The data controller as defined by data protection law is WBS TRAINING SE, Lorenzweg 5, 12099 Berlin, Germany;
telephone: +49 (0)30 695450400, kontakt@wbstraining.de.
You can reach our data protection officer using the following contact details: DataCo GmbH, telephone: +49 (0)228 89 7400 45840, datenschutz@dataguard.de.
Please note: Information on in-house events run by WBS TRAINING is available in Section 2.3.
When you contact us using the contact options provided on the website, on social media (e.g. LinkedIn, XING), by email or by visiting one of our WBS locations, we collect various personal data, depending on whether you are receiving a consultation or are concluding a contract with us:
If you book an educational course, training, continuing education course or coaching session with us, we collect and process the data that is necessary to execute the contract. The scope of the data depends on the product and on your funding situation. The types of data that may be involved are described below. The precise scope will depend on the form used and your particular circumstances. If you contact us as a prospective student, we collect much of this data in the course of initiating a contract. The legal basis for the processing of data in this case is Article 6 Paragraph 1(b) GDPR. Unfortunately, we are unable to proceed with your consultancy appointment if you do not provide the required data. Additional information is provided on a voluntary basis and will be processed based on your consent.
We store your personal data as long as it is required to meet our statutory and contractual obligations.
If it is no longer necessary to store your data to meet our contractual or statutory obligations, your data will be erased unless further processing is necessary to fulfil retention obligations or protect our legitimate interests.
Depending on whether other partners are involved in your qualification course, we collect the following data so we are able to provide our contractually agreed services (Article 6 Paragraph 1(b) GDPR):
It may also be necessary to exchange personal data between the affiliated companies of the WBS GROUP for the purpose of processing your request. We process this data on the basis of our legitimate interest within the group of companies in accordance with Recital 48 of the GDPR.
Our websites offer you the option to subscribe to our newsletter. We use what is known as a double-opt-in procedure when you subscribe to our newsletter. This means that when you subscribe, we send a confirmation email to the email address you provided asking you to confirm that you want to subscribe. If you do not confirm your registration within 30 days, your information is automatically erased. In order to document and verify a specific newsletter subscription, we store the data transmitted when subscribing to the newsletter, including the source IP address, a time stamp and the IP address of the receiving server. We also record the activation of the confirmation link, including the source IP address, a time stamp and the IP address of the receiving server.
If you have granted us your consent to receiving marketing communications, we store your email address for the purpose of sending you this information. The legal basis is Article 6 Paragraph 1(a) GDPR. You may revoke your consent at any time. You can revoke your consent by clicking on the link provided in each newsletter email or by sending an email to datenschutz@wbs-gruppe.de. Revoking your consent does not affect the legality of the processing carried out before your consent was revoked.
In addition to your consent, we process your email address for the purpose of marketing similar proprietary products and related customer satisfaction surveys, provided you are an existing customer. The legal basis is Article 6 Paragraph 1(f) GDPR in conjunction with Section 7 Paragraph 3 of the German Act Against Unfair Practices (Gesetz gegen den unlauteren Wettbewerb [UWG]). Informing our existing customers about new products and services offered is a legitimate interest. You are entitled to object to this at any time, free of charge. Simply send an email to datenschutz@wbs-gruppe.de.
We would also like to facilitate independent quality checks by institutes. As such, we may hire other companies to conduct customer surveys, so you might be contacted by a company other than WBS. We conclude contracts for data processing with these companies in compliance with the provisions of the GDPR.
We generally retain data that is required for processing for marketing purposes until you revoke your consent or object to this type of use. Except where you revoke your consent or object to processing, there is no set rule regarding the retention period for data used for marketing purposes. Instead, the retention period depends on whether it is necessary for us to store that data to contact you on a marketing basis. Once you revoke your consent or object to processing, we continue to store the required information for a reasonable period of time on the basis of Article 6 Paragraph 1(f) GDPR. Being able to provide evidence and furnish proof should we need to is a legitimate interest under the provision mentioned above.
Contact details subject to an objection to processing will continue to be stored in a blocked form on a marketing blacklist. By doing so, we can ensure that you do not receive any further marketing material from us, either by post or by electronic mail. The legal basis is Article 6 Paragraph 1(f) GDPR. Your desire not to receive any further marketing communications in future constitutes a legitimate interest under the provision mentioned above. If you do not agree to this, please do let us know. We will then permanently erase your data. However, in this case, we will no longer be able to fully ensure that you will not receive any marketing communications from us in future.
If you have provided us with your express consent in accordance with Article 6 Paragraph 1(a) GDPR (e.g., via our application form), we use the messenger service WhatsApp to contact you regarding the initiation of a contract. This includes, in particular, sending reminders for interview appointments or notifications regarding the successful completion of a “Challenge” and subsequent booking options.
This service is provided by Meta Platforms Ireland Limited, Merrion Road, Dublin 4, Ireland. Please be aware that the use of WhatsApp involves the processing of metadata (such as your telephone number and timestamps). By using this service, a transfer of data to Meta Platforms, Inc. in the USA cannot be ruled out. Meta Platforms, Inc. is subject to the Data Privacy Framework of the European Commission, which generally ensures an appropriate level of data protection.
Your consent is voluntary. You may revoke your consent at any time with effect for the future by sending an informal message to us (e.g., via email to info@wbscodingschool.com or by using the contact details provided in Section 1). Revoking your consent does not affect the lawfulness of the processing carried out before the revocation.
Depending on the product and depending on the agreement in place with your employer, we collect the following data when you attend an in-house event. In general, some of this data is collected by your employer.
The purpose of processing is to fulfil contractual obligations. The legal basis for the processing of data in this case is Article 6 Paragraph 1(b) GDPR.
Depending on the agreement with your employer, we send your dates of attendance and absence, results of training sessions and recordings of events to your employer, if applicable, provided this is necessary to fulfil the contract.
We store your personal data as long as it is required to meet our statutory and contractual obligations.
If it is no longer necessary to store your data to meet our contractual or statutory obligations, your data will be erased unless further processing is necessary to fulfil retention obligations or protect our legitimate interests.
If you are the contact person for your organisation and you contact WBS (e.g. as a corporate client, partner or supplier), we collect the following data:
The purpose of processing is to fulfil contractual obligations. The legal basis for processing is therefore Article 6 Paragraph 1(b) GDPR.
