EN
  • DE
  • EN
  • FR
  • ES
  • IT
  • PL
  • CZ
B2B
EN
B2B
You are hereHomePrivacy Policy

Privacy Policy

Thank you for your interest in our website. The protection of your privacy is very important to us. In accordance with Art. 13 GDPR, we inform you in detail below about the processing of your data that takes place when you use our website and its functionalities. Please note that when using certain functionalities, you will be redirected to one of our store pageshttps://shop.wenko.de/ or https://b2bshop.wenko.de/ . Please inform yourself about the data processing of these pages in the data protection declarations provided there.

I. Responsible body

I.1. Names and contact details of the controller

The company is responsible for the data processing that takes place via the website 
www.wenko.com: 
WENKO-WENSELAAR GmbH & Co KG 
Im Hülsenfeld 10 | 40721 Hilden | Germany 
Tel. (02103) 573-270 | E-Mail: kundenservice@wenko.d

I.2. Contact details of the data protection officer The data protection officer of WENKO-WENSELAAR is appointed: 
Prof. Thomas Jäschke, DATATREE AG 
Märkische Straße 212 - 218, 44141 Dortmund 
Tel. (0231) 54380 398 | E-Mail: dsb@datatree.ag

II. Processing of the data you have entered

II.1 Processing of log files

You can visit our website without providing any personal information. During your visit, we store the following access data in so-called server log files without any action on your part:

• IP address of the requesting computer, 
• Date and time of access, 
• Name and URL of the retrieved file, 
• Website from which access is made (referrer URL), 
• Browser type and version as well as other information transmitted by the browser (such as the operating system of your computer).

In accordance with Art. 6 (1) lit. f. DS-GVO (legitimate interest), this data processing is carried out to ensure the trouble-free operation of the pages, e.g. to ensure a smooth connection establishment of the website, to evaluate system security and stability, to detect and prevent attacks on our website, etc.

The information is stored in the log files. The log files are stored for a maximum of 14 days and then deleted, unless further storage is necessary for the purpose of preserving evidence until final clarification.

II.2. Processing in the case of an order or opening a customer account
You can open a customer account and / or place orders via our shop pages https://shop.wenko.de/ (for private customers) or https://b2bshop.wenko.de/ (for business customers). Please inform yourself about the data processing on these pages in the data protection declarations provided there.

II.3. Processing when requesting an offer, a press release and/or using our contact form 

If you use our contact form, request a quote and/or a press release, we process the data you provide (mandatory fields last name, first name, e-mail, topic/issue) in order to process your request (within the scope of your consent, to fulfill the contract, based on our legitimate interest - Art. 6 (1) lit. a, b and f GDPR).

The data you enter will be stored for as long as is necessary to process your request (maximum: to comply with the statutory retention period). Please note that if you request an offer as a business customer or a press release as a journalist, we will store your data on the basis of our legitimate interest (Art. 6 (1) lit. f GDPR) in maintaining business/media contacts, placing articles about our company or contacting interested B2B customers in order to follow up on the offer/press release and, if you show a presumed interest in the correspondence, to contact you again. You can object to this use of your data at any time (see IV Your rights as a data subject).

We use the service of the provider Zendesk, Inc., 989 Market Street, San Francisco, CA 94103 in Germany represented by Zendesk GmbH c/o TaylorWessing, Neue Schönhauser Str 3-5, 10178 Berlin to process your request/complaint. With regard to the location of data processing, we have ensured that the data is hosted at a data center based in Frankfurt. Furthermore, we have concluded a data processing agreement with Zendesk to ensure that the data is processed in accordance with data protection regulations. In addition, Zendesk is certified in accordance with the EU-U.S. Privacy Framework and thus guarantees a level of data protection equivalent to that in the EU. Information on data protection and data security at Zendesk can be found at: https://www.zendesk.com/trust-center/

II.4 Use of Google RECAPTCHA in our contact form

We use Google reCAPTCHA on our website, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google reCAPTCHA attempts to distinguish whether a certain action is performed by a human or a computer program or "bot".

