Data protection at a glance

General information

The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data means any data by which you can be identified personally. You can find detailed information concerning data protection in the privacy policy that follows this text.

Data collection on our website

Who is the controller responsible for data collection on this website?

Data processing on this website is done by the owner of the website. You can find their contact details in the legal notice on this website.

How we collect your data

For one thing, your data are collected when you communicate them to us. This may be data you enter in a contact form. Other data are collected automatically by our IT systems when you visit our website. These are mostly technical data (e.g., web browser, operating system or time of access to a page). The collection of these data happens automatically as soon as you enter our website.

How we use your data

Some of the data are collected to ensure the smooth running of the website. Other data can be used for analysing your user behaviour.

Your rights regarding your data

You have the right to obtain information about the source, recipient and purpose of your personal data stored by us at any time free of charge. You also have the right to obtain the rectification, blocking or erasure of these data. Regarding this and other questions concerning data protection, you can contact us at any time at the address given in the legal notice. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.

General and mandatory information

Data protection

The owners of this website take the protection of your personal data very seriously. We will keep your personal data confidential and handle them in accordance with statutory provisions on data protection and this privacy policy. When you use this website, various personal data are collected. Personal data means data by which you can be identified personally. This privacy policy explains which data we collect and what we use them for. It also explains how and for what purpose this is done. Please note that transferring data over the internet (e.g., when communicating by email) may be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.

Information regarding the data controller

The controller for data processing on this website is:

Hans-Koch-Ring 16
21493 Schwarzenbek
Telefon: +49 (0) 4155 / 7188 0
Fax: +49 (0) 4155 / 7188 160

The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data (e.g., names, email addresses and the like).

Withdrawal of your consent to data processing

Many instances of data processing are possible only with your express consent. You can withdraw any consent already given at any time. You can do this by sending us an informal message by email. The withdrawal of consent shall not affect the lawfulness of data processing based on consent before its withdrawal.

Right to lodge a complaint with the competent supervisory authority

In the event of an infringement of data protection law, you have the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority for data protection matters is the state data protection commissioner of the federal state in which our business has its registered office. You can find a list of the data protection commissioners and their contact details by following this link:

Right to data portability

You have the right to receive the data which we process automatically based on your consent or in the performance of a contract or have them transmitted to a third party in a commonly used, machine-readable format. Where you request the direct transmission of the data to another controller, this will be done only where technically feasible.

SSL and / or TLS encryption

For security reasons and to protect confidential contents such as orders or queries which you send to us as owners of the site, this site uses SSL or TLS encryption. You can tell an encrypted connection by the fact that the address bar of your browser changes from ‘http://’ to ‘https://’ and by the lock symbol in your browser bar. When SSL or TLS encryption is active, the data you transmit to us cannot be read by third parties.

Access, blocking, erasure

Under applicable legal provisions, you have the right, at any time and free of charge, of access to your personal data stored by us and to information about their source and recipients and the purposes of the data processing and, where appropriate, a right to rectification, blocking or erasure of these data.

Regarding this and other questions concerning personal data, you can contact us at any time at the address given in the legal notice.

Data protection officer

We have designated a data protection officer for our business.

Marcel Fliegner, c/o Bodo Wascher Holding GmbH & Co. KG
Hochstrasse 84
23554 Lübeck
Telephone: 0451/29 04 92 26

Data collection on our website


Some of our web pages use cookies. Cookies do not damage your computer and do not contain viruses. Cookies are used to make our website more user-friendly, more efficient and more secure. Cookies are small text files stored on your computer and used by your browser. Most of the cookies we use are ‘session cookies’. They are automatically deleted at the end of your visit. Other cookies remain stored on your device until you delete them. These cookies allow us to recognise your browser when you next visit.
You can configure your browser such that you are informed when cookies are set and allow cookies only in individual cases, refuse cookies in certain cases or generally and activate the automatic deletion of cookies when the browser is closed. If cookies are deactivated, the functionality of this website may be limited. Cookies necessary for the performance of electronic communications or for the provision of certain functions requested by you (e.g., shopping basket) are stored on the basis of point (f) of Art. 6(1) of the GDPR. The owner of the website has a legitimate interest in storing cookies for the optimal provision of its services free of technical errors.

