Privacy Policy

We process your data always in accordance with the legal regulations, in particular with the German Telemedia Act, the Regulation (EU) 2016/679 General Data Regulation (GDPR) of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data, and on the free movement of such data and repealing Commission Directive 95/46/EG (Basic Regulation on data protection) and in accordance with the German Federal Data Protection Act, as far as this still applies.


(1) This data privacy statement gives an overview, which information is collected or stored when you visit our website and how it is used. This statement also explains how to verify the accuracy of the personal information we hold about you and how to delete, block or update such personal information in our database.

(2) Basically, we process personal data of our users only insofar as this is necessary for a functioning website and for our content and services. Further uses are listed in the following regulations. The processing of personal data of our users takes place only with the consent of the use regularly. An exception applies, if it is not possible to obtain prior consent for factual reasons and data processing is permitted by law.

(3) Legal basis for processing of personal data

Insofar as we obtain the consent of the data subject for processing of his or her personal data, Art. 6 (1) (a) GDPR is the legal basis.

In the processing of personal data necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) (b) GDPR is the legal basis. This also applies to processing operations, which are necessary for the implementation of pre-contractual measures.

Insofar as data processing is necessary for compliance with a legal obligation, Art. 6 (1)(c) GDPR is legal the basis.

In case data processing is necessary in order to protect the vital interests of the data subject or of another natural person, Art. 6 (1) (d) GDPR is the legal basis.

If processing is necessary to safeguard the legitimate interests of our company or a third party and interests or fundamental rights and freedoms of the data subject do not override the former interest, Art. 6 (1) (f) GDPR is the legal basis for the data processing.

(4) Erasure of personal data and storage period

The personal data of the data subject will be deleted or blocked as soon as the purpose of the storage is omitted. In addition, such storage may be provided because the European or national legislator set such in EU regulations, laws or other regulations to which the controller is subject. Blocking or deletion of the data also takes place when a storage period prescribed by the regulations mentioned expires, unless there is a need for further data storage for conclusion of a contract or performance of the contract.

Due to legal requirements, especially for tax purposes, we may be obliged to store your data beyond the period of your use of our website. However, we will only store the data to the extent required, taking into account the statutory provisions.

(5) Transfer of personal data

If your data is transferred to other companies or subcontractors, this will only be done in compliance with the present data protection regulations and the statutory provisions as well as to fulfil the contractual obligations, e.g. the provider can see corresponding statistical data, if necessary.

Your personal data will not be transferred to third parties outside the company without your explicit consent. External service providers, who process data on our behalf, are contractually obliged. These service providers are especially prohibited from using your data for other than the original underlying purposes.

We will provide third parties with further data than provided by you, in particular to such data you have made available to us just for handling of the contract for internal purposes, only in case of a corresponding statutory obligation or to safeguard legitimate interests.

(6) Data storage location

Your data will be processed on servers located in Germany and thus within the scope of the EU level of data protection. We must point out any exemptions according to no. 3 of these regulations.


(1) If you just visit our website, we only save access data within so-called server log files. This is data your browser makes transmits without any personal connection.

- Browser type and browser version
- Operating system used
- Referrer-URL (previously visited website)
- Websites accessed by the user's system through our website
- the user’s internet service provider
- Host name of the accessing computer (IP address)
- Date and time of the server access

We are not able to assign these data to specific persons. A collection of this data with other data sources is not done, the data also is deleted after a statistical evaluation. For this purpose, the user's access to our websites, including the IP address, is stored in the server log files. These log files are prepared monthly for statistical evaluations with an analysis software and then deleted. It is not possible for us to draw conclusions concerning a certain person when using the data.

(2) The legal basis for this data processing is Art. 6 (1)(f) GDPR. On the one hand, legitimate interests arise from the need to present and optimize the content of the website in a technically correct manner. Furthermore, the data collection is necessary to ensure the functionality of the website in case of attacks by third parties and to allow prosecution of such attacks.