We store your personal data as long as it is required to meet our statutory and contractual obligations.
If it is no longer necessary to store your data to meet our contractual or statutory obligations, your data will be erased unless further processing is necessary to fulfil retention obligations or protect our legitimate interests.
If you use the “Refer a friend” programme as a participant or graduate of a continuing education course at WBS Training, the terms and conditions of participation set out on the website apply. Details can be found on our website. To be able to verify compliance with the terms and conditions of participation, we need to process personal data from both you and the person to whom you have provided the referral. We only collect the data listed on the programme form, which can be accessed through the above website. Required information is marked with an *.
Referrer
If you wish to take part in the “Refer a friend” programme as a referrer, we need your first name, surname, email address, course title and WBS location. We process this data to operate the referral programme, specifically to verify your eligibility to participate and to send you your reward when a referral is successful. Data is therefore processed on the basis of Article 6 Paragraph 1(b) GDPR.
Referral customer
If you have received a referral as part of the referral programme, this means we have received your personal data (name, surname, email address) from the referrer for the purpose of contacting you and extending you an offer. In line with our terms and conditions of participation, the referrer is required to obtain your consent to data processing in advance and confirm that they have done so. Your personal data is processed on the basis of Article 6 Paragraph 1(f) GDPR. Processing in this case is in our legitimate interest since it is the only way to grant the reward and no conflicting interests are apparent.
If you would like to prematurely end your participation in the “Refer a friend” programme, please inform us this by sending an email to freundewerben@wbstraining.de. We then erase the data stored for the purpose of the “Refer a friend” programme.
When using our website purely for informational purposes, i.e. if you do not register or otherwise send us information, we only collect the data your browser transmits to our server, including any personal data that includes. When you view our website, we collect the following data, which we require for technical reasons for the proper display of our website and to ensure its stability and security:
If the data processed is personal data, the legal basis for processing is Article 6 Paragraph 1(f) GDPR. Under the above provision, our legitimate interest here is in making our website technically available and securing it.
We also use cookies, tracking tools, targeting methods and social media plugins on our website. The specific methods used and how we use your data in the process are explained in greater detail in Section 5 below.
The data collected is stored for a period of six (6) months, after which it is automatically erased. For information on routine erasure and the tools used, please see the relevant paragraphs in Section 5.
Our website www.wbs-gruppe.de gives you the option to apply for a job at WBS online. In addition to the information provided as part of the application form, we also collect information about your educational background and professional career during the application process. Any documents sent with the application (covering letter, CV, transcripts, letters of reference and other documentation) and the information those documents contain are stored. Applicants’ personal data may only be processed for the purpose of the application process if necessary to decide whether to enter into an employment relationship with us.
For the efficient implementation of application procedures, we use an applicant management system from softgarden e-Recruiting GmbH, Tauentzienstr. 14, 10789 Berlin (contact: datenschutz@softgarden.de), which operates the applicant management system as a processor within the meaning of Art. 4 No. 8 GDPR. A contract for order processing in accordance with Art. 28 GDPR has been concluded with the provider, which ensures compliance with data protection regulations.
We store your personal data as long as it is required to meet our statutory and contractual obligations.
If it is no longer necessary to store your data to meet our contractual or statutory obligations, your data will be erased unless further processing is necessary to fulfil retention obligations or protect our legitimate interests.
If you do not consent to your application being stored for a longer period, your profile and your personal data will be erased automatically, normally no more than six (6) months after receiving your application.
If you have applied for a specific job vacancy and we decide we would like to keep your personal data for future job openings, we will always request your prior consent before doing so.
In accordance with § 2 (4) of the Akkreditierungs – und Zulassungsverordnung Arbeitsförderung [AZAV], we are obliged to ensure and continuously improve the quality of our certified trainings through targeted and systematic procedures and measures. This includes regular surveys of participants according to § 2 (4) number 9 AZAV. We therefore conduct regular surveys for which we will contact you (if necessary, to your personal e-mail address). Therefore, surveys are regularly conducted. The data is used exclusively for the purpose of quality control and pseudonymized after collection. It will not be disclosed to third parties. The data from this survey will be combined with other pseudonymized data stored by us for analysis purposes. Only a few employees from the quality management have access to assign feedback to pseudonyms in order to create evaluations for quality control purposes. Only these employees bound by confidentiality obligations are able to establish a personal reference. For other employees (e.g. Customer Support, Instructors), it is not intended to draw conclusions about individuals. The legal basis for processing is Art. 6 (1) lit.c GDPR in conjunction with § 2 (4) number 9 AZAV.
Satisfaction surveys conducted in non-AZAV certified measures are based on our legitimate interest according to Art. 6 (1) lit.f GDPR, which lies in using the results for improving our services. You can object at any time against the use of your data for satisfaction surveys by sending a message to datenschutz@wbs-gruppe.de.
We would also like to facilitate independent quality checks by institutes. As such, we may hire other companies to conduct customer surveys, so you might be contacted by a company other than WBS. We conclude contracts for data processing with these companies in compliance with the provisions of the GDPR. The legal basis for processing is Art. 6 (1) lit.f GDPR.
In some educational programmes, recording lessons is part of the contractually agreed services. In these cases, lessons are recorded to enable participants to attend at flexible times and to allow them to review the material and/or prepare for exams. The recording may contain comments, questions and contributions from participants, including the name displayed in the system. This data is processed on the basis of Art. 6 (1) lit. b GDPR (contract performance). The use of the camera is voluntary and is based on consent in accordance with Art. 6 (1) lit. a GDPR.
The recordings are made available to participants for a limited period of time via the respective learning platform. They are not passed on to third parties. Processing is carried out in part by service providers (processors) who are bound by instructions and with whom corresponding contracts have been concluded in accordance with Art. 28 GDPR.
We provide Kitu via the eCampus, a self-developed AI-supported learning system that is used depending on the course.
The purpose of Kitu is to support learners in their learning through personalized educational content and interactive methods. The learning content can thus be adapted to the individual learning progress of the user. The following personal data is processed:
Processing is based on consent in accordance with Art. 6 para. 1 lit. a GDPR.
You have the right to withdraw your consent at any time. This is easily possible in the user settings in the “Data protection” section and will result in the complete input history being deleted. The revocation does not affect the legality of the processing carried out until the revocation.
