Privacy Statement Wintershall is delighted that you have visited our website and thanks you for your interest in our company.
Wintershall takes data protection seriously. This Privacy Statement describes:
- the personal data Wintershall collects when you visit our website
- the purposes for which Wintershall uses such data
- the legal basis for the processing of personal data
- the recipients of such personal data
- the period for which such personal data will be stored
- whether you are obliged to provide personal data
Furthermore, we would like to inform you about:
- the existence of your rights regarding the processing of your personal data
- the Controller in the meaning of data protection laws
1. What personal data does Wintershall collect when you visit our website?
(1) When you visit our website without contacting us or signing in, your browser transmits the following information automatically to our server:
- IP address of your computer
- Information about your browser
- Website that you were on right before you landed on our website
- URL or file requested
- Date and time of your visit
- Volume of data transmitted
- Status information, e.g. error messages
(2) If you contact us by email, we receive the following information:
- Your email address and further information that you provide by email
- Date and time of your message
2. To what extent and for what purposes does Wintershall process such data?
(1) When you visit our website, we use your IP address and the other data that your browser transmits automatically to our server (see Section 1 (1)) in order to:
a) send the requested content to your browser. In doing so, we store the complete IP address only to the extent necessary to serve the requested content to you.
b) protect us from attacks and to safeguard the proper operation of our website. In doing so, we store said data transiently and with restricted access for a maximum period of 7 days. Such period may be extended if and to the extent necessary to prosecute attacks and incidents.
Wintershall will investigate the user of an IP address only in case of an illegal attack.
(2) We store the IP address of your computer after having removed the last octet of the IP address, i.e. in anonymous form, for web audience measuring that allows us to improve our website. We remove the last octet of the IP address immediately after collection. That is why we do not collect personal data about your use of our website.
(3) If you contact us by email, we use the data under Section 1 (2) to answer and, if possible, to meet your request. We store such data to the extent necessary to answer and meet your request.
3. Are you required to provide the data? Are you entitled to object to processing?
When you visit our website, your browser transmits the information under Section 1 (1) automatically to our server. You are free to transmit such data. Without providing such data we are not able to serve you the requested content.
You are not obliged to let us use your anonymized data for web audience measuring.
You may object to such processing of your anonymized data by clicking on the following button
Such objection has no consequences. You can continue using our website.
If you want to contact us by email, you are free to transmit the data under Section 1 (2). Without providing the required data you may prevent us from answering and meeting your request properly.
4. What is the legal basis for the processing?
The legal basis for the processing under Section 2 is point (f) of Article 6 (1) General Data Protection Regulation. The legitimate interests are determined by the purposes described under Section 2.
5. To what recipients do we transmit your data?
We transmit the data mentioned in Section 1 to Data Processors based in the European Union for the purposes determined in Section 2. Such Data Processors process personal data only on instructions from us and the processing is carried out on behalf of us. We do not intend to transfer your personal data to a third country.
6. How do we protect your personal data?
Wintershall implemented technical and organizational measures to ensure an appropriate level of security to protect your personal data against accidental or unlawful alteration, destruction, loss or unauthorized disclosure. Such measures will be continuously enhanced in line with technological developments.
(1) The following cookies are important for the smooth operation and specific services of our website:
This cookie stores your acknowledgment of and consent to any disclaimers on our website.
Will be erased as soon as you clear your cache
(or one year after your visit)
(2) Cookies for web audience measuring:
Tracks movements on map data.
Will be erased after your visit
Used to distinguish users.
Will be erased 14 months after your visit
This cookie does not store any user information; it's just used to limit the number of requests that have to be made to doubleclick.net.
Has a one minute timeout
Used to distinguish users.
Will be erased 24 hours after your visit 24 hours
You may use your browser settings to decide which cookies to accept and to decline. Please be aware that you may not be able to use all features of our website if you decline cookies under Section 7 (1).
8. What rights do you have?
You have certain rights under the General Data Protection Regulation including the right to request a copy of the personal information we hold about you, if you request it from us in writing:
8.2. Right to correct: if your personal is inaccurate or incomplete you have the right to have your personal information rectified;
8.3. Right to erasure: this is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information where there’s no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions. For example, we have the right to continue using your personal data if such use is necessary for compliance with our legal obligations or for the establishment, exercise or defense of legal claims.
8.4. Right to restrict our use of your information: the right to suspend the usage of your personal information or limit the way in which we can use it. Please note that this right is limited in certain situations: when we are processing your personal information that we collected from you with your consent you can only request restriction on the basis of: (a) inaccuracy of data; (b) where our processing is unlawful and you don’t want your personal information erased; (c) you need it for a legal claim; or (d) if we no longer need to use the data for the purposes for which we hold it. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for restriction of the use of their personal information to make sure the restriction is respected in future;
8.5. Right to data portability: the right to request that we move, copy or transfer (where technically feasible) your personal information in a structured, commonly used and machine-readable format, for your own purposes across different services;
8.6. Right to object: the right to object to our use of your personal information including where we use it for our legitimate interests, direct marketing;
8.7. Right to be informed: you have the right to be provided with clear, transparent and easily understandable information about how we use your personal information; and
8.8. Right to withdraw consent: if you have given your consent to anything we do with your personal information, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal information with your consent up to that point is unlawful).
The exercise of these rights is free of charge for you, however you are required to prove your identity with 2 pieces of approved identification. We will use reasonable efforts consistent with our legal duty to supply, correct or delete personal information about you on our files.
When we receive formal written complaints, we will contact the person who made the complaint to follow up. We work with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints that we cannot resolve directly.
If you are not satisfied with the way any complaint you make in relation to your personal information is handled by us then you may refer your complaint to the relevant data protection supervisory authority.
9. Where can you lodge a complaint?
You have the right to lodge a complaint with the Controller (for contact details see Section 10 below) or with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, which in Norway will be:
Or, you can contact the leading supervisory authority for the BASF group:
Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Rheinland-Pfalz
Hintere Bleiche 34
10. Who is Controller?
You can find the Controller in the meaning of data protection laws here.
Please use the address of the Controller above, or the following address to contact our Data Protection Co-Ordinator:
Data Protection Co-ordinator in Wintershall Norge AS
Jåttaflaten 27, 4020 Stavanger, Norway
+ 47 98 22 21 03
11. Privacy of Children
This Website is intended to be used by persons aged 18 and older. We do not seek to collect information about persons under the age of 18.
No information should be submitted to or posted on the Websites by persons younger than 18 years of age. If such a person submits personal information via the Websites, we shall delete that information as soon as we are made aware of their age and thereafter shall not use it for any purpose whatsoever.