Data protection statement - EOS in Germany

Privacy Policy.

1. Name and contact data of body responsible for processing (‘data controller’) and company data protection officer

The privacy policy applies to data processing by:

EOS Holding GmbH
Steindamm 71
20099 Hamburg
Phone: +49 40 2532 8657
Fax: +49 40 2532 8658

Managing Directors: Marwin Ramcke (Chairman), Justus Hecking-Veltman, Dr. Stephan Ohlmeyer, Sebastian Pollmer and Carsten Tidow

Court of registration: Hamburg HRB 124 966
VAT ID no.: DE 813 348 056

The data protection officer for the company EOS Holding GmbH can be contacted at the above address (please include the line ATTENTION: EOS Holding GmbH – or by email at

2. Scope

This privacy policy applies to the collection of personal data on our website and the subsequent processing of these data by us.

3. Collection and storage of personal data and nature and purpose of their processing

a. When you visit the website

When you retrieve our website the browser used on your device automatically sends information to our website’s server. This information is temporarily saved in a log file. The following information is collected without your intervention and saved until it is automatically deleted after three (3) days:

  • IP address of retrieving computer,
  • date and time of access,
  • name and URL of retrieved file,
  • website from which access occurred (referrer URL),
  • website retrieved from our website,
  • the browser used and, if applicable, the operating system of your computer and the name of your access provider.

The data are processed by us for the following purposes:

  • to ensure trouble-free connection establishment to the website,
  • to ensure comfortable use of our website,
  • to analyse the system security and stability, and
  • for other administrative purposes.

The legal basis for processing of the data is Art. 6 (1)(f) GDPR. Our legitimate interest follows from the purposes for data collection listed above. Under no circumstances do we use the collected data for drawing conclusions about you.

In addition, we use cookies and analysis services when you visit our website. For more information in this regard, please refer to No. 5 and 6 of this privacy policy.

b. When you contact us by contact form or email

You can contact us with questions of any kind via the provided email address(es).

If you do so the personal data transmitted via the email are saved. The legal basis for data processing for making contact is Art. 6(1)(f) GDPR. If contact is made for concluding a contract an additional legal basis for processing is Art. 6 (1)(b) GDPR.

We delete the personal data collected by us after processing your enquiry provided we are not legally entitled or obligated to process it further.
Further information obligationsthey are here.

5. Cookies

We use cookies on our website. These are small files that are automatically created by your browser and stored on your end device (laptop, tablet, smartphone or similar) when you visit our website. Cookies do not cause any damage to your terminal device, do not contain viruses, Trojans or other malware. Information is stored in the cookie that is related to the specific terminal device used. This does not mean, however, that we obtain direct knowledge of your identity.

The use of cookies serves on the one hand to make the use of our offer more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website. These are automatically deleted when you leave our website. In addition, we also use temporary cookies to optimise user-friendliness, which are stored on your end device for a certain fixed period. If you visit our website again to use our services, we will automatically recognize that you have already been with us and which entries and settings you have made so that you do not have to enter them again.

The cookies are divided into four categories: Necessary, Statistics, Comfort and Marketing: 

The necessary cookies are required for the operation and basic function of our website. They enable the security-relevant functionality of this website. These cookies are automatically deleted after leaving the website. The data processed by the cookies are required for the purposes mentioned above to safeguard our legitimate interests and those of third parties in accordance with Art. 6 (1)(f) GDPR.

The statistical cookies are used to improve our offer and to ensure a needs-based design and the continuous optimization of our website. For this purpose, we collect anonymised data for statistics and analyses, for example to determine the number of visitors, page impression statistics and user behaviour and to adapt and improve our content and website experience. The legal basis for this data processing is Art. 6 (1)(a) GDPR (consent).

The comfort cookies are used to make our website easier to use. If you visit this website again to use our services, it is automatically recognised that you have been on our website and which entries and settings you have made, so that you do not have to enter them again. For example, you do not have to re-enter your user data each time you visit the website, but can access the data you have already entered when you return. The legal basis for this data processing is Art. 6 (1)(a) GDPR (consent).

