In addition, we may use Google Analytics to track your mouse movements and clicks. This information may be stored and used by Google to create a profile about you. Google Analytics uses machine learning technologies to analyze and supplement your data. Furthermore, Google Analytics uses technologies to recognize website visitors in order to analyze user behavior. The data collected is generally processed on Google servers in the USA.

Purpose and legal basis

When using Google Analytics, we rely on Art. 6 para. 1 lit. f GDPR as the legal basis for the storage and analysis of personal data, as we have a legitimate interest in analyzing the use of our website. This enables us to optimize our online presence and offers for you. If you have previously given your consent to data processing on this website by Google Analytics, the processing of your data takes place solely on the legal basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time.

The transfer of your personal data to the USA is based on the standard contractual clauses of the EU Commission. You can find more information on this at privacy.google.com/businesses/controllerterms/mccs/.

IP anonymization

When using Google Analytics on this website, we use a function in which Google shortens your IP address before it is transmitted to Google servers in the USA. This only happens if you are located in the European Union or in a country of the European Economic Area. Your full IP address will only be transmitted to the USA in exceptional cases and then shortened there. Google Analytics uses this information to track how you use our website. Your IP address will not be merged with other data held by Google.

Browser plugin

You can prevent Google from collecting and processing data about you. To do this, you must download the browser plugin at https://tools.google.com/dlpage/gaoptout?hl=de and install it in your browser.

You can find more information on the processing of user data in the Google Analytics privacy policy at support.google.com/analytics/answer/6004245

Order processing

When using Google Analytics, we comply with the strict regulations of the German data protection authorities, as we have concluded a contract with Google for order processing.

Storage duration

Google stores data that is linked to cookies, user IDs or advertising IDs. This data is stored for two months and then anonymized or deleted. You can find more information on the storage period and the deletion of your data at support.google.com/analytics/answer/7667196.

Google Maps
Our website uses the Google Maps map service on the "Contact > Directions" subpage via an API. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. To use the functions of Google Maps, it is necessary to save your IP address. This
information is usually transmitted to a Google server in the USA and
stored
there.
 The provider of this site has no influence on this data transfer.
The use of Google Maps is in the interest of an appealing presentation of our online
offers and to make it easy to find the places indicated by us on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
You can find more information on the handling of user data in Google's privacy policy: https://www.google.de/intl/de/policies/privacy/.

Virtual tours

VR-EASY GmbH

Marienwerderstr. 48

16225 Eberswalde

vr-easy.com/platform/datenschutzerklaerung_de.html

Disclosure of your data to third parties

Under certain circumstances, data must be passed on or made accessible to third parties in order to use the services on our website and to fulfill our contractually agreed services. However, this only happens if it is necessary or has been contractually agreed. This data is treated by our service partners in accordance with the statutory data protection regulations and is not used for commercial purposes, but only for the provision of our contractually agreed services. The data protection declarations of the contractual partners concerned can be found below:

Volksbank Gera-Rudolstadt-Saalefeld
 

Logan ICT Services BV- Auction software

auction-experts.com/privacy-statement/

Sacos Hard- & Software GmbH- EDP (Technical Support)

 

Webhosting (Website) D.I.E. Webexperten UG

Link: www.die-webexperten.de/datenschutz.html

Auction participation via partner portals as a third-party provider

In addition to being made available on lot-tissimo.com, our catalogs are also posted on the-saleroom.com (Auction Technology Group, 65 Southwark Street, London, SE1 0HR, United Kingdom), invaluable.com (Invaluable, LLC ("Invaluable") is a Delaware Limited Liability Company, 38 Everett Street, Suite 101, Boston, MA 02134) and veryimportantlot.com ("Very Important Lot", Valery Kardanov, An der Wurt 21, 28865 Lilienthal, Germany). You can also create your own accounts on these sites and use them to bid in our auctions. Creating an account and placing bids on these pages is a voluntary activity and additional offer and is subject to the data protection regulations of the Auction Technology Group or Invaluable Inc or "Very Important Lot" (Mr. Kardanov). These companies are not part of the legal entity Kunst-Auktionshaus Julia Marie Wendl e.K. and are merely contractual partners. If you register with lot-tissimo.com, the-saleroom.com, invaluable.com or veryimportantlot.com, we will only process and store the data collected in the course of checking and realizing your bidding order and within the scope of the purposes and processes described in the previous and following points of this data protection declaration. There is no obligation to register - you can visit us directly at any time or participate in the auction by leaving written bids or telephone bids with us. We do not pass on any data of our bidders who are not registered there to these platforms and only work with the data that bidders themselves have entered there.

