Skip navigation

emlix data protection declaration

The protection of your data is one of the most important business principles of emlix GmbH. With this data protection declaration we would like to inform you about the type and extent as well as the purpose of the person-related data collected, used and processed by us in compliance with the valid legislation.

When processing the data, we strictly observe the legal requirements of the respectively valid General Data Protection Regulation and the Telemedia Act. The type and extent of the data storage depends on whether you use our website to obtain information, to register for services, to investigate the possibility of a business relationship with us or start such a relationship.

In the following, we would like to inform you as a user of our website, as an existing or prospective business partner, about your rights, and give you an overview of the processing of person-related data in relation to the use of our website and services.

1. General information

1.1 Name, address and contact details of those responsible

Responsible according to the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG) as well as all other data protection legislation is:

emlix GmbH
Gothaer Platz 3
37083 Göttingen

Telephone: +49 (0)551 / 30664 -0

1.2 Principles of data processing

In principle, we process the person-related data of our users only when this is necessary in order to provide our website, contents, products and services. Data processing takes place only with the consent of the user.

An exception is made in such cases in which obtaining consent in advance is not possible for valid reasons and the processing of the data is allowed according to the provisions of valid legislation. 

1.3 Security and quality of the stored data

emlix protects your person-related data. We have set up suitable technical and administrative security measures according to the current standard of technology to protect person-related data from loss or destruction as well as the access and use or manipulation by unauthorized persons. For example, data is transmitted and stored in encrypted form when it is sent to us via the internet.

We also demand that our suppliers and service partners also protect the stored data from unauthorized access or use.

1.4 Purpose of processing person-related data

The collection and processing of data and information has the purpose of enabling communication and the initiation of contact with the users of our website, interested parties, customers, partners, suppliers and job applicants. This relates in particular to the initiation, performance, support and maintenance of business relationships.

In this connection, we process person-related data for the following purposes: making available of information about our services and products as well as supplementary services; market analyses; marketing campaigns; initiation, performance, invoicing and booking of contractual business relationships; support and maintenance activities; guaranteeing the protection of our services and products; determination and elimination of fraud and security risks; clarification and solving of (legal) conflicts with the enforcement of valid contracts and the securing and defence of legal entitlements.

1.5 Legal basis for processing person-related data 

We process person-related data according to the GDPR after receiving your consent for the fulfilment of pre-contractual measures and contractual obligations, for marketing purposes and to comply with legal regulations such as notification obligations, and also for the protection of legitimate interests of ours or third parties in the context of the consideration of interests according to the GDPR. This includes, for example, the guaranteeing of our IT security, measures for customer loyalty and measures for building security (e.g. access controls).

1.6 Storage duration of person-related data

Person-related data is stored and processed by us for the time period necessary to achieve the purpose of the processing or when this is a legal requirement. As a rule, this is the duration of contract fulfilment or contract initiation.

Furthermore, we are subject to obligations for the storage of person-related data for specific storage periods derived from trade and tax legislation according to general fiscal law (Abgabenordnung, AO), the German Commercial Code (Handelsgesetzbuch, HGB) as well as storage periods derived from other legislation.

Data from job applications is stored for a maximum of six months. Data from the video surveillance in the entry areas of our offices is deleted automatically after seven days.

1.7 Automated decisions and profiling

Automated decisions or profiling are not carried out by emlix. 

2. Website

2.1 Visiting our website

When you call up our website under data is automatically sent from your internet browser to our web server: date and time, information on the browser in use, browser settings, the operating system in use, the quantity of data transferred as well as the access status (file transferred, file not found etc.). In addition, your IP address is transmitted. All the data is stored in a so-called log-file on our web server.

2.2 Download of documents from our website

If you call up documents (for example in PDF format) on our website, our web server automatically stores the date and file name of the download in addition to the visit data.

2.3 Use of our contact form on our website

For making content directly, we offer a contact form on our website. When using this form, you have to enter the following data: name, company, e-mail address and your message. On our contact form, entries that we need for processing are marked as mandatory fields. Other entries are optional.

2.4 Use of cookies on our website

When our website is called up, cookies are transmitted. These are small text files, which are stored on the computer of the user. Through the cookie ID contained in them, the browser can be identified.

