Data protection

Please note: This is a purely informative translation of our Privacy Policy. In case of dispute, only the German version applies, which you can find here.

This privacy policy gives you information about the nature, scope and purpose of the processing of personal data on our website

1.Responsible office, contact

1.1 Responsible contact in regard of the Data Protection Act

Responsible contact within the meaning of Article 4 (7) of the EU General Data Protection Regulation (GDPR) is:


agiles Informationssysteme GmbH

Represented by the CEO Monika Thamer, Christian Sega, Volker Schinkel
Kurze Mühren 2-4
20095 Hamburg, Germany

Tel.: +49 40 30 95 33 – 0
Fax: +49 40 30 95 33 – 75
email: (or


Contact person: Christian Sega


Data Protection Commissioner:

Stefan Kramer
Fachenfelder Weg 84
21220 Seevetal, Germany
Tel. 0049 (0)173/6255527

1.2 Contact

a) If you have any questions about privacy, rights or claims to your personal information, you can contact us using the contact details above (see 1.1). Or via our contact form.

b) In our contact form you have to answer to your request make mandatory information, which are marked with an asterisk (your email address, your name and your telephone number if necessary). We need the information to process your request and to contact you. You can fill in the other fields voluntarily.

c) When contacting us (for example by telephone, e-mail, or contact form), your details will be used to process the request and in case of follow-up questions. Art. 6 para. 1 lit. b) GDPR stored. We will delete the data in this connection after the storage is no longer required, or restrict processing in the event of statutory retention requirements (see paragraph 14).

2. Data information processed by us

2.1 Statutory regulations

a) At each visit to our website personal data can be processed. Processing of your personal data will only take place if permitted by law (legal basis). This is gem. Art. 6 para. 1 GDPR the case, if

  • You have given us your consent, or
  • the processing is required to fulfil our contract with you, or
  • in the case of a request by you, precontractual measures are required, or
  • the processing is necessary to protect your vital interests, or those of another natural person, or
  • the processing is necessary of the protection of our legitimate interests of that of a third party, unless your interests of fundamental rights and fundamental freedoms, which require the protection of personal data, are outweighed (balance of interests).

b) The personal data collected by you will be deleted as soon as the purpose of the survey ceases (see paragraph 14).

2.2 What is personal data

a) What “personal data” are, follows from Article 4 of the General Data Protection Regulation (GDPR). According to this, personal data is information that can be allocated with relative means to your person. Personal data is divided into four groups. This includes inventory data (e.g. names and addresses of customers), contract data (e.g. services used, names of clerks, payment information), usage data (e.g. the visited websites of our online offer, interest in our products) and content data (e.g. entries in the contact form). Information that can not or only with a disproportionate amount of time, cost and labor can be assigned to a particular or identifiable person are not anonymous personal data.

b) In addition, when visiting our website for technical reasons, other data will be processed. These are mainly technical information, for example the IP address that your Internet Access provider assigns to your computer when you connect to the Internet, or information about the Internet page from which you accessed our office, or the type and version of the Internet browser you are using. It also includes login details, you operating system, download errors, length of visits to particular pages, and any phone numbers from which you call our customer service number. This technical information may be personally identifiable information as far as for technical reasons for the operation and protection of our website from attacks and misuse according to Art. 6 para 1 lit. f. GDPR is required.

2.3 What is meant by “processing”?

What is meant by “processing” also follows from Article 4 of the General Data Protection Regulation (GDPR). This includes all processes that belong to the handling of the data. Even the raising or the grasping, but also the organization or the arrangement or the storage, the adjustment or the change, fall under the concept of the “processing”. But also other manners, such as the actual use, or the transmission or the passing on fall under the generic term of “processing. Ultimately, however, this includes the restriction, the deletion or the destruction of data.

3. Data Security

The security of your personal data is a very high priority for us. We therefore protect your stored data with technical and organizational measures. This ensures that the provisions of data protection laws are adhered to and that any loss or misuse by third parties is effectively prevented. In particular, our employees who process personal data are required to maintain data secrecy and have to comply with these.