Where other cookies (such as cookies for analysing your surfing behaviour) are stored, these are dealt with separately in the Privacy Policy. We transmit personal data collected within the framework of this contractual relationship about the application for, the implementation and the termination of this business relationship as well as data about non-contractual behaviour or fraudulent behaviour to CRIF Bürgel GmbH, Leopoldstraße 244, 80807 Munich.

The legal bases of these transmissions are Article 6 (1) b and Article 6 (1) f of the General Data Protection Regulation (GDPR). Transmissions on the basis of Article 6 (1) f GDPR may take place only as far as this is necessary to preserve justified interests of our company or third parties and do not outweigh the interests or basic rights and basic freedoms of the person concerned that require that protection of personal data. The data exchange with CRIFBÜRGEL also serves to fulfil legal obligations regarding the performance of creditworthiness reviews of customers (Section 505a and 506 of the Bürgerliches Gesetzbuch (BGB) [German Civil Code]).

CRIFBÜRGEL processes the data received and also uses them for the purposes of profile building (scoring), in order to provide its contractual partners in the European Economic Area and Switzerland as well as other third countries, if applicable (provided an adequacy decision of the European Commission on these exists), with information including on the assessment of the creditworthiness of natural persons. More detailed information about the activity of CRIFBÜRGEL can be obtained from the CRIFBÜRGEL information sheet or can be viewed online at

Server log files

The provider of the website automatically collects and stores information in server log files which are transmitted to us automatically by your browser. These include:

  • browser type and browser version
  • operating system used
  • referrer URL
  • host name of the computer accessing the website
  • time of the server request
  • IP address

This data is not combined with other data sources. The basis for this data processing is point (b) of Art. 6(1) of the GDPR, which allows processing of data for the performance of a contract or in order to take steps prior to entering into a contract.

Contact form

If you send us enquiries via a contact form, your information from the enquiry form including the contact details given there will be stored by us for the purpose of dealing with your enquiry and any further enquiries. We will not pass these data on to others without your consent. The processing of the data entered into the contact form is solely on the basis of your consent in accordance with point (a) of Art. 6(1) of the GDPR. You can withdraw this consent at any time. You can do this by sending us an informal message by email. The withdrawal of consent shall not affect the lawfulness of data processing based on consent before its withdrawal. The data entered into the contact form by you will remain with us until you request their erasure, withdraw your consent to their storage or the purpose for which the data were stored no longer applies (e.g., when your enquiry has been dealt with). Mandatory statutory provisions – particularly retention periods – remain unaffected.

Plugins and tools


We have integrated YouTube Video on our website. YouTube Video is a component of the video platform of YouTube, LLC, on which users can upload content, share it via the internet and receive more detailed statistics. YouTube Video allows us to integrate content of the platform into our website. YouTube Video uses cookies and other browser technologies to evaluate user behaviour, recognise users and create user profiles. This information is used to analyse the activity of its content and to create reports, among other things. If a user is registered with YouTube, LLC, YouTube Video can assign the videos played to the profile. When you access this content, you create a link to servers of YouTube, LLC, and your IP address and possibly browser data such as your user agent are transferred.

Purpose and legal basis

Use of the service takes place on the basis of our justified interests, i.e. interest in platform-independent provision of content pursuant to Art. 6 (1) f. GDPR.

Storage duration

The concrete storage duration of the data processed is cannot be influenced by us, but is determined by YouTube, LLC. You will find more information in the privacy policy for YouTube Video:

Google Double Click

We have integrated components of DoubleClick by Google on our website. DoubleClick is a brand of Google under which mainly special online marketing solutions are sold to advertising agencies and publishers. DoubleClick by Google transfers data onto the DoubleClick server both with each impression and with clicks or other activities.
Each of these data transfers triggers a cookie request to the browser of the person concerned. If the browser accepts this request, DoubleClick places a cookie in your browser. DoubleClick uses a cookie ID, which is required to execute the technical process. The cookie ID is required, for example, to highlight an advertisement in a browser. Additionally, by means of the cookie ID, DoubleClick can identify which advertisements have already been shown in a browser in order to avoid double placements. Further, the cookie ID allows DoubleClick to record conversions. Conversions are recorded, for example, when a user was previously shown a DoubleClick advertisement and this customer subsequently completes a purchase on the website of the advertiser with the same internet browser. A DoubleClick cookie contains no personal data; however, it may contain additional campaign identifiers. A campaign identifier serves to identify the campaigns that you were already in contact with on other websites. As part of this service, Google obtains knowledge of data that also help Google to create commission settlements. Among other things, Google can ascertain that you have clicked on certain links on our website. In this case, your data is transferred to the operator of Double Click, Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. More information and the applicable DoubleClick by Google data protection provisions can be found at

