- Home /
- Privacy Statement
Data Protection Statement
We attach the greatest importance to the protection of your data and the safeguarding of your privacy. As a consequence, we would now like to inform you about the collection and use of your personally identifiable data when using our web page.
This translation is for information purposes only and has no legal status. In the case of dispute, German Law will apply, unless superseded by European Law.
In the section below, we inform you about the processing of your personal data by us. Personal data within the meaning of Art. 4 DSGVO is any information relating to an identified or identifiable natural person (such as name, address, telephone number, e-mail, invoices, bank details, etc., as well as your user behavior).
1. Contact information
Name and contact details of the party responsible for the processing
This privacy information applies to data processing by:
Responsible party: Waphi GmbH
Represented by: Stefan Hirsch, Christian Philipp
Adress: Wiesenweg 59, 52072 Aachen
Telephone: +49 2407 5548676
2. Legality of the processing of personal data
We collect and use the personal data of our users only to the extent necessary to provide a functional website and our content and services. The collection and use of the personal data of our users is generally only carried out with the consent of the user. An exception applies in cases where it is not possible to obtain prior consent for genuine reasons or where the processing of the data is permitted by legal regulations.
According to Article 6 of the Datenschutzgrundverordnung (DSGVO), processing of personal data is lawful if one or more of the following points are met:
- You have given your express consent to the processing in accordance with Art. 6 (1) p. 1 lit. a DSGVO,
- the processing is necessary in accordance with Art. 6 para. 1 p. 1 lit. b DSGVO for the processing of contractual relationships with you or for the implementation of pre-contractual measures that take place at your request,
- there is a legal obligation on our part for the processing in accordance with Art. 6 para. 1 p. 1 lit. c DSGVO,
- the processing is necessary to protect your vital interests or those of another natural person, in accordance with Art. 6 (1) p. 1 lit. d DSGVO,
- the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us pursuant to Art. 6 (1) p. 1 lit. e DSGVO,
- the processing is necessary in accordance with Art. 6 (1) p. 1 lit. f DSGVO to protect our legitimate interests or those of a third party, provided that your interests or fundamental rights and freedoms that require the protection of personal data do not override these.
3. Collection and storage of personal data as well as type and purpose of their use
In the context of the use of our website, we may process personal data, such as contact data, usage data and communication data, of the users of our website (these may be customers, interested parties as well as visitors to our website).
This is done, among others, for the purpose of providing a functioning online service, to communicate with the users of our website, to process contact requests or customer inquiries and for purpose of fulfilling the contract. Furthermore, data may be collected and processed for marketing purposes.
In the section below, we will inform you about the data that may be collected from you and the purpose of the collection and processing of this data.
When visiting the website
When you visit our website, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information can be collected without your intervention and stored until automated deletion:
- IP address of the requesting computer
- Date and time of access
- Content of the request (concrete page)
- Name and URL of the retrieved file
- Access status/HTTP status code
- Volume of data transferred
- Website from which the access is made (referrer URL)
- Browser used and, if applicable, the operating system of your computer as well as the name of your access provider
- Language and version of the browser software
The aforementioned data will be processed by us - if collected - for the following purposes:
- Ensuring a smooth connection to the website,
- Ensuring comfortable use of our website,
- Evaluation of system security and stability, and
- for other administrative purposes.
The legal basis for the data processing is Art. 6 para. 1 p. 1 lit. f DSGVO. Our legitimate interest results from the previously listed purposes for data collection. In no case do we use the collected data for the purpose of drawing conclusions about you as a person.
We process the personal data that we receive in the course of pre-contractual inquiries as well as in the course of our business relationship. For example, the following personal data may be collected and processed by us: Title, first name and surname, address, telephone number, e-mail address, IBAN / credit card number together with security number (in each case only to the extent that this is necessary for the processing of payments).
Furthermore, data may be passed on to third parties (see point 5 "Passing on data to third parties" in this data protection declaration).
The processing, as well as storage of your transmitted data, is based on Art. 6 para. 1 p. 1 lit. b DSGVO for the purpose of fulfilling a contract or for the implementation of pre-contractual measures. In other cases, we process and store your data with your consent pursuant to Art. 6 (1) sentence 1 lit. a DSGVO and on the basis of our legitimate interest in processing the request sent to us pursuant to Art. 6 (1) sentence 1 lit. f DSGVO.
When registering for our newsletter
You have the possibility to register for our newsletter. For this purpose, we need your e-mail address and, optionally, your name as voluntary information for the purpose of addressing you in the newsletter.