4. SSL encryption

Our website uses secure SSL encryption when it comes to the transmission of personal data or personal content of our users. Please make sure that the SSL-encryption is activated by your side during activities. The use of encryption is easy to recognize: The display in your browser line changes from “http: //” to “https: //”. SSL encrypted data is not readable by third parties. Therefore, transmit your confidential information only with activated SSL encryption and contact us in case of doubt.

5. Collection of personal data when visiting our website

a) In the case of information use of the website, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to show you our website and to ensure stability and security (legal basis is Art. 6 (1) sentence 1 lit. GDPR):

  • The IP address of the requesting device (i.e. your computer or smartphone),
  • Data and time of access,
  • Time zone difference to Greenwhich Man Time (GMT)
  • Content of the request (concrete page)
  • Access status / http status code
  • Operating system and its interface
  • As well as the browser of your computer

b) This information referred to under a) is stored for security reasons (for example, to investigate abusive or fraudulent activities) for a maximum of 7 days and then deleted. Data whose further retention is required for evidence will be retained until the matter is finally resolved.

c) In addition to the aforementioned data, cookies are stored on your computer when you use our website. For more information about cookies, see section 9.

d) The data are processed by us on the basis of our legitimate interests within the meaning of Art. 6 (1) lit. f. GDPR levied. In no case we use the collected data for the purpose of drawing conclusions about you. Among the purposes we pursue are:

  • Ensuring a smooth connection of the website,
  • Ensuring comfortable use of our website,
  • the investigation of abuse or fraud,
  • the evaluation of system security and stability as well as
  • other administrative purposes.

6. More features and offers of our website

In addition to the purely informative use of our website, we offer various services that you can use if you are interested. To do this, you will generally need to provide other personal information that we use to provide the service and for which the aforementioned data processing principles apply.

6. 1 Contact (contact form or email)

When contacting us (via contact form or e-mail) your details for the processing of the contact request and their processing in accordance with. Art. 6 para. 1 lit. b) GDPR (necessary information in the context of pre-contractual measures) or acc. Art. 6 para. 1 lit. f) GDPR (legitimate interest to answer your request) processed. If you contact us by email, we will also save the content you have sent us by e-mail. If we use our contact form to request entries that are required to contact us, we have always marked them with an asterisk. The information without an asterisk is used to concretize your request and to improve the handling of your request. A notification of this optional information is provided on a voluntary basis. As far as details of communication channels (e.g. telephone number, e-mail) are concerned, we can also contact you via this communication channel to answer your request. The personal data you provide will only be used for the purpose for which you provided us with the data when contacting us.

We will delete the data we receive in the context of contacting you after one year if they are no longer necessary to achieve the purpose of your request. This also applies to your voluntary information. It is in our legitimate interest to store the data together with the required data. For the personal data from the input form of the contact form and those who have been sent by e-mail, the deletion of the data takes place when the respective conversation with the user has ended. The conversation ends when it can be inferred from the circumstances that the matter in question has been finally clarified, but no later than 1 month after the last contact.

6. 2 Newsletter

a) With the following information, we will inform you about the content of our newsletter as well as the registration, shipping and statistical evaluation procedures as well as your right of objection. By subscribing to our newsletter, you agree to the receipt and the procedures described.

b) We send out newsletters, e-mails and other electronic notifications with promotional information (hereinafter referred to as “newsletter”) only with your consent or a legal permission. Insofar as the content of a newsletter is concretely described in the context of an application for the newsletter, these are decisive for the consent of the users. Incidentally, our newsletters contain information about our products, offers, promotions and our company.

c) To register for our newsletter, we use the so-called double opt-in procedure. This means that after you have registered, we will send you an e-mail to the e-mail address specified in which we ask you to confirm that you wish to receive the newsletter. If you do not confirm your registration, your information will be blocked and automatically deleted after one month. In addition, we store your IP addresses and times of registration and confirmation. The purpose of the procedure is to prove your registration and, if necessary, to inform you about possible misuse of your personal data. Our interest is in the use of a user-friendly and secure newsletter, which serves both our business interests and the expectations of the users. The legal basis is. Art. 6 para. 1 lit. f GDPR.

