Skip to content

Data protection
WiCHMANN GmbH

Thank you for your interest in our website. The protection of your personal data is our top priority. Your personal data are processed and used in compliance with the valid data protection legislation. Our data protection regulations are based on the European General Data Protection Regulation (EU GDPR), the German Federal Data Protection Act (BDSG) and the German Telemedia Act (TMG).
  1. Controller and service provider
The controller responsible for collecting, processing and using your personal data within the meaning of Art. 4 (7) GDPR and the service provider within the meaning of Section 2 (1) TMG is: WiCHMANN GmbH Pätzkamp 4 49504 Lotte Germany Tel.:    +49 5404 91779-0 Fax:    +49 5404 91779-20 E-mail:    info@wichmann-os.de Court of registration: Local Court of Steinfurt, HRB 13153 VAT ID number: DE 811277653 Managing directors: Claudia Wichmann, Kristina Wichmann-Raschdorf
  1. Data protection officer
OSIRIS IT GmbH Am Haupthügel 35 49134 Wallenhorst Germany E-mail: datenschutz@wichmann-os.de
  1. Data collection, usage and purposes of processing
 3.1.    Website Only data that your browser automatically transfers to our hosting provider are collected when you visit our website.
  • IP address
  • Date and time of access
  • Our website pages visited by you
  • Browser type
  • Browser settings
  • On calling up the website via links from other websites, the web address of the website on which the link was clicked
Transferring personal data to call up our website is not necessary. Without being assigned to you personally, the log data are stored for a limited period of time for statistical evaluations in order to ensure the operation and optimisation of our website. We reserve the right to review the stored log files in the event of a concrete suspicion of unlawful use. These data are used and processed exclusively in order to provide our website on the basis of Art. 6 (1) f) and Art. 28 GDPR. 3.2.    Cookies Our website only uses cookies to enable users to log into the restricted area of the website. This cookie does not remain stored after the browser session has been ended. Cookies are not used to track or store user actions on the website. 3.3.    Contacting us by e-mail / contact form You can contact us using our contact form and the e-mail addresses provided by us. The personal data that are disclosed to us will be used exclusively to process your concern and are archived subject to the statutory retention periods. This is done on the basis of Art. 6 (1) b), c) GDPR 3.4.    Data collection for the fulfilment of contractual and pre-contractual obligations The following personal data are processed by us and stored subject to consideration of the statutory retention obligations:
  • Form of address, first name, last name
  • Telephone numbers
  • Fax numbers
  • E-mail address
  • Name of the related company
Processing is carried out on the basis of Art. 6 (1) b), c) GDPR 3.5.    Data transfer to third parties 3.5.1.    Hosting provider Our online shop is operated by a hosting provider. The services we use include the following:
  • provision of the required server infrastructure
  • connection of the website to the Internet
  • security services
  • online shop system
  • maintenance services
3.5.2.    Creditworthiness check We transfer personal data that are collected in the context of a contractual relationship regarding the proposition, the performance and the termination of a business relationship as well as data regarding behaviour that is not in compliance with the contract or fraudulent conduct to CRIF Bürgel GmbH, Radkoferstrasse 2, 81373 Munich, Germany. The legal bases for transfers of this type are Art. 6 (1) b) and Art. 6 (1) f) GDPR. Transfers on the basis of Art. 6 (1) f) GDPR may only take place insofar as is necessary to safeguard the legitimate interests of our company or third parties and if this is not outweighed by the interests or fundamental rights and freedoms of the data subject that necessitate the protection of personal data. Data exchange with CRIFBÜRGEL also serves to fulfil statutory obligations regarding the performance of creditworthiness checks on customers (Sections 505a and 506 of the German Civil Code). Among other purposes, CRIFBÜRGEL processes the data it receives and also uses them for the purpose of profiling (scoring) in order to provide its contractual partners in the European Economic Area, in Switzerland and possibly in other third countries (insofar as a European Commission adequacy decision exists with respect to these) with information for assessing the creditworthiness of natural persons. For further information concerning the work undertaken by CRIFBÜRGEL, refer to the CRIFBÜRGEL information sheet or the website at www.crif.de/en/privacy. 3.6 Plug-ins and tools Google Fonts This website uses what are called web fonts, which are provided by Google in order to display fonts consistently. When a page is called up, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly. To do this, the browser you use has to establish a connection to the Google servers. As a result of this, Google obtains information that this website has been called up via your IP address. The use of Google Fonts is carried out on the basis of Art. 6 (1) f) GDPR. The website operator has a legitimate interest in consistently displaying the typeface on its website. Insofar as corresponding consent has been requested (e.g. consent to the storage of cookies), processing is carried out exclusively on the basis of Art. 6 (1) a) GDPR; this consent can be withdrawn at any time. If your browser does not support Google Fonts, a standard font is used by your computer. Further information about Google Fonts is available at https://developers.google.com/fonts/faq and in the Google privacy policy: https://policies.google.com/privacy?hl=en.
  1. Storage duration
Your personal data are only stored for as long as is necessary to fulfil the purposes that are pursued. If your data are subject to retention obligations under tax law, commercial law or other laws, they are archived in compliance with the retention obligations.
  1. Your rights as a data subject affected by data processing
In accordance with the applicable laws, you have various rights with respect to your personal data. If you wish to exercise these rights, please send your request, clearly identifying yourself, to the address stated in number 1 by e-mail or by mail. 5.1.    Right to obtain confirmation and information You have the right to clear information concerning the processing of your personal data. You have the right to obtain confirmation from us at all times regarding whether your personal data are being processed. If this is the case, you have the right to demand information from us free of charge regarding the personal data stored about you along with a copy of these data. You additionally have a right to the following information:
  • the processing purposes.