The personal data collected by Kitu will only be stored for as long as is necessary for the above-mentioned purposes. The chat history is stored for the duration of the use of the AI tutor in order to enable a continuous learning experience.
Data transmission to OpenAI:
When using Kitu, your input will be forwarded to OpenAI to answer the request. OpenAI processes this data in the USA on our behalf. For this purpose, we have concluded an order processing contract with OpenAI in which OpenAI assures that it processes the data in accordance with the General Data Protection Regulation, guarantees the protection of the rights of the data subject and does not use the data to train or improve models. Part of the order processing contract with OpenAI are so-called EU standard data protection clauses (Art. 46 para. 2 sentence 1 lit. c GDPR). These are to be classifie
the transfer and processing of personal data outside the EU. Further information on data processing by OpenAI can be found here: https://openai.com/policies/row-privacy-policy/
Our website uses the Reddit Ads advertising network of Reddit Inc, 548 Market St. #16093, San Francisco, California 94104, USA (“Reddit”) to display interest-based advertisements and to measure the success of these campaigns. This is done exclusively on the basis of your prior consent to the use of marketing cookies (Art. 6 para. 1 lit. a GDPR, § 25 para. 1 TDDDG).
To evaluate campaigns and optimize our online offering, we transmit certain event data (e.g. page views, purchases, interactions) to Reddit Ads with your consent. This data is collected via a so-called Reddit Pixel, which is integrated on our website.
Reddit acts as an independent controller and processes data in its own systems, possibly also for profiling or for its own advertising purposes. Reddit may use information to draw conclusions about the behavior of users on our website and, if necessary, merge it with existing user profiles on Reddit.
Please note that data may be transferred to the USA. Reddit is subject to the EU-U.S. Data Privacy Framework. Nevertheless, risks cannot be completely ruled out when data is transferred to third countries (e.g. access by US authorities).
Further information on data processing by Reddit can be found at
You can withdraw your consent to processing at any time via the Consent Management Tool on our website.
We sometimes use third-party service providers to process your data. These third parties may have access to personal data, provided this is necessary to complete their tasks. In terms of contracted data processing as stipulated in Article 28 GDPR, we ensure that these providers are similarly bound by the provisions of data protection laws. If service providers are data controllers as defined by the GDPR, they are bound by a duty of confidentiality and must comply with the statutory data protection regulations. Please also take note of the privacy notices for each service provider (see Section 5). The service provider in each case is responsible for the content of third-party services, whereas we verify that their services are in compliance with the statutory requirements to a reasonable extent.
It is important to us that your data be processed within the EU/EEA. However, we may use service providers that process data outside of the EU/EEA. In these cases, we ensure that the recipient has an adequate level of data protection in place before transmitting your personal data. This means that we are able to achieve a level of data protection commensurate with EU standards through what are known as EU standard contractual clauses or an adequacy decision by the EU Commission. Specific guarantees are explained with each procedure.
It may also be necessary to exchange personal data between the affiliated companies of the WBS GROUP for the purpose of processing your request. We process this data on the basis of our legitimate interest within the group of companies in accordance with Recital 48 of the GDPR.
We inform your funding source regarding the progress of your participation and about any special events. Only data necessary for both parties to complete their tasks is sent (e.g. contractual documents, dates of absence, certificates of incapacity to work, certificates, participation reports, information on conduct and performance relevant to the measure’s objective or incorporation). We are bound to comply with this requirement by Sections 81, 183 and 318 SGB III. The legal basis is Article 6 Paragraph 1(c) GDPR in conjunction with the provisions mentioned above under German law. If special categories of personal data are involved when sending data, this is on the basis of Article 9 Paragraph 2(b) GDPR in conjunction with the provisions mentioned above under German law. If you receive benefits for participation, interim and final reports and, where applicable, psychological fitness reports are also sent. In the event of special leave due to disability, we store a copy of the documentation you provide regarding your disability and send this information to your source of funding.
Only the data necessary for the course/coaching is sent to freelance trainers/coaches hired to conduct your qualification course or coaching.
To access digital learning tools, it may be necessary to send the personal data we require for registration to the relevant publishers. These providers have been verified in terms of their compliance with German and European data protection laws.
As part of quality controls conducted by outside certifiers (including DQS) or the audit service of the German Federal Employment Agency, your data is sent to the auditing organisation, if applicable.
If equipment is delivered to your home, the necessary contact information will be shared with shipping and logistics service providers (e.g., Go! Express & Logistics GmbH) for the purpose of delivering and picking up the equipment, including any necessary communication.
Depending on whether other partners are also involved in your qualification course, we send the data necessary for the task in question (pursuant to Article 6 Paragraph 1(b) GDPR) to the following third parties, where applicable, for the purpose of executing the contract:
Disclosure to potential employers:
If you have explicitly consented, we use data regarding your suitability (CV, qualifications booked) to compare with enquiries from potential employers and, if applicable, to send this data to the company making the enquiry.
To exercise your rights as a data subject, simply send a message to datenschutz@wbs-gruppe.de or one of the other contact addresses listed in Section 1.
If data processing is carried out on the basis of your consent, you may revoke your consent to your data being processed at any time with future effect without incurring any detrimental consequences. This does not affect the lawfulness of any data processing that was carried out before you revoked your consent.
Under Article 21 Paragraph 1 GDPR, you have the right to lodge an objection to the processing of personal data relating to you for reasons relating to your particular situation where this is done on the basis of Article 6 Paragraph 1(e) (data processing in the public interest) or (f) (data processing to safeguard a legitimate interest) GDPR. This also applies to any profiling based on this provision.
If we process your personal data in order to engage in direct marketing, you have the right under Article 21 Paragraph 2 GDPR to lodge an objection against the processing of the personal data relating to you for the purpose of such marketing at any time. This also applies to profiling where this is connected to this kind of direct marketing.
You are further entitled to exercise the following rights, provided the legal requirements are met in each case:
The following web-based technology is generally used on the WBS Group’s websites. You can find out which technology is actually being used by looking at the overview of cookie consents on the website in question.
We use services of third-party providers in order to design our website optimally for you and to improve it continuously. This may result in data transfers to third countries outside the European Economic Area. Where possible, we only transfer personal data to third countries with suitable guarantees in accordance with Art. 44 et seq. GDPR.