d) The only requirement for sending the newsletter is your e-mail address. The specification of additional, separately marked data is voluntary and will be used to address you personally. After your confirmation, we will save your e-mail address for the purpose of sending you the newsletter. The legal basis is Art. 6 para. 1 sentence 1 lit. a GDPR.

e) The newsletter is sent by the supplier Hubspot (see section 11.5).

f) We point out that we evaluate your user behavior when sending the newsletter. For this evaluation, the emails sent include so-called web beacons or tracking pixels that represent one-pixel image files stored on our website. For the analyses, we link the data mentioned in Section 5 and the web beacons with your e-mail address and an individual ID. With the data obtained in this way, we create a user profile to tailor the newsletter to your individual interests. In doing so, we record when you read our newsletters, which links you click in and conclude your personal interests. We link this data with actions you have taken on our website. You can object to this tracking at any time by clicking on the separate link provided in each e-mail or informing us via another contact path (see above). The information will be stored as long as you have subscribed to the newsletter. After logging out, we store the data purely statistically and anonymously.

g) If you have only subscribed to the newsletter and terminated this registration, your personal data will be deleted. You can revoke your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can declare the revocation by clicking on the link provided in each newsletter e-mail, via our contact form, by e-mail to or by sending a message to the contact details stated.

7.Disclosure of data to third parties and third party providers

a) A transfer of data to third parties is only within the scope of the statutory requirements. We will only pass users’ data on to third parties if:

  • You yours according to Art. 6 para. 1 sentence 1 lit. a GDPR have given express consent to this
  • disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR is required to assert, exercise or defend legal claims and there is no reason to assume that you have a predominantly legitimate interest in not disclosing your data,
  • in the event that disclosure pursuant to Art. 6 para. 1 sentence 1 lit. c GDPR is a legal obligation, as well
  • this is legally permissible and according to Art. 6 para. 1 sentence 1 lit. b GDPR is required for the settlement of contractual relationships with you.

b) When passing on your personal data, we always ensure the highest possible level of security. Therefore, your data will only be passed on to previously carefully selected and contractually- obligated service providers and partner companies in order to protect your personal data in accordance with the relevant statutory provisions.

c) We remind you that in addition to this Privacy Policy, the privacy policies and declarations of the locally responsible partners and their designated institutions may apply.

8.Where will your personal data be stored?

a) The personal data we collect about you will generally be stored within the European Union (“EU”). However, it may exceptionally happen that personal data are transmitted to non-European countries. In these so-called “third countries” the GDPR is not directly applicable law. As a rule, there is also a less stringent data protection law there.

b) Such data transfer to countries outside the European Economic Area may, for example, be available by electronic means when processing a service request or providing support services.

c) In case of such transmission of data to a third country, however, we ensure that this is done in accordance with this privacy policy. In addition, we ensure that an appropriate level of data protection for you and other stakeholders is guaranteed at the respective recipient in the third country or that there is otherwise a legal permit. This is done by concluding a contract with the recipient in the third country on the basis of the so-called standard contractual clauses of the European Commission. These standard contractual clauses ensure a similar level of data protection as provided by the European Data

9. Cookies

We use so-called “cookies” to recognize the multiple use of our offer by the same user or Internet access holder. The data processed by cookies are for the protection of our legitimate interests as well as the third party according to Art. 6 para. 1 p. 1 lit. f GDPR required (see section 3.1.).

9.1. What are “cookies”?

Almost all websites today use different cookies, so that the respective pages work as desired and design and functions can be optimally presented to you. Cookies are information files that are transmitted from our web server or third-party web servers to your web browser and stored there. There they are stored for later retrieval. The information files are specific information related to your device (PC, smartphone and browser used). However, this does not mean that we are immediately aware of your identity. Cookies are mainly used for the user-friendliness of websites (e.g., they store login data or the language). Cookies do not harm your device, do not contain viruses, Trojans or other malicious software.

