Data protection declaration

The protection of your personal data is taken very seriously when you use this website. Below you will be informed about the collection, processing and use of your personal data when you visit this website and use the services offered on it.

1. Information on personal data
(1) Personal data consists of any individual details relating to a person or which are likely to establish a reference to a person, such as name, postal address, telephone number, email address, bank details, etc. Personal data may thus be used to infer the identity of a person under certain circumstances.

(2) The controller under the General Data Protection Regulation (GDPR) is:

INTERWEGA international
Gesellschaft für Debitorenmanagement m.b.H.
Friesenweg 24
22763 Hamburg
Germany

2. Rights of data subjects
In connection with our processing of your data you have the following rights:
(1) Right of access under Art. 15 GDPR on the processing of your personal data by us for the processing purpose, categories of processed data, recipients or recipient categories, duration of storage or criteria for determining the duration, right to rectification, erasure, restriction of processing or objection to processing, right to lodge a complaint to the supervisory authority, if applicable information on the origin of the data and the existence of automated decision-making and if applicable information on safeguards under Art. 46 GDPR in the event of transfer to a third country or international organisations;

(2) Right to immediate rectification of inaccurate or incomplete personal data under Art. 16 GDPR;

(3) Right to erasure of stored personal data under Art. 17 GDPR, if the data is no longer necessary for the purposes for which it was collected or otherwise processed, if consent given has been withdrawn and there is no other legal basis, if an objection has been lodged against the processing and the data may no longer be processed under Art. 21(1) or (2) GDPR, if the data has been unlawfully processed, if the erasure is necessary to fulfil a legal obligation or if the data has been collected in relation to services offered by an information society under Art. 8(1) GDPR.
This does not apply if the processing is necessary for the exercise of the right to freedom of expression and information, fulfilment of a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;

(4) Right to restrict the processing under Art. 18 GDPR, if you contest the accuracy of the data (for a period enabling the accuracy to be verified), if the processing is unlawful, but you oppose the erasure of the data and instead request restriction of use, if we no longer need the data for the purpose of processing, but you need the data for the establishment, exercise or defence of legal claims, or if you object to the processing under Art. 21(1) GDPR as long as it is not yet certain whether our legitimate interests override your legitimate interests;

(5) Right to object to the processing of your personal data under Art. 21(2) GDPR (if the data is processed for the purpose of direct marketing) or under Art. 21(1) GDPR (if the processing was carried out under Art. 6(1) (e) or (f) GDPR for reasons arising from your particular situation, unless we have compelling legitimate grounds for the processing which override your interests, or the processing is for the establishment, exercise or defence of legal claims).

(6) Right to data portability under Art. 20 GDPR, i.e. to receive the personal data concerning you which you have provided to us in a structured, commonly used and machine-readable format or to transmit it to another controller;

(7) The right to withdraw consent given under Art. 7(3) GDPR at any time. The withdrawal of consent means that we may no longer carry out data processing for the future from the time of the withdrawal. See also point 13. below;

(8) Right to lodge a complaint with a supervisory authority under Art. 77 GDPR. The supervisory authority responsible for us can be found in section 3 below. The right to lodge a complaint shall be without prejudice to other administrative or judicial remedies.

(9) Any requirements for information, requests for details or objections to data processing should be sent by email to datenschutz@interwega.de or to the address given under section 1(2).

3. Supervisory authority
The address of the supervisory authority responsible for us is:
The Hamburg Commissioner for Data Protection and Freedom of Information
Ludwig-Erhard-Str. 22
20459 Hamburg
Germany
Tel.: +49 40 42854-4040
Fax: +49 40 42854-4000
email: mailbox@datenschutz.hamburg.de

4. Storage of access data
(1) Each time you access our website, access data is stored in a log file on our provider’s server.

(2) This data record consists, for example, of your IP address, the date and time of the request, the name of the requested file, the transferred file volume and the access status, a description of the web browser and operating system used and the name of your Internet service provider.

(3) This data is collected for technical reasons. The data will be automatically deleted after no more than 14 days.

5. Collection of personal data when you use the website for information purposes only
(1) If you only use the website for information purposes, i.e. if you do not log in to use the website, register or otherwise provide us with information, we do not collect any personal data, with the exception of the data mentioned under 5.2, which your browser transmits to technically enable you to visit the website.

(2) Our website uses cookies. Cookies are small text files that are stored on your device and contain certain information. They serve different purposes, such as ensuring the technical functionality of the website, analyzing user behavior, or displaying personalized content.

We distinguish between the following types of cookies:

1. Necessary Cookies 
These cookies are required for our website to function properly. They are usually only set in response to actions you take, such as logging in, filling out forms, or setting privacy preferences.