We would like to point out that data transfer to third countries always involves certain risks, which we will inform you about below using the USA as an example:
Intelligence services in the USA take certain online identifiers (such as the IP address or unique identification numbers) as a starting point for monitoring individuals. In particular, it cannot be ruled out that these intelligence services have already collected information about you, with the help of which the data transmitted here can be traced back to you.
Providers of electronic communications services headquartered in the United States are subject to surveillance by U.S. intelligence agencies pursuant to 50 U.S. Code § 1881a (“FISA 702”). Accordingly, electronic communications service providers headquartered in the United States have an obligation to make personal data available to U.S. authorities pursuant to 50 U.S. Code § 1881a. Even encryption of the data at the electronic communications service provider’s data centers may not provide adequate protection because, with respect to imported data in its possession or custody or under its control, an electronic communications service provider has a direct obligation to provide access to or surrender such data. This obligation may expressly extend to the cryptographic keys without which the data cannot be read.
When using our website, cookies are stored on the user’s device and other similar tracking technologies are used. Cookies are small data records in a database maintained by your browser or text files your browser generates automatically and are stored on your device (laptop, tablet, smartphone, etc.), They provide certain information to the organisation that sets the cookies (in this case, us). For the sake of readability, other tracking technologies that work similarly to cookies and whose functionality is explained in the sections below are also referred to as cookies. Cookies do not harm your device and do not contain viruses, Trojan horses or other malware. They serve to make our online services more user-friendly and effective overall.
This website uses the following types of cookies and tracking, the scope and functionality of which are explained below:
These cookies are erased automatically when you close your browser or log out. These cookies store what is known as a session ID. This allows us to assign various requests from your browser to a common session. This enables us to recognise your computer if you return to our website.
Persistent cookies are automatically erased after a given amount of time, which may differ depending on the cookie. You can erase these cookies at any time by adjusting your browser’s privacy settings.
Flash cookies are set by the Adobe Flash plugin, which is installed in your browser. These objects store the necessary data, regardless of the browser you use, which means the data can be used across different browsers. They have no automatic expiry date. Depending on your browser, Flash cookies can be managed (e.g. erased) like other cookies, or they may not be visible in your browser’s cookie management system. If you do not want any Flash cookie processing to be carried out, adjust your Flash Player settings to prevent this or install a relevant add-on to your browser.
Web storage is used to store data in your browser for the purposes listed below. There are two main types of storage: Local storage for persistent data (with no expiry date) and session storage for session data (which is erased once the browser window is closed). You can erase this data by adjusting your browser’s developer options.
This method typically involves running a tracking script on the website, which requests a tracking pixel from the web analytics tool provider. Information for the purposes listed below is also sent and, where applicable, a cookie for the web analytics tool provider is set. If there is an existing cookie, this information is added to the information in the cookie. You can remove these cookies as explained above.
The necessary or essential cookies listed later in this text allow us to store the connection status of your account and to adjust the website to tailor it to your device. For example, they enable you to have direct access to personal and protected zones on our website with a user name or data you have previously entered. The data processed by these cookies is necessary for the purposes stated in order to safeguard our legitimate interests as well as those of third parties in line with Article 6 Paragraph 1(f) GDPR.
The analytical cookies listed help us to optimise our website to make it more convenient for you to use. For example, we use session cookies to recognise that you have already visited specific pages on our website. These cookies store what is known as a session ID. This allows us to assign various requests from your browser to a common session. This enables us to recognise your computer if you return to our website.
We also use cookies to record the use of our website for statistical reasons and evaluate it for the purpose of optimising our products and services for you. These cookies allow us to automatically recognise that you have already visited our website on a previous occasion when you visit our website again. We also use the cookies to be able to identify you for follow-up visits if you have an account with us. Otherwise, you will need to log in again each time you visit our website.
We can also use cookies to store your preferences. This allows us or third-party providers running features on our website to store your settings on our website or individual features. When you later return to our website, your previous settings are restored.
We aim to use these tracking measures to continuously optimise the design of our website to suit your needs. We also use these tracking measures to record the use of our website for statistical purposes. We also use the data to optimise advertising content. The purposes for data processing and the categories of data being processed can be found in the description of each tracking tool and the overview of cookie consents.
Data processing in connection with the setting of analytical, statistical or preference cookies and tracking cookies is conducted on the basis of your consent (Article 6 Paragraph 1(a) GDPR). More information is available in the relevant sections covering web analytics tools in this Privacy Notice.
The legal basis for storing information in your terminal device or access to information that is already stored in your device is your consent in accordance with § 25 Para. 1 TDDDG [Telecommunications Digital Services Data Protection Act]. In the event that it is absolutely necessary to store information in your terminal device or access information already stored in your device so that we can provide a telemedia service that you have expressly requested, the legal basis is § 25 Para. 2 (2) TDDDG.
The legal basis for the processing of personal data using cookies that are not necessary from a technical perspective is your consent in accordance with Art. 6 Para. 1 S. 1(a) GDPR.
The legal basis for the processing of personal data using technically necessary cookies is our legitimate interest in accordance with Art. 6 Para. 1 S. 1(f) GDPR.
We usually send our personalised newsletter by using newsletter provider CleverReach by CleverReach GmbH & Co. KG, Mühlenstr. 43, 2618 Rastede, Germany (“CleverReach”). CleverReach is a member of the Certified Senders Alliance, which has set out its own internal guidelines for admissible email marketing. We have concluded a data processing agreement with CleverReach as per Article 28 GDPR.
We use CleverReach to measure and analyse responses to our newsletter. We have configured CleverReach such that data can only be analysed on an anonymous and aggregated basis. These settings also prevent cookies and your full IP address from being collected and processed. We also embed the Google Analytics tool in the newsletter so we can analyse the correlation between the newsletter and the purchase of a product. This is done by attaching the appropriate parameters to all links in the newsletter. If you click the link, we place a small text file (cookie) on your computer. This allows us to pinpoint the newsletter as the starting point for your visit to our website. If you order a product within 14 days, this information is displayed to us.
CleverReach can embed Twitter, Facebook, LinkedIn and Xing social media buttons in the newsletter on our behalf. Clicking on one of these buttons establishes a direct connection to the button provider’s servers.
More information about data protection at CleverReach is available in its Privacy Policy.