Purpose and legal basis

We process your data using the Double-Click cookie for the purpose of optimising and showing advertising on the basis of your consent pursuant to Art. 6 (1) a GDPR. You issue your consent by applying the setting to use cookies (Cookie Banner / Consent Manager), with which you can also withdraw your consent at any time with effect for the future pursuant to Art. 7 (3) GDPR. The cookie is used to place and display user-relevant advertising as well as to create reports on advertising campaigns or improve these, among other things. Further, the cookie serves to prevent multiple showings of the same advertising. With each access to one of the individual pages of our website on which a DoubleClick component was integrated, the respective DoubleClick component automatically causes your browser to transfer data for the purposes of online advertising and the settlement of commissions to Google. There is no legal or contractual obligation to provide your data. If you do not issue your consent to us, you can visit our website without restrictions; however, it is possible that not all functions will be fully available.

Storage duration

The concrete storage duration of the data processed cannot be influenced by us, but is determined by Google LLC. You will find more information in the privacy policy for Google DoubleClick:

Google Tag Manager

Our website uses Google Tag Manager. This service allows website tags to be managed using an interface. Google Tool Manager implements tags only. This means the following: no cookies are used and
no personal data is recorded. Google Tool Manager triggers other tags, which, in turn, may record data. However, Google Tag Manager does not access this data. In case of deactivation on domain or cookie level, it remains in effect for all tracking tags, provided these are implemented using Google Tag Manager. The deactivation on domain or cookie level remains in effect for all tracking tags that were implemented using Google Tag Manager. You will find Google’s privacy policy at:

Google is certified for the US–European ‘Privacy Shield’ data protection framework. This data protection framework is to ensure compliance with the data protection level applicable in the EU.

Google Web Fonts

To this end, your browser needs to connect to Google’s servers. In this way, Google is made aware that our website has been accessed from your IP address. Our use of Google Web Fonts is in the interest of a uniform and appealing presentation of our online services. This constitutes a legitimate interest within the meaning of point (f) of Art. 6(1) of the GDPR.

If your browser does not support web fonts, a standard font will be used by your computer.

You can find further information on Google Web Fonts at and in Google’s privacy policy:

General information on presence in social networks

In order to present our company in the best possible way and to communicate with you as a user, customer or interested party and inform you about the services we offer, we make use of presence in social networks.

You will find us on the following platforms and social networks

·         Facebook

·         Instagram

When social networks are used, data is processed outside the European Union (EU) and the European Economic Area (EEA). An equivalent data protection level to the one that exists in the EU cannot be guaranteed in all countries outside the EU.
In this connection, it can lead to risks for you as a user when the data transmitted to so-called third countries are processed with an inadequate data protection level.

This makes it difficult to assert known user rights. Additionally, it can occur that your data are not processed in your interests by the provider in the third country.

NOTE on the invalid privacy shield agreement:
Facebook Inc., based in the USA, as well as associated services (Instagram, etc.) had the “privacy shield” certification for the US-European data protection agreement. On the basis of the current decision of the ECJ, the agreement no longer guarantees sufficient proof of compliance with the level of protection required according to the EU General Data Protection Regulation.

Due to the current uncertain legal situation, we would like to advise you that we provide the use of Facebook services and content on social media platforms on the basis of your “conclusive” consent issued to us (Art. 6 (1) a) GDPR). By visiting the sites as well as by agreeing to the use of cookies, we consent to the processing and forwarding of your personal data.

In general, the processing purposes of the social networks deviate from ours. For instance, it mostly occurs that your data recorded in social networks are processed for the purposes of market research, advertising and the creation of user profiles for personalised advertising (e.g. Facebook, Google, Instagram, etc.).

To implement this, cookies are used that capture user behaviour and allow the formation of a user profile. In the case of Facebook, user profiles are also created of persons who do not hold a registered account on Facebook.
You will find a specific list of the processing purposes of the user data in the data protection notices of the respective providers. With the performance of corresponding settings in your user account, the profile formation can be restricted by you, at least to a degree. For information on the exact approach, please read the corresponding data protection notices of the respective provider.

Facebook Fanpage

If our Facebook page is accessed, Facebook will record, among other things, your IP address and other information that exists on your computer in the form of cookies. This information will be used to provide us, as the operator of the Facebook pages, with statistical information about how the Facebook page is used. Detailed information regarding this is provided by Facebook at the following link: .