We work with the so-called double opt-in procedure. Accordingly, you will receive an e-mail from us after registration with the request to confirm your registration. By clicking on the activation link contained in the e-mail, you confirm that you are the owner of the e-mail address and that you wish to receive the newsletter. If you have given your express consent, we will use your e-mail address based on your consent in accordance with Art. 6 (1) p. 1 lit. a DSGVO to send you our newsletter with information about our offers at regular intervals.
Should you not confirm the activation link within three weeks, we will delete the e-mail address that was registered for the newsletter.
The data collected is only used to send the newsletter and to document your consent. With the registration for the newsletter, we store your IP address and the date of registration. This storage serves solely as evidence in the event that a third party misuses an email address and registers to receive the newsletter without the knowledge of the rightful recipient.
You can unsubscribe from the newsletter at any time and revoke your consent with the consequence that the data stored for newsletter reception will be deleted by us and you will no longer receive a newsletter from us. Data stored by us for other purposes will remain unaffected. You can declare the revocation by clicking on the unsubscribe link provided in every newsletter email or by sending a message to the contact details provided in the imprint.
When using our contact form
For questions of any kind, we offer you the possibility to contact us via a form provided on the website. When doing so, it is necessary to provide a first and last name as well as a valid e-mail address in order for us to know from whom the inquiry originates and to be able to answer it. Optionally, the telephone number can be provided voluntarily.
The processing and storage of your transmitted data is based on Art. 6 para. 1 sentence 1 lit. b DSGVO for the purpose of processing your request. Furthermore, we process your data by means of your consent according to Art. 6 para. 1 p. 1 lit. a DSGVO as well as on the basis of our legitimate interest in processing the inquiry directed to us according to Art. 6 para. 1 p. 1 lit. f DSGVO.
4. Storage period and data deletion
As a matter of principle, we store personal data only until the purpose for which you entrusted us with the data has been fulfilled. After that, the data will be permanently deleted. However, if there are legal retention periods for the storage of personal data, we store it for as long as we are legally obligated to do so. Such obligations regularly result from legal obligations to provide evidence and to retain data, which are regulated, among other things, in the German Commercial Code and the German Fiscal Code, e.g. ten years for tax purposes. After the expiration of the legal retention period, the data is permanently deleted.
Consent to the processing and storage of your personal data pursuant to Art. 6 para. 1 p. 1 lit. a DSGVO can be revoked at any time, with the result that the data will be permanently deleted - unless there are legal retention periods preventing this.
al data, result from Art. 21 para. 1 and para. 2 DSGVO. Information on the resulting right of withdrawal can be found in this data protection declaration under section 14 "Right of withdrawal".
5. Transfer of data to third parties
We will only share your personal data with third parties if:
- you have given your express consent in accordance with Art. 6 para. 1 p. 1 lit. a DSGVO,
- the disclosure is necessary under Art. 6 (1) p. 1 lit. f DSGVO for the protection of our legitimate interests or those of a third party, such as the exercise, defense, or assertion of legal claims, unless your interests or fundamental rights and freedoms, which require the protection of personal data, take precedence,
- in the event that there is a legal obligation for the disclosure pursuant to Art. 6 (1) p. 1 lit. c DSGVO,
- this is legally permissible and required according to Art. 6 para. 1 p. 1 lit. b DSGVO for the processing of contractual relationships with you, such as the transfer of address data to a transport company. Likewise, data may be passed on to a third-party drop-shipper, who will then ship the goods to you on our behalf. If goods are ordered by you to be shipped to an address other than yours, this is done on the basis of our legitimate interests pursuant to Art. 6 (1) p. 1 lit. f DSGVO in the proper performance of the contractual relationship, as well as
- according to Art. 6 para. 1 p. 1 lit. b DSGVO for the purpose of payment processing to the payment service provider entrusted with the payment processing and according to Art. 6 para. 1 p. 1 lit. f DSGVO in the context of our legitimate interests in being able to offer reliable and secure payment processes.
If necessary, an order processing agreement pursuant to Art. 28 para. 3 p. 1 DSGVO has been concluded with the service provider used.
In the event that the personal data of the customer is processed in a third country (outside the EU), this is done within the framework of the previously given consent of the customer, within the framework of the fulfillment of the contract or due to legally existing obligations. The possible transfer takes place in compliance with the legal requirements. In particular, the regulations of Art. 44 to Art. 49 DSGVO apply here.
This website is hosted by an external service provider. Personal data collected on this website is stored on the hoster's servers, possibly in the USA. This may include IP addresses, contact requests, communication data, contract data, contact data, website accesses and other data generated via a website.
Our hoster will only process your data to the extent necessary to fulfill its service obligations and follow our instructions regarding this data. An order processing agreement pursuant to Art. 28 (3) p. 1 DSGVO has been concluded with the hoster.
