Privacy Policy

  1. General notes and mandatory information to be provided in accordance with Article 13 of the GDPR

 

Waveguard GmbH is very serious about protecting your personal data. We treat your personal data as confidential and in accordance with the statutory data protection provisions as well as this Privacy Policy.

 

Waveguard GmbH processes personal data in accordance with the EU General Data Protection Declaration (GDPR). Personal data means all data on the basis of which you may be personally identified.

 

Please find detailed information on the subject of data protection in our Privacy Policy below.

 

  1. Name and address of the controller

 

The controller in accordance with Article 4, no. 7 of the GDPR is

 

Waveguard GmbH,

Bahnhofstraße 16,

02625 Bautzen,

Germany,

 

represented by the managing director Hagen Thiers,

 

Telephone: +49 3591 5947543

E-mail: office@waveguard.com.

 

The controller is the natural or legal person that decides, solely or together with other persons, on the purposes and means of the processing of personal data (e.g. names, e-mail addresses, or the like).

 

  1. Types of collected personal data

 

Waveguard GmbH collects the following personal data of customers:

 

  • Name,
  • Mailing and delivery and address,
  • Telephone number,
  • E-mail address,
  • Credit card data,
  • Account number.

 

  1. Purpose and scope of the use of personal data, legal bases

 

Waveguard GmbH uses this data for the following purposes:

 

  • Replies to customer enquiries;
  • Processing orders by customers (this may also require communication with the customer concerning the order by telephone or e-mail);
  • Submitting information about Waveguard GmbH to the customer by e-mail, if the customer has granted his/her consent and has not objected to this. An objection may be raised at any time.

 

We collect, process and use personal data if this data is required for establishing, organising the content of or changing a legal relationship (inventory data).

These activities are carried out on the basis of Article 6 (1) (b) of the GDPR, which permits the processing of personal data for the performance of a contract or in order to take steps prior to entering into a contract.

 

We collect, process, and use personal data in connection with the use of our website (usage data) if this is required in order to enable the user to use the services or to submit invoices related to orders.

 

  1. Duration of the use of personal data

 

Waveguard GmbH uses and stores the personal data for fulfilling the aforementioned purposes, with due regard to the retention periods under tax and commercial law, and erases it after the expiration of these periods, unless you have granted your consent to the further processing and use.

  1. Data transfer

 

Your data will not be transferred to third parties without your explicit consent or only if you have expressly consented to the transfer.

 

Solely our service partners that we rely upon for fulfilling our contracts shall be excluded from this. In these cases, we strictly comply with the requirements of the German Data Protection Law [Bundesdatenschutzgesetz, BDSG]. The scope of the data transfer will be limited to the minimum required. The service partners may use the data exclusively for these purposes or purposes required by law.

 

If the storage and processing activities are necessary, we will transfer your data to the following categories of recipients:

 

  • Logistics partners,
  • Postal services operators,
  • Call centres,
  • IT service providers,
  • Providers of webhosting/webspace,
  • Credit institutions.

 

Your data will not be transferred to third countries or for advertising purposes.

 

The basis for the data processing is Article 6 (1) (b) of the GDPR, which permits the processing of personal data for the performance of a contract or in order to take steps prior to entering into a contract.

 

  1. Rights of Data Subjects

 

In relation to Waveguard GmbH you have the following rights regarding the personal data concerning you:

 

  • Right of access,
  • Right to rectification or erasure,
  • Right to restriction of processing
  • Right to object to the processing,
  • Right to data portability,
  • Right to lodge a complaint with a supervisory authority regarding the processing of your personal data by us.

 

The supervisory authority responsible for us in data protection matters is the Data Protection Commissioner of the German federal state in which our company has their registered seat.

You may find a list of the Data Protection Commissioners as well as their contact details using the following link: https://www.bfdi.bund. de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

 

If you have granted us your consent to the processing of your personal data, you may revoke this consent at any time, even informally by e-mail to: office@waveguard.com.

 

Such a revocation will not affect the lawfulness of the processing carried out until then.

 

In order to exercise these rights and if you have further queries regarding issues related to personal data, do not hesitate to contact us at any time (for contact details, see item 1. above or the legal notice).

 

  1. Security advice

 

7.1 Waveguard GmbH protects your personal data by means of technical and organisational measures against unauthorised access, loss, and destruction. Our security measures will be improved continuously in accordance with the technological development.

 

7.2 We point out that the data transmission on the internet (e.g. in the case of e-mail communication) may have security gaps. It is not possible to completely protect the data against the access by third parties.

 

7.3 SSL or TLS encryption

 

There is an SSL or TLS encryption for this website for security reasons and for protecting the transmission of confidential content that you will send to us as website operator. You may recognise an encrypted connection by the address line of the browser changing from “http://” to “https://” and by the lock symbol in your browser line. If the SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.

