With regard to the definition of the terms used (e.g. personal data, processing, responsible person, anonymised), we refer to Art. 4 of the General Data Protection Regulation (hereinafter "GDPR").
nexum AG, Vogelsanger Straße 321a, 50827 Cologne
Supervisory Board: Hans-Werner Scherer, Thomas Fell, Martin Hecker, Board of Directors: Dr. Michael Klinkers, Georg Kühl, Dirk Steinmetz
Tel: +49 221 99886-0
Data Protection Officer
nexum AG, Jana Panne, Vogelsanger Straße 321a, 50827 Cologne,
Tel: +49 221 99886-0
Rights of data subjects
You can exercise the following rights at any time by contacting the data protection officers:
- Information about your data stored with us and their processing, Art. 15 GDPR
- Correction of incorrect personal data, Art. 16 GDPR
- Deletion of your data stored with us or restriction of data processing, insofar as we are not yet allowed to delete your data due to legal obligations or the deletion represents a disproportionately high effort, Art. 17 und 18 GDPR
- Data transmission, Art. 20 GDPR
- If you have given us your consent, you can revoke it at any time with effect for the future, Art. 7 Abs.3 GDPR
- Objection to future data processing in accordance of Art. 21 GDPR
- You can contact the supervisory authority responsible for you at any time with a complaint, Art. 77 GDPR.
Your local regulatory authority will vary according to the state of your residence, work or alleged violation. You can find a list of the supervisory authorities and their addresses at https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
Data processing in the context of the provision of services
Within the scope of our service provision, we collect contact data, this may be in particular
- Name, first name, position,
- postal address, e-mail, telephone number.
The processing of data is carried out on the basis of Article 6(1)(b) and (c) GDPR, for the performance of contracts or pre-contractual measures and for the fulfilment of legal obligations.
The processing of the data is partly carried out by a hosting service provider. This is due to our legitimate interests in efficient and secure business operations in accordance with Art. 6 Par. 1 lit. in conjunction with Art. 28 GDPR. Our hosting service provider is located and stores the data in Germany and we have concluded a contract processing agreement.
We use software services accessible via the Internet and running on the servers of their providers (so-called "cloud services") for the following purposes: document storage and management, calendar management, e-mailing, spreadsheets and presentations, exchanging documents, content and information with specific recipients or publishing websites, forms or other content and information, as well as chatting and participating in audio and video conferences.
If we ask for consent to use the cloud services, the legal basis for processing is consent (Art. 6 para. 1 sentence 1 lit. a DSGVO). Furthermore, their use may be part of our (pre)contractual services (Art. 6 para. 1 sentence 1 lit. b. DSGVO), provided that the use of the cloud services has been agreed in this context. Otherwise, user data is processed on the basis of our legitimate interests (i.e., interest in efficient and secure administration and collaboration processes) (Art. 6 para. 1 sentence 1 lit. f. DSGVO).
Microsoft Office applications, teams and stream (audio and video meetings), cloud storage services
Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA; Web site: https://microsoft.com/de-de; privacy statement: https://privacy.microsoft.com/de-de/privacystatement, security notes: https://www.microsoft.com/de-d... collection on our website
Server log files
Our website is operated by a hosting service provider. Depending on the use of our website, our hosting service provider (hereinafter "hosting company") automatically stores and collects information in so-called server log files, which your browser automatically transmits to us. These are:
- Browser type and browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
This is due to our legitimate interest in an efficient and secure provision of our online offer in accordance with Art. 6 Para. 1 lit. f in conjunction with Art. 28 GDPR. Our hosting service provider is located and stores the data in the European Union and we have concluded a contract for processing.
SSL or TLS encryption
We use SSL or TLS encryption on our website. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.
Our websites partly use so-called cookies. These serve to make our offer more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser.
If you contact us by form, your details from the contact form will be stored by us for the purpose of processing your enquiry and in case of follow-up questions.
