arrow arrow--cut calendar callback check chevron chevron--large cross cross--large download filter kununu linkedin magnifier mail marker media-audio media-blog media-video menu minus Flieger phone play plus quote share youtube

A. General

We take the protection of your personal data and the legal obligations serving this protection very seriously. The legal requirements demand comprehensive transparency regarding the processing of personal data. Only if the processing is comprehensible to a data subject is he or she informed to the necessary extent about the meaning, purpose and scope of the processing. Our data protection declaration therefore explains to you which so-called personal data is processed by us when using this website and all other internet pages referring to it. 

1. Controller

Joint controller within the meaning of Art. 4 No. 7, Art. 26 of the EU General Data Protection Regulation (GDPR), hereinafter referred to as "Cologne Intelligence" or "CI" and accessible at, are the following companies: 

Cologne Intelligence GmbH (CI)
Marie-Curie-Str. 10
51103 Köln

CI Decision Design GmbH
Marie-Curie-Str. 10
51103 Köln

CI Software Solutions GmbH
Marie-Curie-Str. 10
51103 Köln

CI Mobile Minds GmbH
Marie-Curie-Str. 10
51103 Köln

Within the Cologne Intelligence group of companies, with CI Beteiligungsgesellschaft mbH as the so-called parent company, we distribute certain tasks and departments between the group companies. As joint controllers, the Cologne Intelligence group companies jointly determine the purpose and means of processing your personal data on this website as described below. When we use the name "Cologne Intelligence" or "CI" below, it refers to the joint controllers unless one or more companies are specifically mentioned. 

If you have any questions about data protection or wish to assert claims under data protection law, you can contact any of the companies of the Cologne Intelligence Group named in this data protection declaration and on our website. 

2. Data Protection Officer

You can reach our data protection officer at or at our postal address:

CI Beteiligungsgesellschaft mbH
c/o Data Protection Officer
Marie-Curie-Str. 10
51103 Cologne

If you have any questions or comments about this privacy statement or about data protection at Cologne Intelligence in general, please contact us by e-mail to our data protection officer or by mail to the above address. 

3. Your rights

You may, in accordance with the law, exercise the following gratuitous rights against the data controller: 

  • Withdrawal of your consent (Art. 7 (3) GDPR); 

  • Right to information (Art. 15 GDPR); 

  • Right to rectification or erasure (Art. 16 and Art. 17 GDPR); 

  • Right to restriction of processing (Art. 18 GDPR); 

  • Right to data portability (Art. 20 GDPR); 

  • Right to object to processing (Art. 21 GDPR). 

For the assertion of claims under the GDPR, please contact the controller or alternatively the data protection officer using the contact details above. If you would like to contact us by e-mail, please use an e-mail address that is already stored in our system, if possible, so that we can identify you.    

We recommend that you send confidential information by post, as we cannot guarantee complete data security when communicating by e-mail.  

If you are of the opinion that the processing of your personal data violates data protection law, you have the right to complain to a data protection supervisory authority of your choice in accordance with Art. 77 (1) of the GDPR. 

4. Legal basis for data processing

We only process personal data if we have a legal basis for doing so. We provide more details on the individual bases in the individual processing operations. In general, however, the following applies: 

  • Insofar as we obtain the consent of the data subject for processing operations of personal data, Art. 6 para. 1 sentence 1 lit. a) GDPR serves as the legal basis. 

  • When processing personal data that is necessary for the performance of a contract, Art. 6 para. 1 p.1 lit. b) GDPR serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures. 

  • If processing is necessary for compliance with a legal obligation to which we are subject, Art. 6 (1) S. 1 lit. c) GDPR serves as the legal basis for the processing. 

  • If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not override the former interest, Art. 6 (1) p. 1 lit. f) GDPR serves as the legal basis for the processing. 

5. Storage period

We delete the data we process or restrict processing in accordance with the statutory provisions, in particular Articles 17 and 18 GDPR. Unless expressly stated in this privacy policy, we delete stored data as soon as it is no longer required for the intended purpose.  

After the purpose has ceased to apply, the data will only be retained if this is necessary for other and legally permissible purposes or if the data must be retained due to legal retention obligations. In these cases, processing is restricted, i.e., blocked and not processed for other purposes. 

Statutory retention obligations arise, for example, from Section 257 (1) of the German Commercial Code (HGB) (6 years for commercial books, inventories, opening balances, annual financial statements, commercial letters, accounting vouchers, etc.) and from Section 147 (1) of the German Fiscal Code (AO) (10 years for books, records, management reports, accounting vouchers, commercial and business letters, documents relevant for taxation, etc.). 

6. Recipients; Third country transfers; Linked third party websites.

In the following, we want to inform you about the third parties and processors to which we transfer personal data. On our website, we use a few third-party services. These have different purposes, which we will discuss in more detail. However, these services serve to make our website functional, secure, visually appealing, and content-related, and to constantly optimize it.  

In general, we transmit personal data to the following categories of third parties: Authorities, service providers for hosting and other services related to our website.  

If we transfer personal data to a third country or an international organization, we will inform you separately about the transfer and the underlying justification. The transfer is secured with standard contractual clauses according to Art. 46 GDPR or other suitable transfer safeguards according to Art. 44 et seq. GDPR.  

If we use processors for the processing of data, they are carefully selected, commissioned and regularly monitored by us and are, of course, bound by our instructions. The assignments are based on agreements on commissioned processing in accordance with Art. 28 GDPR. The processors do not process data for their own purposes.  

The commissioned processors include in particular: IT service providers (maintenance and support), telemedia service providers for the operation of IT systems (web hosters for the provision of online platforms, providers of cloud software and backup services), service providers for the professional disposal of data waste. 