9.2 What types of “cookies” do we use?

This website uses transient and persistent cookies, the scope and operation of which are explained below:

a) Transient cookies are automatically deleted when you close the browser. These include in particular the session cookies. These store a so-called session ID, with which various requests from your browser can be assigned to the common session. This will allow your computer to be recognized when you return to our website. We therefore use these cookies to identify you for follow-up visits if you have an account with us. Otherwise, you would have to log in again for each visit. The session cookies are deleted when you log out or close the browser.

b) Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie. You can delete the cookies in the security settings of your browser at any time.

9.3. What can I do against the use of cookies?

Most browsers accept cookies automatically. If you do not want cookies to be stored on your machine, you can disable the corresponding option in the system settings of your browser. Saved cookies can also be deleted in the system settings of the browser. However, the exclusion of cookies can lead to functional restrictions of this online offer. For information on disabling cookies on the most popular browsers, see the links below:

Google Chrome:

Microsoft Internet Explorer:




10. Integration of services and contents of third parties

a) We will not disclose your personal information that you have provided to us to third parties, unless the data is required for the performance of your contract, there are legitimate interests or you have expressly consented to the disclosure. Insofar as we are legally obliged to do so, we will pass on your data to government agencies and authorities entitled to receive information. Our legitimate interests are, for example, the interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 (1) lit. f. GDPR.

b) When passing on your personal data, we always ensure the highest possible level of security. Therefore, your data will only be passed on to previously carefully selected and contractually-obligated service providers and partner companies in order to protect your personal data in accordance with the relevant statutory provisions.

c) If our service providers or partners are based in a country outside the European Economic Area (EEA), we inform you about the consequences of this circumstance in the description of the offer.

11. Integration of other contents of third parties

11.1 Google Analytics

We use Google Analytics, a web analysis service of Google LLC (“Google”), based on our legitimate interests (ie interest in the analysis, optimization and economic operation of our online service as defined in Art. 6 (1) lit. Google uses cookies. The information generated by the cookie about the use of the online offer by the users are usually transmitted to a Google server in the USA and stored there. Google is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European privacy legislation ( Google will use this information on our behalf to evaluate the use of our online offer by users, to compile reports on the activities within this online offer and to provide us with further services related to the use of this online offer and the internet usage. In this case, pseudonymous usage profiles of the users can be created from the processed data. We only use Google Analytics with activated IP anonymization. This means that the IP address of the users will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there. The IP address submitted by the user’s browser will not be merged with other data provided by Google. Users can prevent the storage of cookies by setting their browser software accordingly; Users may also prevent the collection by Google of the data generated by the cookie and related to its use of the online offer and the processing of such data by Google by downloading and installing the browser plug-in available at the following link: http: // tools / dlpage / gaoptout? hl = en. For more information about Google’s data usage, hiring and disparaging options, please read Google’s Privacy Policy ( and Google’s Ads Ads Settings (https: // The personal data of users will be deleted or anonymised after 14 months.

11.2 Google ReCaptcha

We bind the function to detect bots, e.g. when entering into online forms (“ReCaptcha”) of the provider Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Privacy Policy:, opt-out:

11.3 Google Maps

We include maps from the Google Maps service provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. The processed data may include, in particular, users’ IP addresses and location data, but these are not collected without their consent (usually as part of the settings of their mobile devices). The data can be processed in the USA. Privacy Policy:, opt-out:

11.4. Google Adwords

Our website uses Google Conversion Tracking. If you have reached our website via an advertisement sent by Google, Google Adwords will set a cookie on your computer. The conversion tracking cookie is set when a user clicks on a Google-served ad. These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages on our website and the cookie has not expired, we and Google may recognize that the user clicked on the ad and was redirected to this page. Each Google AdWords customer receives a different cookie. Cookies can not be tracked through AdWords advertisers’ websites. The information gathered using the conversion cookie is used to generate conversion statistics for AdWords advertisers who have opted for conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to a conversion tracking tag page. However, they do not receive information that personally identifies users. If you do not want to participate in the tracking, you can refuse the required setting of a cookie – for example via a browser setting that generally disables the automatic setting of cookies or sets your browser to block cookies from the domain “”. Please note that you can not delete the opt-out cookies as long as you do not want to record measurement data. If you have deleted all your cookies in the browser, you must set the respective opt-out cookie again.