(3) The temporary storage of the IP address by the system is necessary to enable the delivery of the website to the user’s computer. Therefore, the user's IP address must be stored for the duration of the session. In these purposes, our legitimate interest of data processing is justified in the sense of Art. 6 (1) (f) GDPR.

(4) The data will be deleted as soon as it is no longer necessary for the purpose it was collected for. In case of data collection for providing the website, this is the case when the respective session is completed.

(5) The data collection for providing the website and the storage of the data in log files is essential for the operation of the website. As a result, the user has no possibility to object.


(1) Legitimate Interest

The use of the third-party plug-ins mentioned below has been checked in terms of data protection law and is based on Art. 6 (f) GDPR in order to safeguard legitimate interests and to improve our website.

(2) Web analysis by Matomo (formerly PIWIK)

1. Scope of personal data processing

On our website we use the open-source software tool Matomo (formerly PIWIK) to analyse the browsing behavior of our users. The software sets a cookie on the computer of the users (for cookies please see above). If individual pages of our website are entered, the following data is stored:

(1) Two bytes of the IP address of the system of the user which calls up the website
(2) The website called
(3) The website from which the user reaches the website being accessed (Referrer)
(4) The subpages which are called from the accessed website
(5) The length of stay on the website
(6) The frequency of accessing the website

The software runs exclusively on the servers of our website. A storage of personal data of the users only takes place there. There is no transfer of the data to third parties.

The software is set up so that the IP addresses are not completely stored but 2 bytes of the IP address are masked (e. g. Thus, it is no longer possible to assign the shortened IP address to the calling computer.

2. Legal basis for processing of personal data

Legal basis for processing personal data of users is Art. 6 (1) (f) GDPR.

3. Purpose of data processing

The processing of personal data allows us to analyse the browsing behavior of our users. By analysing the obtained data, we are able to compile information about the use of the individual components of our website. This helps us to constantly improve our website and its user-friendliness. In these purposes, our legitimate interest of data processing is justified in the sense of Art. 6 (1) (f) GDPR. The anonymisation of the IP address sufficiently takes into account the interest of users in the protection of their personal data.

4. Storage period

The personal data be deleted as soon as the recording purpose of the storage is omitted. In our case, after three years.

5. Opposition and disposal possibility

Cookies are stored on the user’s computer and transferred to our website from there. Therefore, you as a user, have full control over the use of cookies. By changing the settings of your internet browser, you can disable or restrict the transmission of cookies. Saved cookies can be deleted at any time. This also can be done automatically. If cookies are disabled for our website, it may not be possible to fully use all the functions of the website.

Our users have the possibility of opting out of the analysis process on our website. For this you may follow the appropriate link. In this way, another cookie is set on your system to send a signal to the system not to save the data of the user. If the user deletes the corresponding cookie in the meantime from his own system, he has to set the opt-out cookie again.

For further information on the privacy settings of the Matomo software, see the following link:

(3) Vimeo

For the integration of videos we use, among others, the provider Vimeo. This service is provided by Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.

On some of our websites we use plugins the provider Vimeo. If you call up the websites of our web presence provided with such a plugin - for example our media library - a connection to the Vimeo servers will be established and the plugin will be displayed. Thus, the Vimeo server will receive the information, which of our websites you have visited. If you are logged in as a member of Vimeo, Vimeo assigns this information to your personal profile. When using the plugin such as clicking the start button of a video, this information is also associated to your user profile. You can prevent this assignment by logging out of your Vimeo account and by deleting the corresponding cookies from Vimeo.

For further information about data processing and privacy by Vimeo, see

(4) YouTube

Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

If you visit one of our pages featuring a YouTube plugin, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited.

If you're logged in to your YouTube account, YouTube allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.

YouTube is used to help make our website appealing. This constitutes a justified interest pursuant to Art. 6 (1) (f) GDPR.

