Privacy Policy, Cookies & Co

Privacy Policy and the usage of Cookies within aPrio1

Below we provide information about the collection of your personal data when you use our website. Personal data is all data that can be personally related to you, e.g. E.g. name, address, email addresses, user behavior.

1. Responsible body

The person responsible in accordance with Article 4 Paragraph 7 of the EU General Data Protection Regulation (GDPR) is:

aPrio1 AG
The Squaire 12 (West – 5th Floor) 
Am Flughafen
60549 Frankfurt/Main

Chairman: Christoph Udo Schad

You can reach our data protection officer either electronically by email at his address datenschutz@aprio1.com or via the respective postal address of our locations with the clear addition „Der Datenschutz­beauftragte“.

2. Collection of personal data when you visit our website

2.1 The operator of the website named under point 1 is responsible for collecting the data.

2.2 If you use the website for informational purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you would like to view our website, we collect the following data – in anonymized or pseudonymized form:

  • IP address
  • Date and time of the request
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • Access status/HTTP status code
  • Amount of data transferred in each case
  • Website from which the request comes
  • Browser
  • Operating system and its interface
  • Language and version of the browser software

2.3 When you contact us by email, the data you provide (your email address, if applicable your name and telephone number) will be stored by us.

2.4 If you come into business contact with us, for example as a customer or subcontractor, the separately made contractual agreements take precedence. In this case, too, we may store your contact details and related information (e.g. company affiliation)

3. Hosting

The aPrio1 AG website is hosted by Host Europe:

Host Europe GmbH
Hansestrasse 111
51149 Cologne

When you visit our website, Host Europe collects various log files including your IP addresses. Details can be found in Host Europe’s data protection declaration.

The use of Host Europe is based on Art. 6 Para. 1 lit. f GDPR. We have a legitimate interest in ensuring that our website is presented as reliably as possible. If appropriate consent has been requested, processing is carried out exclusively on the basis of Art. 6 Para. 1 lit. a GDPR and Section 25 Para . B. for device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.

4. Cookies

Our websites use so-called “cookies”. Cookies are small text files and do not cause any damage to your device. They are stored on your device either temporarily for the duration of a session (session cookies) or permanently (persistent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or your web browser automatically deletes them.
In some cases, cookies from third-party companies may also be stored on your device when you enter our site (third-party cookies). These enable us or you to use certain third-party services (e.g. cookies to process payment services).
Cookies have various functions. Numerous cookies are technically necessary because certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies are used to evaluate user behavior or display advertising.
Cookies that are necessary to carry out the electronic communication process (necessary cookies) or to provide certain functions you want (functional cookies, e.g. for the shopping cart function) or to optimize the website (e.g. cookies to measure the web audience) are used stored on the basis of Art. 6 Para. 1 lit. f GDPR, unless another legal basis is stated. The website operator has a legitimate interest in storing cookies in order to provide its services in a technically error-free and optimized manner. If consent to the storage of cookies has been requested, the relevant cookies will be stored exclusively on the basis of this consent (Art. 6 Para. 1 lit. a GDPR); consent can be revoked at any time.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when you close the browser. If cookies are deactivated, the functionality of this website may be restricted.
If cookies are used by third-party companies or for analysis purposes, we will inform you separately in this data protection declaration and, if necessary, request your consent.

5. Purposes and legal bases of data processing

5.1 The data mentioned under 2.1 is processed because it is technically necessary to display our website to you and to ensure its stability and security. The legal basis is Art. 6 Paragraph 1 Sentence 1 Letter f GDPR. The aforementioned interests are fundamental company interests, the failure to protect which can endanger the operation of the website itself. Your interests are also protected by appropriate protective measures in the areas of IT security and anonymization or pseudonymization.

5.2 The data mentioned under 2.2, 2.3 will be processed in order to process your request or to carry out the respective contractual relationship, cf. Art. 6 Paragraph 1 Letter b Alt. 1 GDPR.

