Privacy Policy

Privacy Policy

Thank you for your interest in our company.

Personal data is any information that relates to an identified or identifiable person. Even pseudonymous data that we cannot assign to you directly, e.g. via a name or an e-mail address, is personal data.

Since the protection of your personal data is very important to us, we inform you in this privacy policy about the nature, scope, purpose of the personal data processed by us and the rights as a data subject.

At the end of the privacy policy, you will find under the item definitions the various explanations of the terminology.

Person responsible for the processing of personal data

Olper Hut 7
57462 Olpe, Germany
Phone: +49 2761 86-0

The external company data protection officer of the company is:

dokuworks GmbH
Mr. Markus Weber
Birlenbacher Str. 20
57078 Siegen 
Phone: +49 271 77237-60

If you have any questions or suggestions on the subject of data protection, please feel free to contact us as the person responsible or our data protection officer at any time.

Data subject rights
You can assert the following rights regarding your personal data against us:

  • Right to information (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR) or deletion (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object to processing (Art. 21 GDPR)

If you submit a request for information to us, we will inform you whether and which data we have collected from you in accordance with data protection law. It is our endeavor to always ensure an up-to-date and error-free data collection. If, however, incorrect information has been recorded, we will correct it immediately following a corresponding request.

To do so, please send us a request to: 

In addition to exercising your rights against us, you also have the right to file a complaint with a supervisory authority if you suspect a violation of data protection law (Art. 77 GDPR).

Data protection notice for business partners
We are pleased that you are interested in our company and that you are contacting us. 

The protection of your data is very important to us. With the data protection notice, we provide you with the following information pursuant to Art. 13 GDPR on the processing of your personal data in connection with our business relationship. 

Further information about our company, details of the persons authorized to represent us and further contact options can be found at 

What data do we process and for what purposes?
We only process personal data that we have received from you or, if applicable, from publicly accessible sources in the course of our business relationship.

Personal data in the sense of Art. 4 No. 1 GDPR can be: Names, telecommunication data and address data. In addition, we also process offer, inquiry and order data, data from the fulfillment of our contractual obligations, product data, documentation data, as well as other data comparable with the aforementioned categories.

The provision of your personal data is necessary for the initiation, implementation and processing of the contractual relationship. If it is not provided, it is unfortunately not possible for us to contact you to clarify the pre-contractual or contractual issues.

On what legal basis is the processing of your personal data based? 
Your personal data is processed in accordance with the legal provisions of the GDPR and the German Federal Data Protection Act for the fulfillment of contractual obligations or for measures to initiate a contract (Art. 6 para. 1 p. 1 lit. b GDPR),

Furthermore, we may use this data for additional purposes within the scope of our business relationship.

How long is the data stored? 
We process and store your personal data for the duration of our business relationship and at least in accordance with the statutory retention periods, such as the German Commercial Code or the German Fiscal Code.

To whom is the data passed on and where is it processed?
We use the personal data only for our own purposes in the course of the business relationship. 

Applicant Management
The controller collects and processes the personal data of applicants for the purpose of managing the application process. The processing may also take place electronically. This is the case, in particular, if an applicant submits relevant application documents to the controller by electronic means, for example by e-mail or via a web form located on the website. If the controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. 

The legal basis for this processing is Section 26 (1) sentence 1 BDSG in conjunction with Article 88 (1) GDPR.

If the controller does not conclude an employment contract with the applicant, the application documents are automatically deleted six months after notification of the rejection decision, provided that no other legitimate interests of the controller conflict with such deletion. Other legitimate interest in this sense is, for example, a duty to provide evidence in proceedings under the General Equal Treatment Act (AGG).

In this case, the legal basis is Art. 6 (1) lit. f GDPR and Section 24 (1) No. 2 BDSG. Our legitimate interest lies in the legal defense or enforcement.

If you expressly consent to a longer storage of your data, e.g. for your inclusion in a database of applicants or interested parties, the data will be further processed based on your consent. The legal basis is then Art. 6 para. 1 lit. a GDPR. However, you can of course revoke your consent at any time in accordance with Art. 7 (3) GDPR by declaration to us with effect for the future.

Data protection when visiting our website
Collection of general information

Type and purpose of processing:
When you access our website, i.e., when you do not register or otherwise submit information, information of a general nature is automatically collected. This information (server log files) includes, for example, the type of web browser, the operating system used, the domain name of your Internet service provider, your IP address and the like.

In particular, they are processed for the following purposes:

  • Ensuring a smooth connection setup of the website,
  • Ensuring a smooth use of our website,
  • evaluating system security and stability, and
  • to optimize our website.

We do not use your data to draw conclusions about you personally. Information of this kind is statistically evaluated by us anonymously, if necessary, in order to optimize our website and the technology behind it.