We use the marketing cookies to provide you with content that is relevant to your interests when you visit our website. The legal basis for this data processing is Art. 6 (1)(a) GDPR (consent).

Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or so that a message always appears before a new cookie is created.

Cookie management:

Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or so that a notification always appears before a new cookie is set. Each browser differs depending on your cookie settings. This is described in each browser's help menu, which explains how to change your cookie settings. Follow the links below depending on the browser you are using:

However, completely deactivating cookies may mean that you will not be able to use all the functions of our website.

We use the following cookies:

Name Java Session Cookie
Provider Owner of this website
Purpose This cookie is used by the application server. It is essential for proper
working of the application software. It stores no personal data. 
Cookie Duration Session cookie - deleted after you quit your browser.
Name cookieconsent_status
Provider Owner of this website
Purpose Necessary cookie to save that the cookie banner was confirmed.
Cookie Duration 60 days

Provider Owner of this website
Purpose We use this cookie to serve personalized content. 
Cookie Duration Session cookie - deleted after you quit your browser.
Name NEW_Visitor
Provider Owner of this website
Purpose We use this cookie to serve personalized content.
Cookie Duration 1 day

Name nmstat
Provider Siteimprove GmbH
Purpose This cookie is used to help record the visitor’s use of the website.
It is used to collect statistics about site usage such as when the visitor last visited the site.
This information is then used to improve the user experience on the website.
This Siteimprove Analytics cookie contains a randomly generated ID used to recognize the browser when a visitor reads a page. The cookie contains no personal information and is used only for web analytics.
Cookie Duration Persistent – expires after 400 days
Provider Siteimprove GmbH
Purpose The AWSELB cookie ensures that all page views for the same visit (user session) are sent to the same endpoint. This enables us to determine the sequence of a user's page views needed for features like Behavior Tracking and Funnels.
Cookie Duration Session cookie - deleted after you quit your browser.

Name siteimproveses
Provider Siteimprove GmbH
Purpose This cookie is used purely to track the sequence of pages a visitor looks at during a visit to the site.
This information can be used to create User Journeys and enable visitors to find relevant information more quickly.
Cookie Name siteimproveses
Cookie Duration Session cookie - deleted after you quit your browser.
Name LinkedIn
Provider Linked In Ireland Unlimited Company
Purpose This cookie is used to obtain anonymized reports about the website audience and the possibility of targeted advertising, among others, in the context of retargeting.
Cookie Duration 90 days.
You can object to the above-mentioned data processing at any time, provided it is personal. Your objection has no negative consequences for you. Furthermore, you can withdraw your consent at any time here.

6. Analysis tools

The tracking measures listed below and used by us are carried out based on your consent in accordance with Art. 6 (1)(a) GDPR. The aim of using these tracking tools is to ensure that our website meets the relevant requirements and is continually improved. We also use these tracking tools to statistically record the use of our website and evaluate it for optimising our range of services for you.

Information on the respective data categories and purposes of data processing can be found in the information under the corresponding tracking tools in this section.

a) Use of Siteimprove Analytics

This website uses Siteimprove Analytics, a web analytics service provided by Siteimprove. Siteimprove Analytics uses "cookies" - text files stored on your computer or smartphone to help EOS Holding GmbH (EOS) analyse how visitors use the site. The information that is generated by the cookies about the visitors' website usage is stored and processed by Siteimprove on servers in Denmark.
IP addresses are completely anonymized before collected data can be viewed via the Siteimprove Suite for EOS. A reversal of the anonymization of IP addresses and an assignment of IP addresses to collected data is not possible.

4. Passing on of data

We only pass your personal data on to other companies of EOS Group or other third parties (recipients) if:

  • you have provided your explicit consent for one or more specific purposes pursuant to Art. 6(1)(a) GDPR,
  • disclosure pursuant to Art. 6(1)(f) GDPR is necessary for the reply to your enquiry, assertion, exercising or defence of legal claims and there is no reason to assume that you have a primary protection-worthy interest in not having your data disclosed,
  • for the case that there is a legal obligation for disclosure pursuant to Art. 6(1)(c) GDPR and
  • it is legally permissible and necessary for fulfilment of contractual obligations pursuant to Art. 6(1)(b) GDPR.
  • we have the data processed on our behalf in compliance with Art. 28 of the GDPR.