This website uses Mouseflow, a web analytics tool operated by Mouseflow ApS, Flaesketorvet 68, 1711 Copenhagen, Denmark, to record individual visits selected at random (and only with an anonymised IP address) on the basis of your consent pursuant to Article 6 Paragraph 1(a) GDPR. It generates a log of mouse movements, mouse clicks and keyboard interaction with a view to replaying individual visits to this website based on random samples, known as session replays, and to evaluate these session replays using heat maps to develop website optimisation potential. Mouseflow also hosts multiple choice surveys to record user satisfaction with the website or specific content. The conducting of these surveys and survey participation are also recorded in the cookie. The cookie generated by Mouseflow is erased after a period of 90 days.
The data recorded by Mouseflow is not personal data. In particular, Mouseflow only processes your IP address in an anonymised form. The information is stored for a period of three (3) months and is not disclosed to third parties. The data collected is stored and processed within the EU. If you do not want Mouseflow to record your data, in addition to revoking your consent, you can object to this on any website that uses Mouseflow by visiting the following link: https://mouseflow.com/opt-out/.
We use tools provided by Hubspot, Inc., 25 First Street, Cambridge, MA 02141 USA, and its affiliated companies (collectively referred to as “Hubspot”) on our websites to send our newsletter, receive queries through our website, and operate landing pages. These tools use cookies on our website to collect the following personal data when you use the website:
Data is processed in the US or Ireland. HubSpot processes data on our behalf. We have concluded a data processing agreement with HubSpot. This agreement serves to ensure that HubSpot processes the data in compliance with the EU General Data Protection Regulation and to guarantee the rights of data subjects. HubSpot does not use customer data to contact you itself unless you arrange for this to happen or otherwise permit it. By using the service provider, it cannot be ruled out that personal data will be transferred to the USA. The service provider is subject to the Data Privacy Framework of the European Commission and is therefore subject to an appropriate level of data protection.
More information about data processing at HubSpot is available here: https://legal.hubspot.com/product-privacy-policy The legal basis for setting cookies and processing your data is your consent. You may revoke your consent at any time with future effect. Revoking your consent does not affect the lawfulness of the processing carried out before your consent was revoked.
This website uses the Google Tag Manager tool (“GTM”), operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). We use GTM to manage the tools we are informing you about in this Privacy Notice. For details regarding these tools, please refer to the information about the specific tool.
GTM is embedded using a script and a variant for systems with JavaScript disabled. It is loaded from the domain googletagmanager.com. It loads tools from Google or third-party providers, which in turn may collect data or load cookies (see the cookie declaration in this Privacy Notice). GTM itself does not access this data.
More information about GTM is available in the terms of use for this product.
The legal basis for setting cookies and processing your data is your consent. You can revoke your consent at any time with future effect. This does not affect the lawfulness of the processing up to the time of revocation.
By using the service provider, it cannot be ruled out that personal data will be transferred to the USA. The service provider is subject to the Data Privacy Framework of the European Commission and is therefore subject to an appropriate level of data protection.
We use the web analysis tool ‘Matomo’ for further statistical analysis of our website. Matomo is a service provided by InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand. Matomo creates use profiles based on pseudonyms and stores cookies on your device for this purpose. The software is configured in such a way that IP addresses are not saved in full; rather, 2 bytes of the IP address are masked for anonymisation purposes (e.g.: 192.168.xxx.xxx). This makes it no longer possible to assign the shortened IP address to the individual computer. When you visit our website, the following data in particular is stored:
Purpose of the processing: the processing of users’ personal data enables us to analyse the browsing behaviour of our users. By evaluating the data obtained, we are able to compile information about the use of the individual components of our website. This helps us to continually improve our website and make it more user-friendly.
We also use the Heatmap module. The Heatmap service from Matomo shows us the areas of our website where the user’s mouse is most frequently moved or clicked.
The user data we store via Matomo will not be passed on to third parties.
The legal basis for the processing of users’ personal data is essentially the user’s consent in accordance with Art. 6 Para. 1 S. 1(a) GDPR. You may revoke this consent at any time with future effect.
We transfer personal data to New Zealand. According to a decision by the European Commission, an appropriate level of data protection is offered there.
You can find further information on Matomo’s terms of service and data protection regulations at: https://matomo.org/privacy/
Our website uses analysis services provided by Piwik PRO, Piwik PRO GmbH (hereinafter termed ‘Piwik’), Kurfürstendamm 21, 10719 Berlin, Germany. This involves setting statistics cookies, which we can use to analyse your user behaviour, among other things.
Using Piwik PRO, we interpret information on your visits to our website (e.g. sequence of subpages accessed, dwell time on these subpages) for the purposes of analysis in order to understand how visitors use our website.
The purpose is to analyse the click behaviour of visitors to our website so that we can generate statistics about the use of our website. This allows us to improve our website and adapt it to your needs. Data that is generated when you visit this website is also processed:
The legal basis is your consent Art. 6 Para. 1 S. 1(a), Art. 7 GDPR, where you have accepted all cookies or the statistical cookies in the cookie banner. The transmission of this data is voluntary and not required for the conclusion of an agreement.
We store the data gathered by Piwik PRO for a maximum of 12 months. The period of validity of the individual cookies can be found in the cookie overview.
Your consent to the use of the analysis service can be revoked at any time with future effect via the cookie banner by rejecting the use of statistical cookies or all cookies. If you use several devices or browsers, you must revoke this consent for each individual device in each individual browser.
We use Google Analytics, a web analysis service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, and its representative in the Union, Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter termed Google). Among other things, Google Analytics checks where visitors are based, the amount of time they spend on individual pages, and the use of search engines. This allows better monitoring of the success of advertising campaigns. To do this, Google places a cookie on your computer. The cookie allows personal data to be stored and evaluated, especially the user’s activity (in particular, which pages have been visited and which elements have been clicked on); device and browser information (in particular the IP address and operating system); data about the advertisements shown (in particular, which advertisements were displayed and whether the user clicked on them); and also data from advertising partners (in particular pseudonymised user IDs).
We use Google Analytics to evaluate your use of our website, to compile reports on your activities and to use other Google services related to the use of our website and internet usage.
We have stipulated that IP addresses be anonymised, whereby Google shortens your IP address as soon as technically possible. However, we cannot rule out that your data may be transmitted to the servers of Google LLC based in the USA.
On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on the activities carried out on the site, and to provide other services related to the use of the website and internet usage to the operator of the website.
By using the service provider, it cannot be ruled out that personal data will be transferred to the USA. The service provider is subject to the Data Privacy Framework of the European Commission and is therefore subject to an appropriate level of data protection.