5.3 If you have also given us your consent to further processing your personal data, this is based on Article 6 Paragraph 1 Letter a GDPR. You can revoke any consent you have given at any time by notifying us using the contact details provided above.

5.4 We expressly point out that the transmission of personal data to us is generally not required by law – however, preventing this may have an impact on the services that can be offered (e.g. with regard to access to the website).

5.5 There is no automated decision-making – for example in the sense of profiling.

6. Duration of data storage

We delete the data arising in this context after storage is no longer necessary to fulfill the respective purpose; with a view to ensuring the usability of the website (see above), i.e. basically when you leave it. If legal retention obligations apply (e.g. of a tax nature), the data will be kept blocked until they expire.

7. Your rights

7.1 You may have the following rights towards us in particular with regard to personal data relating to you:

  • Right to information
  • Right to rectification or deletion
  • Right to restriction of processing
  • Right to object to processing
  • Right to data portability

7.2 In addition, in the event of violations of the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your habitual residence, your place of work or the place of the alleged violation. The right to lodge a complaint exists without prejudice to any other administrative or judicial remedies.

8. Categories of recipients of personal data

8.1 In addition to the purely informational use of our website, we offer various services that you can use if you are interested. To do this, you will usually have to provide additional personal data that we use to provide the respective service and to which the aforementioned data processing principles apply.

8.2 We sometimes use external service providers to process your data; for example to provide IT components. These have been carefully selected and commissioned by us, are bound to our instructions and are checked regularly. There are corresponding data protection agreements with these service providers to protect your data protection legal positions.

8.3 In principle, data will not be transmitted to service providers based in a country outside the European Economic Area (EEA). If this does happen, the additional risks resulting from this will be offset by appropriate additional data protection agreements.

9. SSL encryption and IT security

In order to best protect your transmitted data, we use SSL encryption. You can recognize such encrypted connections by the prefix “https://” in the page link and the lock symbol in the address bar of your browser. Unencrypted pages are marked with “http://”.
Thanks to SSL encryption, all data that you transmit to our website cannot generally be read by third parties.
We also take appropriate measures to ensure the integrity of your personal data (such as current and comprehensive antivirus and firewall solutions, authorization concepts and access controls).

10. Plugins and Tools

10.1 Ninja Firewall

As a security measure, we have integrated the Ninja Firewall plugin on our website.

The plugin provider is:

NinTechNet Limited
Unit 1603, 16th Floor
The L. Plaza 367 – 375 Queen’s Road Central Sheung Wan
Hong Kong

Ninja Firewall is used to protect our website from unwanted access or malicious cyberattacks. For this purpose, Ninja Firewall records the IP address, request, referrer and time of page access. Ninja Firewall is integrated on our own servers and does not transmit any personal data to the provider of the tool or other third parties.

We have activated IP anonymization in Ninja Firewall so that the tool only records the IP address in an abbreviated form.

The use of Ninja Firewall is based on Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting its website from cyber attacks as effectively as possible.

11. Partner­services

To provide the “Jobboard” job board, we use the services and systems of our partner audeoSoft GmbH. The separate data protection declaration, which applies in addition to ours: audeoSoft’s data protection declaration.

A separate contract for order data processing was concluded with the company audeoSoft GmbH, which ensures secure storage and further processing.

12. Social Media

aPrio1 AG operates on various social media platforms, to which their data protection declarations apply, which we link here.

12.1 LinkedIn

aPrio1 AG has a profile on LinkedIn.
The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.
LinkedIn is certified according to the EU-US Privacy Shield. LinkedIn uses advertising cookies.

If you would like to deactivate LinkedIn advertising cookies, please use the following link: LinkedIn advertising cookies
For details on how they handle your personal data, please see the following link: LinkedIn data protection declaration

12.2 XING

aPrio1 AG has a profile on XING.
The provider is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany.
For details on how they handle your personal data, please see the following link: XING data protection declaration

Status of the data protection declaration: October 1st, 2024