Privacy statement

A. Privacy statement

Thank you for your interest in our website. The protection of your personal data (hereinafter also referred to as “data”) is of great and very important concern to us. In the following we would therefore like to inform you in detail about which data is collected when you visit our website and how we use our offers there and how we process or use this data in the following. We would also like to inform you about the accompanying protective technical and organisational measures we have taken.


Please note that this Privacy Policy may be updated from time to time as a result of the implementation of new techniques and/or changes in the law. Of course, we will always take your interests into account in an appropriate manner when making any changes.


Please also refer to our separate Privacy Policy on registration data.

Controller, contact, data protection officer

Controller pursuant to Art. 4 (7) EU General Data Protection Regulation (“GDPR”) is


Werkstraße 12
24955 Harrislee


It is represented by the Managing Director Martin Küchenthal.


You can also contact us through the email address


In case of questions or comments concerning this privacy statement, please contact our data protection officer:


Herr Rechtsanwalt Andreas Konrad
c/o Rickert Rechtsanwaltsgesellschaft mbH
Kaiserplatz 7-9
D-53113 Bonn

Legal bases for processing of your data

If the legal basis is not listed in the privacy statement, the following applies:

  • Insofar as we obtain the data subject’s consent for processing, Art. 6 (1) Clause 1 lit. a) GDPR is the legal basis.
  • In case of processing of personal data necessary for the fulfillment of a contract, the legal basis is Art. 6 (1) Clause 1 lit. b) GDPR.
  • Insofar as processing of personal data is necessary for the fulfillment of a legal obligation, the legal basis is Art. 6 (1) Clause 1 lit. c) GDPR..
  • In the event that vital interests of the data subject or of another natural person require a processing of personal data, the legal basis is Art. 6 (1) Clause 1 lit. d) GDPR.
  • If processing is necessary to safeguard legitimate interests of our company or of a third party and if the interests, basic rights, and basic freedoms of the data subject do not outweigh these legitimate interests, the legal basis for processing is Art. 6 (1) Clause 1 lit. f) GDPR.

Retention periods

The data processed by us is erased or its processing is restricted in compliance with statutory requirements, in particular Art. 17 and 18 GDPR. Unless expressly stated otherwise within the scope of this privacy statement, we erase data stored by us as soon as such is no longer required for the intended purpose. Data will be retained beyond the time at which the purpose ends only if such data is necessary for other, legally permissible purposes or if the data must continue to be retained due to statutory retention periods. In these cases, processing is restricted, i.e. it is blocked, and will not be processed for other purposes.

Server log data

For the informational use of our Internet presence it is generally not required that you actively disclose your personal data. In this case we instead collect and use only the data automatically transmitted to us by your Internet browser. This includes:

  • date and time of your retrieval of one of our websites;
  • your browser type;
  • your browser settings;
  • utilized operating system;
  • your most recently visited site;
  • the transferred data volume and access status (file transferred, file not found, etc.);
  • your IP address.

The data is stored on our servers. This data is not stored together with other personal data except those stated above. The temporary storage of the IP address by the system is necessary to allow delivery of the website to the user’s computer. For this purpose, the IP address of the user must be stored for the duration of the session. We create so-called log files from this data. The created log files are stored to safeguard the security of our IT systems. A personal evaluation of the data, in particular for marketing purposes, does not take place.


Processing of the above data is required for technical reasons to offer a website pursuant to Art. 6 (1) Clause 1 lit. b), lit. c), lit. f) GDPR in order to correctly display our website to you and to safeguard stability and security. In particular, log files are created to verify attacks on our systems. We erase server log data from our systems at the latest after 7 days.

Customer Area (Login)

The use and registration of our customer area is restricted to existing customers. If you are interested in our products and services, please contact us under the respective product descriptions. Our employees will inform you which data we require from you to provide online access.
To use the customer area by you or your employees it is then necessary that you choose your personal access data. The processing of data requested during registration via mandatory fields or other mandatory data required for setting up access is carried out on the basis of Art. 6 (1) 1 lit. b GDPR. The processing of information provided voluntarily is based on Art. 6 (1) 1 lit. a GDPR. If you wish to delete your account, you can send us an e-mail to the above contact details. Data which we are legally obliged to store shall remain unaffected by the deletion.


In case of contacting by email or telephone, your data is processed, depending on the content of the request, for purely informational inquiries based on your (assumed) consent pursuant to Art. 6 (1) Clause 1 lit. a) GDPR or pursuant to Art. 6 (1) Clause 1 lit. b) GDPR, insofar as contacting is connected to contractual performance obligations. In case of contacting through our form, we require only your company’s name, an email address, a name of a contact person and a telephone number in order to reply to you as soon as possible. Your information may be stored in a customer relationship management system (“CRM system”).

We will delete your contact inquiries from our active systems immediately after final processing, unless legal permissions or storage obligations permit or require further storage.

Processors and data recipients

In some cases, we use external service providers to process your data, which are bound to our instructions. They were selected and commissioned by us with care and they are monitored regularly. The orders are based on data processing agreements pursuant to Art. 28 GDPR. The processor does not independently process data for its own purposes.
We use a hosting provider to operate this web offer, who processes inventory data, contact data, content data, contract data, utilization data, metadata, and communication data from visitors or customers of this web offer within the scope of our legitimate interest in an efficient and secure provision of this online offer pursuant to Art. 6 (1) Clause 1 lit. f), 28 GDPR.