Legal basis and legitimate interest:
The processing is carried out in accordance with Art. 6 (1) lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website.

Recipients of the data may be technical service providers who act as order processors for the operation and maintenance of our website.

Storage period:
The data is deleted as soon as it is no longer required for the purpose for which it was collected. This is generally the case for data used to provide the website when the respective session has ended.

In the case of storage of data in log files, this is the case after 14 days at the latest. Storage beyond this period is possible. In this case, the IP addresses of the users are anonymized, so that an assignment of the calling client is no longer possible.

Provision prescribed or required:
The provision of the aforementioned personal data is neither legally nor contractually required. However, without the IP address, the service and functionality of our website is not guaranteed. In addition, individual services and services may not be available or may be limited. For this reason, an objection is excluded.

Use of analysis/tracking tools
Cookies are small text files that are placed on your device and collect data that can later be read by a web server of the domain that placed the cookie.

Cookies and similar technologies are used on our website to provide a more user-friendly service to users of this website, to analyze the performance of our products, and to fulfill other legitimate purposes.

The data subject can prevent the setting of cookies by our website at any time by means of an appropriate setting of the Internet browser used and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an Internet browser or other software programs. This is possible in all common Internet browsers. If the data subject deactivates the setting of cookies in the Internet browser used, not all functions of our website may be fully usable.

The legal basis for data processing is Art. 6 para. 1 lit. a GDPR.

For the aforementioned purposes, we also use the services of third parties listed below, who are responsible for the data processing taking place via their respective service in accordance with Art. 4 (7) GDPR. For more information on data processing by these providers and your rights as a data subject, please refer to the privacy statements of the providers linked below: 

  • Adobe Typekit (Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Republic of Ireland) 

If you contact us (e.g. by contact form, telephone, chat or e-mail), we process your information to process the request and in the event that follow-up questions arise.

If the data processing is carried out for the implementation of pre-contractual measures, which are carried out on your request, or, if you are already our customer, for the implementation of the contract, the legal basis for this data processing is Art. 6 para. 1 lit. b GDPR.

The data protection declaration is based on the terms used by the European Directive and Ordinance Maker when issuing the General Data Protection Regulation (GDPR). Our data protection declaration should be easy to read and understand for the public as well as for our customers and business partners. To ensure this, we would like to explain in advance the terminology used.

a) Personal data
Personal data is any information relating to an identified or identifiable natural person (hereinafter "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

b) Data subject
Data subject means any identified or identifiable natural person whose personal data are processed by the controller.

c) Processing
Processing means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

d) Restriction of processing
Restriction of processing is the marking of stored personal data with the aim of limiting their future processing.

e) Profiling
Profiling is any type of automated processing of personal data that consists of using such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects relating to that natural person's job performance, economic situation, health, personal preferences, interests, reliability, behavior, location or change of location.

f) Pseudonymization
Pseudonymization is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separate and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.

g) Controller or person responsible for processing.
The controller or person responsible for processing is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its designation may be provided for under Union or Member State law.

h) Processor
Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

i) Recipient
Recipient means a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not a third party. However, public authorities that may receive personal data in the context of a specific investigative task under Union or Member State law shall not be considered as recipients.

j) Third Party
Third party means a natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons authorized to process the personal data under the direct responsibility of the controller or the processor.

k) Consent
Consent shall mean any freely given indication of the data subject's wishes for the specific case in an informed and unambiguous manner, in the form of a statement or any other unambiguous affirmative act by which the data subject indicates that he or she consents to the processing of personal data relating to him or her.

Transfer of data to third parties 
We do not transfer your personal data to third parties for purposes other than those listed below. We only pass on your personal data to third parties if:

  • you have given your express consent to this in accordance with Art. 6 (1) p. 1 lit. a GDPR,
  • the disclosure is necessary for the assertion, exercise or defense of legal claims pursuant to Art. 6 para. 1 p. 1 lit. f GDPR and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data,
  • in the event that there is a legal obligation for disclosure pursuant to Art. 6 (1) p. 1 lit. c GDPR, as well as
  • this is legally permissible and necessary according to Art. 6 para. 1 p. 1 lit. b GDPR for the processing of contractual relationships with you.

Data security
We make maximum efforts to ensure the security of your data within the framework of the applicable data protection laws and technical possibilities.

Your personal data is transmitted encrypted with us. This applies to your orders and also to the customer login. We use the SSL (Secure Socket Layer) coding system, but we would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.

Actuality and change of this privacy policy
This data protection declaration is currently valid and has the status November 2022. Due to the further development of our website and offers on it or due to changed legal or official requirements, it may become necessary to change this data protection declaration.