Privacy policy

Introduction

We are delighted that you have visited our website. WPWA Team GmbH (hereinafter referred to as “Wachter,” “we,” or “us”) attaches great importance to the security of user data and compliance with data protection regulations. We would like to inform you below about how your personal data is processed on our website.

Responsible authority

WPWA Team GmbH, Sandstr. 31, 80335 Munich
Tel.: +49 89 12 50 923-30
E-Mail: info@wpwa.team

Terms

The technical terms used in this privacy policy are to be understood as they are legally defined in Article 4 of the GDPR.

Information on Data Processing

Automated Data Processing (Log Files, etc.)

Our site can be visited without actively providing personal information. However, we automatically store access data (server log files) with each visit to the website, such as the name of the internet service provider, the operating system used, the website from which the user visits us, the date and duration of the visit, or the name of the requested file, as well as the IP address of the used device for 7 days for security reasons, e.g., to detect attacks on our website. This data is evaluated exclusively to improve our offer and does not allow any conclusions to be drawn about the user’s identity. These data are not merged with other data sources.

We process and use the data for the following purposes: providing the website, improving our website, preventing and detecting errors/malfunctions, and misuse of the website.

  • Rechtsgrundlage: berechtigtes Interesse, gem. Art. 6 Abs. 1 lit. f) DSGVO
  • Legitimate Interests: Ensuring the functionality and error-free, secure operation of the website, as well as adapting this website to the users’ needs.

Use of Cookies
(General, Functionality, Opt-Out Links, etc.)

To make our website more attractive and enable the use of certain functions, we use so-called cookies on our website. The use of cookies serves our legitimate interest in making the visit to our website as pleasant as possible and is based on Art. 6 para. 1 lit. f) GDPR. Cookies are a standard internet technology for storing and retrieving login and other usage information for all website users. Cookies are small text files that are stored on the user’s device. They allow us to save user settings, among other things, so that our website can be displayed in a format tailored to the user’s device. Some of the cookies we use are deleted after the browser session ends, i.e., after closing the browser (so-called session cookies). Other cookies remain on the user’s device and allow us or our partner companies to recognize the browser on the next visit (so-called persistent cookies).

The browser can be set to inform the user about the setting of cookies and to decide individually about their acceptance or to exclude the acceptance of cookies for certain cases or in general. Furthermore, cookies can be deleted retrospectively to remove data that the website has stored on the user’s computer. Disabling cookies (so-called opt-out) may lead to some restrictions in the functionality of our website.

Web Analysis and Optimization

To analyze visitor traffic on our online offering, we use tools for web analysis and reach measurement. For this purpose, we collect information about the behavior, interests, or demographic information of our visitors, such as age, gender, etc. This helps us to identify when our online offering, its features, or content are most frequented or invite repeated visits. Additionally, we can determine whether our online offering needs optimization or adjustment based on the collected information.

The information collected for this purpose is stored in cookies or similar methods and used for reach measurement and optimization. The data stored in cookies may include viewed content, visited online presences, settings, and used functions and systems. Regularly, no clear user data is processed for the described purposes. In this case, the data is altered so that the actual identity of the users is not known to us or the provider of the used tool. The altered data is often stored in user profiles.

  • Categories of Data Subjects: Website visitors, users of online services
  • Categories of Data: User data (e.g., visited websites, interest in content, access times), meta and communication data (e.g., device information, IP addresses), contact data (e.g., email address, phone number), content data (e.g., text entries, photographs, videos)
  • Purposes of Processing:Website analysis, reach measurement, utilization and evaluation of website interaction, lead evaluation
  • Legal Basis:Consent (Art. 6 para. 1 lit. a) GDPR)
  • Legitimate Interests: Optimization and development of the website, profit increase, customer retention, and acquisition

Hotjar

Online Marketing

To continuously increase the reach and visibility of our online offering, we process personal data within the scope of online marketing, particularly regarding potential interests and measuring the effectiveness of our marketing measures.

For the purpose of measuring the effectiveness of our marketing measures and identifying potential interests, relevant information is stored in cookies or similar methods are used. The data stored in cookies may include viewed content, visited online presences, settings, and used functions and systems. Regularly, no clear user data is processed for the described purposes. The data is altered so that the actual identity of the users is not known to us or the provider of the used tool. The altered data is often stored in user profiles.
In the case of storing user profiles, the data can be read, supplemented, and added to the server of the online marketing provider when visiting other online offerings that use the same online marketing method.