- Name: dsgvo-settings
- Provider: Interwega
- Purpose: Used to store the settings made via the cookie notice.
- Storage duration: 1 month

2. Analytics / Performance Cookies
These cookies help us analyze the use of our website and improve its performance. The data collected is usually evaluated in an anonymized form.

- Name: _ga
- Provider: Google
- Purpose: Used to send data to Google Analytics about the visitor's device and behavior. Tracks the visitor across devices and marketing channels.
- Storage duration: 2 years

- Name: _ga_ABCDEF
- Provider: Google
- Purpose: Used to send data to Google Analytics about the visitor's device and behavior. Tracks the visitor across devices and marketing channels
- Storage duration: 2 years

- Name: _gat
- Provider: Google
- Purpose: Used to throttle the request rate. This limits the number of requests to the Google server within a certain period of time in order to reduce server load and improve the accuracy of the analysis.
- Storage duration: 1 minute

- Name: _gcl_au
- Provider: Google
- Purpose: Used to measure and understand the effectiveness of advertisements across websites.
- Storage duration: 3 months

- Name: _gid
- Provider: Google
- Purpose: Used to send data to Google Analytics about the visitor's device and behavior. Tracks the visitor across devices and marketing channels.
- Storage duration: 24 hours

Legal Basis:
- The use of necessary cookies is based on Art. 6 (1) lit. f GDPR (legitimate interest in the technically error-free and optimized provision of the website).
- For the use of cookies that are not technically necessary (e.g. analytics or marketing cookies), we obtain your consent in advance pursuant to Art. 6 (1) lit. a GDPR via our cookie banner. This consent can be withdrawn at any time.

Withdrawal of Consent:
You can change your cookie settings at any time via the cookie banner or delete/block cookies through your browser settings.

6. Use of our website’s functions
(1) In addition to the purely informational use of our website, we offer services for you to use such as customer login access. To do this, you will usually need to provide additional data that we need in order to provide the service in question. If it is possible to give additional voluntary information, this is marked accordingly.

(2) When you contact us by email or via the contact form, your surname, first name, title, company name, telephone number, email address and message content will be stored by us in order to answer your questions.

7. Further services of this website

Google Analytics 4 (GA4)
We use Google Analytics 4 (GA4) on our websites, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

In this context, pseudonymized user profiles are created and cookies (see the section “Cookies”) are used. The information generated by the cookie about your use of this website may include:
- A short-term recording of the IP address without permanent storage
- Location data
- Browser type/version
- Operating system used
- Referrer URL (previously visited page)
- Time of the server request
The pseudonymized data may be transferred by Google to a server in the USA and stored there.

This information is used to evaluate website usage, compile reports on website activity, and provide other services related to website and internet usage for purposes of market research and the needs-based design of these web pages. This information may also be transferred to third parties if required by law or if third parties process the data on behalf of Google.

These processing activities only take place with your explicit consent pursuant to Art. 6 (1) lit. a) GDPR.

Google’s default data retention period is 14 months. Otherwise, personal data is retained as long as necessary to fulfil the processing purpose and is deleted when no longer needed.

The parent company Google LLC is certified under the EU-U.S. Data Privacy Framework. 
This constitutes an adequacy decision under Art. 45 GDPR, allowing the transfer of personal data without further guarantees or additional measures.

For more information on data protection in connection with GA4, see:
support.google.com/analytics/answer/12017362

Google WebFonts
Our website uses web fonts for a uniform display of fonts. The Google WebFonts are provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Ireland Limited is part of the Google group of companies with headquarters at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

These processing activities only take place with your explicit consent pursuant to Art. 6 (1) lit. a) GDPR.

The parent company Google LLC is certified under the EU-U.S. Data Privacy Framework. This constitutes an adequacy decision under Art. 45 GDPR, allowing the transfer of personal data without further guarantees or additional measures.

Further information on Google WebFonts and Google’s privacy policy can be found at:
developers.google.com/fonts/faq; www.google.com/policies/privacy/

Google Maps
We use Google Maps (API) on our website. The operator of Google Maps is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Ireland Limited is part of the Google group of companies with its headquarters at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Maps is a web service for displaying interactive (land) maps to visually present geographic information. Using this service, for example, our location can be shown and any route planning can be made easier.

When accessing subpages that include a Google Maps map, information about your use of our website (such as your IP address) is transmitted to and stored on Google servers in the USA, provided you have given consent in accordance with Art. 6 (1) lit. a) GDPR. Additionally, Google Maps loads Google Web Fonts, Google Photos, and Google Stats. These services are also provided by Google Ireland Limited. When you access a page that integrates Google Maps, your browser loads the necessary web fonts and photos into your browser cache. To do this, your browser connects to Google's servers, which informs Google that our website was accessed via your IP address. This happens regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged into Google, your data is directly associated with your account. If you do not want the data to be associated with your Google profile, you must log out of your Google account. Google stores your data (even for users not logged in) as user profiles and evaluates them. You have a right to object to the creation of these user profiles, which you must exercise by contacting Google.