 

7.4 Encrypted payment transactions through our website

 

Upon the completion of a purchase involving a payment, you are obliged to submit your payment data to us (e.g. the account number in the case of a direct debit authorisation) if this data is required for the handling the payment. Payment transactions using the common payment methods will be performed exclusively by means of an SSL or TLS encrypted connection. You may recognise an encrypted connection by the address line of the browser changing from “http://” to “https://” and by the lock symbol in your browser line. In the case of an encrypted communication, your payment data that use of it to us cannot be read by third parties.

 

  1. Data collection through our website

 

If you use this website, various kinds of personal data will be collected. Personal data is all data by means of which you may be personally identified. Hereinafter we will explain what is done with your personal data when you use our website.

 

  1. Name and address of the controller

 

The data collected through his website will be processed by the website operator, the contact details of whom are indicated in the legal notice of this website and who is identical with the controller (see I.1. above), or by third parties as described below.

 

  1. Scope of the processing of personal data

 

First, your data will be collected when you submit it to us. This includes e.g. the data that you enter into a contact form. However, you may visit our website without providing any personal information. In this case, we will not store any personal data. In order to improve our services, we only analyse statistical data that does not allow any conclusions to be drawn about your person.

 

Other data is automatically compiled by our IT systems or provider of webhosting/webspace when you visit the website. This is mainly technical data (e.g. regarding the internet browser, the operating system, or the time of the page view), which will be collected automatically as soon as you visit our website.

 

  1. Purpose of the processing of personal data

 

A part of the data will be collected in order to ensure the website can be provided without error. Other data may be used for analysing your user behaviour.

 

  1. Server log files

 

Our provider of webhosting/webspace automatically collects and stores information in server log files that our browser automatically submits to us. This includes:

 

  • Browser type und version,
  • Operating system used,
  • Referrer URL,
  • Hostname of the accessing computer,
  • Time of the server request,
  • IP address.

 

This data will not be combined with data from other data sources.

The basis for the data processing is Article 6 (1) (f) of the GDPR, which permits the processing of personal data if it is necessary for the purposes of the legitimate interests pursued by the controller or by a third party.

 

  1. Cookies

 

Parts of our website use cookies. Cookies do not damage your computer and do not contain any viruses. They serve for making our services more user-friendly, more effective, and safer. Cookies are small text files that are placed on your computer and that are stored by your browser.

 

Most of the cookies we use are session cookies. They are automatically deleted at the end of your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognise your browser the when you revisit our website.

 

You can adjust your browser settings so that you will be informed when cookies are placed, allow cookies only in individual cases, exclude the acceptance of cookies in certain cases or generally, and activate the automatic deletion of cookies when you close your browser. If cookies are disabled, the functionality of this website may be restricted.

 

Cookies that are necessary for performing the electronic communication or providing certain functions desired by you (e.g. shopping cart function) will be stored on the basis of Article 6 (1) (f) of the GDPR. The website operator has a legitimate interest in storing cookies for providing their services without technical errors and in an optimised manner. If other cookies (e.g. cookies for the purpose of analysing your browsing behaviour) are stored, these are separately described in this Privacy Policy.

 

  1. Contact form

 

When you use the contact form, we will collect personal data (individual information concerning personal or factual circumstances of a specific or specifiable natural person) only to the extent that this data is made available by you.

 

If you submit to us enquiries through the contact form, your information indicated in the enquiry form including the contact details provided in it will be stored in our company for handling the enquiry and for cases of follow-up questions. We will not pass this data on without your consent.

 

Thus, the processing of the data entered into a contact form will be carried out exclusively on the basis of your consent (Article 6 (1) (a) of the GDPR). You may revoke this consent at any time. An informal notification by email to us will be sufficient for that purpose. The lawfulness of the data processing operations carried out until the revocation shall remain unaffected by the revocation.

 

If you have not consented to the further processing and use, the data that you have entered into the contract form will remain at our company until you ask us to erase it, you revoke your consent to the storage or there is no longer a purpose for the storage (e.g. if the handling of your enquiry is completed). Mandatory statutory provisions, in particular retention periods, shall remain unaffected.

 

  1. Registration on this website

 

You may register on our website in order to use additional functions of this website. We will use the data entered for that purpose only for using the relevant service for which you have registered. The mandatory information requested during the registration process needs to be indicated completely. Otherwise, we will refuse to carry out the registration.

 

In the case of important changes (e.g. regarding the scope of our services) or technically necessary changes, we will use the e-mail address indicated during the registration process in order to inform you in this way.

