How does WP International Trade differ from a freight forwarder or shipping company?

WP International Trade is a sourcing partner and registered importer in Germany, not a freight forwarder or shipping company. We identify suitable manufacturers in China, vet suppliers on site, coordinate production and quality control, handle EU compliance (CE, RoHS, REACH, GPSR) and customs clearance on your behalf. The actual transport is contracted through specialised logistics partners such as DACHSER and Kühne+Nagel.

How do I find a reliable supplier in China?

WP International Trade handles the complete supplier search. Our team in Guangzhou (DeMuxi Guangzhou Trade Co., Ltd.) researches suitable manufacturers, performs factory visits and qualifies suppliers based on your specification. We draw on a network of more than 200 vetted suppliers. Our own office in Guangzhou has been operating since October 2020, with more than 600 successfully completed projects since then. Owner Peter Hillig brings more than 17 years of experience in international trade.

What does your sourcing service cost?

Every quote is individual. The effort depends on the product category, target quantity, product complexity and regulatory risk (for example CE marking, REACH-controlled substances or EUDAMED registration for medical devices). A straightforward supplier search with a clear specification is far more contained than a complex product involving factory visits, sample iterations and multi-stage quality control. For structured inquiries we offer three service packages (Basic, Premium, Full Sourcing & Import). A free initial call to scope your needs can be booked any time on the Schedule a Meeting page.

Which EU compliance topics do you handle for imports?

We verify and document EU conformity for the relevant frameworks: CE marking, RoHS, REACH, GPSR (General Product Safety Regulation), WEEE for electronic waste, the German Packaging Act (Lucid), the Battery Act (REBAT), CBAM (Carbon Border Adjustment Mechanism) and EUDAMED for medical devices. As a registered importer in Germany, we also assume the official importer role under EU product safety law.

Do you have your own office in China?

Yes. Our partner company DeMuxi Guangzhou Trade Co., Ltd. has been operating its own office in Guangzhou since October 2020. On the ground we coordinate factory visits, quality inspections and direct communication with Chinese suppliers in Mandarin. More than 600 completed projects and 300 satisfied customers since the office opened.

How do you ensure product quality on imports from China?

We control quality in several stages directly inside the Chinese factory: sample approval before production starts, in-line inspection during manufacturing, and final random inspection to AQL standard before shipment. You receive detailed inspection reports with photos and measurement records. If deviations are found, we step in before the goods leave the factory.

Which products do you import from China?

In principle, all legal products. The focus of our experience covers electronics, textiles, machinery and equipment, plastic and metal goods, automotive accessories, furniture, sports goods and Class I medical devices for therapy, care and rehabilitation. For regulated products we manage the full certification process.

How long does an import from China to Germany take?

It depends on the transport mode: sea freight roughly 4 to 6 weeks from shipment, rail freight via the New Silk Road roughly 2 to 3 weeks, air freight roughly 1 week. We advise on the right option based on volume, weight, value and lead-time pressure. Production and quality control time on top, depending on complexity.

Do you also handle customs clearance and documentation?

Yes, we handle the complete customs declaration through the German ATLAS system. This covers determining the correct tariff number (HS code), preparing and verifying all documents (commercial invoice, packing list, certificate of origin, EUR.1, declaration of conformity) and communicating with customs authorities. Import VAT and duties are processed via our EORI number.

In which languages can I communicate with you?

You communicate with us in German or English. All communication with Chinese suppliers and authorities in Mandarin is handled by our team in Guangzhou. This removes language barriers, time-zone friction and cultural misunderstandings from your day-to-day operations.

Privacy Policy · WP International Trade GmbH

Privacy Policy

Note: The legally binding version of this Privacy Policy is in German and available at https://www.wp-international-trade.de/Datenschutz.html. The English text below is a translation provided for your convenience. In case of any discrepancy between the language versions, the German original prevails. For specific data protection requests please contact info@wp-international-trade.de.

Introduction

With the following Privacy Policy we would like to inform you about the types of your personal data (hereinafter also referred to as "data") we process, for what purposes and to what extent. The Privacy Policy applies to all processing of personal data carried out by us, both in the context of providing our services and in particular on our websites, in mobile applications and within external online presences such as our social media profiles (hereinafter collectively referred to as "online offering").

The terms used are not gender-specific.