Data processing when placing bids via partner portals, when sending a written bid order or otherwise participating in an auction:

If you participate in an auction as a bidder or consignor, you must provide personal data in this context. These are
- Name
- Address
- E-mail address (optional for analog bidding, but desired for the purpose of speedy communication)
- Telephone number
- Catalog number (only bidders)
- Maximum bid (only bidders)

- During the auction, a video protocol with sound and images is created in the auction room in order to record and prove the conclusion of contracts. The video log includes all persons present in the auction room at the time of the auction.

We process and store this data, including information about your previous bids/purchases/deliveries, as far as it is necessary to carry out and process the contractual relationship and the purchase. The personal data provided by you will be processed in accordance with the provisions of the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG):
On the basis of consent (pursuant to Art. 6 para. 1 lit. a GDPR)
The purposes of processing personal data result from the granting of consent.
 You can withdraw your consent at any time with effect for the future. Consent given before the GDPR came into force (May 25, 2018) can also be withdrawn. Processing that took place before the revocation remains unaffected by the revocation. Example: Sending a newsletter.

To fulfill contractual obligations (pursuant to Art. 6 para. 1 lit. b GDPR)
The purposes of data processing result on the one hand from the initiation of pre-contractual measures that precede a contractually regulated business relationship and on the other hand to fulfill the obligations arising from the contract concluded with you.

Due to legal requirements (pursuant to Art. 6 para. 1 lit. c GDPR) or in the public interest (pursuant to Art. 6 para. 1 lit. e GDPR)
The purposes of data processing result from legal requirements or are in the public interest (e.g. compliance with retention obligations, proof of compliance with notification and information obligations)

In the context of the balancing of interests (pursuant to Art. 6 para. 1 lit. f GDPR)
The purposes of the processing result from the protection of our legitimate interests. It may be necessary to process the data provided by you beyond the actual fulfillment of the contract. Our legitimate interest may be used to justify the further processing of the data provided by you, provided that your interests or fundamental rights and freedoms do not prevail. Our legitimate interest in individual cases may be Assertion of legal claims, defense against liability claims, prevention of criminal offenses.

Within our company, access to the personal data provided by you is granted to those persons who need it to fulfill contractual and legal obligations and who are authorized to process this data.
 In fulfilment of the contract concluded with you, only those parties who require the data for legal or organizational reasons (e.g. authorities, postal and transport companies) will receive the data provided by you. These processors are contractually obliged by us to comply with the provisions of the GDPR and the BDSG.
 The data provided by you will not be transferred to a third country (outside the EU). If, in individual cases, you wish the data you have provided to be transferred to a third country, we will only do so with your consent or if this is necessary to fulfill the contract (e.g. if you have commissioned us to ship to a destination country outside the EU, where the recipient address must be visibly affixed to the package and transmitted to the relevant transport company).

No fully automated decision-making (including profiling) pursuant to Art. 22 GDPR is used to process the data provided by you.

The data provided by you will be processed for the period necessary to achieve the contractually agreed purpose, in principle for as long as the contractual relationship with you exists. After termination of the contractual relationship, the data provided by you will be processed to comply with statutory retention obligations or on the basis of our legitimate interests. Once the statutory retention periods have expired and/or our legitimate interests no longer apply, the data you have provided will be deleted. The statutory retention period according to BGB, HGB, GWG, AO can range from two to 30 years.

Presence on social media platforms

Data processing by social networks

We operate publicly accessible profiles in social networks. The individual social networks we use are listed below.

Social networks such as Facebook, Twitter etc. can generally analyze your user behavior comprehensively. When you visit our social media sites, the following data protection-relevant processing operations are triggered:

If you are logged into your social media account and visit our profile, the operator of this social medium can track this visit. Irrespective of this, the operator may be able to process your data (e.g. IP address) even if you are not logged into your account or do not have an account at all.