You can find further information on data processing carried out by Google here:
The use of Google Analytics enables us to evaluate the use of our website and to target advertising to people who have already expressed an initial interest by visiting the site.
The legal basis for the processing of users’ personal data is essentially the user’s consent in accordance with Art. 6 Para. 1 S. 1(a) GDPR.
Your personal information will be stored for as long as is necessary to fulfil the purposes described in this privacy policy or until you exercise your right of withdrawal.
You have the right to revoke your declaration of consent at any time under data protection law. The revocation of consent does not affect the legality of the processing carried out on the basis of consent up to the point of revocation.
You can prevent Google from collecting and processing your personal data by disabling the storage of third-party cookies on your computer, using the ‘Do not track’ function on a supporting browser, deactivating the execution of script code in your browser, or installing a script blocker like NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
You can also prevent Google from both collecting the data generated by the cookie and that related to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?
With the following link, you can deactivate the use of your personal data by Google: https://adssettings.google.de
You can find further information on objection and removal options in relation to Google at: https://policies.google.com/privacy?
Our website uses Google Ads Conversion Tracking, operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”), to record the use of our website for statistical reasons and evaluate it for the purpose of optimising our products and services for you. Google Ads sets a cookie on your computer if you are directed to our website via a Google ad.
These cookies cease to be valid after 30 days. If a user visits specific pages of the Ads customer’s website and the cookie remains active, the cookie allows Google and the customer to recognise that the user clicked on the advertisement and was directed to this website.
We have concluded a data processing agreement with Google for the use of Google Ads. Through this contract, Google ensures that it processes the data in accordance with the General Data Protection Regulation and guarantees the protection of the rights of the data subject. By using the service provider, it cannot be ruled out that personal data will be transferred to the USA. The service provider is subject to the Data Privacy Framework of the European Commission and is therefore subject to an appropriate level of data protection.
Each Ads customer receives a different cookie. This means that cookies cannot be tracked across different Ads customers’ websites. The information collected using the conversion cookie serves to create conversion statistics for Ads customers that have opted to use conversion tracking. This enables Google to determine the total number of users who have clicked on our ad and were directed to a website equipped with a conversion tracking tag. However, we do not receive any information that can be used to personally identify users.
You can find Google’s privacy policy for conversion tracking here.
The legal basis for setting cookies and processing your data is your consent. You can revoke your consent at any time with future effect. This does not affect the lawfulness of the processing up to the time of revocation.
You can prevent participation in this tracking as follows: by disabling interest-based ads from providers that are part of the self-governing About Ads campaign via the link https://optout.aboutads.info/. These settings are reset when you erase your cookies.
We use advanced conversions from Google Ads from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter termed ‘Google’). Advanced conversions allow conversions to be tracked more accurately. The existing conversion tags are supplemented using this feature. It enables us to send our conversion data as hash values from our website to Google. For this purpose, the secure SHA256 one-way hash algorithm is applied to customer data (e.g. email addresses) before it is sent to Google. The hash data is then matched to signed-in Google accounts in order to assign the conversions from our campaigns to users’ actions, such as clicks or views, in response to adverts.
You can find the customer data guidelines regarding advanced conversions here. How Google uses your data is described here.
The legal basis for setting cookies and processing your data is your consent. You can revoke your consent at any time with future effect. This does not affect the lawfulness of the processing up to the time of revocation.
Your personal data will be stored for as long as is necessary to fulfil the purposes described in this privacy policy or as required by law.
By using the service provider, it cannot be ruled out that personal data will be transferred to the USA. The service provider is subject to the Data Privacy Framework of the European Commission and is therefore subject to an appropriate level of data protection.
Further information on your rights to objection and erasure with regard to Google can be found at: https://policies.google.com/privacy
Our website uses YouTube LLC, 901 Cherry Avenue, San Bruno, CA 94066, USA—represented by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA—to embed videos. To play the videos, you may need to click a button on the playback area and accept cookies. Once the videos on the page are activated, your IP address is sent to YouTube and cookies are installed on your computer even before the video actually starts playing. However, we have embedded our YouTube videos using the enhanced privacy mode (in this case, YouTube still contacts the Google Marketing Platform service, but according to Google’s privacy policy, no personal data is analyzed). As a result, YouTube no longer stores any information about visitors unless they watch the video. If you click on the video, your IP address is transmitted to YouTube, and YouTube learns that you have watched the video. If you are logged into YouTube, this information is also associated with your user account (you can prevent this by logging out of YouTube before watching the video).
We have no knowledge of—nor any control over—any collection or use of your data by YouTube that may occur as a result.
In addition, for general information on the handling and deactivation of cookies, please refer to the relevant section in this Privacy Policy.
Due to the use of this service provider, it cannot be ruled out that personal data may be transferred to the United States. The service provider is subject to the European Commission’s Data Privacy Framework and is therefore subject to an adequate level of data protection.
Embedding YouTube Videos (NoCookie Mode)
To minimize data processing, we use what is known as “enhanced privacy mode” (YouTube NoCookie). In this mode, videos are embedded via the domain youtube-nocookie.com. According to YouTube, this mode generally prevents cookies from being set for user tracking when the page is loaded.
Only when you actively play a video may personal data (e.g., IP address, device information) be processed and, if applicable, cookies be stored.
Please note that even when using NoCookie mode, data may still be transmitted to Google servers, and YouTube’s processing of this data cannot be fully controlled.
This integration is based on Article 6(1)(f) of the GDPR (legitimate interest) or—where necessary—on your consent pursuant to Article 6(1)(a) of the GDPR (e.g., via a consent management tool). Our legitimate interest lies in the appealing presentation of our online offerings.
For more information on data processing by YouTube, please visit: https://policies.google.com/privacy.
If you consent to this in advance, we use the Custom Audiences remarketing feature offered by Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook Ireland”) on our websites. This feature allows us to direct targeted advertising at website visitors by placing personalised, interest-based Facebook ads tailored to visitors of the website when you visit the Facebook social network. To make use of the various features available, we have agreed terms and conditions with Facebook as part of a data processing agreement as per Article 28 GDPR. In this agreement, Facebook affirms that it processes data in accordance with the GDPR and that it protects the rights of data subjects. The legal basis for setting cookies and processing your data is your consent. You can revoke your consent at any time with future effect. This does not affect the lawfulness of the processing up to the time of revocation.
