General Data Protection Regulation

(GDPR)

Schedule an appointment today!
+49 (0) 521 301 0
anker

Data Processing on This Website:

Privacy Policy

In this Privacy Policy, we inform you about how we handle your personal data and about your rights under the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). Unless otherwise specified below, ANKER GmbH (hereinafter referred to as “we” or “us”) is the controller responsible for data processing.

Our privacy policy consists of two parts. In Part A, you will find general information about data protection at ANKER GmbH and learn, among other things, what rights you have and where you can exercise them. Part B focuses on the various groups of data subjects and explains in detail what data we collect and process about you. In doing so, we address you in your role as:

  1. Visitors to our websites
  2. Newsletter subscribers
  3. Social media users
  4. Points of contact at service providers, suppliers, and business partners
  5. Applicants

A. General Information

1. Our Contact Information

If you have any questions or comments regarding this information, or if you wish to exercise your rights, please direct your inquiry to:

ANKER GmbH
Striegauer Straße 21
33719 Bielefeld
Email:anker
Phone: +49 (0) 521 301 - 0

2. On what basis do we process your data?

The data protection term “personal data” refers to all information relating to an identified or identifiable individual. We process personal data in compliance with the relevant data protection regulations, in particular the GDPR and the BDSG. We process data only on the basis of legal authorization. We process personal data only with your consent (Art. 6(1)(a) GDPR), to fulfill a contract to which you are a party, or at your request to take steps prior to entering into a contract (Art. 6(1)(b) GDPR), to comply with a legal obligation (Art. 6(1)(c) GDPR), or when processing is necessary to protect our legitimate interests or the legitimate interests of a third party, provided that your interests or fundamental rights and freedoms requiring the protection of personal data do not take precedence (Art. 6(1)(f) GDPR).

If you apply for an open position at our company, we will also process your personal data to make a decision regarding the establishment of an employment relationship (Section 26(1), sentence 1, BDSG).

3. Your Rights

You are in control of your data! As a data subject, you therefore have the right to exercise your data subject rights with us. Under the data protection laws that apply to you, you have the following rights:

  • Pursuant to Article 15 of the GDPR and Section 34 of the BDSG, you have the right to request information regarding whether we process personal data about you and, if so, to what extent.
  • You have the right to request that we correct your data in accordance with Article 16 of the GDPR.
  • You have the right to request that we delete your personal data in accordance with Article 17 of the GDPR and Section 35 of the BDSG.
  • You have the right to have the processing of your personal data restricted in accordance with Article 18 of the GDPR.
  • In accordance with Article 20 of the GDPR, you have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used, and machine-readable format, and to transmit this data to another controller.
  • If you have provided us with separate consent to the processing of your data, you may revoke this consent at any time in accordance with Article 7(3) of the GDPR. Such revocation does not affect the lawfulness of the processing carried out on the basis of your consent prior to the revocation.
  • If you believe that the processing of your personal data violates the provisions of the GDPR, you have the right to lodge a complaint with a supervisory authority in accordance with Article 77 of the GDPR.

Pursuant to Article 21(1) of the GDPR, you have the right to object to processing based on Article 6(1)(e) or (f) of the GDPR on grounds relating to your particular situation. If we process your personal data for the purpose of direct marketing, you may object to such processing in accordance with Article 21(2) and (3) of the GDPR.

If you exercise your rights under Articles 15 through 22 of the GDPR, we will process the personal data you provide for the purpose of implementing those rights and to be able to provide evidence thereof. We will process data stored for the purpose of providing information and preparing such information solely for this purpose and for data protection monitoring purposes; otherwise, we will restrict processing in accordance with Article 18 of the GDPR.

This processing is based on the legal basis of Article 6(1)(c) of the GDPR in conjunction with Articles 15 through 22 of the GDPR and Section 34(2) of the BDSG.

4. Where do we process your data?

As a general rule, we process your data on European servers that meet the highest security standards. In providing our services, we are supported by external service providers to whom we send your data. Some data processing operations may involve the transfer of certain personal data to third countries–that is, countries where the GDPR is not applicable. Such a transfer is permitted if the European Commission has determined that an adequate level of data protection is provided in that third country. This applies to all transfers to countries on this list: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en.