It is not possible for us to draw conclusions about individual users by means of the statistical information communicated. We use this information only for the purposes of being able to cater to the interests of our users and to improve our online presence continuously as well as to ensure the quality thereof.

We collect your data by means of our fanpage only in order to implement a possible provision for communication and interaction with us. In general, the information collected includes your name, message content, comment content as well as the profile information “publicly” provided by you.

The processing of your personal data for our above-mentioned purposes takes place on the basis of our justified business and communicative interest in offering an information and communication channel pursuant to Art. 6 (1) f) GDPR. Should you as the user have issued a consent to the processing of data towards the respective provider of the social network, the legal basis of the processing extends to Art. 6 (1) a), Art. 7 GDPR.

Due to the fact that the actual data processing is performed by the provider of the social network, our opportunities to access your data are limited. Only the provider of the social network is entitled to full access to your data. For this reason, only the provider can directly take and implement corresponding measures to fulfil your user rights (information request, erasure request, objection, etc.). Thus, corresponding rights are asserted most effectivelytowards the respective provider directly.

Should you nevertheless require assistance in this matter, you are welcome to contact us.

Rights of data subjects

With the Facebook “Page Controller Addendum”, the rights and obligations to be complied with together with Facebook are highlighted. You will find it at the following link:  

In the event of a request for information, we will forward this to Facebook and we ask that you complete the corresponding contact form at

Below you will find a detailed presentation of the respective data processing by the providers and their opt-outs via the corresponding links to the websites of the providers:

Privacy policy for our Instagram presence

Bodo Wascher Holding GmbH & Co. KG uses the services of Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA for its web presence.

If you use this Instagram page and its functions, you do so on your own responsibility. This applies particularly to the use of the interactive functions (especially commenting or assessing). Instagram records, among other things, your IP address and other information that exists on your computer in the form of cookies. This information will be used to provide us, as operator of the Instagram pages, with statistical information about how the Instagram page is used. The data collected about you will be processed by Instagram Inc. and may be transmitted to countries outside the European Union. The information received and its use by Instagram is described by Instagram in general terms in its Privacy Policy. The Instagram Privacy Policy also contains information about options to contact Facebook and on the setting options for advertisements. The Privacy Policy is available at the following link:

It is not conclusively and clearly indicated by Instagram, nor is it known to us, how Instagram uses the data from the visit to Instagram pages for its own purposes, to what extent activities on the Instagram page are assigned to individual users, for what period Instagram retains such data and whether data from a visit to the Instagram page will be forwarded to third parties. When accessing an Instagram page, the IP address assigned to your terminal will be transmitted to Instagram. According to Instagram, this IP address will be anonymised (in the case of “German” IP addresses) and erased after 90 days. Moreover, Instagram will store information about the terminals of its users (for example, as part of the “login notification”), which may allow Instagram to assign IP addresses to individual users.

If you, as the user, are currently logged into Instagram, your terminal contains a cookie with your Instagram ID. This enables Instagram to track that you have accessed this page and how you have used it. This also applies to all other Instagram pages. Instagram buttons embedded in websites enable Instagram to record your visits to these website pages and to assign them to your Instagram profile. Using this data, contents or advertising can be offered tailored to your needs.

You can avoid this by logging out of Instagram or disabling the “remain logged in” function, erasing the cookies on your device and closing and restarting your browser. In this way, any information allowing Instagram to directly identify you will be erased. You can use our Instagram page without your Instagram ID being disclosed. If you access interactive functions of the page (Like, Comment, Messages and others), you will see an Instagram login mask. Following your login, Instagram can identify you as a specific user again. Information on how you can manage or erase information existing about you can be found in the following Instagram help section.

Beyond this, we as the provider of the information service do not collect or process
any data from your use of our service.

You will find this privacy policy, as amended, under the item “Data Guideline” on the respective Instagram page. If you visit one of our presences in the social media, such as Instagram, you trigger upon such a visit a processing of your personal data. In this case, we, together with the operator of the respective social network – here, Instagram – are responsible for the data processing processes within the meaning of Art. 26 GDPR, provided that we actually make a joint decision with the operator of the social network regarding the data processing and we also influence the data processing. As far as possible, we have concluded joint responsibility agreements with the operators of the social networks pursuant to Art. 26 GDPR.