The operator summarizes this data in user profiles in which your preferences and interests are stored. These profiles are used to display personalized advertising within and outside the respective social media presence. If you have an account with the respective social network, the personalized advertising can be displayed on all devices on which you are logged in or were logged in.

Depending on the platform, further processing operations may be carried out by the operators of the social media portals, over which we have no influence. For details, please refer to the terms of use and privacy policies of the respective social media portals.

Legal basis

Our social media presences are intended to ensure the widest possible presence on the Internet within the meaning of Art. 6 para. 1 lit. f GDPR. The analysis processes carried out by the operators of the social networks may be based on different legal bases, which must be specified by the respective providers.

Responsible party and assertion of rights

If you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. You can assert your rights (information, rectification, erasure, restriction of processing, data portability and complaint) both against us and against the operator of the respective social media portal (e.g. Facebook).
 Despite the joint responsibility with the social media portal operators, we have no full influence on the data processing operations of the portals. Our options are largely determined by the company policy of the respective provider.

Storage duration

The data collected directly by us via the social media presence will be deleted from our systems as soon as you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies. Mandatory statutory provisions - in particular retention periods - remain unaffected.
 We have no influence on the storage period of the data collected by the social networks. For details, please contact the operators of the social networks directly (e.g. in their privacy policy, see below).

Facebook page

We have a profile on Facebook. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The data collected is also transferred to the USA and other third countries.

We have concluded an agreement with Facebook on joint processing (Controller Addendum), which specifies which data processing operations we and Facebook are responsible for. You can view this agreement at the following link: https://www.facebook.com/legal/terms/page_controller_addendum.

You can adjust your advertising settings yourself in your user account. To do this, click on the following link and log in:www.facebook.com/settings.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: www.facebook.com/legal/EU_data_transfer_addendum and

de-de.facebook.com/help/566994660333381.

You can find more information on data processing by Facebook at www.facebook.com/about/privacy/.

Instagram page

We have a profile on Instagram. The provider is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: www.facebook.com/legal/EU_data_transfer_addendum, help.instagram.com/519522125107875 and

YouTube video

Type and scope of processing

This website embeds videos from YouTube. The operator is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
When you start a YouTube video on this website, a connection to its servers is established. The YouTube server is informed which of our pages you have visited. If you are logged into your YouTube account, you also enable YouTube to assign your surfing behavior to your personal profile. You can prevent this by logging out of your account.

After starting a video, YouTube can store various cookies on your end device or use comparable recognition technologies, such as device fingerprinting. This allows YouTube to obtain information about visitors to this website. This information is used, among other things, to record video statistics, improve user-friendliness and prevent fraud attempts.

Further data processing operations after the start of a video, over which we have no influence, are not excluded.

Further information about data protection at YouTube can be found in the privacy policy:
policies.google.com/privacy.

Purpose and legal basis

The use of YouTube is based on our legitimate interest in an appealing presentation of our online offers (Art. 6 para. 1 lit. f GDPR). If a corresponding consent has been requested, the data will be processed exclusively on the basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR. This can be revoked at any time.

You can find more information on the handling of user data in Google's privacy policy: https://www.google.de/intl/de/policies/privacy/.

Right of objection

If your personal data is processed on the basis of legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, provided that there are reasons for this arising from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right to object, which will be implemented by us without specifying a particular situation.
 If you wish to exercise your right of revocation or objection, simply send an e-mail to kontakt@auktionshaus-wendl.de.

Data security

We use the widespread SSL (Secure Socket Layer) method in conjunction with the highest level of encryption supported by your browser when you visit our website. We also use suitable technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in accordance with Art. 32 GDPR in line with technological developments.

Up-to-dateness and amendment of this privacy policy

This data protection declaration is currently valid and has the status as of 1^st February, 2024. Due to the further development of our website and offers on it or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can access and print out the current privacy policy at any time on the website at www.auktionshauswendl.de>Contact>Privacy Policy. In the event of fundamental changes, we will inform our newsletter subscribers by newsletter and also indicate this on our homepage.

Status 1st February 2024