Data Protection Regulation (GDPR)

Information according to Articles 13, 14, and 21 of the General Data Protection Regulation (GDPR)

The following paragraphs contain information about the processing of your personal data and your claims and rights according to data protection laws.

This privacy policy informs you about the type, extent, and purpose of the processing of personal data on our website, as well as related websites, functions, and content (hereinafter jointly referred to as "website" or "site"). The privacy policy applies no matter which domains, systems, or devices (e.g. desktop or mobile) are used.

Personal data is all information relating to you, such as your name, address, email addresses, and user behaviour. Personal user data are processed on our website, particularly usage data (e.g. which pages were visited on our website, interest in our services) and content data (e.g. information in the contact form or newsletter subscriptions).

How and which data are processed in particular depends on the services used.

The data controller is:

wirDesign communication AG
Gotzkowskystraße 20/21
10555 Berlin
T 030 275728-0
F 030 275728-28
welcome [at] wirdesign [dot] de

Our corporate data protection officer can be reached at:

mip Consult GmbH
Attorney Asmus Eggert
Alte Jakobstr. 77
10179 Berlin
T 030 275728-0
datenschutz [at] wirdesign [dot] de
www.sofortdatenschutz.de

We process the personal data we receive from you when you use our website, or through our shared business relations. 

If the website is only used for informational purposes, i.e. if you do not subscribe or transmit information to us in any other way, we only collect the personal data your browser transmits via our server. If you want to view our website, we collect the following access data, which are essential in terms of correctly displaying our website and to guarantee its stability and security. These access data include your IP address, the date and time of the request, the time zone difference in relation to Greenwich Mean Time (GMT), the content of the request (i.e. the name of the specific site opened), access status/HTTP status code, the amount of data transferred, referrer URL (previously visited website), browser type and version, the operating system and its environment, the language and version of the browser software, messages about successful access.

Furthermore, we process - to the extent required for the provision of our services - personal data we receive permissibly from affiliates, our subsidiary, or other third-parties (e.g. to complete orders, for the fulfilment of contracts, or due to your consent).

Relevant personal data include contact information (name, address, and other contact information, birth date and birth place). They may also include contractual data (e.g. services received, the names of administrators, payment information), advertising and marketing information (including marketing scores), documentation data (e.g. conversation records), data about your use of our provided telemedia (e.g. the time our websites were accessed, applications or newsletters, which of our sites were accessed, or interest in our services), as well as content data (e.g. information provided through contact forms).

We process personal data in accordance with the guidelines of the European General Data Protection Regulation (GDPR) and the German data protection act (BDSG):

3.1 For the performance of pre-contractual and contractual obligations, Article 6(1b) GDPR

When you contact us (via contact form or email), your data are processed to complete your contact request.

3.2 In the context of assessing legitimate interest, Article 6 (1f) GDPR

To the extent necessary, we process your data beyond the mere performance of the contract to safeguard our interests or those of third parties. Examples:

  • For advertising or market and opinion research, if you did not object to the use of your data;
  • For the enforcement of legal claims and defence in legal disputes;
  • To guarantee IT security and IT operation, particularly regarding the website (see data listed above under Section 2);
  • For measures of business management and the further development of services and products.

3.3 On the basis of your consent, Article 6 (1a) GDPR

If you consented to the processing of your personal data for certain purposes (e.g. newsletter subscriptions, advertising via phone, email, text message, etc.), the processing is considered lawful on the basis of your consent. Consent may be withdrawn at any time. Please note that withdrawal only affects future use. Processing that occurred prior to withdrawal is not affected.

Within the company, individuals who need your data to perform our contractual and legal obligations will receive access to your data.

Processors commissioned by us (Art 28 GDPR) may also receive data for the aforementioned purposes. These processors are companies in the fields IT services, logistics, print services, telecommunications, financial services, advising and consulting, as well as sales and marketing. In the event that we commission contract processors for the provision of our services, we take appropriate legal, technical, and organisational precautions to protect personal data in accordance with the legal guidelines.

For security reasons (e.g. to investigate abusive and fraudulent activity), log-file information is stored for a maximum duration of seven days and deleted afterwards (see Section 2 above). Data whose storage is required for reasons of evidence are excluded from erasure until the respective incident is completely resolved.

If necessary, we process and retain your personal data for the duration of our business relations, which also includes the initiation and conclusion of a contract.

Further, we are subject to various obligations regarding retention and documentation, as prescribed by German commercial code (HGB) and the German fiscal code (AO). The retention and documentation periods prescribed therein are two to ten years.

Finally, the retention period also depends on the legal limitation period, which for example, is 3 years according to §§ 195 pp. of the German civil code, but may be up to thirty years, whereas the regular limitation period is three years.

