1. Privacy Statement

Thank you for visiting our websites. The information below details how we handle your data in accordance with Article 13 of the German General Data Protection Regulation [Datenschutzgrundverordnung/DSGVO].


The office/business unit referred to in the ‘About us’ section is responsible (i.e. the data controller) in relation to the following types of data collection and data processing.

IP address storage

We store the IP address transmitted by your web browser for strictly defined purposes during a period of seven days in order to be able to recognise, contain and repel attacks that target our websites. At the end of this period, we delete or anonymise the IP address. The legal basis is Article 6(1)(1)(f) of the German GDPR [DSGVO].

Usage data

When you visit our websites, usage data is stored temporarily as a log record on our web server for statistical purposes in order to improve the quality of our websites. This record comprises the following data:

  • the page from which the file was requested,
  • the name of the file,
  • the date and time of the request,
  • the amount of data transferred,
  • the fulfilment status (file transferred, file not found),
  • the description of the type of web browser used,
  • the IP address of the computer that submitted the request, truncated in a way that makes establishing a link to an individual person impossible.

The log data listed here is only stored in anonymous form.

2. Recipient of the personal data


We transfer your data for processing in accordance with Article 28 of the German GDPR [DSGVO] to service providers who help us operate our websites and the associated processes. We have issued strict instructions to our service providers and they are contractually bound in relation to those instructions. We collaborate with the following service providers: innobox GmbH.

In some cases, we also transfer personal data to third countries outside the EU in this connection. We have taken action to ensure an appropriate level of data protection in each case:

In the case of Google Analytics (USA)and Adobe (USA), participation in the Privacy Shield Agreement (Article 45(1) of the German GDPR [DSGVO]) ensures an adequate level of data protection.

3. Cookies


We use cookies on our websites. Cookies are small text files that can be stored and read on your computer, tablet, smartphone, etc. A distinction is made between session cookies, which are deleted as soon as you close your browser and permanent cookies, which continue to be stored after an individual session has ended. Cookies can contain data that makes it possible to recognise the device used. In some cases, cookies only contain information about specific settings that cannot be related to individual persons.

We use session cookies and permanent cookies on our websites. Processing takes place based on Article 6(1)(1)(f) of the German GDPR [DSGVO] and for the purpose of optimising or enabling user guidance, or modifying the presentation of our website.

You can set your browser to inform you when cookies are placed. This makes the use of cookies transparent for you. You can also delete cookies at any time using the appropriate browser setting and prevent placement of new cookies. Please note that our websites may not be displayed optimally in the latter case and some functions may no longer be available for technical reasons.

4. Tracking tools

Google Analytics

In order to design our websites in a way that suits users’ needs, we create fictitious user profiles with the aid of Google Analytics. Google Analytics, which is operated by Google Ireland Limited, Gordon House, 4 Barrow Street, Dublin, uses cookies that are stored on your computer, tablet or smartphone and can be read by us. This allows us to recognise returning visitors and count them appropriately. Data processing takes place based on your consent according to Article 6(1)(1)(a) of the German GDPR [DSGVO].

The information about your use of these websites generated by the cookie are generally transferred to one of Google’s servers in the USA and stored there. However, because we have activated IP anonymisation on our websites, your IP address is truncated by Google beforehand in the European Union Member States. The IP address is only transferred in its complete form to one of Google’s servers in the USA and truncated there in exceptional circumstances (Google’s participation in the Privacy Shield ensures an adequate level of data protection according to Article 45(1) of the German GDPR [DSGVO]).

Furthermore, we have entered into a processing agreement with Google Ireland Limited in accordance with Article 28 of the German GDPR [DSGVO]. In view of this, Google will only use this information to evaluate the use of our websites and compile reports on website activity for us.

You can object to processing at any time. Please use one of the following options to do so:

You can prevent cookie storage by selecting the appropriate setting in your web browser; please note however that you will not be able to use the full functionality of these websites in this case.

In addition, you can also prevent Google from collecting the cookie-generated data relating to your use of the websites (including your IP address) and processing it by downloading and installing the appropriate browser plug-in via the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

You can also prevent Google Analytics from collecting data by clicking the following link. This installs an opt-out cookie, which permanently prevents future collection of your data when visiting these websites: click here to object to processing of your data by Google Analytics.

5. Google Maps

We use Google Maps to display maps and create journey itineraries. Google Maps is operated by Google Ireland Limited, Gordon House, 4 Barrow Street, Dublin.

