Woregg GmbH & Co. KG
Kengelweg 16
72218 Wildberg · Germany
Phone: +49 7054 9262 0
Email: This email address is being protected from spambots. You need JavaScript enabled to view it.

The controller is the natural or legal person who determines the purposes and means of personal-data processing.

Michael Emmelheinz
Kengelweg 16 · 72218 Wildberg · Germany
Phone: +49 7054 9262 659
Emaill: This email address is being protected from spambots. You need JavaScript enabled to view it.

We process personal data in accordance with the GDPR, the German Federal Data Protection Act (BDSG) and the Telecommunications‑Telemedia Data Protection Act (TTDSG). Please note that data transmission over the Internet (e.g., email) may involve security gaps; complete protection against third‑party access is not possible.

Our website uses cookies. Non‑essential cookies are set only with your consent pursuant to Art. 6(1)(a) GDPR in conjunction with §25 TTDSG. We use a consent‑management platform (e.g., Cookiebot or Borlabs) to record, store and allow withdrawal of consent at any time.

The hosting provider automatically collects the following data: browser type/version, operating system, referrer URL, host name, time of access, IP address. Processing is based on Art. 6(1)(f) GDPR (legitimate interest in secure operation). Log files are deleted after 14 days.

Processing of personal data when visiting our website

When using the website for informational purposes, i.e., simply viewing it without registering or otherwise providing us with information, the personal data that your browser transmits to our host is processed. The data described below is technically necessary to display our website to you and to ensure stability and security, and must therefore be processed by our host.
We host the content of our website with the following provider: DomainFactory

The provider is DomainFactory GmbH, Oskar-Messter-Str. 33, 85737 Ismaning (hereinafter referred to as DomainFactory). When you visit our website, DomainFactory collects various log files, including your IP addresses.

For details, please refer to DomainFactory's privacy policy: https://www.df.eu/de/datenschutz/.

The use of DomainFactory is based on Art. 6 (1) lit. f GDPR. We have a legitimate interest in ensuring that our website is as reliable as possible. If consent has been requested, processing is carried out exclusively on the basis of Art. 6 (1) lit. a GDPR and § 25 (1) TTDSG, insofar as the consent includes the storage of cookies or access to information on the user's terminal device (e.g., for device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.

Order processing

We have concluded an order processing agreement (AVV) for the use of the above-mentioned service. This is a contract required by data protection law, which ensures that the personal data of our website visitors is only processed in accordance with our instructions and in compliance with the GDPR. We regularly monitor the order processor.

If you contact us via form, email, or telephone, we process your details to handle your enquiry. Legal basis: Art. 6(1)(b) GDPR (pre‑contract) or Art. 6(1)(f) GDPR (legitimate interest). Data are deleted after the enquiry is completed, at the latest after six months, unless legal retention duties apply.

We process application data (contact details, documents, interview notes) to decide on employment. Legal bases: §26 BDSG‑neu, Art. 6(1)(b) and (a) GDPR. Data are deleted six months after completion of recruitment unless longer storage is required by law or litigation.

We process personal data only as necessary to establish, perform, or terminate contracts (Art. 6(1)(b) GDPR). Data are deleted after statutory retention periods expire.

Our site uses plugins of YouTube operated by Google Ireland Ltd., Dublin, Ireland. When you start a video, a connection to Google servers is established and data may be transferred to the USA. Legal basis: Art. 6(1)(a) GDPR (consent via cookie banner). Transfers rely on EU Standard Contractual Clauses (Art. 46 GDPR). Privacy policy: https://policies.google.com/privacy?hl=en 

For uniform display of fonts, Google receives your IP address when fonts are loaded. Legal basis: Art. 6(1)(f) GDPR (legitimate interest). Transfers to the USA rely on EU SCCs.

With your consent we may use privacy‑compliant analytics (e.g., Google Analytics 4 or Matomo) to evaluate traffic. Legal basis: Art. 6(1)(a) GDPR. IP anonymisation is active; retention 14 months. Consent can be withdrawn via the cookie banner.

We maintain pages on LinkedIn, Xing and Instagram. Joint controllership (Art. 26 GDPR) applies with each platform provider. Processing on the platforms is subject to the respective privacy policies.

If you subscribe, we process your name and email solely to send the newsletter. Double‑opt‑in is used; consent is logged. Legal basis: Art. 6(1)(a) GDPR. Unsubscribe anytime.

We use Microsoft 365 and Teams provided by Microsoft Ireland Operations Ltd. Processing is governed by a Data Processing Addendum and EU Standard Contractual Clauses. Legal basis: Art. 6(1)(f) GDPR.

Personal data may be shared within the Woregg Group for internal administrative purposes. Legal basis: Art. 6(1)(f) GDPR. Cross‑border transfers (e.g., SK, BG, MX) rely on EU Standard Contractual Clauses (Art. 46 GDPR).

We work with selected processors under Art. 28 GDPR (hosting/IT, cloud/email, maintenance & support). All processors are contractually bound to confidentiality and security obligations.

As a TISAX‑certified company, Woregg operates an Information Security Management System (ISMS) according to ENX/VDA ISA. Unsafe legacy Office formats (.doc, .xls, .ppt) are automatically rejected; please use .docx, .xlsx, .pptx or .pdf.

Under the GDPR you may exercise: access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), portability (Art. 20), objection (Art. 21), and withdrawal of consent (Art. 7(3)). Please contact: This email address is being protected from spambots. You need JavaScript enabled to view it. (Data Protection Officer)

The State Commissioner for Data Protection and Freedom of Information Baden‑Württemberg, Königstraße 10a, 70173 Stuttgart · www.baden-wuerttemberg.datenschutz.de 

During corporate integration, legacy technical or quality documentation may still reference former entities (Wöhrle GmbH & Co. KG / Wöhrle k.s / Oskar Rüegg AG / Oskar Rüegg EOOD / Oskar Ruegg S.R.L de C.V.). Such materials remain valid until full archival integration and are covered by this policy.

We reserve the right to update this policy to reflect legal or technical changes. Version: October 2025.