Companies of the Westermann Gruppe

Data protection declaration


Date protection declaration for the website

Thank you for visiting our website and for your interest in our company. We take the protection of your personal data very seriously. We process your data in accordance with the legal regulations applicable for the protection of personal data, in particular the EU General Data Protection Act (GDPR) and national regulations. With the help of this Data Protection Declaration, we can inform you in detail about how your personal data is processed by Westermann GmbH & Co. KG and the rights to which you are entitled.
Personal data is any information that can be used to identify a natural person. This may include surname, date of birth, address, telephone number, email address and your IP address.
Data shall be considered anonymous if no personal reference to the user can be derived therefrom.

Responsible entity and Data Protection Officer
Westermann GmbH & Co.KG
Georg-Westermann-Allee 66
38104 Braunschweig, Germany
T. +49 531 708 0
F. +49 531 708 127
Email service(at)

Data protection officer contact: datenschutzbeauftragter(at)


Your rights as an affected person

Here, we would like to inform you of your rights as an affected person. These rights are standardised in Article 15-22 of the EU-GDPR. This encompasses:

    • Right to information (Article 15 of the EU-GDPR),
    • The right to deletion (Article 17 of the EU-GDPR),
    • The right to rectification (Article 16 of the EU-GDPR),
    • Right of data portability (Article 20 of the EU-GDPR),
    • The right to restriction of processing (Article 18 of the EU-GDPR),
    • The right to object to data processing (Article 21 of the EU-GDPR).

In order to exercise these rights please contact: Email: datenschutz(at), Telephone: +49 531 708 0 Post: Westermann GmbH & Co. KG, Georg-Westermann-Allee 66, 38104 Braunschweig, Germany.

The same applies should you have any questions regarding data processing at our company. You have the right to appeal at a data protection authority.


Right to object to data processing

Please note the following with regards to the right to object to data processing:
If we process your data for the purpose of direct advertising, you have the right to object to the processing of this data at any time without providing reasons. This also applies to profiling insofar as it is associated with such direct advertising.
If you object to the processing of your personal data for direct marketing purposes, we will no longer process your personal data for these purposes. This objection is free of charge and can take place in any format, ideally via:

Email: datenschutz(at), Telephone: +49 531 708 860 Post: Westermann GmbH & Co. KG, Georg-Westermann-Allee 66, 38104 Braunschweig, Germany.
In the event that we process your data to safeguard justified interests, you may object to the processing of this data which arises as a result of your particular situation at any time; this also applies to profiling based on these clauses.
We shall no longer process your personal data unless we can establish compelling legitimate grounds for processing it that outweigh your interests, rights and freedoms, or processing it for purposes of asserting, exercising or defending against legal claims.


Purpose and legal bases of data processing  

Your personal data is processed according to the EU-GDPR and all other applicable data protection regulations. The legal bases for processing data are formed in particular from Article 6 of the EU-GDPR.
We use your data to process contact enquiries, to initiate business transactions and to fulfil contractual and legal obligations.
Your consent acts as permission with regards to data protection law. We hereby inform you about the purposes of data processing and your right to object to data processing. Should the consent also extend to the processing of particular categories of personal data, we will notify you expressly of this in the consent, Article 88 para. 1 of the EU-GDPR.

Processing of particular categories of personal data in the sense of Article 9 para. 1 of the EU-GDPR shall only apply if this is legally required and there is no reason to believe that your legitimate interests shall be affected as a result, Article 88 para. 1 of the EU-GDPR.


Dissemination of data to third parties

We shall only pass on your data to third parties within the scope of legal provisions or corresponding consent. Otherwise, this shall not be transferred to third parties unless we are obliged to as a result of a legal requirement (transfer to external authorities such as supervisory authorities or law enforcement authorities).


Recipients of data / Categories of recipients

At our company, we ensure that only those persons who require your data to fulfil our contractual and legal obligations shall gain access (to it).
In many cases, service providers assist our specialist departments with the fulfilment of their tasks. All service providers are required to conform to the necessary data protection guidelines.


Third country transfer / Third country intent to transfer

Transfer of data to third countries (outside of the European Union or European Economic Area) shall only take place if we are contractually or legally obliged to do so, or you have given your consent.


Storage duration of data

We store your data as long as is required to process your order. Please note that various retention periods demand that data is stored after this time. This particularly concerns commercial law or fiscal regulations (e.g. commercial code, fiscal law, etc.). If no additional retention periods are required, the data will be routinely deleted after fulfilling its purpose. This means that we may store data if you have consented to this or if legal regulations require us to do so and we use statutory limitation periods which may last up to thirty years; the regular limitation period is three years.