As of: 30 April 2026

Introduction
Controller
Overview of Processing Activities
Relevant Legal Bases
Security Measures
Transfer of Personal Data
Data Processing in Third Countries
Deletion of Data
Business Services
Provision of the Online Offering and Web Hosting
Contact and Inquiry Management
Customer Area "WP Trade Hub"
Use of Artificial Intelligence
Shipment Tracking and External Interfaces
Rights of Data Subjects

Controller

WP International Trade GmbH
Peter Hillig
Gartenstraße 63
01156 Dresden
Germany

Email: info@wp-international-trade.de

Phone: +49 351 418 815 23

Legal notice: https://en.wp-international-trade.de/Impressum.html

Overview of Processing Activities

The following overview summarises the types of data processed and the purposes of their processing, and refers to the categories of data subjects.

Types of Data Processed

Master data.
Payment data.
Contact data.
Content data.
Contract data.
Usage data.
Meta / communication data.

Special Categories of Data

Health data.

Categories of Data Subjects

Customers.
Employees.
Prospective customers.
Communication partners.
Users.
Business and contractual partners.
Users of the customer area (WP Trade Hub).

Purposes of Processing

Provision of contractual services and customer service.
Contact requests and communication.
Direct marketing.
Office and organisational procedures.
Conversion measurement.
Management and response to inquiries.
Feedback.
Marketing.
Profiles with user-related information.
Provision of our online offering and user experience.
Information technology infrastructure.
Provision of the customer area and authentication.
AI-supported processing and classification.
Shipment tracking.

Relevant Legal Bases

In the following you will find an overview of the legal bases of the GDPR on which we process personal data. Please note that in addition to the GDPR, national data protection regulations in your or our country of residence or domicile may apply. If, in individual cases, more specific legal bases are relevant, we will inform you of these in this Privacy Policy.

Consent (Art. 6 (1) sentence 1 lit. a GDPR) - The data subject has given consent to the processing of their personal data for one or more specific purposes.
Performance of a contract and pre-contractual inquiries (Art. 6 (1) sentence 1 lit. b GDPR) - Processing is necessary for the performance of a contract to which the data subject is party, or in order to take pre-contractual steps at the request of the data subject.
Legal obligation (Art. 6 (1) sentence 1 lit. c GDPR) - Processing is necessary for compliance with a legal obligation to which the controller is subject.
Legitimate interests (Art. 6 (1) sentence 1 lit. f GDPR) - Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject.

In addition to the data protection rules of the General Data Protection Regulation, national data protection rules apply in Germany. These include in particular the German Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG).

Security Measures

In accordance with the legal requirements and taking into account the state of the art, the cost of implementation, and the nature, scope, context and purposes of processing as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons, we take appropriate technical and organisational measures to ensure a level of security appropriate to the risk.

SSL encryption (https): To protect the data you transmit via our online offering, we use SSL encryption. You can recognise such encrypted connections by the prefix https:// in the address bar of your browser.

Transfer of Personal Data

In the course of our processing of personal data, the data may be transferred to or disclosed to other entities, companies, legally independent organisational units or persons. Recipients of this data may include, for example, service providers commissioned with IT tasks or providers of services and content embedded in a website. In such cases, we comply with the legal requirements and in particular conclude appropriate contracts or agreements that serve to protect your data with the recipients of your data.

Data Processing in Third Countries

If we process data in a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)) or if processing takes place in connection with the use of services from third parties or the disclosure or transfer of data to other persons, entities or companies, this is only done in accordance with the legal requirements.

Subject to express consent or contractually or legally required transfer, we only process or have data processed in third countries with a recognised level of data protection, contractual obligation through so-called Standard Contractual Clauses of the EU Commission, in the presence of certifications or binding internal data protection rules (Art. 44 to 49 GDPR).

Deletion of Data

The data we process is deleted in accordance with the statutory provisions as soon as the consents that permit processing are revoked or other permissions cease to apply (e.g. if the purpose of the processing has ceased to exist or the data is no longer required for the purpose). If the data is not deleted because it is required for other and legally permissible purposes, processing is restricted to those purposes. The data is then blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax law reasons or for the assertion, exercise or defence of legal claims.

Business Services

We process the data of our contractual and business partners, e.g. customers and prospective customers (collectively referred to as "contractual partners") within the scope of contractual and comparable legal relationships and related measures, and within the scope of communication with the contractual partners (or pre-contractually), e.g. to answer inquiries.

