Privacy Policy

The following information provides an overview of how we process personal data when you visit this website and what rights you have under the General Data Protection Regulation (GDPR).

This English version is provided for convenience only. In case of discrepancies or legal relevance, the German version (“Datenschutzerklärung”) shall prevail.

1. Controller

The controller responsible for processing your personal data is:

Wüstenberg IT
Lars Marcus Wüstenberg
Eschenweg 34
D-25451 Quickborn
Germany

Phone: +49 4106 612875
Fax: +49 4106 612876
Email: info@wuestenberg-it.de

2. General information on data processing

We process personal data only to the extent necessary for providing a functional website and our services. All processing takes place on the basis of the GDPR.

Personal data means any information relating to an identified or identifiable natural person (e.g. name, contact details, IP address).

3. Hosting

This website is hosted on our own infrastructure in Germany (Nginx, Linux server). All processing takes place exclusively within the EU.

The servers are regularly maintained and protected against unauthorized access.

4. Access data / Server log files

When you visit our website, our system automatically collects and stores the following information transmitted by your browser:

  • Anonymized IP address of the requesting device
  • Date and time of access
  • Requested page / file
  • Amount of data transferred
  • Referrer URL
  • Browser type and version
  • Operating system

Processing is based on Art. 6(1)(f) GDPR, our legitimate interest in providing, securing and optimizing the website.

No combination of these data with other data sources takes place.

5. Contact form

When you contact us via the contact form, we process the data you provide (e.g. name, email address, phone number, company information, message content).

Required fields are marked. Without this information, the form cannot be submitted.

Processing is based on Art. 6(1)(b) GDPR (pre-contractual inquiries) and Art. 6(1)(f) GDPR (legitimate interest in effective communication).

Your data will be deleted once your request has been processed and no legal retention obligations apply.

6. Customer area / Login

For registered customers, a protected login area is available. During login, the following data is processed:

  • Login data (email address / username)
  • Password hash (never stored in plain text)
  • Session ID / technically necessary cookies
  • Time of login

Session cookies serve exclusively for authentication and are deleted after logout or when the session ends.

Legal basis: Art. 6(1)(b) GDPR (contract performance).

7. Web analytics with Matomo

We use Matomo, a self-hosted open-source web analytics platform, exclusively on our own infrastructure in Germany. Matomo is configured without cookies.

The following anonymized data is processed:

  • Anonymized IP address
  • Visited pages
  • Time spent on pages
  • Device type and browser information
  • Referrer (if available)

Matomo respects Do Not Track and does not transfer data to third parties.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in privacy-friendly reach measurement).

8. Cookies

This website uses only technically necessary cookies, for example:

  • Session handling in the customer area
  • Stability and protection of forms

These cookies are required to operate the website and do not require consent.

9. Planned shop / future functionality

An online shop is planned for the future. Once enabled, additional processing operations (e.g. payment processing, customer accounts, order management) will be integrated in compliance with GDPR, and this privacy policy will be expanded accordingly.

10. Your rights under GDPR

You have the following rights:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object (Art. 21 GDPR)
  • Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

You can exercise these rights at any time using the contact details provided above.

11. SSL/TLS encryption

This website uses SSL/TLS encryption for security reasons. This prevents data transmitted by you from being read by third parties.

12. Right to object under Art. 21 GDPR

You have the right to object at any time, for reasons relating to your particular situation, to the processing of personal data based on Art. 6(1)(e) or (f) GDPR.

If you object, we will no longer process the relevant data unless we can demonstrate compelling legitimate grounds or the processing serves the establishment, exercise or defence of legal claims.

13. Updates to this Privacy Policy

This Privacy Policy may be updated as necessary, for example in the event of new functionality, legal changes or expansion of our services.

The version available at the time of your visit always applies.