During the verification by Google reCAPTCHA, the following personal data, among others, is transmitted to Google:

• the page that integrates Google reCAPTCHA 
• Your IP address • Your set language in the browser 
• Information on screen and window resolution 
• the time zone 
• Installation of browser plug-ins

Google reCAPTCHA also checks whether a cookie has already been created in your browser. If this is not the case, a cookie will be set by Google reCAPTCHA. We would also like to point out that Google Fonts is part of the Google reCAPTCHA tool and is also loaded as a necessary sub-function within this service

Google reCAPTCHA is used in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in checking whether entries are made by a person or possibly machine access (caused by "bots") with the aim of attacking our site.

We cannot rule out the possibility that personal data may be transferred outside the legal area of the European Union, e.g. to servers located in the USA. Google is certified in accordance with the EU-U.S. Privacy Framework and guarantees a level of data protection equivalent to that in the EU, even when data is processed on U.S. servers.

For details on the collection and storage of your personal data and the nature, scope and purpose of its use by Google reCAPTCHA, please refer to Google's privacy policy: https://policies.google.com/technologies/partner-sites?hl=en

II.5. Processing when sending an application
If you would like to send us your application, please send it exclusively to the e-mail address bewerbung@wenko.de. Your application will then be sent directly to authorized employees in our HR department, where it will be processed. If we are interested in your application, it will be forwarded internally to the relevant head of department and an invitation will then be sent via our HR department.

Applicant data is only processed to fulfill our (pre-)contractual obligations in the context of the application process in accordance with Art. 88 para. 1, Art. 6 para. 1 lit. b GDPR.

In the event of a rejection, your documents will be deleted or destroyed immediately, whereby the legally stipulated minimum security level will always be observed when destroying the documents. Exceptionally, there will be no immediate deletion if the data requires longer storage of up to 6 months or until the conclusion of legal proceedings due to legal provisions (e.g. due to a burden of proof under the German General Equal Treatment Act). The legal basis for this results from Art. 6 para. 1 lit. f GDPR i.V.m. § Section 24 para. 1 no. 1 BDSG.

In this case, our legitimate interest lies in legal defense and enforcement. If we retain your application for a longer period of time in order to contact you again at a later date about career prospects at our company, this will only take place if you have previously given us your consent in accordance with Art. 6 para. 1 lit. a GDPR. Here, too, you have the right to revoke your consent at any time in accordance with Art. 7 para. 3 GDPR by submitting a declaration to us with effect for the future.

In the event of an acceptance and consequently the conclusion of an employment contract, we store your data transmitted to us as part of the application for the purpose of standard administrative and organizational processes. The legal basis for this results from Art. 6 para. 1 lit. b GDPR i.V.m. § 26 BDSG.

II.6. Processing in the case of use of Google Maps

We use Google Maps on our website to display our location and directions. This is a service provided by Google Ireland Limited, a company incorporated and operated under Irish law (registration number: 368047) with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). With this service, we can display interactive maps directly on the website and enable you to use the map function conveniently.

If you have consented to the use of cookies and other tracking functions via our content banner, the following data processing takes place when you enter a zip code and click on the "Search" field:

When you visit the website, Google receives the information that you have accessed the corresponding subpage of our website. If you call up the integrated "Google Maps" function, Google stores a cookie on your end device via your browser. Your user settings and your user data are also processed so that our location is displayed and directions are provided. The following personal data is transmitted to Google:

• the IP address 
• the date and time of the request 
• the time zone difference to Greenwich Mean Time 
• Your previously visited website 
• the access status/http status code 
• the amount of data transferred in each case 
• the website from which the request comes 
• the browser and the version of the browser software 
• the operating system, its interface and the language


The legal basis for this is Art. 6 para. 1 lit. a GDPR (i.V.m. § Section 25 (1) TDDDG, i.e. your consent, which you give via our consent banner. Please note, however, that you will not be able to use the Google Maps function if you do not consent. Alternatively, you can request the location of a retailer near you by telephone or e-mail from our customer service.

You can revoke your consent at any time in accordance with Art. 7 para. 3 GDPR and without giving reasons with effect for the future by clicking on the "Data protection settings" button integrated in the footer of our website and thus calling up the consent banner. You can then use the banner to make a new selection.