Types of data processed: Master data (e.g. names, addresses); payment data (e.g. bank details, invoices, payment history); contact data (e.g. email, phone numbers); contract data (e.g. subject of contract, term, customer category); usage data; meta / communication data.
Data subjects: Prospective customers; business and contractual partners; customers.
Purposes of processing: Provision of contractual services and customer service; contact requests and communication; office and organisational procedures.
Legal bases: Performance of a contract and pre-contractual inquiries (Art. 6 (1) lit. b GDPR); legal obligation (Art. 6 (1) lit. c GDPR); legitimate interests (Art. 6 (1) lit. f GDPR).

Provision of the Online Offering and Web Hosting

We process user data in order to be able to provide them with our online services. For this purpose, we process the user's IP address, which is necessary to transmit the content and functions of our online services to the user's browser or device.

STRATO: Services in the field of providing IT infrastructure and related services (e.g. storage and/or computing capacity); service provider: STRATO AG, Pascalstraße 10, 10587 Berlin, Germany; legal bases: legitimate interests (Art. 6 (1) lit. f GDPR); website: https://www.strato.de; privacy policy: https://www.strato.de/datenschutz.

Contact and Inquiry Management

When you contact us (e.g. via contact form, email, phone or social media) and within existing user and business relationships, the data of the inquiring persons is processed to the extent necessary to respond to the contact inquiries and any related actions.

Types of data processed: Contact data (e.g. email, phone numbers); content data (e.g. entries in online forms); usage data; meta / communication data.
Data subjects: Communication partners.
Purposes of processing: Provision of contractual services and customer service; contact requests and communication; management and response to inquiries.
Legal bases: Performance of a contract and pre-contractual inquiries (Art. 6 (1) lit. b GDPR); legitimate interests (Art. 6 (1) lit. f GDPR).

Customer Area "WP Trade Hub"

Under the name "WP Trade Hub" we operate a password-protected customer area that is exclusively available to registered business customers. The customer area allows customers to view their ongoing sourcing and import projects, exchange documents, retrieve customs and compliance documents, track shipments, and obtain performance and time records.

Registration is by invitation only. There is no public self-registration.

Types of data processed: Master data (e.g. name, company, address, role); contact data (e.g. email, phone number); access data (username, hashed password, possibly 2FA token); contract and order data (e.g. inquiries, quotes, orders, supplier assignment, quantities, prices); content data (e.g. uploaded documents, certificates, declarations of conformity, product data); compliance data (e.g. HS codes, CE/RoHS/REACH evidence, CBAM-relevant information, WEEE/packaging information); logistics and tracking data; usage data; meta / communication data.
Data subjects: Customers; business and contractual partners; employees of our customers with account access.
Purposes of processing: Provision of the contractually agreed sourcing, import and compliance services; provision of the application and user experience; authentication and access control; management and response to inquiries; billing of services; security of the application.
Legal bases: Performance of a contract and pre-contractual inquiries (Art. 6 (1) lit. b GDPR); legal obligation (Art. 6 (1) lit. c GDPR, in particular commercial and tax retention obligations); legitimate interests (Art. 6 (1) lit. f GDPR).
Retention period: Business transactions are retained in line with commercial and tax retention periods for up to ten years. Account access data is deleted up to 90 days after the end of the business relationship. Logfiles and security-relevant logs are kept for a maximum of 30 days and are then deleted or anonymised, unless they are still needed to investigate security-relevant incidents.
Technical and organisational measures: Encrypted data transmission (HTTPS/TLS); password-based authentication with hashed password storage; role and permission concept; access logging; regular backups; protection against unauthorised access through firewall and server hardening measures.

Use of Artificial Intelligence (Large Language Models)

Within the customer area "WP Trade Hub" and in parts of our internal processing operations, we use AI-supported features. These help us in particular with classifying customs tariff numbers (HS codes), checking the plausibility of compliance information, creating translations, and preparing texts and documents.

The AI features are not run locally but via the application programming interfaces (APIs) of specialised providers. The content required for processing (prompts) is transmitted to the providers' servers.

Note to users: We expressly recommend that you do not enter personal data of third parties or special categories of personal data (Art. 9 GDPR) in prompts or input fields that trigger AI features, unless this is strictly necessary. In AI-supported processes we primarily process product, technical and process-related data.

Types of data processed: Content data (e.g. product descriptions, technical specifications, contract clauses, translation texts); meta / communication data (e.g. IP address, technical headers); where applicable, contact and master data, to the extent that these are part of the processed content.
Data subjects: Customers; business and contractual partners; communication partners.
Purposes of processing: Efficient handling of inquiries; classification of goods (HS codes); translations; text preparation; compliance review; research.
Legal bases: Performance of a contract and pre-contractual inquiries (Art. 6 (1) lit. b GDPR); legitimate interests (Art. 6 (1) lit. f GDPR) in efficient service delivery and quality assurance; consent (Art. 6 (1) lit. a GDPR), insofar as content is processed beyond what is required for contract performance.