Please note that links on our website may take you to other websites that are not operated by us but by third parties. Such links are either clearly marked or can be recognized by a change in the address line of your browser. We are not responsible for compliance with data protection regulations on these websites operated by third parties. 

7. Data Security

To protect your personal data against loss, manipulation, destruction or other attacks by unauthorized persons, we use appropriate technical and organizational measures. We continuously improve our security measures according to the current state of the art. When transmitting your personal data via this website, we use transport encryption technology (TLS). 

8. Automated decision-making including profiling

There will be no process of automated decision-making including profiling. 

B. Data Processing in connection with the use of the website

1. Technical provision of the website

When you visit our website for informational purposes, it is not necessary for you to provide personal data. However, each time you access content on the website, data is temporarily transmitted via your Internet browser and stored via so-called log files, which may allow identification. The following data is collected during the informative use of our website: 

  • Date and time of the call; IP address of the requesting computer; 

  • Host name of the accessing computer; 

  • Website from which the website was accessed; 

  • Websites that were accessed via the website; 

  • Visited page on our website; 

  • Amount of data transferred; 

  • Message as to whether the retrieval was successful; 

  • Information about the browser type and version used; 

  • Operating system. 

The temporary storage of data is necessary for the processing of a website visit to enable the delivery of the website. Further storage of the log files takes place to ensure the functionality of the website and the security of the information technology systems. In this process, your IP address is shortened as quickly as possible so that it is no longer possible to identify you personally. The legal basis for the temporary storage is Art. 6 para. 1 p. 1 lit. b) GDPR. The legal basis for further storage with a shortened IP address is Art. 6 para. 1 p. 1 lit. f) GDPR. Our legitimate interest is the protection of our information technology systems (especially in the event of abusive attacks, so-called DDoS attacks) and the provision and display of the website.  

A personal evaluation of the data, in particular for marketing purposes, does not take place without your prior consent. 

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of website provision, this is the case when the respective session has ended. The log files are kept accessible only to administrators. 

2. Hosting

For the operation of this website, we use a hosting provider (Timme Hosting GmbH & Co. KG, Ovelgönner Weg 43 21335 Lüneburg, Germany) to process meta data and communication data of our website users on our behalf and on the basis of our legitimate interests in an efficient and secure provision of this website pursuant to Art. 6 (1) p. 1 lit. f), Art. 28 GDPR. 

3. Contact form; Contact us by e-mail or telephone.

You can contact us by e-mail, telephone, fax and via our contact form. 

In order to process your request, we process - depending on how you contact us - your name, your e-mail address, the name of your company if applicable, your telephone number and similar information as well as the content of your request that you transmit to us. 

The processing of your data in the context of contacting us by fax, e-mail, contact form or telephone is based on our legitimate interest in providing diverse and quick contact options, good customer service and answering your inquiry in accordance with Art. 6 (1) p. 1 lit. f) GDPR or in accordance with Art. 6 (1) p. 1 lit. b) GDPR, insofar as the contacts are related to (pre-)contractual performance obligations. 

We delete your contact requests immediately after processing unless legal retention periods require further storage. After responding to your inquiry, we archive your inquiry immediately. Inspection is only possible to a limited extent. Purely informative inquiries, i.e., those that do not lead to a contract or do not contain any other content that must be retained, are deleted at the end of the year in which the inquiry was made.  

When using our contact form, we also process data about your location (country and city based on IP address), data obtained from our tracking system, and data about the browser and device used. The legal basis for the data processing is your consent pursuant to Art. 6 para. 1 p. 1 lit. a), Art. 7 GDPR. 

4. YouTube

Parts of our website use the services of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, ("YouTube") to display video content. The parent company is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. 

When you call up the corresponding pages, your browser loads the code from YouTube necessary to display the video. For this purpose, the browser you use must connect to YouTube's servers. Through this, YouTube obtains knowledge that our website was accessed via your IP address. At the same time, YouTube may place cookies (cf. on the term under section 11.1.1.) on your end device, unless you have prohibited the use of cookies in your browser or read cookies.  

The use of YouTube plugins is for the purpose of an appealing design of our website and to enable the display of video content. This represents a legitimate interest within the meaning of Art. 6 (1) p. 1 lit. f) GDPR.  

Your IP address is collected by us to enable the transmission to YouTube. You are not obliged to provide this personal data, but it is not possible to use the affected parts of our website without providing it.  

If you do not want YouTube to assign the personal data collected via our website to your YouTube account, you must log out of YouTube before visiting our website. You can find more information about YouTube at  

YouTube's privacy policy can be found as part of Google's privacy policy at

5. Social media: LinkedIn, XING and Kununu

We also provide links on our website to our presence on the social networks LinkedIn, XING and Kununu. The integration takes place via a linked graphic of the respective network and are recognizable by the network-typical logo. When our website is called up, a connection to the server of the respective network is not automatically established. The user is only redirected to the service of the respective social network by clicking on the corresponding graphic. 

After the forwarding, information is collected by the respective network, whereby it cannot be ruled out here that processing of the data collected in this way takes place in the USA. 

The collected data are initially IP address, date, time and visited page. However, if you are logged into your user account of the respective network, the network operator may be able to assign the collected information of the specific visit to your personal account.  

If you interact via a "Share" button of the respective network, this information can be stored in your personal account and published. If you want to prevent the collected information from being directly assigned to your user account, you must log out before clicking on the graphic or the "Share" button. 

The following social networks are integrated into our site by linking: 

LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland, a subsidiary of LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085 USA. 
Privacy policy: 

New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany. 
Privacy policy: 

Neutorgasse 4-8, Top 3.02, A - 1010 Vienna, a subsidiary of New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany 
Privacy policy: 


Privacy policy status: May 2021