The hoster is used for the purpose of fulfilling the contract with our potential and existing customers pursuant to Art. 6 para. 1 lit. b DSGVO and in the interest of a secure, fast, and effective provision of our online offer pursuant to Art. 6 para. 1 p. 1 lit. f DSGVO.
For the use of the website, absolutely necessary cookies are used, which guarantee a smooth function of the website and do not require consent. The use of these cookies serves to make the use of our offer more pleasant for you. For example, we use so-called session cookies. Here, a session ID is generated, which assigns the session to the user and is stored temporarily. Thus, several windows of our website can be opened and assigned to the same user, log-in data or the contents of the shopping cart are thus retained. Session cookies are deleted when the browser is closed.
Furthermore, we may use functional cookies. These cookies save the settings made during your last visit to the website, such as the language selection or internal bookmarks, so that these do not have to be selected again. Future visits to our website can thus be made more pleasant.
Furthermore, so-called performance cookies may be used. These contain information about how our website is used. For example, we can see how often and how long our website is visited and which subpages are visited. This allows us to see which areas of our website are of particular interest to the user. Performance cookies allow us to analyze your surfing behavior for the purpose of optimizing our online offering. Conclusions about you as a user are not possible.
Marketing cookies from third-party providers can be set on your end device. The purpose is, within the framework of online marketing, the analysis of user behavior across several websites over a longer period of time in order to place personalized advertising accordingly.
You can configure your browser settings according to your preferences and refuse to accept cookies. We would like to point out that you may subsequently not be able to use all the functions of this website.
8. Payment service providers
The processing of personal data by a payment service provider is carried out on the basis of Article 6 (1) p. 1 lit. b DSGVO for the purpose of contract processing and only to the extent necessary for this purpose, as well as within the scope of our legitimate interests pursuant to Article 6 (1) p. 1 lit. f DSGVO to be able to offer you reliable and secure payment processes. The responsibility for handling the data collected and processed by the payment provider in a data protection-compliant manner lies with the respective payment provider.
When paying by means of a payment method provided by PayPal (direct debit, credit card, installment payment or purchase on account), the payment is processed via the payment service provider PayPal (Europe) S.├á r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (in short "PayPal").
If you choose a payment method from PayPal, you will be redirected to the PayPal website. For the use of this service, PayPal collects, processes and stores transaction data, such as the amount paid, technical usage data and location data. PayPal reserves the right to conduct a credit check for the above-mentioned payment methods. For this purpose, your payment data may be passed on to credit agencies in accordance with Art. 6 para. 1 p. 1 lit. f DSGVO on the basis of PayPal's legitimate interest in determining your solvency.
When paying by credit card, we collect and process the necessary personal data, such as your name, the credit card number, the validity period of the credit card and the security digit, and pass them on to your credit card company for billing purposes.
With the direct debit payment option, you give us a SEPA direct debit mandate. The direct debit mandate must contain the following information:
Name of the payee,
a Creditor Identifier (CI),,
Name of the customer (payer),
name of the customer's bank (payer) and
customer identifier (IBAN of the payer).
Based on the authorization you have given us, we instruct our bank to collect the invoice amount from your account. Our bank notifies your bank of the collection, which in turn issues the corresponding credit note.
9. Credit information
In the case of the payment method "invoice", we may call up information on creditworthiness from specialized financial services companies (credit agencies) when concluding contracts on the basis of Art. 6 (1) p. 1 lit. f DSGVO for the purpose of credit checks and credit monitoring. This interest is to be regarded as legitimate within the meaning of the aforementioned provision.
The processing of the data stored by the respective credit agency is carried out for reasons worthy of legitimate protection of creditors and credit, which regularly outweigh your interests, rights and freedoms or serves the assertion, exercise or defense of legal claims.
10. Analytic services
The tracking measures listed below and used by us are carried out on the basis of your consent pursuant to Art. 6 para. 1 p. 1 lit. a DSGVO or on the basis of our legitimate interests pursuant to Art. 6 para. 1 p. 1 lit. f DSGVO. With the tracking measures used, we want to ensure a needs-based design and the ongoing optimization of our website. Furthermore, we use the tracking measures to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer for you. If necessary, an order processing agreement pursuant to Art. 28 (3) p. 1 DSGVO has been reached with the service provider used. The responsibility for data protection-compliant operation is to be ensured by their respective providers.
You can prevent the storage of cookies by selecting the appropriate settings on your browser software. However, we point out that in this case not all functions of this website may be fully usable. Unless otherwise specified with regard to the storage period, the data will be stored for a period of two years and then deleted.
We use Google Analytics on our website. The company responsible is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").