We cannot rule out the possibility that personal data may be transferred outside the legal area of the European Union, e.g. to servers located in the USA. Google is certified in accordance with the EU-U.S. Privacy Framework and guarantees a level of data protection equivalent to that in the EU, even when data is processed on U.S. servers.

Further information on the purpose and scope of data collection and its processing by the plug-in provider can be found in the provider's privacy policy. There you will also find further information on your rights in this regard and setting options to protect your privacy:https://policies.google.com/privacy?hl=en&gl=en

III. Use of cookies and pixel tags

III.1 Definition: Temporary and permanent cookies

Cookies are small text files that are stored on your computer by a web server. The next time you visit the website, it can use the cookie to recognize your web browser. Cookies cannot execute programs or transfer viruses to your computer. They are used to make the website more user-friendly and effective overall.

There are different types of cookies, the scope and function of which we would now like to explain:

• There are so-called temporary or transient cookies, which are automatically deleted when you close the browser. These include session cookies. These store a so-called session ID, with which various requests from your browser can be assigned to a common session. This allows your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close your web browser.
• There are also permanent or persistent cookies, which initially remain stored after the browser is closed, but are automatically deleted after a specified period. The duration differs depending on the cookie, but we would like to point out that you can delete the cookies at any time using the security settings of your web browser.

Third-party cookies are cookies that are offered by providers other than the controller who operates the online service.

II.2 We use the following cookies on our website:

III.3 Legal basis for the use of cookies

The use of certain cookies is necessary to ensure the functionality and security of our website (Art. 6 (1) lit f. GDPR, legitimate interest). When you visit our site for the first time, you will be informed via our consent banner which functional cookies are absolutely necessary for the operation of the site. You can also use the consent banner to select which cookies, tracking tools and remarketing tools can be used based on your visit to our website.

The implementation of this selection requires the use of a cookie, which is stored on your end device for the duration of one year, unless you delete it beforehand through your browser settings (legal basis is our legitimate interest (Art. 6 (1) lit f. GDPR) in a proof of the cookie selection made by you).

If you agree via the cookie banner that technically unnecessary cookies and pixel tags (i.e. for the implementation of tracking and remarketing tools) are set, the processing of your personal data is based on your consent (Art. 6 (1) lit. a GDPR in conjunction with. § 25 para. 1 TTDSG). You can withdraw your consent at any time. The revocation option can be found in the following descriptions of the individual tools.III.1.2 Strictly necessary cookies

Revocation option

You can withdraw your consent at any time by clicking on "Data protection settings" in the footer of our website and calling up the consent banner.

IV. Data processing through tracking tools on social media

We use the tracking tools described below on our website. The data is processed in order to design our website in line with requirements and to carry out advertising and remarketing measures. The legal basis for data processing is the consent given via the consent banner, which you can revoke at any time via the "Data protection settings" section (see below on our website) (see III.2).

IV.1 Google Analytics

We use Google Analytics on our website, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. This is a web-based analysis tool with which we can analyze the use of our website and make our web presence more interest-oriented.

During your visit to our website, Google Analytics places cookies on your end device with which your browser can be recognized and your behaviour analyzed. If subpages of our website are accessed, the following personal data is collected by Google Analytics:

• Your IP address 
• The accessed subpage and time of access 
• Source of origin of your visit (i.e. via which website you came to us) 
• Technical information (information about browser, internet provider, end device and screen resolution) 
• The achievement of "website goals" (e.g. contact requests, newsletter registrations)

The use of Google Analytics is carried out in accordance with Art. 6 para. 1 lit. a GDPR i.V.m. § Section 25 (1) TDDDG only if you have given us your consent via the selection in our consent banner. If you have not given your consent, no data processing will take place.

You can revoke your consent at any time in accordance with Art. 7 para. 3 GDPR and without giving reasons with effect for the future by clicking on the "Cookie settings" button integrated in the footer of our website and thus calling up the consent banner. You can then use the banner to make a new selection. Alternatively, Google provides a deactivation addon that can be installed on standard Internet browsers. You can find the link to the deactivation add-on at: https://tools.google.com/dlpage/gaoptout?hl=en. This add-on ensures that information about your visit to our website is not transmitted to Google Analytics.