You may revoke your consent to the use of the global Custom Audiences service here on the Facebook website. After logging in to your Facebook account, you will be taken to the settings page for Facebook Ads.
By using the service provider, it cannot be ruled out that personal data will be transferred to the USA. The service provider is subject to the Data Privacy Framework of the European Commission and is therefore subject to an appropriate level of data protection.
We use meta pixels on our website. The processing company is Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
The Meta pixel allows us to use tracking solutions and analytics services to see how you react to our ads on Facebook, for example when you click on a link in the ad that leads to our website. This gives us a better overview of how successful our campaigns on Facebook are and helps us continually optimise them. We also use the pixel to identify you as a visitor to our website. We can use this information to display the ads we post on Facebook only to those Facebook users who are also likely to be interested in our products and services, either because they have visited our website before or because they have certain characteristics (e.g. interested in certain topics or products identified based on the websites they have visited).
The pixel is loaded when you visit our website or respond to an ad we have placed on Facebook, for example by clicking on a link to our website contained in the ad. This creates a pixel ID, which is stored in a cookie, so that we then receive an analysis of your user behaviour. The pixel does not enable us to identify you personally.
The legal basis for setting pixels and processing your data is your consent. You can revoke your consent at any time with future effect. This does not affect the lawfulness of the processing up to the time of revocation.
By using the service provider, it cannot be ruled out that personal data will be transferred to the USA. The service provider is subject to the Data Privacy Framework of the European Commission and is therefore subject to an appropriate level of data protection.
We currently use the following social media buttons: Facebook, X (Twitter) and Xing. We use the Shariff tool developed by c’t. This means that when you visit our site, no personal data is initially disclosed to the button providers. Communication with social networks is done by a script stored on the server, which acts as an intermediary between the social network and the user. Users are only directly connected to Facebook, X (Twitter) or Xing when they become active. Social networks cannot collect data about users before they are active. The button provider is recognisable by logo or initial shown in the box. You can communicate directly with the social network provider by clicking the button. Only by clicking the button will the social network receive the information that you have accessed the relevant website. In the case of Facebook, the IP address is anonymised immediately after it has been collected according to the providers in Germany. By using the button, your personal data is transmitted to the social network provider in question and stored there (in the case of US providers, in the US). Since the provider collects data in particular using cookies, we recommend that you adjust your browser’s security settings to erase all cookies before clicking on the button.
We have no influence on the data collected and any data processing procedures, nor are we aware of the full extent of data collection, the purposes of processing, or the retention periods. Furthermore, we do not have any information about the erasure of the data collected by the button provider.
The button provider stores the data collected about you as user profiles and uses them for the purposes of advertising, market research and/or to tailor the design of its website. In particular, this kind of analysis is conducted (including for users who are not logged in) for the purpose of tailoring advertising to the needs of users and to inform other social network users about your activity on our website. You have a right to object to the creation of these user profiles. To exercise this right, please contact the button provider in question. The buttons allow us to offer your the option to interact with social networks and other users to help us optimise our website and tailor it to the interests of our users. The legal basis for the use of these buttons is Article 6 Paragraph 1 Sentence 1(a) GDPR.
The data is disclosed regardless of whether you have an account with the button provider and are logged in there. If you are logged in with the button provider, your data we collect is directly linked to your existing account with the button provider. For example, if you press the activated button and link to the website, the button provider also stores this information in your user account and publicly shares it with your contacts. We recommend regularly logging out after using a social network. However, this is particularly recommended before clicking a button since this prevents the information from being linked to your profile with the plugin provider.
More information on the purpose and extent of data collection and processing by these button providers is available in each button provider’s privacy notice as listed below. The links below also provide additional
information about your rights in this regard, as well as options for adjusting your settings to protect your privacy.
Addresses of the respective button providers and URL with their data protection notices:
By using the service provider, it cannot be ruled out that personal data will be transferred to the USA. The service provider Meta Platforms Inc. is subject to the Data Privacy Framework of the European Commission and is therefore subject to an adequate level of data protection. The processing of personal data by X Corp (formerly Twitter) is carried out on the basis of suitable guarantees in accordance with Art. 44 et seq. GDPR in the form of the EU standard data protection clauses pursuant to Art. 46 para. 2 lit. c GDPR.
We use functionalities of the LinkedIn Insight Tag marketing plugin from LinkedIn Ireland Unlimited Company – Dublin, Ireland (hereinafter: LinkedIn).
The LinkedIn Insight Tag helps us measure interactions on our website, such as filling out a form or downloading content after an ad has been viewed or clicked on.
The Insight tag works by creating a cookie in visitors’ web browsers when our website is visited. These “deadline party” cookies help us determine which members are shown our ads in order to improve campaign results and enable detailed campaign reporting.
A first-party cookie is a small piece of code that a web browser stores in a file on the viewer’s computer to remember their activity on a website, such as when a viewer has visited a page or downloaded an article from a website. A first-party cookie comes from the domain (or website) that the member is browsing. Consent to use this feature is collected via our cookie banner. Further information on the cookies used can be found here: https://www.linkedin.com/legal/cookie-policy
In particular, the following personal data is processed by LinkedIn:
LinkedIn does not share any personal data with us, but only provides aggregated reports on the target group and advertisements. LinkedIn also offers a remarketing function that allows us to show you targeted personalized advertising outside our website without us knowing your identity.
Data may be transmitted to LinkedIn servers in the USA.
Further information on the processing of data by LinkedIn can be found here: https://www.linkedin.com/legal/privacy-policy.
Purpose of the data processing
We use the LinkedIn Insight Tag to collect information about visitors to our website.
Legal basis for the processing of personal data
The legal basis for the processing of users’ personal data is generally the consent of the user in accordance with Article 6 Paragraph 1(a) GDPR.
Duration of storage
The members’ direct identifiers are removed within seven days in order to pseudonymize the data. This remaining pseudonymized data is then deleted within 180 days.
Revocation, objection and removal options
You can withdraw your consent at any time by clicking on the button in the bottom left-hand corner of the website.
You can prevent the collection and processing of your personal data by LinkedIn by preventing the storage of third-party cookies on your computer, using the “Do Not Track” function of a supporting browser, deactivating the execution of script code in your browser or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
Further information on objection and removal options vis-à-vis LinkedIn can be found at https://www.linkedin.com/legal/privacy-policy.
