Privacy statement

Data protection information

We, IBIS Service GmbH & Co. KG, Ladestraße 8, 15834 Rangsdorf (hereinafter: “the company“, “we" or "us“) take the protection of your personal data seriously. With this declaration (hereinafter: “Data protection information“) we will inform you about how your personal data is processed by us.

1. Name and address of the person responsible for processing

    We are the body responsible for processing your personal data within the meaning of Art. 4 No. 7 GDPR:

    IBIS Service GmbH & Co. KG
    Ladestraße 8
    15834 Rangsdorf
    Telephone number: +49 (0)33708 93 10 – 0

    For further information about our company, please see the legal notice on our website

    If you have any questions about data protection, you can contact us at any time wenden.

    2. Legal basis for data processing

    Processing of personal data is only permitted if the data processing falls under one of the following justifications. Our processing takes place on (at least) one of the following legal bases:

    – Art. 6 Paragraph 1 Sentence 1 Letter a GDPR (“Consent”): The data subject voluntarily, informedly and unambiguously states, by means of a statement or other clear confirmatory action, that he or she consents to the processing of data concerning him or her consents to personal data for one or more specific purposes;

    – Art. 6 Paragraph 1 Sentence 1 Letter b GDPR: necessary for the performance of a contract to which the data subject is a party or to carry out pre-contractual measures at the request of the data subject;

    – Art. 6 Paragraph 1 Sentence 1 Letter c GDPR: is necessary to fulfill a legal obligation to which the controller is subject (e.g. a statutory retention obligation);

    – Art. 6 Paragraph 1 Sentence 1 Letter d GDPR: to protect the vital interests of the data subject or another natural person;

    – Art. 6 Paragraph 1 Sentence 1 Letter e GDPR: for the performance of a task that is in the public interest or in the exercise of official authority that has been delegated to the person responsible or

    – Art. 6 Paragraph 1 Sentence 1 Letter f GDPR (“Legitimate Interests”): to protect legitimate (particularly legal or economic) interests of the person responsible or a third party, unless the conflicting interests or rights of the person concerned outweigh them. 

    Storage of information in the end user's terminal equipment or access to information already stored in the end equipment is only permitted if covered by one of the following justifications:

    – Section 25 Para. 1 TTDSG: If the end user has consented on the basis of clear and comprehensive information. Consent must be given in accordance with Article 6 Paragraph 1 Sentence 1 Letter a GDPR;

    – Section 25 Paragraph 2 No. 1 TTDSG: If the sole purpose is to carry out the transmission of a message via a public telecommunications network or

    – Section 25 Para. 2 No. 2 TTDSG: If storage or access is absolutely necessary so that the provider of a telemedia service can provide a telemedia service expressly requested by the user.

    3. Data deletion and storage period

      The personal data of the data subject will be deleted or blocked as soon as the purpose of storage no longer applies. Storage can also take place if this has been provided for by the legislature in regulations, laws or other regulations to which the person responsible is subject. The data will also be blocked or deleted if a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data to conclude or fulfill a contract. 

      4. Recipients of data

        If we nevertheless transmit your data to third parties or otherwise grant them access to the data, this will also be done exclusively on the basis of one of the legal bases mentioned.

        The following categories of recipients, who are usually processors, may have access to your personal data:

        – Service providers for operating our website and processing the data stored or transmitted by the systems (e.g. for data center services, payment processing, IT security). The legal basis for the transfer is then Article 6 Paragraph 1 Sentence 1 Letter b or Letter f GDPR, unless it concerns contract processors;

        – State bodies/authorities, to the extent this is necessary to fulfill a legal obligation. The legal basis for the transfer is then Article 6 Paragraph 1 Sentence 1 Letter c GDPR;

        – Persons employed to carry out our business operations (e.g. auditors, banks, insurance companies, legal advisors, supervisory authorities, parties involved in company acquisitions or the establishment of joint ventures). The legal basis for the transfer is then Article 6 Paragraph 1 Sentence 1 Letter b or Letter f GDPR.

        In addition, we will only pass on your personal data to third parties if you have given your express consent to do so in accordance with Article 6 Paragraph 1 Sentence 1 Letter a GDPR.