11.5 Using Script Libraries (Google Webfonts)

In order to render our content correctly and graphically appealing across browsers, we use script libraries and font libraries on this website, such as: Google Webfonts ( Google web fonts are transferred to the cache of your browser to prevent multiple loading. If the browser does not support Google Web fonts or prohibits access, content will be displayed in a standard font. The call of script libraries or font libraries automatically triggers a connection to the operator of the library. It is theoretically possible – but currently also unclear whether and if so for what purposes – that operators of such libraries collect data. The privacy policy of the library operator Google can be found here:

11.6 Hubspot

For analysis purposes, agiles uses Hubspot, a service of Hubspot Inc. Hubspot is certified under the EU-US Privacy Shield. Here, so-called “web beacons” are used and also cookies (see section 8) are set, which are stored on your computer and allow an analysis of your use of the website by us. The collected information (eg IP address, geographic location, type of browser, duration of visit and pages visited) is evaluated by Hubspot on behalf of agiles in order to generate reports on the visit and visited pages of agiles. The legal basis for the use of Hubspot is Art. 6 para. 1 sentence 1 lit. a) GDPR. If you subscribe to our e-mail newsletter and download studies and other documents, we can use Hubspot to record your personal visits to agiles personally, using your additional information (especially your name and e-mail address) and, if necessary, target your preferred preferences Inform topic areas. If you do not agree with a collection by Hubspot, you can prevent the storage of cookies at any time by your browser settings accordingly. For more information about how Hubspot works, refer to Hubspot Inc.’s Privacy Policy at:

11.7 Involvement of YouTube

a) Our website uses components (videos) from the company YouTube. Legal basis for the use of the YouTube plug-in is Art. 6 para. 1 sentence 1 lit. a) GDPR.

b) YouTube, LLC 901 Cherry Ave., 94066 San Bruno, CA, USA, is a company of Google Inc., Amphitheater Parkway, Mountain View, CA 94043, USA

c) The YouTube videos on our website are all included in the “Advanced Privacy Mode”, d. H. that you do not transfer data about you as a user to YouTube if you are not playing the videos. Only when you play the videos, the following data will be transmitted. We have no influence on this data transfer.

d) By visiting the website, YouTube receives the information that you have accessed the corresponding sub-page of our website. In addition, the data referred to in point 5 of this declaration will be transmitted. This happens regardless of whether YouTube provides a user account that you are logged in to, or if there is no user account. When you’re logged in to Google, your data will be assigned directly to your account. If you do not wish to associate with your profile on YouTube, you must log out before activating the button. YouTube stores your data as usage profiles and uses them for purposes of advertising, market research and / or custom design of its website. Such an evaluation is done in particular (even for users who are not logged in) to provide appropriate advertising and to inform other users of the social network about their activities on our website. You have a right to object to the creation of these User Profiles, and you must be directed to YouTube to use them. For more information on the purpose and scope of your data collection and processing through YouTube, please read the privacy policy. You’ll also get more information about your rights and privacy settings here: Google also processes your personal information in the US and has submitted to the EU-US Privacy Shield, Framework.

11.8 Social PlugIns

a) We offer you the possibility of using so-called “social media buttons” on our website. To protect your data, we rely on the solution “Shariff” in the implementation. As a result, these buttons are integrated on the website only as a graphic that contains a link to the corresponding website of the button provider. By clicking on the graphic you will be redirected to the services of the respective provider. Only then will your data be sent to the respective provider. Unless you click on the graphic, there will be no exchange between you and the providers of the social media buttons. Information about the collection and use of your data in the social networks can be found in the respective terms of use of the respective providers. More information about the Shariff solution can be found here (German only):

b) We have integrated on our website the social media buttons of the following companies: Xing, LinkedIn, Google+, Twitter, Facebook, YouTube.