By using the service provider, it cannot be ruled out that personal data will be transferred to the USA. The service provider is subject to the Data Privacy Framework of the European Commission and is therefore subject to an appropriate level of data protection.
Our website uses the Corazon powered by questFon call tracking service (“Corazon”). The processing company is telequest & Internet Solutions GmbH, Liebenauer Hauptstrasse 2–6, 8041 Graz, Austria (“Telequest”).
Corazon incorporates telephone numbers on our website that enable us to further analyse the telephone behaviour of visitors to our website We retain full control over the data collected.
Provided a call is made to us, the following data is collected
We also link this data with the corresponding address data record (hereinafter referred to as “telephone tracking”) if possible based on the available customer data. The data collected is erased no more than six (6) months after it is collected.
We base the use of Corazon on your consent pursuant to Article 6 Paragraph 1(a) GDPR.
Telequest processes the data on our behalf. We have concluded a data processing agreement with Telequest. This agreement serves to ensure that Telequest processes the data in compliance with the EU General Data Protection Regulation and to guarantee the rights of data subjects.More information is available in Telequest’s Data Protection Policy: https://www.telequest.com/datenschutz.
Our websites use Userlike, a live chat software run by Userlike UG, Probsteigasse 44-46, 50670 Cologne. Userlike uses cookies – text files stored on your computer that enable you to conduct real-time one-on-one chats on your website. A data processing agreement has been concluded with Userlike. The data collected is not used to personally identify website visitors, nor is any personally identifiable data linked to the user’s anonymous profile. Userlike UG’s privacy policy is available here.
We use solutions provided by edudip GmbH, Jülicher Strasse 306, 52070 Aachen, Germany (“edudip”) to hold online informational events. In order to participate, it is necessary to provide the data shown on the registration form. For a possible consultation, your zip code will be recorded so that we can assign the appropriate WBS location. To ensure that you do not miss the event you have booked, we will send you brief reminders in advance from time to time. The legal basis for processing is Article 6 Paragraph 1(b) GDPR, i.e. a contractual relationship (in exchange for payment or free of charge) between you and us, as well as Article 6 Paragraph 1 Sentence 1(f) GDPR. Ensuring our events can be properly held is a legitimate interest under the provision mentioned above. We have concluded a data processing agreement with edudip. This means that edudip processes both the data you provide and any data generated in holding the webinar. edudip does this only on our behalf and only in accordance with our instructions. edudip GmbH’s privacy policy is available here: https://www.edudip.com/en/privacy. Their policy also includes information about what data is generated when a webinar is held.
When you use our website, you have the option to search for specific products or services. A search function is provided on our website for this purpose. To improve search results and display only those results that match your search query, we use the FACT-Finder service provided by Omikron Data Quality GmbH, Habermehlstrasse 17, 75172 Pforzheim, Germany (“Omikron”). Your searches as well as your device’s IP address are transmitted to Omikron and stored for the duration of the session. This is solely to ensure and improve the functionality of your search query. It is not possible for us to identify you with this information. Your data is exclusively processed in Germany. The legal basis for processing is Article 6 Paragraph 1(f) GDPR. Optimising our website’s search feature is a legitimate interest as defined by the provision mentioned above.
More information is available at www.fact-finder.com/gdpr and www.fact-finder.com/privacy-policy.html.
To understand how our customers found their way to our website, we use your browser’s local storage on the device you use to visit our website. We have commissioned a specialist service provider based in Switzerland for this purpose on the basis of a data processing agreement. The information retained in local storage is sent to us by eTermin when you use the form to book a consultancy appointment. This helps us to statistically analyse our presence on third-party websites, e.g. on search engines. The legal basis is your consent as defined by Article 6 Paragraph 1(a) GDPR, which you provide by enabling the “Statistics” category on the cookie banner. You may revoke your consent at any time by adjusting the settings shown above. The information in local storage does not expire. Third parties have no access to this information.
Our website features a video consultation service. We use a tool made by Auvious ltd, 9 Efesou, Paralimni, 5280, Cyprus. to carry out these consultations. More information about the provider is available at https://www.auvious.com. We have concluded a data processing agreement with Auvious ltd. as per Article 28 Paragraph 3 GDPR, which ensures compliance with statutory data protection standards and ensures data is processed securely. The legal basis for processing this data is Article 6 Paragraph 1(b) GDPR (consent to process data at the request of the data subject as needed prior to entering into a contract).
When you use our video consultation tool, the following personal data may be processed: your user ID, user role, IP address, user email (optional), language (optional), meeting date, meeting rating (optional), audio and/or video recordings (optional), screenshots (optional). This data will not be stored any longer than necessary to complete these pre-contractual measures.
The provider’s privacy policy can be found at https://www.auvious.com/privacy-policy.
From time to time, WBS organises various competitions. The applicable terms and conditions of participation contain more detailed information on the procedure, content and requirements of the respective competition.
Sending of the competition invitation
If you receive the competition invitation from us by email, the following applies:
If you have given us your consent to send you advertising, the invitation will be sent on the basis of your consent (the legal basis is Art. 6 (1) (a) GDPR). If you are an existing customer, you will also receive the invitation without your consent on the basis of our legitimate interest (the legal basis is Art. 6 (1) (f) GDPR in conjunction with Section 7 (3) UWG). Further information, in particular on your options for revocation or objection, can be found in the ‘Advertising’ section.
Conducting the competition
If you participate in one of our competitions, we will process the data you provide – usually a competition entry (e.g. comment, photo or answer), your name and your contact details – for the purpose of conducting the competition, in particular to determine and notify the winners and to deliver the prizes. Data processing is carried out on the basis of Art. 6 (1) (b) GDPR (performance of a contract).
We delete data from competition participants from our active systems after the respective competition has been completed. Data from winners is archived on the basis of Art. 6 (1) lit. c GDPR due to commercial and tax law retention obligations (usually ten years).
Use for marketing purposes/newsletter
In the course of the competition, we may ask for your consent to send you advertising. The relevant information, including the legal basis and options for revocation, can be found in the ‘Marketing’ section.
WBS may need to amend this Privacy Notice from time to time. We therefore recommend that you read through this Privacy Notice at regular intervals. However, rest assured that amendments will not come into force with retroactive effect and that we will not change the way we handle data previously collected.
Updated on Apr 21, 2026