If you do not agree with the future transmission of your data to Google as part of the use of Google Maps, you can completely deactivate the Google Maps web service by turning off the JavaScript application in your browser. Google Maps and therefore the map display on this website can then no longer be used.

These processing operations only take place with your explicit consent pursuant to Art. 6 (1) lit. a) GDPR.

Google’s terms of use can be found at:
www.google.de/intl/en/policies/terms/regional.html
The additional terms of use for Google Maps can be found at:
www.google.com/intl/en_US/help/terms_maps.html

The parent company Google LLC is certified under the EU-U.S. Data Privacy Framework. This constitutes an adequacy decision under Art. 45 GDPR, allowing the transfer of personal data without further guarantees or additional measures.

Google Maps’ privacy policy can be viewed at:
www.google.de/intl/en/policies/privacy/

Google APIs
Our website uses a web service from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter: “Google APIs”). This integration ensures the full functionality of our website.

In this context, your browser may transmit personal data, particularly your IP address, to Google servers in the USA. The legal basis for this data processing is your consent in accordance with Art. 6 (1) lit. a) GDPR, provided via the cookie consent banner.

Google is certified under the EU-U.S. Data Privacy Framework (DPF), ensuring an adequate level of data protection under Art. 45 GDPR. Additionally, we rely on the Standard Contractual Clauses (SCC) adopted by the EU Commission under Art. 46 GDPR for data transfers.

The data is deleted once the purpose of its collection has been fulfilled. More information can be found in Google’s privacy policy:
www.google.com/intl/en/policies/privacy/

8. Data security
We secure our website and other systems using appropriate technical and organisational measures against loss, destruction, access, alteration or distribution of your data by unauthorised persons. However, despite regular checks, complete protection against all risks is not possible.
Our website uses the industry standard SSL (Secure Sockets Layer) for encryption. This guarantees the confidentiality of your personal data on the web. You can tell whether an encrypted transmission is taking place by looking at the lock or padlock symbol in the display of your browser.

9. Disclosure of data
Your personal data will only be disclosed to third parties
- if you have given your express consent under Art. 6(1) (a) GDPR;
- if the disclosure is necessary to fulfil contractual obligations under Art. 6(1) (b) GDPR;
- if we are required by law to disclose the data within the meaning of Art. 6(1) (c) GDPR;
- if the disclosure of the data is in the public interest, as defined by Art. 6(1) (e) GDPR or;
- if the disclosure of the data under Art. 6(1) (f) GDPR is necessary to protect our legitimate interests or the legitimate interests of a third party, unless your interests in the protection of your data override them.

10. Data categories
We process the following categories of data: master data (e.g. company, contact person if applicable, address), communication data, contract data, receivables data, payment and default information, if applicable. See the above information.

11. Storage period for personal data
Your data will only be stored by us for as long as it is required for the purposes for which it is processed. Over and above that, we store data only to the extent that we are legally obliged to do so, e.g. due to legal storage obligations.

12. Information on the right to object
Under Art. 21 GDPR, objecting to the processing of personal data concerning you on the basis of Art. 6(1)(e) (data processing in the public interest) or (f) (data processing to safeguard legitimate interests on the basis of a balance of interests) is possible at any time. In the event of an objection, the personal data will no longer be processed, unless compelling legitimate grounds for processing are shown which override the interests, rights and freedoms of the data subject or the processing serves to establish, exercise or defend legal claims.
Please send your objection to the e-mail address datenschutz@interwega.de

13. Information on the right of withdrawal
If you have given us consent to process personal data, you can withdraw this consent at any time. Of course, this also applies to declarations of consent issued to us before 25 May 2018 (before the GDPR came into force). Withdrawing consent can always only be valid for the future. The lawfulness of the processing is not retroactively removed by withdrawal.
Please send your withdrawal by email to datenschutz@interwega.de

14. Keeping up to date
This data protection declaration is dated 8 October 2025 . It is the latest and currently valid version of our data privacy policy.
However, we would like to point out that from time to time it may be necessary to revise this data privacy policy due to factual or legal changes.

15. Data protection officer
If you have any questions regarding data protection, please feel free to contact our data protection officer at:

Perfekter Datenschutz (OT) GmbH
Speicherstraße 13
60327 Frankfurt am Main
Germany
or by email to datenschutz@interwega.de