Data protection information

Welcome to WERK. Thank you for your interest in our website ( The protection of your privacy is very important to us. To ensure that you feel secure when visiting our website, we strictly adhere to the legal provisions when processing your personal data and would like to inform you in detail about our data handling practices here.


Personal data refers to information that relates to an identified or identifiable individual. This primarily includes information that allows conclusions about your identity, such as your name, telephone number, address, or email address. Statistical data that we collect, for example when you visit our website, which cannot be linked directly to your personal identity, is not considered personal data.


You can print or save this privacy policy using the standard functionality of your browser.

1. Controller

The contact person and so-called controller for the processing of your personal data when you visit this website within the meaning of the EU General Data Protection Regulation (GDPR) is


BEN digital services GmbH
Schloßstr. 19
82031 Grünwald


Phone: +49 721 754 052 70


If you have any questions about data protection in connection with our products or the use of our website, you can also contact our data protection officer at any time. He can be contacted at the above postal address and at the above e-mail address (keyword: "Attn. data protection officer").

2. Data processing on our website


Each time you use our website, we collect the access data that your browser automatically transmits to enable you to visit the website. The access data includes in particular


  • IP address of the requesting device
  • Date and time of the request
  • Address of the accessed website and the requesting website
  • Information about the browser and operating system used
  • Online identifiers (e.g. device identifiers, session IDs)

The data processing of this access data is necessary to enable you to visit the website and to ensure the long-term functionality and security of our systems. The access data is also temporarily stored in internal log files for the purposes described above in order to compile statistical data on the use of our website, to further develop our website with regard to the usage habits of our visitors (e.g. if the proportion of mobile devices with which the pages are accessed increases) and to maintain our website in general for administrative purposes. The legal basis is Art. 6 para. 1 sentence 1 lit. b GDPR.


The information stored in the log files does not allow any direct conclusions to be drawn about your person - in particular, we only store the IP addresses in abbreviated, anonymized form. The log files are stored for 30 days and archived after subsequent anonymization.


You have various options for contacting us. These include the contact form, registration for events or the call-back function. In this context, we process data exclusively for the purpose of communicating with you. The legal basis is Art. 6 para. 1 lit. b GDPR. The data collected by us when using the contact form will be automatically deleted after your request has been fully processed, unless we still need your request to fulfill contractual or legal obligations (see section "Storage duration").


You have the option of registering for our login area in order to use the full functionality of our website. We have highlighted the data you are required to enter as mandatory fields. Registration is not possible without this data. The legal basis for processing is Art. 6 para. 1 lit. b GDPR.


We use the service of the provider Open Knowledge Foundation Deutschland e.V., Singertr. 109, D-10179, Berlin, Germany, to obtain company data from the commercial register.


When you enter the name of your company on the homepage, an API call is made to obtain the company data from the commercial register so that the registration form can be pre-filled. The category of personal data that we process in this context is your company affiliation.


The legal basis for this processing is our legitimate interest pursuant to Art. 6 para. 1 lit. f) GDPR to provide you with an optimal, user-friendly registration process.


The data collected will be deleted once the purpose has been achieved. Further information on data processing at can be found at the bottom of the following page:

3. Use of cookies

In order to make visiting our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your end device. Some of the cookies we use are deleted again at the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your device and enable us to recognize your browser on your next visit (persistent cookies). You can set your browser so that you are informed about the setting of cookies and decide individually whether to accept them or to exclude the acceptance of cookies for certain cases or in general. If you do not accept cookies, the functionality of our website may be limited. Most web browsers (see the help function in the menu bar of your browser) can be set by you so that they do not accept new cookies, that you receive a message that a new cookie has been placed or that all cookies received are switched off. For smartphones, tablets and other mobile and stationary devices, you can find the necessary settings in the respective operating instructions. However, we recommend that you leave the cookie functions switched on completely, as it is only possible to further improve our websites for your needs with cookies. Our cookies do not store any sensitive data such as passwords, credit card details or similar. They do not cause any damage to your end device and do not contain any viruses. Cookies that are required to carry out the electronic communication process or to provide certain functions that you have requested (e.g. shopping cart function, language settings) are stored on the basis of Art. 6 para. 1 lit. f) GDPR. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimized provision of its services. Insofar as other cookies (e.g. cookies to analyze your surfing behavior) are stored, these are treated separately in this data protection declaration.


We use our own cookies, in particular


  • for login authentication;
  • for load distribution;
  • to save your language settings;
  • to note that information placed on our website has been displayed to you ¬- so that it is not displayed again the next time you visit the website.


We want to enable you to use our website in a more convenient and personalized way. These services are based on our aforementioned legitimate interests; the legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR.