Cookies are a necessary precondition for some, more user-friendly, services of our website. As a user, you can deactivate the storage of cookies in your browser and delete cookies that have already been transmitted. Furthermore, you can configure your browser so that you are notified when a website attempts to set a cookie.

2.4.1 Evaluation of access to our website 

When you use our website, a cookie is set via your browser in order to collect and analyse statistical data about the use of our website. Our web analysis tool collects and stores data for the purpose of optimizing our website marketing.

In the context of the analysis of the user data from our website we obtain information on person-related data such as IP address, date and time, information on the browser in use, browser settings, the operating system in use, the most recently visited website (origin or referrer URL), the volume of data transferred as well as the access status (file transmitted, file not found etc.) of the user.

This enables us to obtain information about the origin of the users and their movements through our website. Using this data, pseudonymized user profiles and reports are created in order to understand the activity on our website. This data is stored by us. It is not passed on to third parties.
We do not combine the information obtained in this way with person-related data or with other data. The web analysis tool is operated only on our server and log-files sensitive to data protection legislation are only stored on our server.

As a user, you can permanently refuse the placement of cookies by our website through appropriate settings in your browser. Furthermore, a cookie that has already been placed can be deleted at any time using the settings in your browser or alternative software.

2.4.2 Verwendung von Google Ads Conversion-Cookies

We place advertisements using Google Ads in the Google search services. The company operating Google Ads is Google Inc. If you access our website via a Google advertisement, a conversion cookie is transmitted.
With the help of this cookie, we and Google can determine whether users have accessed our website directly via an AdWords advertisement. This information is transmitted to servers of Google in the USA, where it is stored. A conversion cookie loses its validity automatically after 30 days. It does not serve to identify the user.

You can find the data protection provisions of Google at You can refuse the use of interest-related advertisements by Google. To do this, please access the link and make the necessary settings there.

2.5 Google Maps

On our website we use Google Maps API (Operator: Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) as a map service.

To use this service data can be transmitted to a Google server and stored in the USA. These data include information about your visit to our website as well as your IP address. We have no influence on the data transmission.

We use this service to display geographical locations on our website in a helpful way. This is a legitimate aim according to Art. 6 para. 1 lit. f GDPR.

For further information on data collection by Google please go to:

2.6 Social Media Plugins

On our website we use social media plugins from ShareThis (Operator: ShareThis Inc., 3000 El Camino Real, 5 Palo Alto Square, Suite 150, Palo Alto, CA 94306, USA). Users can share content on social networks with these plugins. You can identify the plugins by the logo of the corresponding network.

ShareThis collects data about the surfing and sharing behavior of users on websites using their plugins. These data are used to deliver targeted online advertising to users. They are being stored for up to 13 months for targeted advertising and up to 48 months for analytical purposes after data collection. ShareThis does not use these data to identify individual persons.

For further information on data collection by ShareThis and your rights please go to:

The used plugins are for the following social networks:

  • LinkedIn (Operator: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland)
  • Twitter (Operator: Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA)
  • Xing (Operator: XING SE, Dammtorstrasse 30, 20354 Hamburg, Germany)

If you are logged in to one of these social networks, information about your visit to our website can be associated with your user account with these plugins. If you do not want this information to be associated with your account, you have to log out of the social network before visiting our website.

If you share content with the above-mentioned plugins, information is transmitted to the corresponding network. The shared post will be published on the platform and shown to your contacts.

We have no influence on the data collection by these social networks. For further details on data collection as well as your rights please go to the following websites:

2.7 Links to third parties from our website

The information offered on our website possibly includes content linked with the websites of third parties, thereby referencing them. At the time these references (links) were set up, we could not identify any infringements of valid legislation on these pages. We have no control of, no influence on and no access to content, cookies or other functions of these third-parties. As a user, you can contact these third parties directly and view their data protection declarations.

3. Inquiries regarding information or orders

For the processing of inquiries by letter, fax, e-mail or telephone regarding our services and products as well as the provision of support services, we record the information that we require for the processing: name and business contact data as well as the inquiry itself.