We cannot rule out the possibility that personal data may be transferred outside the legal area of the European Union, e.g. to servers located in the USA. Google is certified in accordance with the EU-U.S. Privacy Framework and guarantees a level of data protection equivalent to that in the EU, even when processing data on U.S. servers. To minimize data, the so-called anonymization function is also used, which already shortens the IP address within the EU or EEA. Google provides information about the options for selecting your privacy settings at the following link: https://policies.google.com/technologies/partner-sites?hl=en can call up

For details on the collection and storage of your personal data as well as the type, scope and purpose of its use by Google Analytics, please refer to Google's privacy policy: https://policies.google.com/technologies/partner-sites?hl=en and https://policies.google.com/technologies/ads 

IV.2 Google Tag Manager

We use Google Tag Manager on our website, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. This is an organizational tool with which we can manage our analysis tags via an interface. The Google Tag Manager collects data on our website and forwards it to our connected analysis tools. The connected analysis tools store and evaluate this data. The Google Tag Manager itself does not set any cookies and does not store any personal data. The organization tool only collects data on how individual tags are used.

The Google Tag Manager is used in accordance with Art. 6 para. 1 lit. a GDPR i.V.m. § Section 25 (1) TDDDG only if you have given us your consent via the selection in our content banner. If you have not given your consent, no data processing will take place.

You can revoke your consent at any time in accordance with Art. 7 para. 3 GDPR and without giving reasons with effect for the future by clicking on the "Show cookie settings" button integrated in the footer of our website and thus calling up the consent banner. You can then use the banner to make a new selection.

We cannot rule out the possibility that personal data may be transferred outside the legal area of the European Union, e.g. to servers located in the USA. Google is certified in accordance with the EU-U.S. Privacy Framework and guarantees a level of data protection equivalent to that in the EU, even when data is processed on U.S. servers.

urther information about the Google Tag Manager can be found at https://support.google.com/tagmanager/answer/9323295?hl=en. For details on the collection and storage of your personal data and the nature, scope and purpose of its use through the use of Google Tag Manager, please refer to Google's privacy policy: https://policies.google.com/privacy?hl=en

IV.3 Youtube

We have integrated YouTube videos into our online offering, which are stored on YouTube and can be played directly from our website. These are all integrated in "extended data protection mode", i.e. no data about you as a user is transferred to YouTube if you do not play the videos. Only when you play the videos will the data mentioned below be transmitted. We have no influence on this data transfer.

By visiting the website, YouTube receives the information that you have accessed the corresponding subpage of our website. In addition, the IP address, the date and time of the request; the time zone difference to Greenwich Mean Time; the content of the request (specific page); the access status/HTTP status code; the amount of data transferred in each case; the website from which the request comes, the browser; the operating system and its interface and the language and version of the browser software are transmitted. This takes place regardless of whether YouTube provides a user account through which you are logged in or whether no user account exists.

If you have a YouTube user account and/or Google account and are logged in, YouTube can analyze your usage behavior and create a usage profile corresponding to your usage behavior. Cookies are stored on your device for this purpose. These cookies allow YouTube to create user profiles based on your preferences and interests and to show you customized advertising (inside and outside the platform). We have no access to the usage data that YouTube collects to compile these statistics. The individual data processing operations and their scope are not necessarily comprehensible to us.

If you do not agree to YouTube assigning the collected data directly to your YouTube user account and/or Google account, we recommend that you log out of the respective accounts of the above-mentioned portals before clicking on the video, delete your cookies as part of the browser settings and restart the browser. You also have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right.

The use of Youtube takes place in accordance with Art. 6 para. 1 lit. a DSGVO i.V.m. § 25 para. 1 TDDDG only if you have given us your consent via the selection in our content banner/by clicking the play button. If you have not given your consent, no data processing will take place.

You can revoke your consent at any time in accordance with Art. 7 para. 3 GDPR and without giving reasons with effect for the future by clicking on the "Show cookie settings" button integrated in the footer of our website and thus calling up the consent banner. You can then use the banner to make a new selection.