4. Forwarding of data

The data collected by us will only be passed on if:


  • you have given your express consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR,

  • the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR is necessary for the assertion, exercise or defense of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,

  • we are legally obliged to disclose the data in accordance with Art. 6 para. 1 sentence 1 lit. c GDPR or

  • this is legally permissible and required pursuant to Art. 6 para. 1 sentence 1 lit. b GDPR for the processing of contractual relationships with you or for the implementation of pre-contractual measures that are carried out at your request.

Some of the data processing may be carried out by our service providers. In addition to the service providers mentioned in this privacy policy, this may include, in particular, data centers that store our website and databases, IT service providers that maintain our systems, and consulting companies. If we pass on data to our service providers, they may only use the data to fulfill their tasks. The service providers have been carefully selected and commissioned by us. They are contractually bound by our instructions, have suitable technical and organizational measures in place to protect the rights of the data subjects and are regularly monitored by us.

In addition, data may be passed on in connection with official inquiries, court orders and legal proceedings if this is necessary for legal prosecution or enforcement.


The hosting services we use serve to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, e-mail dispatch, security services and technical maintenance services that we use for the purpose of operating this online offering. In doing so, we, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors to this online offer on the basis of our legitimate interests in an efficient and secure provision of this online offer in accordance with Art. 6 para. 1 lit. f GDPR in conjunction with. Art. 28 GDPR (conclusion of processing contracts).


If we use services from providers whose registered office is partly in so-called third countries, i.e. countries whose level of data protection does not correspond to that of the European Union, the following applies: Insofar as this is the case and the European Commission has not issued an adequacy decision (Art. 45 GDPR) for these countries, we have taken appropriate precautions to ensure an adequate level of data protection for any data transfers. These include standard contractual clauses of the European Union or binding internal data protection regulations. Where this is not possible, we base the data transfer on exceptions under Art. 49 GDPR, in particular your express consent or the necessity of the transfer to fulfill the contract. If a third country transfer is provided for and no adequacy decision or suitable guarantees exist, it is possible that authorities in the respective third country (e.g. secret services) may gain access to the transferred data and that the enforceability of your data subject rights cannot be guaranteed. You will also be informed of this when your consent is obtained.

5. Storage duration

In principle, we only store personal data for as long as necessary to fulfill contractual or legal obligations for which we have collected the data. We then delete the data immediately, unless we still need the data until the statutory limitation period expires for evidence purposes for civil law claims or due to statutory retention obligations.


For evidence purposes, we must retain contract data for three years from the end of the year in which the business relationship with you ends. Any claims expire at the earliest at this time in accordance with the statutory limitation period.


Even after this, we still have to store some of your data for accounting reasons. We are obliged to do so due to statutory documentation obligations that may arise from the German Commercial Code, the German Fiscal Code, the German Banking Act, the German Money Laundering Act and the German Securities Trading Act. The periods specified there for the retention of documents are two to ten years.

6. Your rights

You have the right to request information about the processing of your personal data by us at any time. We will explain the data processing to you as part of the information request and provide you with an overview of the data stored about you.


If data stored by us is incorrect or no longer up to date, you have the right to have this data corrected.


You can also request the deletion of your data. If deletion is not possible in exceptional cases due to other legal provisions, the data will be blocked so that it is only available for this legal purpose.


You can also have the processing of your data restricted, e.g. if you believe that the data we have stored is incorrect. You also have the right to data portability, i.e. we will send you a digital copy of the personal data you have provided to us on request.


To exercise your rights described here, you can contact us at any time using the contact details above. This also applies if you wish to receive copies of guarantees to demonstrate an adequate level of data protection.


You also have the right to object to data processing based on Art. 6 para. 1 lit. e or f GDPR. Finally, you have the right to lodge a complaint with the data protection supervisory authority responsible for us. You can assert this right with a supervisory authority in the member state of your place of residence, your place of work or the place of the alleged infringement. Supervisory authority responsible for Grünwald: Bavarian State Office for Data Protection Supervision, Promenade 18, 91522 Ansbach

7. Right of revocation and right to object

In accordance with Article 7 (2) GDPR, you have the right to withdraw your consent at any time. As a result, we will no longer continue the data processing that was based on this consent in the future. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.


Insofar as we process your data on the basis of legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right to object to the processing of your data pursuant to Art. 21 GDPR, provided that there are reasons for this arising from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right to object, which we will implement without you having to give reasons.


If you would like to exercise your right of revocation or right to object, simply send an informal message to the contact details given above.

8. Data security

We maintain up-to-date technical measures to ensure data security, in particular to protect your personal data from risks during data transmission and from third parties gaining knowledge of it. These measures are adapted in line with the current state of the art. To secure the personal data you enter on our website, we use Transport Layer Security (TLS), which encrypts the information you enter.

9. Changes to the privacy policy

We occasionally update this privacy policy, for example when we adapt our website or when legal or regulatory requirements change.

Version: 1.0 / Status: February 2024