data protection

Data protection

I. General information and mandatory information

1.a data protection

As the operator of this website, Wothouq eV takes the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.

When you use this website, various personal data are collected. Personal data are data with which you can be personally identified. This data protection declaration explains which data we collect and what we use it for. It also explains how and for what purpose this is done. We point out that data transmission over the Internet (e.g. when communicating by e-mail) can have security gaps. A complete protection of the data against access by third parties is not possible.

Overall, we thus meet the information obligation according to Art. 13 of the General Data Protection Regulation (GDPR).


1.b Note on the responsible body

The responsible body for data processing within the meaning of Art. 13 I lit. a GDPR is:

Wothouq eV
Sebastian-Bach-Str. 16

04109 Leipzig



Wothouq eV is represented by its board of directors: Jana Brehm; Fabian Edgü.
The responsible body is the legal person whose members decide together with others about the purposes and means of processing personal data (e.g. names, email addresses, etc.).


1.c SSL encryption

This website uses SSL encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the website operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http: //” to “https: //” and by the lock symbol in your browser line. If the SSL encryption is activated, the data you transmit to us cannot be read by third parties.

2.Data collection on our website

2.a cookies
(1) Session cookies

Some of the websites use so-called cookies. Cookies do not harm your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, more effective and safer. Cookies are small text files that are stored on your computer and saved by your browser.


Most of the cookies we use are so-called “session cookies”. They are automatically deleted after your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser the next time you visit.


You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or generally, and activate the automatic deletion of cookies when you close the browser. If cookies are deactivated, the functionality of this website may be restricted.


Cookies that are required to carry out the electronic communication process or to provide certain items you wish to use are stored on the basis of Art. 6 Para. 1 lit. f GDPR saved. The cookies in question are:



- ATTR_USERDN. The user's distinguished name.

- ATTR_SESSIONSPEC. The session specification returned from the login call.

- ATTR_SESSIONID. The session ID returned from the login call.

- ATTR_USERNAME. The user's name.

- ATTR_CLIENTIP. The IP address of the machine where the user initiated a request for a protected resource.

- ATTR_DEVICENAME. The name of the agent that is decoding the token.

- ATTR_IDLESESSIONTIMEOUT. Maximum idle time for a session.

- ATTR_MAXSESSIONTIMEOUT. Maximum time a session can be active.

- ATTR_STARTSESSIONTIME. The time the session started after a successful login.

- ATTR_LASTSESSIONTIME. The time that the Policy Sever was last accessed within the session.


- beng_proxy_session

- A generic technical cookie used for storing user session identifier in web applications. This cookie is used to recognize users. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services. Insofar as other cookies (e.g. cookies for analyzing your surfing behavior) are stored, they will be treated separately in this data protection declaration.

(2) Third-party cookies
If necessary, our website may also use cookies from companies with whom we cooperate for the purpose of advertising, analyzing, or improving the features of our website.

Please refer to the following information for details, in particular for the legal basis and purpose of such third-party collection and processing of data collected through cookies.


2.b Server log files

The website provider automatically collects and saves information in so-called server log files, which your browser automatically transmits to us. These are:

- browser type and version

- the operating system used

- Referrer URL

- Host name of the accessing computer

- time of the server request

- IP address (pseudonymised)


This data is not combined with other data sources.

The basis for data processing is Art. 6 Para. 1 lit. f GDPR, which allows the processing of data for the performance of a contract or pre-contractual measures.


2.c Processing of data (customer and contract data)

We collect, process and use personal data only insofar as they are necessary for the establishment, content design or change of the legal relationship (inventory data). This is done on the basis of Art. 6 Para. 1 lit. b GDPR, which allows the processing of data for the performance of a contract or pre-contractual measures. We collect, process and use personal data on the use of our website (usage data) only insofar as this is necessary to enable the user to use the service or to bill. The customer data collected will be deleted after the order has been completed or the business relationship has ended. Statutory retention periods remain unaffected.


2.d Data transmission when concluding a contract for a donation agreement

We only transmit personal data to third parties if this is necessary in the context of contract processing, for example in the case of donations to the credit institution responsible for processing payments or donations via Betterplace. A further transmission of the data does not take place or only if you have expressly consented to the transmission. Your data will not be passed on to third parties without your express consent (Art. 6 I 1 lit. a GDPR) [FG1] [WU2] [WU3] .


2.e For communication via the Internet (e-mail)

All data transmitted to us voluntarily, such as surname, first name, email address and any other personal data or special categories of personal data provided. The legal basis for this is Article 6 Paragraph 1 Clause 1 lit. a GDPR. Wothouq will delete the data 24 months after the end of the [WU4] respective form of communication or, if the data is part of ongoing proceedings, 24 months after the end of the process.

3.Rights of data subjects

You have the right:

  • to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can obtain information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or objection, the existence of a Right to lodge a complaint, the origin of your data, if we have not collected it, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information on their details;

  • in accordance with Art. 16 GDPR, to immediately request the correction of incorrect or incomplete personal data stored by us;

  • to request the deletion of your personal data stored by us in accordance with Art. 17 GDPR, unless processing to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims is required;

  • to request the restriction of the processing of your personal data in accordance with Art. 18 GDPR if you dispute the correctness of the data, the processing is unlawful, but you refuse to delete it and we no longer need the data, but you need them to assert or exercise them or defense of legal claims or you have objected to the processing in accordance with Art. 21 GDPR;

  • in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transmitted to another person responsible;

  • to revoke your consent given to us at any time in accordance with Art. 7 Para. 3 GDPR. As a result, we are no longer allowed to continue the data processing based on this consent in the future and

  • to complain to a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or work or our association headquarters.

  • To exercise your rights as a data subject, please contact us by email at or by post at: Wothouq eV, Sebastian-Bach-Str. 16, 04109 Leipzig.


In the event of violations of data protection law, the person concerned has the right to lodge a complaint with the competent supervisory authority. The responsible supervisory authority for data protection issues is the state data protection officer of the federal state in which Wothouq eV is based:


Saxon data protection officer:

Andreas Schuring


Postal address:
P.O. Box 12 00 16
01001 Dresden


Home address:

Devrientstrasse 1
01067 Dresden Telephone: 0351/85471 101

Fax: 0351/85471 109

Internet: www.datenschutz.sachsen.de E-Mail: saechsdsb@slt.sachsen.de (No access for electronically signed documents!)



4.Changes to this data protection declaration


We reserve the right to change this data protection declaration at any time with effect for the future. A current version is available here. Please visit the website regularly and find out about the applicable data protection declaration.


As of December 11, 2020