12. Your rights to your data

You have the following rights to the data you process:

  • According to Art. 15 GDPR, you may request information about your personal data processed by us. In particular, you can provide information on the processing purposes, the category of personal data, the categories of recipients to whom your data has been disclosed, the planned retention period, the right to rectification, deletion, limitation of processing or opposition, the existence of a The right to complain, the source of their data, if not collected from us, and the existence of automated decision-making including profiling and, where appropriate, meaningful information about their details;
  • in accordance with Art. 16 GDPR, you can immediately request the correction of incorrect or completed personal data stored by us;
  • In accordance with Art. 17 GDPR, you may request the deletion of your personal data stored with us, except for the processing for exercising the right to freedom of expression and information, for fulfilling a legal obligation, for reasons of public interest or for assertion, exercise or defense of legal claims is required;
  • According to Art. 18 GDPR you can demand the restriction of the processing of your personal data, as far as the accuracy of the data is disputed by you, the processing is unlawful, but you reject their deletion and we no longer need the data, but you assert this To exercise or defend legal claims or you have objected to processing pursuant to Art. 21 GDPR;
  • according to Art. 20 GDPR you have the right to transfer data, i. Your personal information provided to us may be obtained in a structured, common and machine-readable format or may require transmission to another person in charge, provided that the processing is based on your consent or a contract with us and the processing has been automated, In the case of data transfer to another person in charge, however, you can only effect the transfer if this is technically feasible;
  • In accordance with Art. 7 para. 3 GDPR, you can revoke your once given consent at any time. As a result, we are not allowed to continue the data processing based on this consent for the future; and
  • According to Art. 77 GDPR you have the right to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our headquarters. You can exercise your rights to rectification or deletion of personal data in the quickest, easiest and most comfortable way by logging into your account and directly editing your data stored there or by deleting your entire account. For your request for information, the revocation of a consent or for a contradiction a simple message to us is sufficient. There are no costs for exercising your rights. You can contact us under the contact information provided in section 1 of this privacy policy.

13. Contradictory right

a) If you have given your consent to the processing of your data, you can revoke them at any time. Such revocation will affect the admissibility of the processing of your personal data after you have given it to us.

b) Insofar as we base the processing of your personal data on the balancing of interests, you can object to the processing. This is the case if, in particular, the processing is not required to fulfill a contract with you, which we describe in each case in the following description of the functions. In the event of such a disagreement, we ask you to explain the reasons why we should not process your personal data as we have done. In the case of your justified objection, we will examine the situation and will either discontinue or adapt the data processing or point out to you our compelling legitimate reasons on which we continue the processing. We will inform you of such compelling reasons. You have the right to complain to a regulator at any time (for example, the regulator at your place of residence or at our company headquarters).

c) Of course, you may object to the processing of your personal data for purposes of advertising and data analysis at any time. About your advertising conflict, you can contact us under the number in 1.1. inform you of the contact information.

d) If you would like to exercise your right of revocation or objection, please send an e-mail to the section 1.1. named person.

14. General information about the deletion and retention periods of your data

a) The data stored with us are deleted as soon as they are no longer necessary for the intended purpose. For details, see the points in this statement that explain the nature and purpose of each processing of personal information.

b) Data that we have to store due to statutory, statutory or contractual retention obligations (e.g. for tax reasons) will be blocked instead of a deletion in order to prevent use for other purposes. This includes, for example, the storage for 6 years pursuant to § 257 paragraph 1 HGB (for trading books, inventories, opening balances, annual accounts, trade letters, accounting documents, etc.) or the storage for 10 years in accordance with § 147 Abs. 1 AO (books, records , Management reports, accounting documents, trade and business letters, documents relevant to taxation, etc.).

15. Changes to the privacy policy

a) This privacy policy is currently valid and has the status of May 2018.

b) Due to legislative changes or adjustments in data processing, updates to this privacy policy may be required. We therefore recommend that you inform yourself regularly about changes on this page. If the change affects your consent or the provisions of the contractual relationship, these are only with your consent. For this you will be contacted separately.