 

The processing of the data entered by you during the registration process will be carried out on the basis of your consent (Article 6 (1) (a) of the GDPR). You may revoke at any time the consent that you have granted. An informal notification by email to us will be sufficient for that purpose. The lawfulness of the data processing operations already carried out shall remain unaffected by the revocation.

 

We will store the data collected during the registration process as long as you are registered for our website and delete it subsequently. Statutory retention periods shall remain unaffected.

 

  1. Analyse with Google Analytics using IP anonymisation

 

Your browsing behaviour may be statistically analysed when you visit our website. You may object to this analysis or prevent it by not using certain tools.

 

This website uses functions of the web analysis service Google Analytics, the provider of which is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

 

Google Analytics uses cookies (see item 5. above). The information generated by the cookie about your use of this website will usually be transmitted to a server of Google in the USA and stored there. The storage of Google Analytics cookies is carried out on the basis of Article 6 (1) (f) of the GDPR. The website operator has a legitimate interest in the analysis of the user behaviour in order to optimise both their web services and their advertising.

 

We have activated the IP anonymisation function on this website. As a result, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before the transmission to the USA. Only in exceptional cases, the complete IP address will be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to analyse your use of the website, to compile reports on the activities on this website, and to provide other services related to the use of the website and the internet usage to the website operator. The IP address transmitted by your browser within the scope of Google Analytics will not be combined with other Google data.

 

You can prevent the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.

 

Furthermore, you may prevent the collection of the data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plug-in available through the following link: https://tools.google.com/dlpage/gaoptout?hl=en. An opt‑out cookie will be placed, which will prevent the collection of your data upon future visits of this website.

 

For more information about how Google Analytics treats user data, please see Google Analytics’ privacy policy: https://support.google.com/analytics/answer/6004245?hl=en.

 

We have entered into an agreement on commissioned data processing with Google and completely implement the strict requirements of the German data protection authorities when using Google Analytics.

 

  1. Google reCAPTCHA

 

On our website, we use Google reCAPTCHA (hereinafter referred to as “reCAPTCHA”), the provider of which is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).

 

The purpose of reCAPTCHA is to verify whether the data is entered on our webpages (e.g. in a contact form) by a human being or by an automated programme. For that purpose, reCAPTCHA analyses the behaviour of the website visitor on the basis of various characteristics. This analysis starts automatically as soon as the website visitor accesses the website. For the analysis, reCAPTCHA analyses various information (e.g. the IP address, the length of the stay of the website visitor on the website or mouse movements made by the user). The data collected during the analysis will be passed on to Google.

 

The reCAPTCHA analyses are carried out completely in the background. Website visitors will not be made aware of and analysis taking place.

 

The data processing will be carried out on the basis of Article 6 (1) (f) of the GDPR. The website operator has a legitimate interest in protecting their web services from being spied out abusively in an automated manner and from SPAM.

 

For more information about Google reCAPTCHA and the privacy policy of Google, visit the following links: and https://www.google.com/intl/en/policies/privacy/.

 

  1. Newsletter data

 

If you would like to receive the newsletter offered on this website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the indicated e-mail address and that you consent to receiving the newsletter. We will not collect further data or only on a voluntary basis. We will use the data exclusively for the distribution of the requested information and will not pass it on to third parties.

 

The data entered into the newsletter subscription form will be processed exclusively on the basis of your consent (Article 6 (1) (a) of the GDPR). You may revoke at any time the granted consent regarding the storage of data, the e-mail address as well as the use of this address for the distribution of the newsletter, e.g. by using the “Unsubscribe” link in the newsletter. The lawfulness of the data processing operations already carried out shall remain unaffected by the revocation.

 

We will use your email address independently from the execution of the contract exclusively for our own advertising purposes for distributing newsletter if you have expressly consented to that. The declaration of consent that you need to submit in that regard reads as follows:

“Subscribe” or check the following text during the registration or order process: “Waveguard GmbH information newsletter”.

 

You may unsubscribe from the newsletter at any time using the corresponding link in the newsletter or by sending a notification to us. Our contact details are indicated in our legal notice or see item I.1. above. Your e‑mail address will then be removed from our mailing list.

 

The data that you have given us for the purpose of receiving the newsletter will be stored until you unsubscribe from the newsletter mailing list and will be deleted when you have unsubscribed from the newsletter. Data that has been stored at our company for other purposes (e.g. e‑mail addresses for the members’ area) shall remain unaffected thereby.

 

  1. rapidmail

 

Waveguard GmbH uses the service rapidmail for the distribution of newsletters, the provider of which is rapidmail GmbH, Augustinerplatz 2, 79098 Freiburg i. Br., Germany. rapidmail is a service with which, among other things, the distribution of newsletters can be organised and analysed. The data that you entered for the purpose of subscribing to the newsletter will be stored on the servers of rapidmail in Germany.

