1. responsible person

WAVZ® - Transformation by Design.
Frank Höhne
c/o OFFICE & FRIENDS
Coworking Spaces
Walther-Rathenau-Str. 14
50996 Cologne
Germany

2. hosting with Mittwald

Our website is hosted by Mittwald CM Service GmbH & Co. KG, Königsberger Straße 4-6, 32339 Espelkamp, Germany.
Mittwald processes connection data (e.g. IP address, time stamp, file accessed, browser type) in order to ensure the secure and stable operation of the website.

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in reliable provision).

If you have consented to cookies that are not necessary, the processing is also carried out on the basis of Art. 6 para. 1 lit. a GDPR in conjunction with § 25 para. 1 TDDDG.
There is an order processing contract with Mittwald in accordance with Art. 28 GDPR.

3. consent management with Borlabs Cookie

We use Borlabs Cookie from Borlabs GmbH, Rübenkamp 32, 22305 Hamburg, Germany.
A banner appears the first time you visit our website. Your selection (consent or rejection of cookies) is stored in a cookie ("borlabs cookie").
Legal basis: Art. 6 para. 1 lit. c GDPR (legal obligation to obtain consent) and § 25 para. 2 no. 2 TDDDG (technically necessary).

4. security measures (NinjaFirewall & NinjaScanner)

We use NinjaFirewall (WP Edition) and NinjaScanner (The Ninja Technologies Network) to prevent unauthorized access and malware. IP addresses and access attempts can be logged on the server side.
Data is not transferred to third parties.
Legal basis: Art. 6 para. 1 lit. f GDPR, § 25 para. 2 no. 2 TDDDG (security measure).

5. spam and bot protection with Friendly Captcha

We use Friendly Captcha from Friendly Captcha GmbH, Am Anger 3-5, 82237 Wörthsee, Germany.
The service automatically checks whether requests originate from humans or bots by processing technical data (e.g. anonymized IP addresses, browser environment).
No tracking cookies are set.
Legal basis: Art. 6 para. 1 lit. f GDPR (protection against spam), § 25 para. 2 no. 2 TDDDG.

6. accessibility with OneTap

We use OneTap Accessibility (Starship Media GmbH, Factory 300, Dragonerstraße 67, 4600 Wels, Austria).
The tool provides accessible controls (e.g. contrast, font sizes). Only technically necessary data is processed.
Legal basis: Art. 6 para. 1 lit. f GDPR (user-friendliness).

7. multilingualism with Weglot

We use Weglot SAS, 7 Cité Paradis, 75010 Paris, France, to provide multilingual content.
Technical data (IP address, browser, request header) is transmitted to Weglot in order to deliver translations.
Legal basis: Art. 6 para. 1 lit. f GDPR, § 25 para. 2 no. 2 TDDDG (technically necessary for language switching).

8. backups with UpdraftPlus

We regularly back up our website with UpdraftPlus (Updraft WP Software Ltd., UK).
The backups may contain personal data (e.g. form entries). By default, they are stored on our server; if external storage (e.g. Google Drive, Dropbox) is used, they are transferred there.
Legal basis: Art. 6 para. 1 lit. f GDPR (data security), Art. 6 para. 1 lit. c GDPR (obligation to provide evidence).

9. statistics with WP Statistics

We use WP Statistics (VeronaLabs).
The plugin collects visitor data without cookies or third-party providers and stores it exclusively locally on our server. IP addresses are anonymized.
Legal basis: Art. 6 para. 1 lit. f GDPR (reach analysis).

10. optimization & caching with WP-Optimize

We use WP-Optimize (TeamUpdraft) to optimize databases and cache content.
The processing takes place exclusively on the server side; no data is transferred to third parties.
Legal basis: Art. 6 para. 1 lit. f GDPR.

11. SEO & editing tools

Yoast SEO (Yoast BV, NL): Optimizes content for search engines without collecting personal user data from visitors.

Yoast Duplicate Post, Disable Comments, Disable Gutenberg, Nested Pages, Password Protected: are used exclusively for administrative purposes and only process technically necessary data (e.g. session cookies).

Legal basis: Art. 6 para. 1 lit. f GDPR, § 25 para. 2 no. 2 TDDDG.

12. cookies used

Our website uses the following cookies:

borlabs-cookie
Saves your selection in the cookie banner (consent status).
Duration: 1 year
Category: technically necessary
Legal basis: Art. 6 para. 1 lit. c GDPR; § 25 para. 2 no. 2 TDDDG

isReturningVisitor2
Recognizes returning visitors (statistics, WP Statistics).
Duration: Session
Category: Statistics
Legal basis: Art. 6 para. 1 lit. a GDPR; § 25 para. 1 TDDDG

PHPSESSID
Standard session cookie for the technical provision of the website.
Duration: Session
Category: technically necessary
Legal basis: Art. 6 para. 1 lit. f GDPR; § 25 para. 2 no. 2 TDDDG

weglot_allow_private
Cookie of the translation plugin Weglot; controls the language display.
Duration: Session
Category: functional
Legal basis: Art. 6 para. 1 lit. f GDPR; § 25 para. 2 no. 2 TDDDG

wordpress_logged_in_[Hash]
Holds the login status of logged-in users (e.g. administrators, editors).
Duration: Session
Category: Technically necessary
Legal basis: Art. 6 para. 1 lit. f GDPR; § 25 para. 2 no. 2 TDDDG

wordpress_test_cookie
Checks whether the browser supports cookies.
Duration: Session
Category: technically necessary
Legal basis: Art. 6 para. 1 lit. f GDPR; § 25 para. 2 no. 2 TDDDG

wp-settings-[UID]
Saves backend and editor settings for logged-in users.
Duration: up to 1 year
Category: technically necessary
Legal basis: Art. 6 para. 1 lit. f GDPR; § 25 para. 2 no. 2 TDDDG

wp-settings-time-[UID]
Saves the timestamp for the above settings.
Duration: up to 1 year
Category: technically necessary
Legal basis: Art. 6 para. 1 lit. f GDPR; Section 25 para. 2 no. 2 TDDDG

13 Rights of the data subjects

You have the following rights under the GDPR:

Information (Art. 15),

Rectification (Art. 16),

Deletion (Art. 17),

Restriction (Art. 18),

Data portability (Art. 20),

Objection (Art. 21),

Complaint to a supervisory authority (Art. 77).

14. actuality

This privacy policy is valid as of August 2025.