Further information about handling user data, can be found in the data protection declaration of YouTube under

(5) Google Maps

This website uses the product Google Maps by Google Inc. By using this website, you consent to the collection, processing and use of the automatically collected data by Google Inc, its agents and third parties.

You can find the Terms of Service of Google Maps under


(1) Our website uses cookies. Cookies are text files that are stored in the Internet browser or rather on the Internet browser on the user's computer system. When a user visits a website, a cookie may be stored on the user's operating system. This cookie contains a characteristic string that allows the browser to be uniquely identified when the website is reopened.

(2) There are cookies which will be deleted after the end of the browser session (so-called session ID cookies). The cookies are used for the purpose of authorization, identification and obtaining specific information such as information on whether you wish to remain logged in. After one hour the cookies will be automatically deleted.

(3) The user data collected in this way will be pseudonymised by means of technical precautions. Therefore, an assignment of the data to the calling user is no longer possible. The data will not be stored together with other personal data of the user.

(4) While accessing our website, the users are informed about the use of cookies for analysis purposes by an information banner and will be referred to this privacy policy or, if necessary, consent to the processing of personal data in connection with cookies is obtained. In that regard, there is also an indication of how the storage of cookies in the browser settings can be prevented.

(5) If cookies are stored on your PC additionally, you have control over whether and when these cookies are deleted. Please use the corresponding function in your browser.

(6) With most Internet browsers, you can delete cookies from your hard disk, lock them, or receive a warning before a cookie is deposited. You can set your browser so that you are informed about the setting of cookies, you can decide on a case-by-case basis, or you can preclude the general acceptance of cookies. The non-acceptance of cookies may limit the functionality of our website. Please refer to the user manual of your browser or the manufacturer of the browser for information regarding how to set the programs accordingly.

(7) Only with your prior consent we will associate such automatically stored information with the personal data that you have provided to us previously (for example, during the registration) on our websites.

(8) The utilization of data from set cookies is done on the basis of Art. 6 f) GDPR for the protection of legitimate interests, whereas we assume that your interests, fundamental rights and freedoms are not restricted by this, as personal data is neither gained by us nor by third parties. Additionally, it is basically statistical data adjusted to your user behavior and, if necessary, other factors are revealed, but not data that may lead to an individual identification.


(1) We secure our websites and the connected systems against loss, destruction, access, modification or dissemination of your data by unauthorized persons by technical and organizational measures.

(2) You should always keep your access information confidential and close the browser window, when you have stopped using it, to prevent misuse of your account, especially if you share the computer with others.

(3) We are not liable for the content of other providers, which can be reached via the hyperlinks on our websites. Links on our website refer to content that is not stored on our own servers. External content was checked for links for illegality and criminal liability. Nevertheless, it can’t be ruled out that content will be changed by vendors afterwards.


(1) For the processing of the data, your consent is obtained during the submission process and reference is made to this privacy policy.

(2) Alternatively, contact via the provided e-mail address is possible. In this case, the user's personal data transmitted by e-mail will be stored.

(3) In this context, there will be no disclosure of the data to third parties. The data is used exclusively for processing the conversation.

(4) Legal basis for the processing of the data is Art. 6 para. 1 lit. a GDPR in case of consent of the user.

(5) The legal basis for the processing of the data transmitted in the course of sending an e-mail is article 6 (1) lit. f GDPR. If the e-mail contact aims to conclude a contract, then additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

(6) The processing of the personal data from the input mask serves us only for processing the contact. In the case of contact via e-mail, this also includes the required legitimate interest in the processing of the data.

The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

The data will be deleted as soon as it is no longer necessary for the purpose of its collection. For the personal data from the input form of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the relevant facts have been finally clarified.

(7) Additional personal data collected during the sending process will be deleted at the latest after a time period of seven days.

(8) The user has the possibility to give his consent to the processing of the personal data by means of communication by e-mail or post to the responsible office (see below) at any time. If the user contacts us by e-mail, he can object to the collection of his personal data at any time. In this case, the conversation cannot be continued. All personal data collected in the course of contacting us will be deleted in this case.