Transfer to third countries: The providers listed below are based in the United States. Transfers are made on the basis of Standard Contractual Clauses of the EU Commission (Art. 46 (2) lit. c GDPR) and, where applicable, supplementary technical and organisational measures.

Providers used:

Anthropic (Claude API): Provider of AI-supported language processing; service provider: Anthropic, PBC, 548 Market Street, PMB 90375, San Francisco, CA 94104, USA; legal bases: performance of a contract and pre-contractual inquiries (Art. 6 (1) lit. b GDPR), legitimate interests (Art. 6 (1) lit. f GDPR); website: https://www.anthropic.com; privacy policy: https://www.anthropic.com/legal/privacy; data processing addendum (DPA): https://www.anthropic.com/legal/dpa; standard contractual clauses: integrated in the DPA. According to the provider, Anthropic does not use API inputs to train its models by default.
OpenAI (ChatGPT / API): Provider of AI-supported language processing; service provider: OpenAI, L.L.C., 1455 3rd Street, San Francisco, CA 94158, USA; legal bases: performance of a contract and pre-contractual inquiries (Art. 6 (1) lit. b GDPR), legitimate interests (Art. 6 (1) lit. f GDPR); website: https://openai.com; privacy policy: https://openai.com/policies/privacy-policy; data processing addendum (DPA): https://openai.com/policies/data-processing-addendum; standard contractual clauses: integrated in the DPA. OpenAI does not use API inputs to train its models by default.

Retention period: The content transmitted to the providers is stored according to their retention rules (typically up to 30 days for security and abuse-monitoring purposes) and then deleted. In our system we store the results of the AI processing within the scope of the business transactions in line with the retention periods listed above.

No exclusively automated decisions: The AI-supported results (e.g. HS code suggestions, compliance hints) are always reviewed and approved by our staff before any business use. Solely automated decision-making within the meaning of Art. 22 GDPR does not take place in our AI features.

Shipment Tracking and External Interfaces

For shipment tracking and compliance research we integrate external interfaces (APIs). As a rule, only product- and shipment-related data (e.g. tracking number, HS code) is transmitted; personal data is only transferred to the extent technically required for the request.

17track: International shipment tracking service; service provider: 17TRACK Group, Hong Kong / Singapore; types of data processed: tracking number, carrier information, shipment status; legal bases: performance of a contract and pre-contractual inquiries (Art. 6 (1) lit. b GDPR); website: https://www.17track.net; privacy policy: https://www.17track.net/en/privacy.
TARIC (EU customs tariff) and comparable public authority services: Retrieval of publicly available tariff and compliance information; types of data processed: product-related queries without personal reference; legal bases: legitimate interests (Art. 6 (1) lit. f GDPR).

Rights of Data Subjects

In accordance with the GDPR, you have various rights as a data subject, which arise in particular from Art. 15 to 21 GDPR:

Right to object: You have the right, on grounds relating to your particular situation, to object at any time to the processing of personal data concerning you which is carried out on the basis of Art. 6 (1) lit. e or f GDPR; this also applies to profiling based on these provisions. If your personal data is processed for the purposes of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purposes of such marketing; this also applies to profiling, insofar as it is related to such direct marketing.
Right to withdraw consent: You have the right to withdraw consent given at any time.
Right of access: You have the right to request confirmation as to whether the data in question is being processed and to be informed about this data, as well as to receive further information and a copy of the data in accordance with the legal requirements.
Right to rectification: In accordance with the legal requirements you have the right to request the completion of the data concerning you or the rectification of inaccurate data concerning you.
Right to erasure and restriction of processing: In accordance with the legal requirements you have the right to demand that data concerning you be deleted immediately, or alternatively, in accordance with the legal requirements, to demand a restriction of the processing of the data.
Right to data portability: You have the right to receive the data concerning you which you have provided to us in a structured, common and machine-readable format, in accordance with the legal requirements, or to demand its transfer to another controller.
Right to lodge a complaint with the supervisory authority: In accordance with the legal requirements and without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, the place of work or the place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR.

For sections of this Privacy Policy not translated above (such as social media presences, plugins and embedded content, messenger communication, video conferencing and cloud services, newsletters, business credit checks, contractor terms and the full list of definitions in line with Art. 4 GDPR), please refer to the legally binding German version at https://www.wp-international-trade.de/Datenschutz.html.