Salesforce Sales Cloud
Salesforce only uses users' data for the technical processing of requests and does not pass it on to third parties. In order to use Salesforce, at least a correct e-mail address must be provided. Use under pseudonyms is possible. In the course of processing service requests, it may be necessary to collect further data (name, address).
If you do not agree to data collection via and data storage in Salesforce's external system, we offer you alternative contact options for submitting service requests by e-mail, telephone, fax or post.
Further information on data processing by Salesforce can be found here:
Documents on Salesforce's compliance with the EU GDPR (in English): https://compliance.salesforce.com/en/gdpr
For communication via the contact form we use the service maatoo.io of the provider 55 weeks AG, Busswilstrasse 16, 3250 Lyss, Switzerland. The maatoo servers are located in Switzerland. This is due to our legitimate interest in efficient and secure communication in accordance with Art. 6 Para. 1 lit. f GDPR.
maatoo.io places a permanent cookie on the respective login page in order to ensure a high level of security and optimum use of its channels and to be able to optimise their availability. Further information about maatoo and data protection at maatoo can be found here: https://maatoo.io/datenschutzerklaerung/.
Web analytics and advertising
Google Analytics / Universal
This website uses functions of the web analysis service Google Analytics or Universal. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
The storage of Google Analytics cookies is based on Art. 6 Para. 1 lit. f GDPR. We have a legitimate interest in the analysis of user behaviour in order to optimise both our website and our advertising.
We have deactivated the function offered by Google Universal to activate a unique user ID. We have also activated the IP anonymization function on our website. As a result, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before transmission to the USA. On our behalf, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide us with further services related to website and internet usage. These services are described in more detail in the following chapters.
Your personal data will be deleted or made anonymous after 14 months.
You can prevent the storage of cookies by adjusting your browser software accordingly. You can also prevent the collection of data generated by the cookie and related to your use of the website to Google and the processing of this data by Google. If you click here, a corresponding cookie will be deposited, which will save your wish not to be recorded by Google Analytics on this website and thus prevent further tracking on your currently used device and browser for this page. Please note, however, that this setting only remains active as long as the cookie is stored. If you delete your cookies in your browser settings in the meantime, you will have to click the above link again if you still do not want to be tracked by Google Analytics on our website.
Our website uses the Conversion Tracking function in the context of Google AdWords by Google.
When you click on an ad placed by Google, a cookie is set for conversion tracking. This cookie expires after 30 days and is not used to personally identify you. If you visit certain pages on our site and the cookie hasn't expired, Google and we can tell that you clicked on the ad and were redirected to that page.
Each Google AdWords customer receives a different cookie. Cookies cannot be tracked on the websites of AdWords customers. The information collected using the conversion cookie is used to compile conversion statistics for AdWords customers who have opted in to conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users. If you choose not to participate in tracking, you can opt-out of this use by disabling the Google conversion tracking cookie on your web browser under User Preferences. You will then not be included in the conversion tracking statistics.
For additional settings and opt-out options regarding interest-based advertising through Google AdWords and Google Conversion Tracking, please see the following link:
The storage of "conversion cookies" is carried out on the basis of Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in the analysis of user behaviour in order to optimise both our website and our advertising.
Demographic characteristics in Google Analytics
Our website uses the "demographic features" function of Google Analytics. This allows us to generate reports that contain information about the age, gender and interests of visitors to the site. This data is derived from interest-based advertising by Google as well as from visitor data from third parties. This data cannot be assigned to a specific person. You can disable this feature at any time in the ad settings in your Google Account or generally prohibit Google Analytics from collecting your information as described in the "Opting out of data collection" section.
You can object to the collection and use of your data for the future by setting an opt-out cookie in your browser by clicking on this link: https://www.quantcast.com/opt-out/
If you delete the cookies on your computer, you will have to set the opt-out cookie again.