Data will not be transmitted to third countries (non-member states of the European Union - EU).

Each individual has the

  • right to disclosure according to Article 15 GDPR,
  • right to rectification according to Article 16 GDPR,
  • right to erasure according to Article 17 GDPR,
  • right to restriction of processing according to Article 18 GDPR,
  • right to data portability according to Article 20 GDPR.

Furthermore, you may withdraw consent, generally applicable to future processing.

Moreover, you have the right to lodge a complaint with a supervisory authority (Article 77 DGPR, in conjunction with § 19 BDSG).

We would like to additionally note your right to object according to Article 21 GDPR:

Information about the right to object according to Article 21

You have the right to object to the processing of your personal data due to Article 6 (1e) GDPR (data processing for the performance of a of a task carried out in the public interest) and Article 6 (1f) GDPR (data processing for the purposes of legitimate interest) at any time on grounds relating to your personal situation; this also applies to profiling based on this provision in accordance within the meaning of Article 4 (4) GDPR, which we use for the analysis of surveys or marketing purposes.

If you object, we will no longer process your personal data, unless we are able to provide compelling, legitimate grounds for processing that override your interests, rights, and freedoms, or if processing serves the enforcement, exercise, or defence of legal claims.

In individual cases, we process your personal data for the purposes of direct marketing. You have the right to object to the processing of your personal data for the purposes of this kind of marketing at any time; this also applies to the profiling connected with direct marketing. If you object to data processing for the purposes of direct marketing, we will no longer use your personal data for these purposes.

The objection is not subject to any form requirements and or costs other than transmission cost at the basic rates. If possible, the objection shall be sent to:

wirDesign communication AG
Gotzkowskystraße 20/21
10555 Berlin
T 030 275728-0
F 030 275728-28
datenschutz [at] wirdesign [dot] de

In accordance with Article 22 GDPR, we generally do not employ fully automated decision-making to initiate and conduct business relations. If we use these processes in individual cases, you shall receive separate notice, if required by law.

We use automated processing for your data with the goal of evaluating certain personal aspects (profiling). For example, we use profiling in the following case:

  • We use profiling tools to provide you with targeted information and consulting about our services. These facilitate need-based communication and advertising, including market and opinion research.

In the context of our business relations, you are only obligated to provide personal data required for initiating, conducting, and concluding business, or personal data whose collection is a legal requirement. Without this information, we will typically decline the conclusion of a contract, or no longer be able to maintain the contract, and potentially end it.

The following paragraphs contain information about the content of our newsletter, as well as processes related to subscription, dispatch, and statistical analysis, and your right to object. By subscribing to our newsletter, you agree to its receipt and the outlined processes.

Newsletter content: We send newsletters, emails, and other electronic notifications containing information for advertising purposes (hereinafter "newsletter") only with the recipient's consent, or legal permission. Provided that the newsletter content is described in concrete terms upon subscription, it is considered a deciding factor for user consent. Furthermore, our newsletter contains information regarding our services, activities, and our company.

Double opt-in and records: Our newsletter subscription process employs the so-called double opt-in method. Based on this method, you will receive an email after requesting the confirmation of your subscription. This confirmation is necessary to prevent third-party email addresses from signing up. Newsletter subscriptions are recorded in order to provide evidence in accordance with the legal provisions. This includes storing the time of subscription and confirmation, as well as the IP address. Changes to your saved data will also be recorded.

The newsletter is sent from our web server via the open-source software openEMM.

Subscription data: It suffices to provide your email address to subscribe to our newsletter. We optionally request that you provide your salutation, title, first name, and last name to personalize the newsletter.

Statistical surveys and analyses: The newsletters contain so-called "web-beacons", i.e. a pixel-sized filed downloaded from the server when the newsletter is opened. During this download, technical information, such as information about the browser and your system, as well as your IP address and the time of the download is collected. This information is used for the technical improvement of our services on the basis of the technical data or the target groups and your reading behaviour using the download location (determined using the IP address) or download time. Statistical surveys also include whether or not the newsletter is opened, when they were opened, and which links were clicked. This information could be allocated to individual newsletter recipients for technical reasons. However, it is not our goal to monitor individual users. Rather, the purpose of the analysis is to recognize the reading behaviour of our users and to customise or content to their needs or to send varying content that depends on the interests of our users.

The implementation of statistical surveys and analyses, as well as recording the registration behaviour is conducted on the basis of our legitimate interest in accordance with Article 6 (1f) GDPR. It is our goal to use a user-friendly and safe newsletter system that serves our corporate interest, but also meets the users' expectations.