4. E-mail contact with employees of our customers as well as partners and suppliers 

In order to perform our contractual obligations and our services for customers and partners as well as when working together with our suppliers, we record the information that we require for the processing: name and business contact data, position, information on the services performed as well as the invoicing data.

5. Visits of customers and suppliers to our business premises

For visits to our business premises we record the information that is necessary for the visit: name and business contact data, position and information on the visit. For the protection of people and property, we use video surveillance in the access areas of our business premises.

6. Use of our development services

The use of our development services and other services requires that you are registered as a user within the framework of a current business relationship. With the registration you will be asked to provide the following data: first name, surname, e-mail address and SSH-key. When logging in as a registered user, access data (login name, time) and your IP-address are recorded in the protocol file(s) on our server.

7. Transmission of information relating to job applications

For the processing of applications provided by post or e-mail we receive person-related data from you. We store only the information that we need for the completion of the application procedure: this may include name, address and contact data, information on education and professional qualifications, further training and other information that we have received from you in connection with your application.

If we conclude an employment contract with an applicant, we record the data that we require for the fulfilment of the employment relationship. If no employment contract is concluded, applications are deleted two months after the rejection is communicated. If those responsible for processing have a legitimate interest in not deleting the application, then deletion does not take place immediately. A legitimate interest could, for example, be an obligation to provide evidence in a court case in relation to the General Equal Opportunities Act (Allgemeinen Gleichbehandlungsgesetz, AGG).

8. Web conferences

We use the video conference software "GoToMeeting" (LogMeIn, Inc., 320 Summer Street, Boston, MA 02210, USA) for online meetings, workshops and seminars.

You can find our data protection declaration for web conferences here

9. Transmission of data

9.1 Transmission of data to contracted data processors 

We do not sell any person-related data, nor do we transfer it to third parties for the purpose of marketing or advertising.
The transmission of person-related data takes place to service providers used by us (contracted processors). This can include, for example, computing centre operators, credit institutes, tax accountants, financial and payroll bookkeepers, lawyers and other service providers.

The security of the transmitted person-related data is guaranteed through the conclusion of agreements on contracted data processing under observation of the valid provisions of the data protection legislation. We only transfer data to other third parties when this is necessary for the purpose of data processing and you have given your consent to this transfer of data.

We can often only provide our services and products in cooperation with other companies and service providers. For this purpose, in the context of the initiation or performance of business it is necessary that all participating partners have the same level of information and knowledge.
We therefore transfer information and contact data to partner companies and suppliers, under observation of the data protection legislation and the confidentiality agreements concluded, when in individual cases this is necessary within the framework of the initiation of business or the carrying out of a business relationship.

Furthermore, we pass on person-related data when we are obligated to do so by law, judicial or criminal investigations or a court order.

9.2 Transmission of data to countries outside the EU

We transmit person-related data to states outside the EU only in exceptional cases and under observation of the respective legal provisions and guarantee appropriate protection of the person-related data according to the level of protection in Germany. This applies, for example, to the use of Google Ads (conversion cookies).

10. Your rights

Every person affected by the processing of person-related data has rights that have been allocated by legislative authorities: you can demand information about your person-related data processed by us; demand the correction of incorrect data; demand the completion of incomplete data; demand the deletion of your data (right to be forgotten); under certain conditions you can demand a limitation of the processing of your data and you can demand to receive your data from us in a structured, accessible and machine-readable format.

Furthermore, you can withdraw consent you have given to our processing of your person-related data at any time and with effect for the future. This also applies if you gave your consent before 25th May 2018. This does not apply to storage and processing of data that is necessary for legal reasons.

You also have the right to contact a regulatory authority in order to complain if you are of the opinion that we have violated valid legislation in the processing of your person-related data.

11. Changes to this data protection declaration

Changes to our offer of information services as well as changes to the law and regulations from authorities can make it necessary to update this data protection declaration.

Under observation of the respectively valid provisions of the data protection legislation, we reserve the right to change or make additions to this data protection declaration at any time. 

12. Questions on data protection at emlix

If you have questions or comments regarding this data protection declaration, or on the theme of data protection in general, or if you want to make use of your rights to refusal or withdrawal, it is sufficient to send an e-mail to You can also contact us by post at the above address.

Updated: September 2021