Your rights

Pursuant to statutory provisions, you can assert the following rights vis-à-vis the data processing controller free of charge:

  • Right to access by the data subject (Art. 15 GDPR);
  • Right to rectification and erasure (Art. 16 and Art. 17 GDPR);
  • Right to restriction of processing (Art. 18 GDPR);
  • Right to data portability (Art. 20 GDPR);
  • Right to object (Art. 21 GDPR).

You also have the right to complain to a data protection supervisory authority concerning the controller’s processing of your personal data.

Social media presences

We maintain presences in social media in order to communicate with customers and prospective customers there and to keep them informed. When retrieving the relevant networks, the terms and conditions of the operators apply.


B. Cookies and integrated third-party offers

We use cookies in our Internet presence. Cookies are small text files that within the scope of your visit of our website are transmitted from our web server to your browser and are stored by your browser on your computer for later retrieval. You yourself can determine, through settings in your browser, the extent to which cookies can be placed and retrieved. Persistent cookies may be stored on your computer after your visit and our website can access them every time each time you visit our website (so-called “ID cookies”). Some cookies that are stored during your visit of our website can be stored and retrieved by other companies.
We use so-called session cookies (also called “temporary cookies”) as cookies that are exclusively stored for the duration of your use of one of our websites. It is necessary for technical reasons to permit session cookies to fully use all functions of our Internet presence. It is the purpose of these cookies to identify your computer during your visit of our Internet presence when changing from one of our websites to one of our other websites and to determine the end of your visits. Persistent cookies are deleted automatically after a specified duration, which may differ depending on the cookie. You can at any time delete cookies in the security settings of your browser.

Legal basis for the use of cookies and third-party offers/services is Art. 6 (1) Clause 1 lit. f) GDPR unless specified otherwise. We are legitimate to do so due to our interest in analysing usage behaviour in order to improve our website.


I. Third-Party-Cookies

You can configure your browser settings according to your wishes and, for example, refuse to accept third-party cookies or all cookies. Please note the following with regard to third-party cookies.


1. Google Maps

We use Google Maps on our website. This service is provided by Google LLC (“Google”), Amphitheatre Parkway, Mountain View, CA 94043, USA. The offer allows you to view interactive maps directly on our website. By visiting our website, Google receives the information that you have called up the corresponding subpage of our website. This is regardless of whether Google provides a user account that you are logged in with or whether no user account exists. If you are logged into Google, your information will be directly associated with your account. If you do not wish to be associated with your profile on Google, you must log out before activating the button. Google stores your data as usage profiles and uses them for purposes of advertising, market research and/or demand-oriented design of its website. Such evaluation takes place in particular (even for unlogged-in users) to provide demand-oriented advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right. For more information about the purpose and scope of data collection and its processing by the plug-in provider, please refer to the provider’s privacy policy. There you will also find further information about your rights in this regard and setting options for the protection of your privacy: Google also processes your personal data in the USA and has submitted to the EU-US Privacy Shield,

2. Social Plugins

For data protection reasons we have deliberately decided against using direct plug-ins from social networks on our websites. Instead, we use a solution through which you yourself can determine whether and if data is to be transmitted to the providers of the respective social networks. Generally, if you retrieve our websites, no data is automatically transmitted to social networks. Your Internet browser will create a connection to the servers of the respective social network only once you actively click on the respective button, i.e. by clicking the respective button (e.g. “share”) you consent to your Internet browser establishing a connection to the servers of the respective social network and to transmit usage data to the respective provider of the social network.
Data transmitted through the plug-ins by clicking the buttons may possibly be connected to existing accounts and profiles. The providers also may create usage profiles. We have no influence on data processing or data retention after transmission of the data to the stated providers. In case of questions concerning data processing after transmission, please note the following privacy statements of the providers and contact them directly in case of questions.
The transmission of data to the relevant provider is subject to Art. 6 (1) lit. a GDPR based on your consent.

The following services are integrated:

a. LinkedIn

LinkedIn is a service of LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland. This may include, for example, content such as texts, images, videos and buttons with which you can express your liking for the content of this site, subscribe to the authors of the content or our contributions. If you are a member of the LinkedIn platform, LinkedIn can assign the above contents and functions to your profiles there. You can find LinkedIn’s privacy policy at
LinkedIn is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law
You can set an opt-out cookie on your computer at

b. Xing

We only use XING, a service of XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. This may include, for example, content such as images, videos or texts and buttons with which you can express your approval of the respective content, subscribe to the authors of the content or our contributions. If you are a member of the Xing platform, Xing can assign calling up the above contents and functions to your profile there. You can find Xing’s privacy policy at

II. Other third-party offers/services

Google Fonts

This page uses fonts from Google (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). When you open a page, your browser loads these fonts from Google servers. Your IP address, including the page (Internet address) that you have visited, will be transmitted to a Google server. More information about these Google fonts can be found at and in Google’s privacy policy at

Google Recaptcha

We use the service “ReCaptcha” of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, to recognize bots, for example when entering data in online forms. You can find the data protection declaration at, you can opt-out at

C. Data security

We also use technical and organizational security measures to protect incurred or collected personal data, in particular against accidental or intentional manipulation, loss, destruction, or against an attack by unauthorized persons. Our security measures are continuously improved pursuant to technological advances.


For this purpose, this site, among other things, uses SSL encryption for the secure transmission of data. The common SSL process (Secure Socket Layer) is used in connection with the respective maximum encryption level supported by your browser.