        When selecting recipients of data, we rely on European companies wherever possible. Data will only be transferred to a third country if the special requirements of Article 44 ff. GDPR are met. Processing may therefore only take place on the basis of special guarantees, such as so-called “standard contractual clauses” or, in individual cases, consent.

        5. Data processing in detail

          Unless anything specific is described below regarding the processing, the general statements in this data protection notice apply.

          5.1 Website

            Type and scope of data processed

            You can find information about our company and the services we offer at including the associated subpages (hereinafter collectively: “websites”). When you visit our websites, your personal data may be processed.

            When you use the websites for information purposes, we collect, store and process the following categories of personal data:

            “Log data”: When you visit our websites, a so-called log data record (so-called server log files) is stored temporarily and anonymously on our web server. This consists of: 

            – the page from which the page was requested (so-called referrer URL)

            – the name and URL of the requested page

            – the date and time of the call

            – the description of the type, language and version of the web browser used

            – the IP address of the requesting computer, which is shortened so that a personal reference can no longer be established

            – the amount of data transferred

            – the operating system

            – the message as to whether the call was successful (access status/Http status code)

            – the GMT time zone difference

            “Contact form data”: When using contact forms, the data transmitted is processed (e.g. gender, last name and first name, address, company, email address and the time of transmission).

            Legal basis

            The processing is based on Art. 6 Paragraph 1 Sentence 1 Letter f GDPR. The processing of the log data serves statistical purposes and to improve the quality of our website, in particular the stability and security of the connection (legal basis is Art. 6 Para. 1 Sentence 1 lit. a or lit. f GDPR). Contact form data is processed to process inquiries (legal basis is Art. 6 Para. 1 Sentence 1 Letter b or Letter f GDPR).

            If the processing of the data requires the storage of information in your end device or access to information that is already stored in the end device, Section 25 Paragraph 1, 2 TTDSG is the legal basis for this.

            5.2 Use of cookies, plugins and other services on our website

              Type and scope of data processed

              We use cookies on our websites. Cookies are small text files that are assigned and stored on your hard drive by the browser you are using using a characteristic string and through which certain information flows to the place that sets the cookie. Cookies cannot run programs or transmit viruses to your computer and therefore cannot cause any harm. They serve to make the Internet offering more user-friendly and effective overall, i.e. more pleasant for you.

              Cookies can contain data that makes it possible to recognize the device used. In some cases, cookies only contain information about certain settings that are not personally identifiable. However, cookies cannot directly identify a user. 

              A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond the individual session. In terms of their function, cookies are differentiated between:

              – Technical cookies: These are essential to move around the website, use basic functions and ensure the security of the website; they do not collect information about you for marketing purposes or remember which websites you have visited;

              – Performance cookies: These collect information about how you use our website, which pages you visit and, for example, whether errors occur when using the website; they do not collect any information that could identify you - all information collected is anonymous and is only used to improve our website and find out what interests our users;

              – Advertising cookies, targeting cookies: These serve to offer the website user tailored advertising on the website or offers from third parties and to measure the effectiveness of these offers; Advertising and targeting cookies are stored for a maximum of 13 months;

              – Sharing cookies: These serve to improve the interactivity of our website with other services (e.g. social networks); Sharing cookies are stored for a maximum of 13 months.

              Legal basis

              The legal basis for cookies, which are absolutely necessary to provide you with the expressly requested service, is Section 25 Paragraph 2 No. 2 TTDSG. Any use of cookies that is not absolutely technically necessary represents data processing that is only permitted with your express and active consent in accordance with Section 25 Paragraph 1 TTDSG in conjunction with Art. 6 Paragraph 1 Sentence 1 Letter a GDPR is. This applies in particular to the use of performance, advertising, targeting or sharing cookies. In addition, we only pass on your personal data processed through cookies to third parties if you have given your express consent in accordance with Article 6 Paragraph 1 Sentence 1 Letter a GDPR have given for this.

              Cookie Policy

              For more information about which cookies we use, how long we store them, etc., please see our Cookie Policy

              5.3 Tracking

                Type and scope of data processed

                For the purpose of finding and analyzing errors, evaluating usage and deriving measures for the future development of our website, we process your data using the local analysis software Burst Statistics, WordPress.