Our website uses services of etracker GmbH from Hamburg, Germany for the analysis of usage data. Cookies are used to enable a statistical analysis of the use of this website by its visitors and to display usage-related content or advertising. etracker cookies do not contain any information that would enable a user to be identified. The data generated with etracker is processed and stored by etracker on our behalf exclusively in Germany and is therefore subject to the strict German and European data protection laws and standards. etracker has been independently tested, certified and awarded the ePrivacyseal data protection seal of approval. Data processing is carried out on the legal basis of Art. 6 Para. 1 lit f (legitimate interest) of the EU Basic Data Protection Regulation (EU-GDPR). Our legitimate interest lies in the optimization of our online offer and our web presence. Since the privacy of our visitors is particularly important to us, the IP address is anonymized at etracker as soon as possible and login or device IDs are converted into a unique key at etracker, but not assigned to a person. etracker does not use the data in any other way, merge it with other data or pass it on to third parties.
You can object to the aforementioned data processing at any time, provided it is personal. Your objection has no negative consequences for you.
Further information on data protection at etracker can be found at https://www.etracker.com/datenschutz/.
Tealium Tag Management System
We use the tag management system Tealium iQ. The provider is Tealium Inc, 11085 Torreyana Road, San Diego, CA 92121, USA.
We use Tealium to centrally manage, control and load third-party measurement pixels (tags) on our website. This allows us to monitor the data collection of each vendor tag and allows our website visitors to make their own decisions about third-party access and cookies. By extending the functionality, we are also able to dynamically adjust and automate parts of the website in real time to meet your needs.
A cookie called utag_main is created to enable this functionality. The storage of this cookie is based on art. 6 para. 1 lit. f DSGVO. We have a legitimate interest in the analysis of user behaviour in order to optimise both our website and our advertising. In particular, however, it also corresponds to the interest of the users to control access by third parties.
Facebook and Instagram
We maintain the Facebook and Instagram profiles "nexum AG" and "nexum Spain". The provider of the platform is Facebook Ireland Ltd, 4 Grand Canal Square, Grand Harbour, Dublin 2, Ireland.
We use our profile on Facebook and Instagram to provide regular information about our company and our projects.
The maintenance of our Facebook and Instagram profile is based on our legitimate interest in promoting our company and our services in accordance with Art. 6 para. 1 lit.f GDPR.
If you use Facebook or Instagram, your data is regularly processed for analysis and advertising purposes in order to display interest-related advertising within and outside of Facebook and Instagram. For this purpose, cookies and pixels are regularly stored on the user's devices, also across devices, through which the user's usage behaviour and interests can be tracked.
We maintain the Twitter account "nexum". The provider is Twitter Inc. 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.
We use our Twitter account to provide regular information about our company and our projects.
The maintenance of our Twitter account is based on our legitimate interest in the promotion of our company and our services in accordance with Art. 6 para. 1 lit.f GDPR.
If you use Twitter, your data will be processed regularly for analysis and advertising purposes to deliver interest-based advertising and content inside and outside Twitter. For this purpose, cookies and pixels are regularly stored on the user's devices, also across devices, which can be used to track the usage behaviour and interests of the users.
You can limit the processing of your data in the general settings of your Twitter account as well as in the section "Privacy and Security" and under the link:
https://twitter.com/personalization. In addition, you can restrict Twitter access to contact and calendar information, photos, location information, etc. on mobile devices in their settings. For more information on these items, please visit the following Twitter support pages: https://support.twitter.com.
We maintain the LikedIn accounts "nexum AG" and "nexum Agency Switzerland AG". The provider is the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.
We use our LinkedIn account to provide regular information about our company and our projects.
The maintenance of our LinkedIn account is based on our legitimate interest in the promotion of our company and our services in accordance with Art. 6 para. 1 lit.f DSGVO.
You can object to the processing of your data by using the opt-out facility: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out. In addition, you can restrict LinkedIn's access to contact and calendar data, photos, location data, etc. on mobile devices in the settings options there.