Google Analytics uses so-called "cookies", (see section 7 "Cookies"). The information generated by the cookies about the use of this website will be transmitted directly to and stored by Google on servers in the United States. We have activated IP anonymization on this website so that the IP address is truncated beforehand by Google within the member states of the European Union or in other contracting states of the Agreement in the European Economic Area. Only in special cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity, and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google.
The storage period of the collected personal data is 14 months. The data will be deleted after the storage period has expired.
You can also prevent the collection of data generated by the cookie and related to the use of the website (including IP address) by Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
If you do not agree with the display of advertisements, you can deactivate them: https://www.google.com/settings/ads/onweb
11. Social media services
We use social media plugins on our website on the basis of our legitimate interests pursuant to Art. 6 (1) p. 1 lit. f DSGVO in order to raise awareness of our website through them. The responsibility for data protection-compliant operation is to be ensured by their respective providers.
When you call up a page of our website that contains a social media plugin, your browser establishes a direct connection to the servers of the respective provider, possibly in the USA. The content of the plugin (including your IP address) is transmitted directly to your browser by the respective provider and integrated into the page. Through this integration, the provider receives the information that your browser has accessed the corresponding page of our website, even if you do not have a customer profile or are not currently logged in to the respective provider.
If you are logged in to a provider, the provider can immediately assign the visit to our website to your user account. If you interact with the plugins, for example by clicking a button, this information is also transmitted directly to a server of the respective provider and stored there. The information is also published on your user account and displayed there to your contacts. The respective provider may use this information for the purpose of advertising, market research, and demand-oriented design of its pages.
If you do not want the provider to assign the data collected via our website directly to your user account, you must log out of the respective provider before visiting our website.
We would like to point out that we, as the operator of the pages, have no knowledge of the content of the transmitted data or its use by the respective provider.
We use social media plugins of the social network Facebook Inc, 1 Hacker Way, Menlo Park, CA 94025, USA ("Facebook"), or - if you are based in the EU -, Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.
12. Other online services
We do not use any other online services.
13. Data subject rights
You have the right to:
- In accordance with Art. 15 DSGVO, to request information about your personal data processed by us. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making, including profiling, and, if applicable, meaningful information about its details;
- pursuant to Art. 16 DSGVO, to request the correction of incorrect or incomplete personal data stored by us without undue delay;
- pursuant to Art. 17 DSGVO, to request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims;
- pursuant to Art. 18 DSGVO, to request the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to the processing pursuant to Art. 21 DSGVO;
- pursuant to Art. 20 DSGVO, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transferred to another controller;
- in accordance with Art. 7 (3) DSGVO, to revoke your consent once given to us at any time. This has the consequence that we may no longer continue the data processing, which was based on this consent, for the future; and
- complain to a supervisory authority in accordance with Art. 77 DSGVO if you believe that the processing of your personal data has been carried out unlawfully. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our registered office for this purpose.
14. Right to object
INSOFAR AS YOUR PERSONAL DATA IS COLLECTED ON THE BASIS OF OUR LEGITIMATE INTERESTS PURSUANT TO ART. 6 ABS. 1 S. 1 LIT. F DSGVO, YOU HAVE THE RIGHT TO OBJECT PURSUANT TO ART. 21 ABS. 1 DSGVO AGAINST THE PROCESSING OF YOUR PERSONAL DATA, PROVIDED THAT THERE ARE GROUNDS FOR DOING SO THAT ARISE FROM YOUR PARTICULAR SITUATION. AS A RESULT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS, OR THE PROCESSING IS FOR THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING LEGAL CLAIMS.
YOU MAY ALSO OBJECT PURSUANT TO. ART. 21 ABS. 2 DSGVO AGAINST THE PROCESSING OF PERSONAL DATA BY US, WHICH IS CARRIED OUT IN ACCORDANCE WITH ART. 6 ABS. 1 S. 1 LIT. F DSGVO FOR THE PURPOSE OF DIRECT MARKETING, WITH THE CONSEQUENCE THAT WE NO LONGER PROCESS YOUR PERSONAL DATA FOR THE PURPOSE OF DIRECT MARKETING.
IF YOU WISH TO MAKE USE OF YOUR RIGHT OF REVOCATION OR OBJECTION, IT IS SUFFICIENT TO SEND AN E-MAIL TO THE E-MAIL ADDRESS STATED IN THE IMPRINT.
15. Data security
Within the website visit, we use the widespread SSL procedure (Secure Socket Layer) in connection with the highest encryption level supported by your browser. As a rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is encrypted by the closed lock or key symbol in the lower status bar of your browser.
We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
This data protection declaration is currently valid and was updated in February 2022.