When you use the map provided by Google Maps; e.g. by clicking our company sites shown on the map, we do not collect any of your data. However, according to information at our disposal, when you use Google Maps, usage information (particularly your computer’s IP address) may be transferred to one of Google Ireland Limited’s servers in the USA and stored there. We process your personal data using technical cookies and your IP address on the legal basis of Article 6(1)(1)(f) of the German GDPR [DSGVO] in order to optimise your user experience when using our websites to the greatest possible extent. We have no control over further data processing by Google Limited Ireland.

Please also read the Terms of Use for Google Maps if you wish to use this service. The Terms of Use for Google Maps are available here: http://www.google.com/intl/de_de/help/terms_maps.html

Detailed information about Google’’s privacy policy can also be found here: http://www.google.de/intl/de/policies/privacy/

If you do not wish to allow data processing by Google Ireland Limited, please refrain from using the map, or deactivate the JavaScript function in your browser in order to display a limited view.

6. Adobe Typekit

Adobe Typekit

Our website uses the Adobe Typekit to make the use of web fonts possible. When JavaScript is enabled, your web browser downloads font files from the Adobe Typekit servers. Typekit states that no cookies are installed and no visitor data is collected when providing the service. The data that is transferred serves to identify our website and our Adobe account so that we can use and display the relevant fonts from the font library. Further details are available here: www.adobe.com/privacy/typekit.html.

7. Contact form

Contact form

You can contact us using a web form. You must enter your name and email address in order to use our contact form. You can also provide further information, however this is not mandatory.

We use the data that you provide when contacting us pursuant to Article 6(1)(1)(b) of the German GDPR [DSGVO] in order to answer your request in as simple, timely and customer-friendly manner as possible. Your data is only used to answer your request and will be deleted after a period of 6 months. This data is not transferred to third parties.

8. Explanation of the security measures

Data security

We implement technical and organisational measures in order to protect your data from unwanted access as effectively as possible. We use an encryption procedure on our webpages. Your data is transferred from your computer to our server and vice versa via Internet using TLS encryption. This is indicated by the padlock symbol in your browser’s status bar and the address starts with https://.

9. User’s rights

Your rights as a user

The German GDPR [DSGVO] assigns you specific rights as a website user in respect of processing of your personal data:

1. Right to be informed (Article 15 of the German GDPR [DSGVO]):

You have the right to request confirmation that your personal data is being processed; if this is the case, you have the right to be informed about this personal data and the information specified in Article 15 of the German GDPR [DSGVO].

2. Right to rectification and erasure (Articles16 and 17 of the German GDPR [DSGVO]):

You have the right to request immediate rectification in relation to any incorrect personal data relating to you and, if applicable, any personal data that is not fully complete.

You also have the right to request immediate erasure of personal data relating to you, insofar as one of the reasons specified in article 17 of the German GDPR [DSVGO] applies, e.g. if the data is no longer required for the purposes for which it was collected.

3. Right to restrict processing (Article 18 of the German GDPR [DSGVO]:

You have the right to demand restriction of processing if one of the conditions listed in Article 18 of the German GDPR [DSGVO] is met, e.g. if you have submitted an objection against processing under Article 21 of the German GDPR [DSGVO], or for the period required for any procedure investigating whether our legitimate interests outweigh your interests as a data subject.

4. Right to data portability (Article 20 of the German GDPR [DSGVO]):

In certain cases, which are specified in Article 20 of the German GDPR [DSGVO], you have the right to request receipt of your personal data in a structured, commonly used and machine readable format, or transfer of that data to third parties.

5. Right to object (Article 21 of the German GDPR [DSGVO]):

If data is collected under Article 6(1)(1)(f) of the German GDPR [DSGVO] (data processing based on legitimate interests), you have a right to object to processing at any time for reasons relating to your own specific situation. If you do so, we will no longer process your personal data, unless compelling and legitimate reasons exist for processing, which outweigh your interests, rights and freedoms or, processing is necessary for asserting, exercising or defending legal claims.

6. Right to submit a complaint to a supervisory authority

According to Article 77 of the German GDPR [DSGVO], you have the right to submit a complaint to a supervisory authority if you believe that processing of your personal data violates data protection provisions. You can exercise your right to submit a complaint to a supervisory authority in the Member State in which you reside, in the Member State where your employer is based, or the Member State where the alleged infringement was committed.

10. Data Protection Officer’s contact details

Data Protection Officer’s contact details

Please contact our company data protection officer if you require information about, or have suggestions relating to data protection:

datenschutz nord GmbH
Konsul-Smidt-Straße 88
28217 Bremen
website: www.datenschutz-nord-gruppe.de
email: office@datenschutz-nord.de