We can determine the success of our advertisements based on aggregated data made available to us by the provider of the online marketing method (so-called conversion measurement). Within these conversion measurements, we can track whether a marketing measure has led to a purchase decision by the visitor of our online offering. This evaluation serves to analyze the success of our online marketing.

  • Categories of Data Subjects: Website visitors, users of online services, interested parties, communication partners, business and contract partners
  • Categories of Data: User data (e.g., visited websites, interest in content, access times), meta and communication data (e.g., device information, IP addresses), location data, contact data, content data (e.g., text entries, photographs, videos)
  • Purposes of Processing: Marketing (partly interest-based and behavior-based), conversion measurement, audience building, click tracking, developing marketing strategies, and increasing campaign efficiency
  • Legal Bases: Consent (Art. 6 para. 1 lit. a) GDPR); legitimate interests (Art. 6 para. 1 lit. f) GDPR)
  • Legitimate Interests: Optimization and development of the website, profit increase, customer retention, and acquisition

Google Tag Manager

Google Analytics

Google Optimize

Google AdWords and Conversion Measurement

Facebook-Pixel

LinkedIn

Microsoft Advertising

Social Media Presences

We maintain online presences on social networks and career platforms to exchange information with registered users and to facilitate easy contact.

Partly, user data on social networks is used for market research and advertising purposes. User profiles can be created and used to tailor advertisements to the interests of target groups based on user behavior, such as indicating interests. Cookies are regularly stored on the users’ devices for this purpose, sometimes regardless of whether they are registered users of the social network.

Depending on where the social network is operated, user data may be processed outside the European Union or the European Economic Area. This may pose risks for users, as it could make it more difficult to enforce their rights.

  • Categories of Data Subjects: Registered users and non-registered users of the social network
  • Categories of Data: Basic data (e.g., name, address), contact data (e.g., email address, phone number), content data (e.g., text entries, photographs, videos), usage data (e.g., visited websites, interests, access times), meta and communication data (e.g., device information, IP address)
  • Purposes of Processing: Extending reach, networking
  • Legal Bases: Legitimate interests (Art. 6 para. 1 lit. f) GDPR), consent (Art. 6 para. 1 lit. a) GDPR)
  • Legitimate Interests: Interaction and communication on social media presence, profit increase, insights into target groups

Instagram

Facebook

LinkedIn

Kununu

Twitter / X

Xing

YouTube

Plug-ins and Embedded Third-Party Content

Our online offering incorporates functions and content sourced from third-party providers. These can include videos, presentations, buttons, or posts (hereinafter referred to as content).

To display content to visitors of our online offering, the respective third-party provider processes, among other things, the user’s IP address to transmit and display the content to the browser. Without this processing, third-party content cannot be displayed.

In some cases, additional information is collected through so-called pixel tags or web beacons, which allow the third-party provider to gather information about the use of the content or visitor traffic on our online offering, technical information about the browser or operating system of the user, the visit time, or referring websites. The collected data is stored in cookies on the user’s device.

To protect the personal data of visitors to our online offering, we have taken certain security measures to prevent the automatic transmission of this data. Data transmission only occurs when users use the buttons or click on third-party content.

  • Categories of Data Subjects: Users of the plug-in or embedded third-party content
  • Categories of Data: Usage data (e.g., visited websites, interests, access time), meta and communication data (e.g., device information, IP address), contact data (e.g., email address, phone number), basic data (e.g., name, address)
  • Purposes of Processing: Design of our online offering, increasing the reach of advertisements on social media, sharing posts and content, interest- and behavior-based marketing, cross-device tracking
  • Legal Basis: Consent (Art. 6 para. 1 lit. a) GDPR)

Google Fonts

Google Maps

Typekit Fonts from Adobe

YouTube

Vimeo

Online Conferences, Meetings, and/or Webinars

We make use of the option to hold online conferences, meetings, and/or webinars. For this purpose, we use the services of other providers, which we have carefully selected.

When actively using such services, data of the communication participants is processed and stored on the servers of the third-party providers used, insofar as this is necessary for the communication process. Additionally, usage and metadata may be processed.