In the absence of such an adequacy decision by the European Commission, personal data may be transferred to a third country only if appropriate safeguards are in place pursuant to Article 46 of the GDPR or if one of the conditions set forth in Article 49 of the GDPR is met.

Unless an adequacy decision is in place and unless otherwise specified below, we use the EU Standard Data Protection Clauses as appropriate safeguards for the transfer of personal data falling within the scope of the GDPR to third countries. You have the option to receive a copy of these EU Standard Data Protection Clauses or to review them. To do so, please contact us at the address listed under “Contact.”

If you consent to the transfer of personal data to third countries, the transfer will be based on Article 49(1)(a) of the GDPR.

5. To whom do we disclose your personal data, and why?

In order to provide our services and operate as a business, we engage various external companies, to which we may, in some cases, transfer personal data. If there are additional specific recipients of personal data for certain groups of data subjects, we will inform you of this in Part B.

  • Hosting Providers: We engage certified service providers to host our data, and these providers adhere to the highest security standards.
  • IT Service Providers and SaaS Providers: We use the services of various service providers who support us as data processors and help simplify and optimize our processes.
  • Advertising and Marketing Providers: With the help of various advertising and marketing providers, we aim to increase brand awareness, drive demand for our products, and strengthen customer loyalty. To this end, we plan and run campaigns, and measure and analyze their success. These providers are generally also data processors.
  • Retail Partners and Shipping Service Providers: We may share your personal data with fulfillment service providers, postal and delivery services, and retail partners in order to offer and deliver our products to you.
  • Affiliated Companies: We are a group of companies, which means that data transfers between the companies cannot be ruled out.
  • Government Agencies and Authorities: Additional disclosures may be made to comply with legal requirements or to respond to court orders or other similar requests from government authorities. This also includes disclosures to tax authorities and to tax advisory and auditing firms.

6. How long do we retain your data?

Unless otherwise specified in the following information, we store the data only for as long as is necessary to achieve the purpose of processing or to fulfill our contractual or legal obligations. Such legal retention requirements may arise, in particular, from commercial or tax law provisions. Starting at the end of the calendar year in which the data was collected, we will retain personal data contained in our accounting records for eight years and personal data contained in business correspondence and contracts for six years. In addition, we will retain data related to consent requiring proof, as well as to complaints and claims, for the duration of the statutory limitation periods. We will delete data stored for advertising purposes if you object to its processing for this purpose.

7. How do we use "cookies" and other tracking technologies?

We use cookies and similar technologies on our websites. We have provided more information about how we use these technologies in our cookie banners. The banner can be accessed via the cookie button on our websites. There you will also find a list of other companies that place cookies on our websites and process data based on your consent pursuant to Article 6(1)(a) of the GDPR, a list of cookies that we place, and an explanation of how you can opt out of certain types of cookies.

8. How can you contact our Data Protection Officer?

You can reach our data protection officer using the following contact information:

Email:anker
Herting Oberbeck Datenschutz GmbH
https://www.datenschutzkanzlei.de

B. Specific Section – How and Why We Process Your Data

a. Visitors to our website

1) We process pseudonymous information about the device and browser you use, server log files, your network connection, and your IP address for the following purposes:

  • Ensuring the security, operability, and stability of our websites, including defending against attacks;
  • Incorporation of third-party content.

Legal basis: Legitimate interest pursuant to Article 6(1)(f) of the GDPR in ensuring the proper functionality and stability of the website.

2) We process the data you enter in the contact form (e.g., name, email address, message) as well as technical information about the device you are using and your IP address for the following purposes:

  • Processing and responding to your inquiry;
  • Ensuring the security and proper functioning of the contact form.

Legal basis: Legitimate interest pursuant to Article 6(1)(f) of the GDPR in the efficient processing of inquiries and ensuring the technical integrity of the contact form.

3) We process information about your behavior on the website. This includes your IP address and user IDs, some of which are assigned by third parties, and is done for the following purposes:

  • Audience measurement and analysis of visitor behavior to optimize our websites, increase customer satisfaction, and analyze errors;
  • Conducting A/B tests and other methods to measure the effectiveness of different website versions;
  • (Conversion) tracking to measure reach and calculate commissions for our affiliate partners and influencers;
  • Remarketing to attract new customers through personalized ad delivery.