  • the categories of personal data that are processed.
  • the recipients or categories of recipients to which your personal data have been or are still being disclosed, particularly in the case of recipients in third countries or international organisations.
  • if possible, the planned period of time for which the personal data are stored or, if this is not possible, the criteria for defining this period of time.
  • the existence of a right to the rectification or erasure of the personal data concerning you or to the restriction of processing by the controller or of a right to object to this processing.
  • the existence of a right to lodge a complaint with a supervisory authority.
  • if the personal data are not collected from you, all available information regarding the origin of the data.
  • the existence of automated decision-making including profiling pursuant to Art. 22 (1) and (4) GDPR and, at least in these cases, meaningful information regarding the logic involved as well as the ramifications and the desired effects of such processing for you.
If personal data are transferred to a third country or an international organisation, you have the right to be informed about the appropriate safeguards pursuant to Art. 46 GDPR in relation to such transfer. 5.2.    Right to rectification You have the right to demand the rectification of incorrect personal data concerning you from us without undue delay. Taking into account the purposes of the processing, you have the right to demand the completion of incomplete personal data, including by means of providing a supplementary statement. 5.3.    Right to erasure (‘right to be forgotten’) In a range of cases, we are obliged to erase personal data concerning you. Pursuant to Art. 17 (1) GDPR, you have the right to demand the erasure of personal data concerning you by us without undue delay, and we are obliged to erase personal data without undue delay where one of the following grounds applies.
  • The personal data are no longer necessary for the purposes for which they have been collected or otherwise processed.
  • You withdraw your consent on which the processing was based pursuant to Art. 6 (1) a) GDPR or Art. 9 (2) a) GDPR and there is no other legal ground for this processing.
  • You object to the processing pursuant to Art. 21 (1) GDPR and there are no overriding legitimate grounds for this processing or you object to this processing pursuant to Art. 21 (2) GDPR.
  • The personal data have been unlawfully processed.
  • The personal data have to be erased for compliance with a legal obligation in Union or Member State law to which we are subject.
  • The personal data have been collected in relation to the offer of information society services pursuant to Art. 8 (1) GDPR.
If we have made personal data public and are obliged to erase them pursuant to Art. 17 (1) GDPR, we take reasonable steps, including technical measures, giving consideration to the available technology and the cost of implementation, to inform controllers which are processing the personal data that you have requested the erasure by such controllers of any links to, or copies or replications of, those personal data. 5.4.    Right to restriction of processing You have the right to demand the restriction of processing from us where one of the following applies:
  • The accuracy of the personal data is contested by you, for a period that enables us to verify the accuracy of the personal data.
  • The processing is unlawful and you have opposed the erasure of the personal data and requested the restriction of their use instead.
  • We no longer require the personal data for the purposes of processing, but you require the data for the establishment, exercise or defence of legal claims.
  • You have objected to processing pursuant to Art. 21 (1) GDPR until it has been determined whether the legitimate grounds of our company override yours.
5.5.    Right to data portability You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transfer these data to another controller without hindrance by us, where
  • this processing is based on consent pursuant to Art. 6 (1) a) GDPR or Art. 9 (2) a) GDPR or on a contract pursuant to Art. 6 (1) b) GDPR and
  • this processing is carried out by automated means.
In exercising your right to data portability pursuant to sub-section 1, you have the right to have the personal data transferred directly to another controller by us, where technically feasible. 5.6.    Right to object You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Art. 6 (1) e) or f) GDPR; this also applies to profiling based on these regulations. We no longer process the personal data unless we can demonstrate compelling legitimate grounds for processing which override your interests, rights and freedoms or this processing is used for the establishment, exercise or defence of legal claims. If personal data are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing; this also applies to profiling to the extent that it is related to such direct marketing. Where personal data are processed for scientific or historical research purposes or statistical purposes pursuant to Art. 89 (1) GDPR, you have the right to object, on grounds relating to your particular situation, to the processing of personal data concerning you, unless the processing is necessary for the performance of a task carried out for reasons of public interest. 5.7.    Automated decision-making including profiling You have the right to not be subject to a decision based solely on automated processing, including profiling, which leads to legal effects that concern you or which significantly affects you in a similar manner. No automated decision-making takes place based on the collected personal data. 5.8.    Right to withdraw consent under data protection law You have the right to withdraw your consent to the processing of personal data at any time 5.9.    Right to lodge a complaint with a supervisory authority You have the right to lodge a complaint with a supervisory authority, particularly in the Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of personal data relating to you is unlawful.
  1. Data security
We make every effort to ensure the security of your data in the context of the applicable data protection legislation and technical options. We maintain technical and organisational security measures according to Art. 32 GDPR, which we constantly adapt to the state of the art, in order to safeguard your data.
  1. Forwarding of data to third parties; no transfer of data to non-EU countries
We only ever use your personal data within our company. If and insofar as we involve third parties in the context of contractual fulfilment (e.g. logistics service providers), personal data are only transferred to them to the extent necessary for the corresponding service. In the event that we outsource certain elements of data processing (‘contract processing’), we contractually oblige contract processors to use personal data only in compliance with the requirements of the data protection legislation and to ensure that the rights of the data subject are protected. Data transfer to bodies or persons outside of the EU does not take place except in the case stated in number 3 of this policy.