  • Categories of Data Subjects: Participants in the respective online offering (conference, meeting, webinar)
  • Categories of Data: Basic data (e.g., name, address), contact data (e.g., email address, phone number), content data (e.g., text entries, photographs, videos), meta and communication data (e.g., device information, IP addresses)
  • Purposes of Processing: Handling inquiries, increasing efficiency, promoting cross-location collaboration
  • Legal Basis: Consent (Art. 6 para. 1 lit. a) GDPR)

Microsoft Teams

Credit Check

If we provide services in advance, we reserve the right to perform an identity and credit check. For this purpose, we use specific service providers who regularly assess the risk we may face using mathematical-statistical procedures.

Based on the results provided by the respective service provider, we decide at our discretion whether and how we wish to establish, execute, or terminate a contractual relationship with the users. In the case of a negative credit report, we reserve the right to refuse certain payment methods or other forms of advance performance.

  • Categories of Data Subjects: Buyers in our online shop
  • Categories of Data: Basic data (e.g., name, addresses), payment data (e.g., bank details, invoices, payment history), contact data (e.g., email address, phone number), contract data (e.g., contract subject, duration), credit data
  • Purposes of Processing: Avoidance of payment defaults and reduction of the default rate of payments, reduction of our creditor risk
  • Legal Bases: Legitimate interests (Art. 6 para. 1 lit. f) GDPR)
  • Legitimate Interests: Economic security, protection against payment defaults, reduction of creditor risk, profit generation

Creditreform Boniversum GmbH and Verband der Vereine Creditreform e.V.

Promotional Communication

We use data provided to us for promotional purposes, particularly to inform about news from us or our range of offerings through various channels. Promotional communication from us takes place within the framework of legal requirements and – where necessary – after obtaining consent.

If recipients of our advertising do not wish to receive it, they can inform us at any time. We will gladly comply with such requests.

  • Categories of Data Subjects: Communication partners
  • Categories of Data: Basic data (e.g., name, address), contact data (e.g., email address, phone number)
  • Purposes of Processing: Direct marketing
  • Legal Bases: Consent (Art. 6 para. 1 lit. a) GDPR), legitimate interests (Art. 6 para. 1 lit. f) GDPR)
  • Legitimate Interests: Retaining existing contacts and acquiring new contacts or contractual partners

Contact

We offer the possibility to contact us directly or to obtain information through various contact options on our online offering.

In the event of contact, we process the data of the inquiring person to the extent necessary to respond to or handle the inquiry. Depending on the way contact is made, the processed data may vary.

  • Categories of Data Subjects: Inquiring persons
  • Categories of Data: Basic data (e.g., name, address), contact data (e.g., email address, phone number), content data (e.g., text entries, photographs, videos), usage data (e.g., interests, access times), meta and communication data (e.g., device information, IP address)
  • Purposes of Processing: Handling inquiries
  • Legal Bases: Consent (Art. 6 para. 1 lit. a) GDPR), contract fulfillment or initiation (Art. 6 para. 1 lit. b) GDPR)

Data Transfer

We transfer the personal data of visitors to our online offering for internal purposes (e.g., for internal administration or to the HR department to comply with legal or contractual obligations). Internal data transfer or disclosure of data only occurs to the extent necessary and in compliance with relevant data protection regulations.

  • Legal Bases: Legitimate interests (Art. 6 para. 1 lit. f) GDPR)
  • Legitimate Interests: So-called small corporate privilege, centralized administration and management within the company to utilize synergies, cost savings, increased efficiency

To fulfill contracts or meet legal obligations, it may be necessary to share personal data. If the necessary data is not provided, it may be impossible to conclude a contract with the affected person.

We transfer data to countries outside the EEA (so-called third countries). This occurs for the above-mentioned purposes. The transfer only takes place to fulfill our contractual and legal obligations or based on prior consent from the affected person.

In cases where we transfer data to a country outside the EEA for processing, we ensure that the processing is legally permissible in the manner we intend. For this purpose, we have concluded standard data protection clauses, including specific regulations for appropriate technical and organizational measures to protect the data of the affected persons as best as possible. A copy of the guarantees used can be accessed here.