Transmission of your personal data for purposes other than those listed above does not occur.

7. Social Media

a)  Shariff solution

We use Shariff buttons from social networks Facebook, Twitter, Google+, LinkedIn, Xing on our website. The buttons are simple HTML links. The procedure we use is within the framework of the Shariff solution. With the Shariff solution a script retrieves the number of times, e.g., the share button on a page has been clicked on: for this the script contacts the social network via the programming interfaces and retrieves the numbers. None of your personal data are transmitted in the process. Rather than your IP address, only our server address is transmitted to Facebook, Google and Twitter. You only become directly connected to Facebook, Google or Twitter if you perform an action. Before that the social networks cannot collect any data about you. If you do not click on a link to share content, you remain invisible to the networks. If you click on a link, the obligation to provide information about data collection and processing no longer rests with us, but rather with the operator of the social network.

b) YouTube Videos

Our website contains links to videos from YouTube (Google Ireland Limited based in Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Irland). If you visit a website on our website that contains such a video, a direct connection is established between your browser and the YouTube server after you have activated the video. 
YouTube receives the information that you have visited our website with your IP address. If you click on the link to the video, your IP address will be forwarded to YouTube. We would like to point out that, as the provider of our website, we have no knowledge of the content of the transmitted data or of its use by YouTube. For more information, please see YouTube's privacy policy (

8. Rights of data subjects

You have the right:

  • in accordance with Art. 15 GDPR, to request information about your personal data that has been processed by us. In particular, you may request information on the purposes of the processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned period for which the data will be stored; you have the right to have processing of your personal data corrected, deleted or restricted and the right to withdraw your consent for such processing; you have the right to lodge a complaint and to obtain information regarding the source of your data if it was not collected by us, as well as regarding the existence of automated decision-making including profiling and, where appropriate, conclusive information regarding the details thereof;
  • in accordance with Art. 16 GDPR, to request immediate correction of incorrect data or completion of your personal data stored by us;
  • in accordance with Art. 17 GDPR, to request deletion of your personal data stored by us, except where the processing of such data is required to exercise the right of freedom of expression and information, to comply with a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
  • in accordance with Art. 18 GDPR, to request that the processing of your personal data is restricted if the accuracy of the data is contested by you, if the processing is unlawful but you oppose deletion and we no longer need the data, but you require this to assert, exercise or defend legal claims or if you have objected to the processing in accordance with Art. 21 GDPR;
  • in accordance with Art. 20 GDPR, to request the personal data that you have provided to us in a structured, commonly used and machine-readable format or to request the transfer to another controller;
  • in accordance with Art. 7 (3) GDPR, to withdraw the consent you have previously given us. Therefore, we will no longer be permitted to continue with the data processing that was based on your consent; and
  • in accordance with Art. 77 GDPR, to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or work, or that of our company headquarters.

9. Right to withdraw and right to object

If your personal data is processed based on legitimate interests in accordance with Art. 6 (1)(f) GDPR, you have the right to file an objection against the processing of your personal data in accordance with Art. 21 GDPR, if there are reasons for this arising from your situation or the objection is directed against direct advertising. In the latter case, you have a general right to object, which will be implemented by us without your needing to cite a situation.

If you would like to make use of your right to withdraw or reject you only need to send an email to - Subject: EOS in Germany -

10. Data security

Within the website we use the widespread SSL (secure socket layer) method in conjunction with the highest level of encryption supported by your browser. In general, this is 256-bit encryption. If your browser does not support 256-bit encryption, we fall back on 128-bit v3 technology instead. You can recognise that an individual webpage in our internet presence is being transmitted in encrypted form by the closed key or padlock icon in the bottom status bar of your browser.

We also use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are being improved continuously according to technological developments.

11. Up-to-dateness and amendment of this privacy policy

This privacy policy is currently valid and was last updated in June 2020.

A change to this privacy policy may be necessary due to improvements to our website and the services offered via our website or due to changed legal or official requirements.