Secure transmission of your data

In order to protect your data against accidental or wilful manipulation, loss, destruction or access by unauthorised persons, we use technical and organisational security measures. The security level is continuously reviewed in collaboration with security experts and adapted to meet new security standards.
We offer users content encryption when using our contact forms. Decryption of this data is only possible by us. There is also the option of using alternative communication channels (e.g. post).


Categories, sources and origin of data

The data we process depends on the context: This may depend on whether you place an order online, submit an enquiry using our contact form or send us an application or complaint.
Please note that we store information in appropriate places depending on the processing situation, e.g. when uploading application documents or a contact enquiry.
We collect and process the following data when visiting our website:

    • Name of the internet service provider
    • Details about the websites from which you visit us
    • Web browser and operating system used
    • The IP address issued by your internet service provider
    • Requested files
    • The amount of data transmitted, downloads/file export
    • Details about the websites visited through our site including date and time

For technical security reasons (in particular to defend against hacking attempts on our web server), this data is stored pursuant to Article 6 para. 1 lit. F EU-GDPR. After no more than 7 days, anonymisation takes place by shortening the IP address so that no reference to the user can be found.

We collect and process the following data upon receipt of a contact enquiry:

    • Surname, first name
    • Contact information
    • Title
    • Details of the enquiry and interests


Contact form / Contacting by email (Article 6 para. 1 lit. a) of the EU-GDPR)

A contact form is provided on our website which can also be used to establish contact with us electronically. If you write to us using the contact form, we process the details provided in the contact form for the purpose of establishing contact and responding to your enquiry.
In accordance with the principles of data processing, we ensure you only need to provide the data necessary to establish contact with you. This includes your email address and message itself. Your IP address is processed for technical and legal reasons. All other data are voluntary fields and can be optionally provided (e.g. for a more personal response to your enquiry).
If you contact us by email, we will only process the personal data provided for the purpose of handling your enquiry. If you do not use the contact form provided, no further data collection will take place.


Automated case-by-case decision

We do not use any automated processing methods to make a decision.


Cookies (Article 6 para. 1 lit. f) of the EU-GDPR / Article 6 para. 1 lit. a of the EU-GDPR upon consent)

Our website uses so-called cookies in several places. Cookies help make our website more user-friendly, efficient, and secure. Cookies are small text files that are stored on your computer and saved by your browser (locally on your hard drive).
These cookies allow us to analyse how users use our website. This allows us to tailor our website content to user requirements. Cookies also allow us to measure the effectiveness of a particular advert and place them based on user interests.
Most of the cookies we use are known as “session-cookies”. These are automatically deleted after your visit. Permanent cookies are automatically deleted from your computer once their expiry period has been reached (usually six months) or if you delete them yourself prior to this date. Most internet browsers accept cookies automatically. You can usually change your browser settings if you prefer not to give out such information. You can use our website services without any limitations (excluding: configurators).

Please note: If you disable cookies from being placed in the internet browser used, then, under certain circumstances, not all the functions of our website will be fully usable.

Cookie list

Statistics cookies

Statistics cookies

This website uses the open-source analysis tool Matomo (, previously known as PIWIK) to create statistical reports about the use of our website. This makes it possible to ensure that the websites are optimised and made more user-friendly. Matomo stores the collected data (including time, pages visited, browser used, operating system) in a database. The evaluations generated with Matomo are completely anonymised and cannot be used for the identification of individual persons. IP addresses are made unrecognisable before entering the database to comply with legal regulations. No links are made between the data stored and other sources of data, nor is it passed on to third parties. The Matomo analysis tool uses cookies for data analysis purposes. The anonymous user profiles are not combined with personal data concerning the user of the pseudonym without the express consent of the data subject, which is to be granted separately. You can prevent the storage of cookies by using the appropriate setting on your browser software; however we would point out to you that if you do so, you may not be able to use all functions of this website to their full extent.


Social plugins by social networks

We do not use social plugins.


Online offers for children

Persons under 16 years of age should not send us personal data without the consent of their parents or legal guardians. We encourage parents and guardians to actively participate in the online activities and interests of their children.


Links to other providers

Our website clearly displays links to other websites. We have no influence over the content of other websites to which we provide a link. For this reason, we cannot accept liability for such third-party content. The respective provider or operator of such sites is always responsible for the content of linked sites.

The linked sites were checked at the time of linking for possible legal violations or clearly identifiable infringements. Illegal content was not evident at that time. A permanent inspection of linked sites is not reasonable without concrete evidence of an infringement of the law. On becoming aware of legal violations, we will remove such links immediately.