Landingpages, funnel, quiz-pages, linktrees

onepage.io

Onepage GmbH, Neue Rothofstr. 13-19, 60313 Frankfurt am Main (hereinafter “onepage.io”). onepage.io enables us to build websites and landing pages as well as link trees and quiz pages. The websites are generated entirely on onepage.io and are also hosted there. For this purpose, onepage.io processes personal data. All personal data that you enter on this page or that is automatically collected from you is therefore also processed by onepage.io and stored on its servers. the legal basis for data processing is Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in providing the service. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1TDDDG. Consent can be withdrawn at any time, and further details can be found in the provider’s privacy policy at https://onepage.io/de/datenschutzerklarung

Involve.me

ChatGPT

We use ChatGPT for our customer communication. The provider is OpenAI, 3180 18th St, San Francisco, CA 94110, USA, https://openai.com.

We have configured ChatGPT so that any entered personal data is not used to train the ChatGPT algorithm.

The use of ChatGPT is based on Art. 6 (1) lit. f GDPR. The website operator has a legitimate interest in enabling the most efficient customer communication possible through the use of modern technical solutions. If consent has been obtained, processing is carried out exclusively based on Art. 6 (1) lit. a GDPR and § 25 (1) TDDDG. Consent can be revoked at any time.

For more information, please visit: https://openai.com/policies/privacy-policy.

Retention Period

We generally store the data of visitors to our online offering for as long as necessary to provide our services or as stipulated by the European Directives and Regulations or other legislation to which we are subject. In all other cases, we delete personal data after the purpose has been fulfilled, except for data that we must continue to store to fulfill legal obligations (e.g., due to tax and commercial retention periods, we are required to keep documents such as contracts and invoices for a certain period).

Automated Decision-Making

We do not use automated decision-making or profiling as defined by Art. 22 GDPR.

Legal Bases

The main legal bases are derived from the GDPR. These are supplemented by national laws of the member states and may apply jointly or in addition to the GDPR.

  • Consent: Art. 6 para. 1 lit. a) GDPR serves as the legal basis for processing operations for which we have obtained consent for a specific processing purpose.
  • Contract Fulfillment: Art. 6 para. 1 lit. b) GDPR serves as the legal basis for processing necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject prior to entering into a contract.
  • Legal Obligation: Art. 6 para. 1 lit. c) GDPR serves as the legal basis for processing necessary for compliance with a legal obligation.
  • Vital Interests: Art. 6 para. 1 lit. d) GDPR serves as the legal basis when processing is necessary to protect the vital interests of the data subject or another natural person.
  • Public Interest: Art. 6 para. 1 lit. e) GDPR serves as the legal basis for processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
  • Legitimate Interest: Art. 6 para. 1 lit. f) GDPR serves as the legal basis for processing necessary for the purposes of the legitimate interests pursued by the controller or a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, particularly where the data subject is a child.

Rights of Data Subjects

  • Right of Access: According to Art. 15 GDPR, data subjects have the right to request confirmation as to whether we are processing data concerning them. They can request information about this data as well as the additional information listed in Art. 15 para. 1 GDPR and a copy of their data.
  • Right to Rectification: According to Art. 16 GDPR, data subjects have the right to request the correction or completion of data concerning them that we process.
  • Right to Erasure: According to Art. 17 GDPR, data subjects have the right to request the immediate deletion of data concerning them. Alternatively, they can request the restriction of processing of their data according to Art. 18 GDPR.
  • Right to Data Portability: According to Art. 20 GDPR, data subjects have the right to request the provision of the data they have provided to us and to request its transfer to another controller.
  • Right to Lodge a Complaint: According to Art. 77 GDPR, data subjects also have the right to lodge a complaint with the supervisory authority responsible for them.
  • Right to Object: If personal data is processed on the basis of legitimate interests according to Art. 6 para. 1 sentence 1 lit. f) GDPR, data subjects have the right to object to the processing of their personal data according to Art. 21 GDPR, provided that there are reasons for this arising from their particular situation or if the objection is directed against direct marketing. In the latter case, data subjects have a general right to object that will be implemented by us without specifying a particular situation.

Withdrawal

Some data processing operations are only possible with the express consent of the data subjects. You have the option to revoke an already granted consent at any time. A formless notification or an email to info(at)wpwa.team is sufficient. The legality of the data processing carried out until the withdrawal remains unaffected by the withdrawal.

External Links

Our website contains links to the online offerings of other providers. We hereby point out that we have no influence on the content of the linked online offerings and the compliance with data protection regulations by their providers.

Changes

We reserve the right to adjust these data protection notices at any time in the event of changes to our online offering and in compliance with the applicable data protection regulations, to ensure they meet legal requirements.

This privacy policy was created by DDSK GmbH.