top of page

Privacy Policy

​

1. General Information

We are pleased that you are visiting our website. Protecting and safeguarding your personal data when using our website is very important to us. With this privacy policy, we inform you about which personal data we collect when you use our website, how this data is processed, and for what purposes.

This privacy policy applies to the online offering of Werner Metzger GmbH, which is accessible under the domain www.metzger-autoteile.de and the associated subdomains (hereinafter collectively referred to as the “Website”).

​

2. Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) is:

Werner Metzger GmbH
Rita-Maiburg-Str. 33
70794 Filderstadt
Germany
Telephone: +49 (0) 711 – 160 860
Email: info@metzger-autoteile.de

​

3. Data Protection Officer

The external data protection officer of the controller is:

Erich Zimmermann
c/o ZiDa-Datensicherheit GmbH
Schwarzwaldstraße 17
68163 Mannheim
Email: e.zimmermann@zida-datensicherheit.de
Website: www.zida-datensicherheit.de

​

4. General Information on Data Processing

Personal data is any information relating to an identified or identifiable natural person. This includes, for example, information such as name, address, telephone number, email address, IP address, or information about user behavior when visiting a website.

Information that cannot be linked to a person, or only with disproportionate effort (e.g. through anonymization), is not considered personal data.

The processing of personal data (e.g. collection, recording, storage, use, or transmission) is carried out exclusively on the basis of a legal authorization. This may include, in particular, consent, performance of a contract, a legal obligation, or a legitimate interest.

Personal data will be deleted as soon as the purpose of processing has been fulfilled and no statutory retention periods or other lawful reasons for further storage exist. In the individual sections of this privacy policy, we inform you about the respective storage periods or the criteria used to determine them.

Irrespective of this, personal data may be stored in individual cases for the assertion, exercise, or defense of legal claims, as well as where statutory retention obligations apply.

​

5. Recipients of Personal Data

As a rule, we do not disclose personal data processed in connection with the use of our website to third parties unless this is necessary to fulfill the respective purposes or required by law.

Disclosure may occur in particular:

  • to fulfill legal obligations,

  • to enforce or defend legal claims,

  • on the basis of your explicit consent.

Possible recipients may include, for example, authorities, courts, lawyers, or auditors.

Where we use external service providers who process personal data on our behalf, this is done within the framework of data processing agreements pursuant to Art. 28 GDPR. These service providers are contractually obligated to process personal data only in accordance with our instructions and in compliance with the GDPR.

​

6. Cookies and Consent Manager

Our website uses cookies and comparable technologies (e.g. local storage). Cookies are small text files that are stored on your device when you visit our website and contain certain information.

Some cookies are technically necessary to ensure the operation and basic functions of the website. Other cookies are used for statistical or functional purposes and are only used with your consent.

To manage the cookies used and your consents, we use the Wix Cookie Banner. Via this consent manager, you can grant, refuse, or revoke your consent at any time with effect for the future.

Detailed information about the cookies used, their purpose, and storage duration can be found directly in the cookie banner or in the cookie settings provided there.

​

7. Your Rights as a Data Subject

Under the conditions of the applicable provisions of the GDPR, you have the following rights as a data subject:

  • Right of access pursuant to Art. 15 GDPR to information about the personal data stored about you, including meaningful information about the details of the processing, as well as a copy of this data.

  • Right to rectification pursuant to Art. 16 GDPR of inaccurate or incomplete personal data stored by us.

  • Right to erasure pursuant to Art. 17 GDPR of personal data stored by us, insofar as processing is not necessary for exercising the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the assertion, exercise, or defense of legal claims.

  • Right to restriction of processing pursuant to Art. 18 GDPR, insofar as you contest the accuracy of the data, the processing is unlawful, we no longer need the data for processing purposes but you oppose its deletion because you need it for legal claims, or you have objected to processing pursuant to Art. 21 GDPR.

  • Right to data portability pursuant to Art. 20 GDPR, insofar as you have provided us with personal data based on consent pursuant to Art. 6(1)(a) GDPR or on a contract pursuant to Art. 6(1)(b) GDPR and this data is processed by us using automated procedures. You have the right to receive the personal data concerning you in a structured, commonly used, and machine-readable format or to request transmission to another controller where technically feasible.

  • Right to object pursuant to Art. 21 GDPR to the processing of your personal data where processing is based on Art. 6(1)(e) or (f) GDPR and reasons arise from your particular situation. The right to object also applies where the objection is directed against the processing of personal data for direct marketing purposes. The right to object does not apply where compelling legitimate grounds for the processing are demonstrated or where processing serves the assertion, exercise, or defense of legal claims.

  • Right to withdraw consent pursuant to Art. 7(3) GDPR. You have the right to withdraw consent at any time with effect for the future.

  • Right to lodge a complaint pursuant to Art. 77 GDPR with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or the place of the alleged infringement, if you believe that the processing of your personal data violates the GDPR.

 

8. Provision of the Website (Log Files)

Nature and Scope of Processing

When accessing our website, we process the following data:

  • IP address

  • Date and time of access

  • Accessed page or file

  • Referrer URL

  • Browser type and operating system

Purpose and Legal Basis

Processing is carried out to ensure the security and stability of the website on the basis of Art. 6(1)(f) GDPR.

