Privacy Policy
Data Protection and Privacy Policy (Datenschutzerklärung)
Last updated: 01.08.2025
WAITRO Operations e.V. (“WAITRO”, “we”, “us”, or “our”) takes the protection of your personal data seriously. This Privacy Policy explains how we collect, use, and protect your personal data when you visit our website https://www.waitro.org, in accordance with the General Data Protection Regulation (GDPR) and applicable German data protection laws (BDSG, TMG).
1. Name and Contact Details of the Data Controller
WAITRO Operations e.V.
Grachtenhofstraße 63A
50226 Frechen, Germany
Email: info[at]waitro
2. Data Protection Officer (DPO)
Data Protection Officer: Dominik Reinertz
Email: d.reinertz[at]waitro.org
3. Data We Process
When using our website, the following categories of personal data may be collected:
- IP address (anonymized before storage)
- Date and time of access
- Browser type and version
- Operating system
- Referrer URL
- Pages viewed and interaction behavio
4. Purposes and Legal Bases of Processing
We process your data for the following purposes:
Purpose & Legal Basis (Art. 6 GDPR)
Website operation and security: Art. 6(1)(f) GDPR (legitimate interest)
Responding to contact requests: Art. 6(1)(b) GDPR
Use of cookies and analyticsArt. 6(1)(a) GDPR (consent)
Social media sharing functionality: Art. 6(1)(a) GDPR (consent)
Embedded media (e.g. YouTube): Art. 6(1)(f) GDPR (legitimate interest) and Art. 6(1)(a) if activated by user
5. Use of Google Analytics
We use Google Analytics by Google Ireland Limited to analyze website usage. IP anonymization is enabled. Your IP address is shortened before transmission. Google may transfer data to Google LLC in the USA. Google uses Standard Contractual Clauses (SCCs) approved by the European Commission. You can object to data collection by:
Adjusting your cookie preferences
Installing the opt-out browser add-on: https://tools.google.com/dlpage/gaoptout
More info: Google Analytics Data Protection
6. Embedded YouTube Videos
We embed YouTube videos using the “privacy-enhanced mode” offered by Google. No data is transferred unless you click the video. If you do, YouTube may collect data including your IP address and visited pages. If you’re logged in to a Google account, data may be linked to your profile. To prevent this, log out before viewing. Google may transfer data to the USA. It uses SCCs and other safeguards.
Privacy Policy: https://policies.google.com/privacy
7. Cookies
We use cookies to:
- Enable core functionality (essential cookies)
- Analyze website usage (analytics cookies)
You can manage cookie preferences using our [Cookie Consent Banner]. We respect your choices and only activate non-essential cookies after you consent.
8. Data Transfers to Third Countries
Where personal data is transferred to countries outside the EU/EEA, this is done under:
- Adequacy decisions (Art. 45 GDPR)
- Standard Contractual Clauses (Art. 46 GDPR
9. Retention Periods
Personal data is stored only as long as necessary for the stated purposes or as required by law. Server logs are deleted after [e.g., 14 days].
10. Your Rights under GDPR
As a data subject, you have the following rights under the General Data Protection Regulation (GDPR):
- Right to withdraw consent (Article 7(3) GDPR): You have the right to withdraw your consent at any time. This means we will no longer process your personal data based on that consent in the future.
- Right of access (Article 15 GDPR): You have the right to obtain confirmation as to whether or not personal data concerning you is being processed. Where that is the case, you can request access to the data and the following information: the purposes of the processing, the categories of personal data concerned, the recipients or categories of recipients to whom the data has been or will be disclosed, the planned storage period, the existence of your rights to rectification, erasure, restriction of processing or objection, the right to lodge a complaint with a supervisory authority, the source of the data (if not collected from you directly), and the existence of automated decision-making, including profiling, as well as meaningful information about the logic involved and the envisaged consequences of such processing.
- Right to rectification (Article 16 GDPR): You have the right to request the correction of inaccurate personal data concerning you and the completion of incomplete data without undue delay.
- Right to erasure (“right to be forgotten”) (Article 17 GDPR): You have the right to request the deletion of your personal data unless processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defence of legal claims.
- Right to restriction of processing (Article 18 GDPR): You have the right to request the restriction of processing if: you contest the accuracy of the data, the processing is unlawful but you oppose the erasure, we no longer need the data but you require it to establish, exercise or defend legal claims, or you have objected to processing pursuant to Article 21 GDPR and verification of our legitimate grounds is pending.
- Right to data portability (Article 20 GDPR): You have the right to receive the personal data you have provided to us in a structured, commonly used and machine-readable format and to transmit that data to another controller, where technically feasible.
- Right to lodge a complaint (Article 77 GDPR): You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or the location of the alleged infringement.
Authority:
Landesbeauftragte für Datenschutz und Informationsfreiheit NRW
Kavalleriestr. 2–4, 40213 Düsseldorf
https://www.ldi.nrw.de
11. Security Measures
We apply appropriate technical and organizational measures to protect your personal data from loss, misuse, or unauthorized access.
12. Changes to This Privacy Policy
This data protection information is currently applicable. We may update this policy to reflect changes in law or our services. The current version is always available at www.waitro.org/privacy/
13. Contact
WAITRO Operations e.V.
Grachtenhofstraße 63A
50226 Frechen, Germany
Email: info[at]waitro