                Burst Statistics sets a cookie on your device that can be used to recognize your browser. If subpages of our website are accessed, the following information is stored:

                • the user's IP address, shortened by the last two bytes (anonymized),
                • the subpage accessed and time of access,
                • the page from which the user came to our website (referrer),
                • which browser is used with which plugins, which operating system and which screen resolution,
                • the time spent on the website,
                • the pages that are accessed from the subpage accessed.

                Since this service is a local analysis tool, no personal data is passed on to the service provider or third parties. For more information, see Privacy Statement (AU) – Burst Statistics (

                Legal basis

                The legal basis for data processing is the legitimate interest in accordance with Article 6 (1) (f) GDPR to improve the quality of our website and its content. This tells us how the website is used and allows us to continually optimize our offering.

                5.4 Google Maps

                  Type and scope of data processed

                  On this website we use Google Maps. Google Maps is operated by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (hereinafter “Google”). This allows us to show you interactive maps directly on the website and enables you to easily use the map function.

                  Further information about data processing by Google can be found in the Google data protection information: Dort können Sie auch Ihre persönlichen Datenschutz-Einstellungen verändern.

                  By visiting the website, Google receives information that you have accessed the corresponding subpage of our website. This occurs regardless of whether Google provides a user account through which you are logged in or whether there is no user account. If you are logged in to Google, your data will be assigned directly to your account. If you do not want your profile to be assigned to Google, you must log out of Google before activating the button.

                  Google saves your data as usage profiles and uses them for advertising, market research and/or needs-based design of its own websites. You can exercise your right to object to the creation of these user profiles by Google.

                  Legal basis

                  The legal basis for data processing is the legitimate interest in accordance with Article 6 (1) (a) GDPR; we ask for your consent.

                  6. No automated decision making (including profiling)

                    We do not intend to use personal data collected from you for any automated decision-making process (including profiling).

                    7. No obligation to provide personal data

                      We do not make the conclusion of contracts with us dependent on you first providing us with personal data. In principle, there is no legal or contractual obligation for customers to provide us with personal data; However, it may be that we can only provide certain offers to a limited extent or not at all if you do not provide the necessary data. If this is exceptionally the case with the products we offer presented below, you will be informed of this separately.

                      8. Rights of those affected

                        You can assert your rights as a data subject regarding your processed personal data against us at any time. As a data subject, you have the right:

                        – in accordance with Art. 15 GDPR, to request information about your data processed by us. In particular, you can obtain information about the purposes of processing, the category of data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or objection, and the existence of a right to lodge a complaint , request the origin of your data, if it was not collected by us, as well as the existence of automated decision-making including profiling and, if necessary, meaningful information about its details;

                        – in accordance with Art. 16 GDPR, to immediately request the correction of incorrect data or the completion of your data stored by us;

                        – in accordance with Art. 17 GDPR, to request the deletion of your data stored by us, unless the processing is carried out to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims is required;

                        – in accordance with Art. 18 GDPR, to request the restriction of the processing of your data if you dispute the accuracy of the data or the processing is unlawful;

                        – in accordance with Art. 20 GDPR, to receive your data that you have provided to us in a structured, common and machine-readable format or to request its transmission to another person responsible (“data portability”);

                        – to object to the processing in accordance with Art. 21 GDPR, provided that the processing takes place on the basis of Art. 6 Paragraph 1 Sentence 1 Letter e or Letter f GDPR. This is particularly the case if the processing is not necessary to fulfill a contract with you. Unless it is an objection to direct advertising, when exercising such an objection we ask you to explain the reasons why we should not process your data as we do. In the event of your justified objection, we will examine the situation and will either stop or adjust the data processing or show you our compelling legitimate reasons on the basis of which we continue the processing;

                        – in accordance with Art. 7 Para. 3 GDPR, your consent given once (also before the GDPR came into force, i.e. before May 25, 2018) - i.e. your voluntary, informed and unambiguous will made clear through a statement or other clear confirmatory action that you agree to the processing of the personal data in question for one or more specific purposes - to revoke your consent to us at any time, if you have given such consent. This means that we are no longer allowed to continue the data processing based on this consent in the future

                        – in accordance with Art. 77 GDPR, to complain to a data protection supervisory authority about the processing of your personal data in our company.

                        9. Changes to the data protection notice

                          As data protection law develops and technological or organizational changes occur, our data protection information is regularly checked for any need for adjustments or additions. This data protection notice is current as of June 2024