We cannot rule out the possibility that personal data may be transferred outside the legal area of the European Union, e.g. to servers located in the USA. Google is certified in accordance with the EU-U.S. Privacy Framework and guarantees a level of data protection equivalent to that in the EU, even when data is processed on U.S. servers.

Further information on the purpose and scope of data collection and its processing by YouTube can be found in YouTube's privacy policy. There you will also find further information on your rights and setting options to protect your privacy: https://policies.google.com/privacy?hl=en

V. Social media

Our company operates company presences on the social networks Facebook, Instagram, Pinterest, LinkedIn and YouTube ("fan page"). Due to the provision of these company presences, personal data of the visitor is processed, which we present below.

The legal basis for data processing is our legitimate interest (Art. 6 (1) lit. f GDPR) to present our company in common communication media and to offer applicants, interested parties and other persons a preferred form of communication with our company that is common in today's world.

You have the opportunity to send us your feedback or a complaint via social media or to contact us about other concerns. If you mention further personal information such as invoice number, contact details or similar in public postings and comments, we will delete these and reply to you via PN.

Furthermore, we would like to point out that the use of social media by you, in particular the interactions with the networks such as posting and sharing, is at your own risk and that you can alternatively contact us via the contact form on the website or by e-mail/letter/telephone.

V.1 Shared responsibility

As the operator of these company websites, we process personal data jointly with the respective provider of the social network (joint responsibility pursuant to Art. 26 GDPR).

Joint data processing with the respective provider of the social network requires the conclusion of an agreement in accordance with Art. 26 GDPR, in which the distribution of our obligations under the GDPR and the obligations of the respective provider of the social network are bindingly defined.

By creating and publishing our company websites, we have concluded such an agreement by accepting the so-called terms of use of the respective social network, which regulate the conditions for the use of the site and the resulting data processing.

The providers of the social network generally assume primary responsibility for fulfilling their obligations under data protection law (see ECJ judgment of 5.6.2018, Case C-210/16). This includes, among other things:

• The fulfillment of information obligations (pursuant to Art. 12, 13 GDPR) 
• The rights of data subjects (pursuant to Art. 15 - 22 GDPR)
• The security of the processing (pursuant to Art. 32 GDPR) 
• The reporting of data protection breaches (pursuant to Art. 33, 34 GDPR)

Further details about the collection and storage of your personal data as well as the type, scope and purpose of its use by the respective provider of the social network can be found in the respective privacy policy of the platform operator.

As operators of company presences in social networks, we also assume responsibility for fulfilling our data protection obligations. This includes, among other things:

• The lawfulness of the data processing (pursuant to Art. 6 para. 1 GDPR) 
• Forwarding requests from data subjects relating to content published by us on the respective social networks to the respective platform operator 
• The obligation to create a privacy policy for our company presence on social networks

V.2 Data processing when visiting one of our company presences in the social networks

To the best of our knowledge, we inform you as follows about the data processing that occurs through the use of our social media presence.

Your visit to one of our social media sites triggers a variety of data processing operations. Your personal data is not only collected, used and stored by us, but also by the respective provider of the social media platform (hereinafter also referred to as the provider or platform). This happens even if you do not have a profile on the platform yourself. We only process the personal data that you provide to us through your public account and by commenting on our posts. You are not obliged to provide us with your personal data. However, this may be necessary for individual functionalities of our profile on the respective social media platform. These functionalities will not be available to you, or only to a limited extent, if you do not provide us with your data.

If you have a profile with the respective provider of the social media platform and are logged in, this provider processes your voluntarily entered data such as first and last name, user name, e-mail address and telephone number. In addition, the provider can analyze your usage behavior and create a usage profile corresponding to your usage behavior. Cookies are stored on your end device for this purpose. These cookies allow the provider to create user profiles based on your preferences and interests and to show you customized advertising (inside and outside the platform). We have no access to the usage data that the respective provider collects to create these statistics. The individual data processing operations and their scope are not necessarily traceable for us. We are only provided with anonymous usage statistics by the social media platform, which we use in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR to improve the user experience for specific target groups when visiting our company websites.

