Data Protection Policy
We are thrilled about your interest in our company and our services and would like you to feel safe when visiting our website. This includes you knowing about the protection of your personal data.
We take the protection of personal data very seriously. Therefore, compliance with the provisions of the EU General Data Protection Regulation (EU-GDPR) and other relevant data protection laws is a given for us. We want you to know when we process which data and how we use it. We have taken technical and organisational measures which ensure that the provisions on data protection are complied with not only by us but also by external service providers.
Name and address of controller
Rödelheimer Landstraße 13
60487 Frankfurt am Main
Tel.: +49 69 907 46 98-0
Fax.: +49 69 907 46 98-50
Managing director: Jürgen Hoffmann, Kathleen Zink
Amtsgericht Frankfurt am Main
Contact details of our data protection officer
Collection and use of your data
It is not necessary to provide personal data when you visit our homepage. Rather, in this case we collect and use only a range of general data and information. This general data and information is stored in the server’s log files. The following may be collected:
- the date and time of access to the website;
- browser types and versions used;
- the operating system;
- the page you last visited;
- your Internet Protocol address (IP address);
- the amount of data transferred and the access status (file transferred, file not found, etc.);
- your internet service provider.
We collect and use this data during informative visits only, and in non-personal form. This is done as per of Article 6, Paragraph 1 of the EU GDPR – Legitimate Interest – in order to enable the actual use of the Internet pages you have accessed, for statistical purposes and to improve our Internet service. We store the IP address only for the duration of your visit. A personal evaluation does not take place. This data will not be merged with other data sources. According to the decision of the European Court of Justice of 19.10.2016 (Ref.: C 582/14), this is also permissible taking the Telemedia Act into consideration. We will not share your data with third parties.
Legal basis of the processing
Insofar as we obtain the consent of the data subject for the processing of personal data, Article 6, Paragraph 1 of the EU General Data Protection Regulation (GDPR) serves as a legal basis.
Article 6, Paragraph 1 of the GDPR serves as a legal basis for the processing of personal data required for the performance of a contract to which the data subject is a party. This also applies to processing operations that are required to take steps prior to entering into a contract.
If the processing of personal data is necessary to fulfil a legal obligation to which our company is subject, Article 6, Paragraph 1 of the GDPR serves as the legal basis, e.g. in the case of legal/contractual storage obligations as per the German Civil Code, German Commercial Code or German Tax Code.
Routine deletion and blocking of personal data
The controller shall process and store the personal data of the data subject only for the period of time necessary to achieve the storage purpose or where provided for by the European directive or regulation authority or any other legislator in the laws or regulations to which the controller is subject.
If the storage purpose no longer applies or if a storage period prescribed by the European directive and regulation authority or another permissible legislator expires, the personal data will be blocked or deleted routinely and in accordance with the statutory provisions.
We use Google Maps on our website to display our location and to create directions. This service is provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter referred to as “Google”.
With the certification as per the EU-US Privacy Shield,
Google guarantees that EU data protection requirements are also respected in the processing of data in the US.
In order to enable the display of certain fonts on our website, a connection to the Google server in the US is established when our website is called up.
If you call up the Google Maps feature integrated in our website, Google stores a cookie on your device via your Internet browser. Your user settings and data are processed in order to display our location and create directions. We cannot rule out that Google uses servers in the US.
The legal basis for this is Article 6, Paragraph 1 of the GDPR. Our interest lies in optimising the functionality of our Internet presence.
The connection to Google established in this way enables Google to determine which website has sent your enquiry and to which IP address the direction is to be sent.
If you do not agree with this processing, you have the possibility to prevent the installation of cookies by the appropriate settings in your Internet browser. Details can be found under “Cookies”.
More information on this can be found from Google under
Data protection for applications and application procedures
The data controller collects and processes the personal data of applicants for the purposes of the application procedure. This processing may also be carried out electronically. This is particularly the case if an applicant sends application documents electronically to the person responsible, for example by e-mail or via a form on the website.
If an employment contract is concluded after the application procedure, we store the data you provide during the application process in your personnel file for organisational and administrative purposes – in compliance with further legal obligations, of course.
We will delete your data after four months from the date of the decision to award the position, provided that you have not asserted a legal claim against the decision (in this case, the deletion will take place after the conclusion of the procedure concerning your claim).
The data is processed to check your application prospects, to select an applicant and for legal prosecution, if necessary.
Should we later contact you regarding a vacancy, we will delete your data only after two years from the beginning of storage, if you give us your consent to do so. You can revoke this consent later with future effect. This means that you will have to resubmit your data during subsequent calls for applications if you wish to apply again. Other disadvantages (during selection of the applicant in particular) will not result from revocation.
The legal basis for the processing of data is Article 6, Paragraph 1 of the GDPR, in conjunction with Section 26 of the German Federal Data Protection Act.
Protection of personal data
We have introduced technical and organisational security measures to protect your data processed by us against accidental or intentional manipulation, loss, destruction or access by unauthorised persons. Our security measures are continuously improved in line with technological developments.
Our employees, and data processing third parties if necessary, are obliged by us to maintain confidentiality.
Rights of data subject
You have the right, in accordance with the GDPR, to request information from us at any time as to whether we have stored personal data about you. In addition, you have the following rights with regard to this stored data:
- the right of access to stored data (Article 15 of the GDPR);
- the right to correct inaccurate data (Article 16 of the GDPR);
- the right to delete data (Article 17 of the GDPR);
- the right to limit the processing of data (Article 18 of the GDPR);
- the right to object to unreasonable data processing (Article 21 of the GDPR) and
- the right to data transferability (Article 20 of the GDPR).
If you have given your consent to the use of data, you can revoke it at any time with future effect.
All requests for information, requests for information, objections or revocations regarding data processing should be sent by e-mail to or to the postal address stated at the beginning of this information.
You also have the right to complain to a supervisory authority, in particular in the Member State where you reside, at your place of work or at the place where the alleged infringement is alleged, if you believe that the processing of your personal data is in breach of the GDPR (Article 77 of the GDPR).
Duration for which the personal data will be stored
The criteria for the duration of the storage of personal data is the respective legal retention period. After expiry of this period, the corresponding data will be routinely deleted unless they are no longer required for the fulfilment or initiation of the contract.
Legal or contractual provisions governing the provision of personal data; necessity for the conclusion of the contract; obligation of the data subject to provide the personal data; possible consequences of not providing the data
We will inform you if the provision of personal data is partly required by law (e.g. tax regulations) or may result from contractual provisions (e.g. information on the contractual partner). Occasionally, it may be necessary for a contract to be concluded for a data subject to provide us with personal data which must subsequently be processed by us. For example, the data subject is obliged to provide us with personal data when our company concludes a contract with them. Failure to provide personal data would mean that the contract cannot be concluded with the data subject. The data subject must contact us before they provide personal data to the company. We or, if necessary, our data protection officer, will inform the data subject on a case-by-case basis whether provision of personal data is required by law or contract or is necessary for the conclusion of a contract, whether there is an obligation to provide personal data and what consequences the non-availability of personal data may have.
Alterations to this data protection policy
We reserve the right to change our privacy practices as required by technical developments or changes in legislation or jurisprudence. In these cases, we will also adapt our data protection policy accordingly. As such, it is important that you always check the latest version of our data protection policy.