As of: September 1, 2025

​

1. Responsible party

wegloc consulting UG (limited liability)
Pregelstraße 16
47239 Duisburg – Germany
info@wegloc.com

​

2. General information on data processing

​

We process personal data in accordance with the General Data Protection Regulation (GDPR) and the relevant national data protection laws. The legal bases are, in particular:

Art. 6 (1) (b) GDPR (performance of a contract)
Art. 6 (1) (f) GDPR (legitimate interest)
Art. 6 (1) (c) GDPR (legal obligation)
Art. 6 (1) (a) GDPR (consent, e.g., cookies or newsletters)

Personal data is only stored for as long as is necessary for the respective purpose or as long as there are legal retention obligations.

​

3. Hosting & infrastructure

​

Our IT systems, servers, and email services are operated by professional European providers. These providers process personal data exclusively within the framework of order processing agreements in accordance with Art. 28 GDPR.

During use, technical data (e.g., IP address, date, time, browser information) is recorded in server log files to ensure stability, security, and functionality. Legal basis: Art. 6 (1) lit. f GDPR.

​

4. SaaS accounts & contract processing

​

When using our SaaS solutions, we process: Registration data (e.g., name, email, password, company) Contract and billing data Usage data (e.g., logins, roles, system access)

​

5. Data collection in the mobile app

​

Our mobile app collects the following data:

Device identifiers (Android ID, Windows Device ID, iOS Vendor ID, macOS System GUID):
These are used exclusively for device authentication, security, and to prevent unauthorized access.
They are not used for advertising, tracking, or identification across multiple apps.

​

User IDs and authentication data:

User names and authentication tokens are used for secure access to the warehouse management system.
These are work-related identifiers assigned by administrators, not personal identifiers.

​

Photos/videos:

Only if they are explicitly taken by users for documentation purposes in the warehouse.
These serve as operational resources for inventory management, not as personal media.

​

Files and documents:

Only if selected by users as part of warehouse processes and for documentation purposes.
Limited to business-related documents necessary for warehouse management.

​

Location permissions (Android only):

Only required for scanning Bluetooth printers on Android 11 and older versions.
This is a technical requirement of the Android operating system for detecting Bluetooth devices.
The app does not track, store, or use actual location data.

​

Bluetooth access:

Used exclusively for connecting to warehouse printers for label printing.
Not used for device tracking or proximity detection.

​

Camera access:

Used for scanning barcodes/QR codes and capturing product images.
Not used for facial recognition or surveillance.

All data is transmitted securely via HTTPS encryption and is used exclusively for the functioning of the app within the warehouse management system. No data is passed on to third parties for advertising or tracking purposes.

​

6. Consulting services

​

For consulting services, we process contact details of the contact persons and project-related information. Legal basis: Art. 6 (1) lit. b GDPR.

​

7. External platforms & interfaces

​

External platforms and interfaces (e.g., shipping service providers, e-commerce platforms) may be integrated in order to provide our services. In doing so, data is only transferred to the extent necessary for the respective contract execution.

Shipping service providers (DHL, UPS, Hermes, Exporto) for handling deliveries
E-commerce and shop platforms (Shopify, Amazon, Otto, TikTok Shop) for integration into our systems

​

8. Applications

​

During the application process, we process the data submitted by applicants (e.g., contact details, resume, references). Legal basis: Section 26 BDSG, Art. 6 (1) (b) GDPR. Storage period: generally 6 months after completion of the process.

​

9. Security

​

We use technical and organizational measures (Art. 32 GDPR) to protect personal data from loss, misuse, or unauthorized access. These include, in particular, encryption, access controls, and regular backups.

​

10. Rights of data subjects

​

Data subjects have the following rights under Art. 15–21 GDPR: Information about their stored data Correction of inaccurate data Deletion (“right to be forgotten”) Restriction of processing Objection to processing Data portability In addition, they have the right to lodge a complaint with a competent supervisory authority.

​

11. Changes

​

We reserve the right to update this privacy policy as necessary. The current version is available on our website at any time.