Storage Duration

Log data is stored for a maximum of 7 days and then deleted, unless further storage is required for security-related reasons.

​

9. Hosting and Content Delivery Network (Wix)

Nature and Scope of Processing

Our website is operated using the website builder system Wix. The provider is Wix.com, Inc., 500 Terry A. Francois Boulevard, San Francisco, CA 94158, USA.

Wix provides the technical infrastructure for operating our website (web hosting). In particular, the following personal data is processed:

  • IP address,

  • Date and time of access,

  • Accessed pages,

  • Transferred data volumes,

  • Browser type and operating system,

  • Referrer URL.

To deliver content more quickly, we also use the Wix Content Delivery Network (CDN). Content is delivered via globally distributed servers.

Purpose and Legal Basis

Processing is carried out to provide a secure, stable, and efficient website on the basis of our legitimate interest pursuant to Art. 6(1)(f) GDPR.

Third-Country Transfer

In the context of using Wix and the Wix CDN, personal data may be transferred to the USA. Data transfer is based on the EU–US Data Privacy Framework and additional safeguards pursuant to Art. 44 et seq. GDPR.

Storage Duration

The specific storage duration is determined by Wix. Further information can be found in Wix’s privacy policy.

​

10. Contact Form

Nature and Scope of Processing

Our website offers you the opportunity to contact us via a contact form. In doing so, the personal data you enter in the form fields is processed. Mandatory fields are required to process your request. You may also voluntarily provide additional information.

The data entered in the contact form is not passed on to third parties.

Purpose and Legal Basis

Your data is processed for the purpose of handling and responding to your inquiry. The legal basis is your consent pursuant to Art. 6(1)(a) GDPR. If your inquiry relates to an existing contractual relationship, processing is additionally based on Art. 6(1)(b) GDPR.

There is no legal or contractual obligation to provide your data. However, without providing the data marked as mandatory, your request cannot be processed.

Storage Duration

The data collected via the contact form is stored for a period of three years after completion of processing, unless statutory retention obligations apply.

​

11. Newsletter (rapidmail)

Nature and Scope of Processing

If you subscribe to our newsletter on our website, we process your email address as well as the time of registration and your IP address. Registration takes place using the so-called double opt-in procedure. After registering, you will receive a confirmation email in which you must confirm your subscription again.

We use the service provider rapidmail GmbH, Augustinerplatz 2, 79098 Freiburg im Breisgau, Germany, to send the newsletter. rapidmail processes personal data on our behalf as a processor pursuant to Art. 28 GDPR.

In addition, rapidmail may analyze whether newsletters are opened and which links are clicked in order to optimize future newsletter content.

Purpose and Legal Basis

Your data is processed for the purpose of sending the newsletter on the basis of your consent pursuant to Art. 6(1)(a) GDPR.

Storage Duration

Your data is stored for as long as you are subscribed to the newsletter. After unsubscribing, your data will be deleted immediately, unless statutory retention obligations apply.

​

12. Vimeo Video

Nature and Scope of Processing

Our website includes videos from the Vimeo platform. The provider is Vimeo, LLC, 555 West 18th Street, New York, New York 10011, USA.

When accessing a page with an embedded Vimeo video, a connection to Vimeo’s servers is established. In doing so, personal data—especially your IP address and information about your browser and device—may be transmitted to Vimeo. Vimeo may use cookies and comparable technologies.

Purpose and Legal Basis

The integration of Vimeo videos is based on your consent pursuant to Art. 6(1)(a) GDPR and Section 25(1) TDDDG.

Third-Country Transfer

A transfer of personal data to the USA is possible. This transfer is based on the EU–US Data Privacy Framework and additional safeguards pursuant to Art. 44 et seq. GDPR.

Storage Duration

The storage duration is determined by Vimeo’s specifications. Further information can be found in Vimeo’s privacy policy.


13. Error Analysis with Sentry

Nature and Scope of Processing

To analyze technical errors and ensure the stability of our website, we use the Sentry service provided by Functional Software, Inc., 132 Hawthorne St, San Francisco, CA 94107, USA.

In doing so, technical information is processed, in particular details about the device used, the browser, the time of the error, and possibly anonymized IP addresses. In individual cases, user sessions may also be recorded in order to better understand the causes of errors.

Purpose and Legal Basis

Processing is carried out for technical error analysis and optimization of the website on the basis of your consent pursuant to Art. 6(1)(a) GDPR and Section 25(1) TDDDG.

Third-Country Transfer

A transfer of personal data to the USA cannot be ruled out. The transfer is based on the EU–US Data Privacy Framework and additional safeguards pursuant to Art. 44 et seq. GDPR.

Storage Duration

The collected data is deleted as soon as it is no longer required for error analysis. Further information can be found in Sentry’s privacy policy.


14. Third-Country Transfers

When using the aforementioned US-based services, personal data may be transferred to the USA. These transfers are based on the EU–US Data Privacy Framework and additional safeguards pursuant to Art. 44 et seq. GDPR.


15. Automated Decision-Making and Profiling

Automated decision-making within the meaning of Art. 22 GDPR, including profiling, does not take place.


16. Status of the Privacy Policy

This privacy policy is dated December 2025.

bottom of page