Legal basis: Consent pursuant to Article 6(1)(a) of the GDPR, which we obtain via the consent banner on our website and which you can revoke or modify at any time via the website footer.

b. Newsletter subscribers

1) We process the name and contact information you provide when you sign up for our newsletter for the following purposes:

  • Sending personalized promotional emails containing information and updates about our products, promotions, and events for the purpose of sales promotion and acquiring new customers;
  • Verification of your email address using the double opt-in process.

2) We process pseudonymous information regarding the use of our newsletter (click behavior, open rate and time, time spent on the newsletter) for the following purposes:

  • Measuring success to optimize our content and improve our products.

The legal basis for data processing in connection with our newsletter is your consent pursuant to Article 6(1)(a) of the GDPR, which you may withdraw at any time by contacting us using the contact information provided above or by using the unsubscribe link.

c. Social media visitors

1) Liability of Social Media Providers
When you visit our social media pages (Facebook, Instagram, LinkedIn, XING), where we showcase our company, certain information about you as a visitor is processed.

For more information:

Facebook and Instagram:

  • Privacy Policy of Meta Platforms Ireland Limited
  • Opt-out option

LinkedIn: Privacy Policy of LinkedIn Ireland Unlimited Company
XING: Privacy Policy of New Work SE

2) Joint responsibility of the social media providers and us (joint controllers)
The social media providers collect and process event data and send us anonymized statistics and data for our pages, which help us gain insights into the various activities that visitors perform on our site (so-called “Page Insights”). These Page Insights are generated based on certain information about individuals who have visited our site(s).

For more information:

Facebook and Instagram:

  • Joint Controller Agreement
  • Data subjects may also assert their rights against Meta. For more information, please see the Privacy Policy.

LinkedIn:

  • Joint Controller Agreement
  • Data subjects can exercise their rights via this contact form on LinkedIn. You can contact LinkedIn's Data Protection Officer via this link.
  • We have agreed with LinkedIn that the Irish Data Protection Commission is the competent supervisory authority responsible for overseeing the processing of Page Insights. You may file a complaint with the Irish Data Protection Commission (see www.dataprotection.ie) or with another supervisory authority.

XING:

  • Joint Controller Agreement
  • You can find information here on how to exercise your rights as a data subject with New Work SE.

3) Our Responsibility
We process information that you have provided to us via our social media channels on the respective social media platform. This information may include the name you use, your contact information, or a message you send to us.
Legal basis: Legitimate interest pursuant to Art. 6(1)(f) of the GDPR in communicating with prospective customers and followers.

d. Contacts at service providers / suppliers / business partners

We process the data you provide to us about yourself and the company you work for–such as your name, email address, and phone number–for the following purposes:

  • To fulfill the contract with the company where you work (this includes contract management, documentation related to our ongoing collaboration, billing, and communication).

Legal basis: Legitimate interest pursuant to Article 6(1)(f) of the GDPR in the performance of the contract between the company where you work and us.

e. Applicants

1) Data that you provide to us as part of your application or that a recruitment agency forwards to us on your behalf. This includes information from your resume, your professional history to date, and other data that we process for the following purposes:

  • Determining whether employment is a possibility;
  • Initiation of an employment relationship.

Legal basis: Pre-contractual measures pursuant to Article 6(1)(b) of the GDPR and Section 26(1), first sentence, of the BDSG.

  • Compliance with statutory retention requirements or defense against legal claims.

Legal basis: Compliance with legal obligations pursuant to Article 6(1)(c) of the GDPR.

  • Inclusion in our talent pool so we can contact you again at a later date if employment is not established at this time.

Legal basis: Consent pursuant to Article 6(1)(a) of the GDPR, which you may withdraw at any time by contacting us using the contact information provided above.

If we are unable to offer you a position, we will retain the application documents you submitted for up to six months after any rejection in order to answer questions related to your application and rejection. This does not apply if legal provisions prevent deletion, if further storage is necessary for evidentiary purposes, or if you have expressly consented to longer-term storage.

As of January 2026