(1) If you wish to receive the newsletter offered on the website, we require an e-mail address from you, as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agreed to receive the e-mail newsletters. Further data is not collected. We use this data exclusively for the delivery of the requested information and do not pass it on to third parties.

(2) You may revoke your consent to the storage of the data, the e-mail address and its use for sending the newsletter at any time, for example via the "unsubscribe" link in the newsletter.

(3) The legal basis for the processing of the data after registration for the newsletter by the user is in the presence of a consent Art. 6 para. 1 lit. a GDPR.

(4) The data will be deleted as soon as they are no longer necessary for the purpose of their collection. The e-mail address of the user is therefore stored as long as the subscription to the newsletter is active.


(1) Depending on the current design of the website and the offer, we offer our users the opportunity to register on our website by providing personal information. The data is entered into an input mask, transmitted to us and stored. A transfer of data to third parties does not take place. The registration will only collect the data necessary for the purpose of the registration.

(2) As part of the registration process, the consent of the user to process this data is obtained. Legal basis for the processing of the data is the presence of the consent of the user Art. 6 para. 1 lit. a GDPR. If the registration serves the fulfillment of a contract of which the user is a party or the implementation of pre-contractual measures, an additional legal basis for the processing of the data is Art. 6 para. 1 lit. b GDPR.

(3) The registration is required for the provision of certain contents and services as well as for the fulfillment of a contract with the user, or for the execution of pre-contractual measures.

(4) The data will be deleted as soon as the purpose of their collection is no longer necessary.

(5) As a user, you have the option of canceling the registration at any time. You can change the data stored about you at any time.


This website uses SSL encryption for safety matter as well as to protect the transfer of confidential data like contact inquiries you send to us. An encrypted connection can be identified by a symbolized lock in the address-bar of your browser as well as by the address being “https://” instead of “http://”.

If SSL is activated, data may be transferred without third parties being abled to read this data.


If your personal data is processed, you are ‘data subject’ as laid down in GDPR and you have following rights to the controller:

a. Right of access

You may ask the controller to confirm if your personal data is processed by us.

If so, you can request details about following information from the controller:

(1) the purposes of processing;

(2) the categories of personal data concerned;

(3) the recipients or categories of recipient to whom your personal data have been or will be disclosed

(4) the envisaged period for which the personal data will be stored, or, if specific information is not possible, the criteria used to determine that period;

(5) the existence of the right to request from the controller rectification or erasure of your personal data or restriction of processing of your personal data or to object to such processing;

(6) the right to lodge a complaint with a supervisory authority;

(7) any available information as to their source; where the personal data are not collected from the data subject;

(8) the existence of automated decision-making, including profiling, referred to in Art. 22(1) GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

You have the right to request information, if your personal have been transferred to third countries or international organisations. In this connection, you can request the appropriate guarantees in accordance with. Art. 46 GDPR in connection with the transfer.

b. Right to rectification

You have the right to obtain the rectification and/or completion of inaccurate or incomplete personal data concerning you. The controller has to make the rectification without undue delay.

c. Right to restriction of processing

Under the following conditions you have the right to obtain from the controller restriction of processing of personal data concerning you:

(1) if you contest accuracy of the personal data, for a period enabling the controller to verify the accuracy of the personal data;

(2) if processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;

(3) if the controller no longer needs the personal data for the purposes of the processing, but you require them for the establishment, exercise or defence of legal claims;

(4) if you have objected to processing pursuant to Art. 21(1) GDPR pending the verification whether the legitimate grounds of the controller override yours.

Where processing of your personal data has been restricted, such personal data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.

If you have obtained restriction of processing pursuant to the above-mentioned conditions, you will be informed by the controller before the restriction of processing is lifted.

d. Right to erasure (‘right to be forgotten’)

Erasure obligations

You have the right to obtain from the controller the erasure of personal data concerning you without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:

(1) Your personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;

(2) You withdraw consent on which the processing is based according to Art. 6(1) (a) GDPR, or Art. 9(2) (a) GDPR, and where there is no other legal ground for the processing;

(3) You object to the processing pursuant to Art. 21(1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21(2) GDPR;

(4) Your personal data have been unlawfully processed.