Termination/cancellation: You may unsubscribe from our newsletter at any time, i.e. withdraw your consent. This simultaneously terminates your consent to its receipt, as well as the statistical analysis. Unfortunately, it is not possible to separately cancel dispatch by email marketing service providers or statistical analysis. You can find a link to unsubscribe from the newsletter at the end of each newsletter. If users are only subscribed to the newsletter and cancelled this subscription, their personal data are erased.

Upon contacting us (via contact form or email), your data are processed to complete your contact request in accordance with Article 6 (1b) GDPR.

Your information is saved in our customer relationship management system ("CRM system").

On the basis of our legitimate interest in accordance with Article 6 (1f) GDPR, we collect data about each time the server that hosts our website is accessed (so-called server log files). Access data include the name of the accessed website, file, date, and time of access, transferred amount of data, notifications about successful access, browser type and version, the operating system you used, referrer URL (previously visited website), IP address and the requesting provider.

Log file information is stored for a maximum duration of seven days and deleted afterwards for security reasons (e.g. to investigate abusive and fraudulent activity). Data whose storage is required for reasons of evidence are excluded from erasure until the respective incident is completely resolved.

Cookies are information transferred from our server or third-party servers to the browsers of users, where they are stored for future access. Cookies may consist of small files or other means of data storage.

We use "session cookies", which are stored for the duration of the current visit of our website only (e.g. to enable the storage of your login status and therefore the usage of our website). A random, unique identification number, a so-called session ID is stored in a session cookie. Furthermore, a cookie contains information about its origin and the storage duration. These cookies are unable to store any other data. Session cookies are deleted when you stop using the website and, for example, log out or close the browser.

This privacy policy informs users about the use of cookies in the context of pseudonym range measurement.

If users do not want cookies to be stored on their computer, they are asked to deactivate this option in their browser's system preferences. Stored cookies can be deleted in the browser's system settings. Blocking cookies may cause limitations to the functionality of this website.

You can object to the use of cookies that serve range measurement and marketing purposes via the network advertising initiative's deactivation page ( (http://optout.networkadvertising.org/) and additionally the US website (http://www.aboutads.info/choices) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/).

On the basis of our legitimate interest (i.e. interest in the analysis, optimisation and the efficient operation of our website within the meaning of Article 6 (1f) GDPR), we use Google Analytics, a web analysis service provided by Google Inc. ("Google"). Google uses cookies. Information regarding the use of the website generated through the cookie is typically transmitted to a Google serve in the US and stored there.

Google is certified in accordance with the Privacy Shield Framework and therefore subject to European data protection laws (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

Google will use this information on our behalf to evaluate the usage of our website, to create reports about website activities, and to provide us with additional services related to the use of the Internet and this website. This allows for the creation of pseudonym user profiles based on the processed data.

Google shortens the IP addresses of users in EU-member states or other states participating in the framework across the European Economic Area. The full IP address is only transmitted to a server in the US by Google and shortened there in exceptional cases.

The IP address transferred from the users' browser is not consolidated with other Google data. Users can prevent the storage of cookies by managing the corresponding settings in their browser preferences; users may furthermore prevent the collection of data generated through the cookie and the transfer of information related to the website to Google by downloading and installing the browser plug-in available via this link: http://tools.google.com/dlpage/gaoptout?hl=de.

You can find additional information about Google's options regarding data use, preferences and objection on the following Google sites: https://www.google.com/intl/de/policies/privacy/partners („How Google uses information from sites or apps that use our services"), http://www.google.com/policies/technologies/ads („Advertising "), http://www.google.de/settings/ads („Managing the information Google uses to display ads").

On the basis of our legitimate interest (i.e. interest in the analysis, optimisation and the efficient operation of our website within the meaning of Article 6 (1f) GDPR), we use Google Analytics, a web analysis service provided by Google Inc. ("Google"), we use content or services provided by third parties, in order to incorporate their content and services, such as videos or fonts (hereinafter uniformly referred to as "content"). Prerequisite for this is that third parties providing this content receive the IP address of the users, because they are unable to send content to their browsers without the IP address. Therefore, the IP address is required for displaying this content. We endeavour only to use content, whose providers exclusively use your IP address to deliver the content. Further, third-party providers may use so-called pixel-tags (invisible images, also called "web beacons") for statistical or marketing purposes. Pixel tags facilitate the evaluation of the visitor traffic on this website. The pseudonym information may also be stored in cookies on the user's device and contain technical information about the browser and operating system, reference websites, visiting time and additional information about the use of our website, and can be connected with information of this kind from other sources.

The following depiction offers an overview of third-party providers, as well as their contents, including links to their privacy policies, additional notes regarding data processing and, partially discussed here, ways to opt-out: