Privacy Policy Declaration

1. Introduction

2. How do we collect your data?

3. Who is the responsible for data collection on this website?

4. Data protection officer prescribed by law

5. What do we use your data for?

6. What categories of data are collected?

7. On what legal basis does your data processing take place?

8. Who receives your data?

9. Are personal data transferred to a third country?

10. For how long the data will be stored?

11. Does automated decision-making, including profiling take place?

12. What rights do you have as a concerned party with regard to your data within the meaning of the GDPR1?

13. Data security (SSL or TLS encryption)

14. Cookies

15. Server log files

16. Social media links

17. Contact options via e-mail

18. Status and updating of this privacy policy declaration

1. Introduction

WindMW GmbH (hereinafter referred to as WindMW) appreciates your interest in our company and your visit to our website. Data protection is of particularly high priority for us and responsible handling of personal data by WindMW is accordingly given high priority. We would like to inform you about how your personal data are processed by WindMW and how you can exercise your rights under the General Data Protection Regulation (hereinafter "GDPR"). Furthermore, we explain which data we collect when you visit our websites and for what purpose they are used.

Relevant personal data are those data that are collected on this website (e.g. cookies, IP addresses - when visiting the website, name, address, contact details - when contacting us and for job applications).

We treat your personal data confidentially and in accordance with the statutory data protection regulations (GDPR), the Federal Data Protection Act (BDSG), and the German Telemedia Act (TMG).

2. How do we collect your data?

On our website, you have the option of contacting us via e-mail address. The personal data that you provide to us in this context will only be used to process your respective enquiries.

Other data are automatically collected by our IT systems when you visit the website. These are mainly technical data (e.g. internet browser, operating system or time of page view). These data are collected automatically as soon as you enter our website.

3. Who is the responsible Controller for data collection on this website?

The responsible Controller for data processing on this website is:

WindMW GmbH

Am Kietz 20, 15806 Zossen

Phone: +49 (3377) 20 19 257


If you have any questions about data protection or wish to exercise your right to information or revocation, you can also contact us at

4. Data protection officer prescribed by law

We have appointed a data protection officer for our company:

Phone: +49 (471) 30 93 03 74


5. What do we use your data for?

WindMW processes personal data for the following purposes:

Providing, maintaining, protecting and improving our services

Developing new services

Ensuring security measures

Responding to contact requests and communicating with users

Employment relationships and application procedures

Defending and enforcing of our legal rights

Complying with and enforcing applicable laws, regulations, legal process or enforceable governmental requests that are binding on WindMW,

Protecting rights affecting our property or safety, the property or safety of our users or the public, to the extent permitted and required by law

Detecting, preventing or taking action against violations of law, where WindMW is required to do so by law or where third parties have a right to do so against WindMW.

6. What categories of data are collected?

As part of your use of our website, we process personal data that you have provided to us, including the following categories of personal data:

contact data (e.g. e-mail address, phone number)

other personal data that you provide in the contact form

usage data (e.g. access data)

meta/communication data (e.g. IP addresses)

7. On what legal basis does your data processing take place?

The legal basis for the processing of your data is Art. 6 (1) lit a. (the consent you may have given) lit b. (the processing of the information for the fulfilment of a contract or the initiation of a contract), lit c. (the fulfilment of a legal obligation), lit e. or lit f. (insofar as the collection of data is based on a legitimate interest of our company, such as contact data management) of the GDPR.

8. Who receives your data?

The personal data that you provide to us will be accessed and processed by our employees exclusively for the purposes communicated above.

Within WindMW, only those departments will have access to your data that need it to perform their tasks, to safeguard our legitimate interests or to fulfil contractual and legal obligations. If we disclose data to other companies such as order processors in the course of our processing, this will only be done if they comply with our written instructions under data protection law and with the provisions of the GDPR.

9. Are personal data transferred to a third country?

Data are not transferred to a third country.

10. For how long the data will be stored?

The duration of the storage of your personal data, which are created during the use of our website, depends on the purpose for which the data were collected and on the type of data. We store your personal data for as long as is required to fulfil the purposes described in this privacy policy declaration.

We may also store your personal data if this is necessary for the purpose of providing evidence or asserting, exercising or defending legal claims. We also store these data if this has been provided for by the European or national legislator in EU regulations, laws or other legal provisions to which we are subject.

These include, for example, retention obligations under commercial and tax law. The retention periods specified there are two to ten years. In addition, personal data may be retained for the period during which claims can be asserted against us (statutory limitation period of three or up to thirty years). When the prescribed retention period expires, your data will be deleted.

11. Does automated decision-making, including profiling, take place?

No profiling measures take place.

12. What rights do you have as a data subject with regard to your data within the meaning of the GDPR?

Insofar as your personal data are processed, you are a data subject within the meaning of the GDPR and you are entitled to the following rights arising against:

Right of Access (Art. 15 GDPR)

You have the right to obtain information free of charge at any time as to whether and which of your personal data are stored by us, its planned storage period or, if concrete information on this is not possible, criteria for determining the storage period; about its origin; the purpose of the data processing and to which recipient or category of recipients we may have passed it on. In addition, you have the right to lodge a complaint with a supervisory authority under data protection law in accordance with Art. 77 GDPR, as well as to request information on whether the personal data concerning you are transferred to a third country or to an international organisation. You can also request information about the appropriate guarantees in accordance with Article 46 of the GDPR in connection with the transfer.

Right of Rectification (Art. 16 GDPR)

You have a right of rectification and/or completion against WindMW if the personal data processed concerning you are inaccurate or incomplete. WindMW shall carry out the correction without delay.

Right of restriction of processing (Art. 18 GDPR)

You may request the restriction of the processing of your personal data under the following conditions if:

you contest the accuracy of your personal data for a period enabling WindMW to verify the accuracy of the data;

the processing is unlawful and you oppose the erasure of your personal data and you request the restriction of their use instead:

WindMW no longer needs your personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims; or

you have objected to data processing pursuant to Article 21(1) of the GDPR pending the verification whether our legitimate grounds for the processing override those of yourself.

If you have requested restriction of processing of your personal data, such personal data - with the exception of storage -, shall only be processed with your consent for the establishment, exercise or defence of legal claims or for the protection of another natural or legal person or for reasons of important public interest of the Union or of a Member State. You shall be informed by us before the restriction of processing is lifted.

Right to erasure (“Right to rectification” Art. 17 GDPR)

You shall have the right to obtain from WindMW the erasure of personal data concerning you where one of the following grounds applies:

your personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.

You withdraw your consent on which the processing is based according to Article 6(1) lit a. or Article 9(2) lit a. GDPR, and where there is no other legal ground for the processing.

You object to the processing pursuant to Article 21(1) and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21(2).

Your personal data have been unlawfully processed.

Your personal data have to be erased for compliance with a legal obligation in the Union or in a Member State law to which WindMW is subject.

Erasure may be lawfully refused despite the existence of a reason for erasure mentioned above if WindMW has a legitimate interest in the continued use of the data (Art. 17(3) GDPR). This may be the case in particular if the continued processing is necessary to comply with a legal obligation to retain data and in this respect, there is a legal obligation (Art. 17(3) lit b. GDPR) not to delete the data or if the processing is necessary for the assertion, exercise or defence of legal claims (Art. 17(3) lit e. GDPR).

Right to information

If you, as a data subject, exercise your rights of rectification, erasure or restriction of processing against WindMW, we may also be obliged to inform other recipients to whom your data have been disclosed. WindMW shall inform you about at your request.

Right to data portability (Art. 20 GDPR)

You shall have the right to receive the personal data concerning you, in a structured, commonly used and machine-readable format and you have the right to transmit those data to another controller.

Where technically feasible, you have the right to request a transfer from us directly to another person responsible, provided that this does not affect the rights of third parties.

Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

You shall have the right to contact a supervisory authority for questions or complaints, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement. The supervisory authority responsible for us is the State Commissioner for Data Protection and Freedom of Information of the Free Hanseatic City of Bremen.

Right to object (Art. 21 GDPR)

You have the right to object at any time to the processing of your data based on a balance of interests (Art. 6(1) (f) GDPR) or in the public interest (Art. 6 (1) (e) GDPR), if there are grounds for doing so. This also applies to profiling based on this provision.

If an objection is made, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can revoke consent you have already given at any time. To do so, simply send us an informal message to the following e-mail: The legality of the data processing carried out until the revocation remains unaffected by the revocation.

13. Data security (SSL or TLS encryption)

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

14. Cookies

This website uses so-called "cookies", text files that are stored on your computer and saved by your browser. Cookies do not cause any damage to your computer and do not contain viruses and are used to enable a safe and optimised use of the website for you. The information generated by the technically necessary cookies during your use of this website are used to ensure and improve our offer of information and functions.

The legal basis for data processing is Art. 6(1) lit f. GDPR (legitimate interests). The secure provision of the web presence is such a legitimate interest. The information obtained will not be passed on to third parties. The cookies are usually deleted automatically after the end of your session. You can prevent the storage of cookies by setting your browser software accordingly. However, we would like to point out that in this case the functionality of this website may be limited.

Insofar as other cookies (e.g. cookies to analyse your surfing behaviour) are stored, these are dealt with separately in this data protection declaration.

15. Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

browser type and browser version

operating system used

referrer URL

host name of accessing computer

time of server request

IP address

These data are not merged with other data sources.

The collected data are processed for statistical evaluations and to improve the website. However, the website operator reserves the right to subsequently check the server files if there are concrete indications of illegal use.

The basis for data processing is Art. 6(1) lit f. GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.

16. Social media links

Our site uses links to our presence on the social networks of LinkedIn (provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, as a subsidiary of LinkedIn Corporation, 2029 Stierlin Ct. Ste. 200 Mountain View, CA 94043, USA) and XING (New Work SE, Am Strandkai 1, 20457 Hamburg, Germany).

When you visit our websites, no data are therefore automatically transmitted to social networks such as LinkedIn or XING. However, if you actively click on the respective link, your internet browser establishes a connection to the provider's servers. This is a forwarding by linking. The data processing by the provider of the link is governed by the provider's respective data protection policy.

You can find further information on this in the data protection declaration of LinkedIn: and the data protection declaration of XING:

17. Contact options via e-mail

On our website, you have the option of contacting us via the published e-mail address In this case, personal data transmitted by you will be used to process your request on the basis of Art. 6 (1) sentence 1 lit b. GDPR, provided that your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the personal data are collected based on your consent (Art. 6(1) 1 sentence 1 lit a. GDPR) and/or in our legitimate interest (Art. 6(1) sentence 1 lit a. GDPR) in processing the contact. In this context, the data will not be passed on to third parties and will remain with us until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g. as soon as the purpose of the communication has been achieved). The legally established retention periods (according to HGB [= Handelsgesetzbuch = German Commercial Code] and AO [= Abgabenordnung = German Tax Code]) remain unaffected in this context.

18. Status and updating of this privacy policy declaration

Status: 25.04.2022.

We reserve the right to amend this privacy policy declaration at any time with effect for the future. This is done through the further development of our website or in compliance with legal regulations.

1 GDPR = General Data Protection Regulation

In order to make our website secure, transparent and optimal for you, we are using cookies, but only those that are technically mandatory. Without these necessary cookies, our website cannot be used properly. Cookies are explicitly not used for marketing or analysis purposes or the like. Detailed information can be found in our privacy policy declaration. For further use of this website, you have taken note of the use of these technically necessary cookies.