 

If you do not wish an analysis by rapidmail, you need to unsubscribe from the newsletter. For that purpose, we provide a corresponding link in each newsletter message. In addition to that, you may also unsubscribe from this newsletter directly on the website.

 

For the purpose of the analysis, the emails submitted through rapidmail contain a session cookie, which connects to the servers of rapidmail when the e-mail is opened. In this way it can be determined whether a newsletter message has been opened.

 

Furthermore, we can determine by means of rapidmail whether and which links in the newsletter message have been clicked on. All links in the email are tracking links, with which your clicks can be counted.

 

For more information on the analysis functions of rapidmail, see the following link: https://de.rapidmail.

wiki/kategorien/statistiken/.

 

The data processing will be carried out on the basis of your consent (Article 6 (1) (a) of the GDPR). You may revoke this consent at any time. The lawfulness of the data processing operations already carried shall remain unaffected by the revocation.

 

The data that you have given to us for the purpose of receiving the newsletter will be stored until you unsubscribe from the newsletter and will be deleted both from our servers and the servers of rapidmail when you have unsubscribed from the newsletter. Data that has been stored at our company for other purposes (e.g. e‑mail addresses for the members’ area) shall remain unaffected thereby. You may find further information in the data security information of rapidmail at https://www.rapidmail.de/datensicherheit.

 

We have entered into an agreement on commissioned data processing with rapidmail in which we impose the obligation on rapidmail to protect the data of our customers and to not pass it on to third parties. You may read a sample version of this contract using the following link: https://de.rapidmail.wiki/files/adv/muster-auftragsdatenverarbeitung.pdf.

 

  1. YouTube plugins

 

Waveguard GmbH uses plugins of the service YouTube that is operated by Google and the operator of which is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers will be established. In that context, the YouTube server will be informed about which of our pages you have visited.

 

If you are logged in to your YouTube account, you enable YouTube to assign your browsing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account.

 

We use YouTube for an appealing presentation of our online services. This constitutes a legitimate interest as defined by Article 6 (1) (f) of the GDPR.

 

 

You can find more information about the treatment of user data in YouTube’s privacy policy at: https://support.google.com/youtube/answer/7671399?p=privacy_guidelines&hl=en&visit_id=637050892750564993-3885221064&rd=1.

 

  1. Google web fonts

 

Waveguard GmbH uses web fonts provided by Google for the uniform display of fonts on this website. When you access a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.

 

For this purpose, the browser you are using must establish a connection to the servers of Google. In this way, Google gains knowledge of the fact that our website has been accessed from your IP address. We use Google web fonts for a harmonised and appealing presentation of our online services. This constitutes a legitimate interest as defined by Article 6 (1) (f) of the GDPR.

 

If your browser does not support web fonts, a standard font available on your computer will be used. Please find further information regarding Google web fonts at https://developers.google.com/fonts/faq and in the privacy policy of Google at https://www.google.com/intl/en/policies/privacy/.

 

  1. Google Maps

 

Waveguard GmbH uses on this website via an API the Google Maps map service, the provider of which is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

 

In order to use the functions of Google Maps, the storage of your IP address is necessary. This information will be usually transmitted to a server of Google in the USA and stored there. Waveguard GmbH is unable to influence this data transmission.

 

We use Google Maps for an appealing presentation of our online services and facilitating finding the locations indicated on this website. This constitutes a legitimate interest as defined by Article 6 (1) (f) of the GDPR.

 

Please find further information on the handling of user data in the privacy policy of Google at https://www.google.com/intl/en/policies/privacy/.

 

  1. PayPal

 

On this website, Waveguard GmbH provides the option to make payments through the payment services provider PayPal (PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22‒24 Boulevard Royal, L-2449 Luxembourg, hereinafter referred to as “PayPal”).

 

If you select the payment via PayPal, the payment data entered by you will be transmitted to PayPal. The transmission of your data to PayPal is based on Article 6 (1) (a) of the GDPR (consent) and Article 6 (1) (b) of the GDPR (processing for the performance of a contract).

 

You may revoke your consent to the data processing at any time. The revocation does not affect the lawfulness of data processing operations carried out in the past.

 

  1. etracker

 

On this website, data is collected and stored by means of technologies of etracker GmbH (www.etracker.com) for marketing and optimisation purposes. We have a legitimate interest as defined by Article 6 (1) (f) of the GDPR in this marketing and these optimisations. User profiles may be created from this data under a pseudonym. Cookies, which are described in item 5. above, may be used for that purpose. Cookies enable the recognition of internet browsers upon subsequent visits to a website.

 

Without the consent of the data subject having been granted separately, the data collected by means of etracker technologies will not be used for personally identifying the visitor of this website and will not be combined with personal data concerning the person to whom the pseudonym relates.

 

Version of September 2019