If you do not agree to the provider assigning the collected data directly to your profile on the platform, we recommend that you log out of these social networks, delete your cookies as part of the browser settings and restart the browser. You also have the right to object to the creation of these user profiles, whereby you must contact Facebook and/or Instagram to exercise this right.

We cannot rule out the possibility that personal data may be transferred outside the legal area of the European Union, e.g. to servers located in the USA, when our company websites are accessed on social media platforms. Some of the providers (Facebook, Instagram, Google, LinkedIn) are certified in accordance with the EU-U.S. Privacy Framework and guarantee a level of data protection equivalent to that in the EU, even when processing data on U.S. servers. To the best of our knowledge, Pinterest is not certified in accordance with the EU-U.S. Privacy Framework, so we would like to expressly point out that we cannot guarantee an equivalent level of data protection for the transfer of data to this provider.

For details on the collection and storage of your personal data as well as the type, scope and purpose of its use by the provider, please refer to the privacy policies of the respective platform operator. There you will also find further information on your rights and setting options to protect your privacy, to set the notifications to your network, to deactivate the visibility of your profile using search engines or to manage what should be displayed in your profile.

The privacy policies of the social media platforms as well as information on how you can select your settings with the respective provider and how you can exercise your rights as a data subject can be found under the following links:

Facebook, (Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland):

https://www.facebook.com/about/privacy/update?ref=old_policy 
https://www.facebook.com/privacy/policy/?section_id=7-WhatIsOurLegal 
https://www.facebook.com/privacy/guide/security 

Instagram (Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA):

https://help.instagram.com/155833707900388 
https://help.instagram.com/811572406418223/?helpref=hc_fnav 

Pinterest (Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland):

https://policy.pinterest.com/en/privacy-policy 
https://help.pinterest.com/en/article/make-your-profile-privat

Youtube (Google Ireland Limited, Gordon House, Barrow Street Dublin 4, Ireland):

https://policies.google.com/privacy?hl=en
https://myaccount.google.com/intro/privacycheckup?utm_source=pp&utm_medium=Promoin-product&utm_campaign=pp_body&hl=en

LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland):

https://en.linkedin.com/legal/privacy-policy 
https://www.linkedin.com/help/linkedin/answer/a545600 

V.3 Your rights as a data subject with regard to data processing through our social media presences

In accordance with Art. 26 para. 3 GDPR, you as the person affected by the data processing can assert your rights under the General Data Protection Regulation against the respective platform operator and with us. However, we recommend that you contact the respective provider of the social network regarding your rights, as only they have access to your personal data. This is regulated in the terms of use, which we accepted when creating our company websites, as the individual data processing operations by the platform operators and their scope are not necessarily comprehensible to us.

A description of your rights as a data subject, which you can assert against us, can be found below in Section VI Your rights as a data subject (r).

VI Your rights as a data subject with regard to data processing by Wenko-Wenselaar GmbH & Co. KG

VI.1 Right of access, rectification, restriction of processing, objection, data portability

You can exercise your data protection rights at any time and free of charge. Please send us your request by post (for address details see point I.1) or by email to service@wenko.de.

Right to information, Art. 15 GDPR 
You have the right to receive information free of charge at any time as to whether we are processing your personal data.

Right to rectification (Art. 16 GDPR), erasure (Art. 17 GDPR), restriction of processing (Art. 18 GDPR), data portability (Art. 20 GDPR) and the right to object (Art. 21 GDPR) 
You also have the option of exercising your rights to rectification, erasure or restriction of processing. You can also object to the processing of your data at any time.

Revocation in the event of consent (Art. 7 para. 3 GDPR)
If you have provided your personal data on the basis of consent, you have the right to withdraw your consent at any time for the future. We would like to point out that the withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

VI.2 Your right to lodge a complaint with the supervisory authority

If you are of the opinion that the processing of your personal data by WENKO-WENSELAAR GmbH & Co KG is not lawful, you have the right to lodge a complaint with any data protection supervisory authority at any time. The supervisory authority responsible for our company pursuant to Art. 55 GDPR is the 


State Commissioner for Data Protection and Freedom of Information Nordrhein-Westfalen
P.O. Box 20 04 44, 40102 Düsseldorf 
poststelle@ldi.nrw.de, https://www.ldi.nrw.de/