(5) Your personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;

(6) Your personal data have been collected in relation to the offer of information society services referred to in Art. 8(1) GDPR.

Information to third parties

Where the controller has made the personal data public and is obliged pursuant to Art. 17 (1) GDPR to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.


There is no right to erasure, to the extent that processing is necessary:

(1) for exercising the right of freedom of expression and information;

(2) for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;

(3) for reasons of public interest in the area of public health in accordance with Art. 9 (2) (h) and (i) GDPR as well as Art. 9 (3) GDPR;

(4) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Art. 89(1) GDPR in so far as the right referred to in paragraph 1 is likely to render impossible or seriously impair the achievement of the objectives of that processing; or

(5) for the establishment, exercise or defence of legal claims.

e. Right to information

If you have asserted the right to rectification, erasure or restriction of processing to the controller, the controller has to communicate any rectification or erasure of personal data or restriction of processing carried out to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort.

You have the right to be informed about those recipients by the controller.

f. Right to data portability

You have the right to receive the personal data concerning you, which you have provided to a controller, in a structured, commonly used and machine-readable format. You also have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where:

(1) the processing is based on consent pursuant to Art. 6 (1) (a) GDPR or Art. 9 (2) (a) GDPR or on a contract pursuant to Art. 6(1) (b) GDPR and

(2) the processing is carried out by automated means.

In exercising these rights, you have the right to have the personal data transmitted directly from one controller to another, where technically feasible. Rights and freedoms of others shall not be affected by that.

That right to data portability does not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

g. Right to object

You have the right to object, on grounds relating your particular situation, at any time to processing of personal data concerning you which is based on Art. 6 (1) (e) or (f) GDPR including profiling based on those provisions.

The controller no longer processes your personal data unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

Where your personal data are processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.

Where you object to processing for direct marketing purposes, your personal data are no longer processed for such purposes.

In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you have the right to object by automated means using technical specifications.

h. Right to revocation of declaration of consent under data protection law

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of the consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.

i. Automated individual decision-making, including profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This shall not apply if the decision:

(1) is necessary for entering into, or performance of, a contract between the data subject and a data controller;

(2) is authorised by Union or Member State law to which the controller is subject, and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or

(3) is based on your explicit consent.

But these shall not be based on special categories of personal data referred to in Art. 9(2)1) GDPR, unless Art. 9 (2) (a) or (g) of GDPR applies and suitable measures to safeguard your rights and freedoms and legitimate interests are in place.

In the cases referred to in points (1) and (3), the data controller implements suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express your point of view and to contest the decision.

j. Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of your personal data infringes the GDPR.

The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Art. 78 GDPR.

The competent supervisory authority is

Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
Helga Block
Postfach 20 04 44
40102 Düsseldorf
Kavalleriestraße 2-4
40213 Düsseldorf


Controller within the meaning of GDPR is

EWG - Essener Wirtschaftsförderungsgesellschaft mbH
Kennedyplatz 5
45127 Essen
represented by
Chairman of the supervisory board: Oberbürgermeister Thomas Kufen
Managing director: Andre Boschem

Tel.: +49 201 82024-0
Fax: +49 201 82024-92

Data protection officer of the controller is:

Björn Leineweber
BELA Datenschutz UG
Ruhrtalstr. 67
45239 Essen
Tel.: +49 201 246 888 00


We may change this privacy policy from time to time due to legal, technical or commercial changes. If we update it, we will take measures adequate to the importance of the changes to inform you. If we make important changes to our privacy policy, we will gather your consent, if this is mandatory due to the privacy laws. The date of the last changes to this policy is given at the end of this policy.

Last Update: 13th of August 2018