Data privacy policy

from Entelios AG for the use of the website

Thank you for visiting the website of Entelios AG (hereinafter “Entelios” or “we”) at the URL entelios.com (hereinafter “Website”).

The processing of personal data via our website is in accordance with the General Data Protection Regulation (DS-GVO) and the Federal Data Protection Act (BDSG). By means of this privacy policy we inform you about the collection of personal data by the data subject in accordance with Art. 13 DS-GVO. For this privacy policy, the definitions are in accordance with Art. 4 DS-GVO.

1 Name and contact details of the responsible person

The person responsible for the processing of personal data under this Privacy Policy is:

Entelios AG
Loop site 31
Werinherstrasse 81
81541 Munich
E-Mail: info@entelios.com
Website: http://entelios.com

2 Contact details of the data protection officer

E-Mail: dp@entelios.com

3 Purposes and legal bases for the processing of personal data

When you visit the website, Entelios collects, processes and uses personal information about you for the following purposes:

3.1 Collection and processing of personal data when visiting the website

For the purpose of visiting the website, we only collect and process the information and personal data that your Internet browser automatically sends us, in particular:

  • Date and time of retrieval of the website,
  • your browser type and browser settings,
  • the operating system used,
  • the page you visited last,
  • the transferred amount of data and the access status, as well
  • your IP address.


This information and personal data are required for the purpose of correctly delivering and optimizing the contents of the website, to ensure network and information security and to protect the website from attacks, disruptions and damage.

Personal data and information collected thereafter shall be statistically and collectively evaluated by Entelios in order to increase data protection and data security in order to ensure a level of protection of the processed personal data that is commensurate with the risk. The personal data collected when the website is accessed, in particular the user’s IP address, will be deleted no later than seven days after they have been collected, unless an attack or a threat has been detected by the user.

As far as we collect and process personal data of the user (in particular the IP address) when the website is accessed, the legal basis for this is Art. 6 para. 1 sent. 1 letter f of the DS-GVO, because this processing is for the protection of the legitimate interests of Entelios required. Entelios legitimate interests in this regard are to increase privacy and data security to ensure a level of protection appropriate to the risk of Entelios personal data, to ensure network and information security, to optimize the site and to protect it from attacks, disruptions and disruptions Protect injuries.

3.2 Contact via the website

If necessary, you may contact Entelios by providing your personal information. On the one hand, you can send messages to the e-mail addresses mentioned on the website. In this case, we will receive your e-mail address and, if applicable, personal data contained in the e-mail.

The personal data transmitted to Entelios will be collected and processed for the purpose of processing your contact request.

The legal basis for the processing of these personal data is Art. 6 para. 1 sent. 1 letter b of the DS-GVO, since the processing is necessary for the performance of a contract between Entelios and the data subject or for the performance of pre-contractual measures, at the request of the data subject respectively.

3.3 Use of cookies

Cookies are used when using the website. Cookies are intended to personalize the website for your visit and to facilitate the use of the website. Cookies are small text files that the website transmits to the cookie file of the Internet browser on your device and holds it there for later retrieval, so that the website i.a. can remember who you are. A cookie typically includes the name of the domain from which the cookie originates, the “lifetime” of the cookie, and a unique identifier. The following types of cookies are used on the website:

  • Session cookies: These cookies are necessary for you in order to use the website in the first place. They are temporary and remain in the cookie file of your browser until you leave the website. These session cookies are deleted when you end the browser session.
  • Persistent cookies: These remain longer in the cookie file of your browser. The duration depends on the lifetime of the specific cookie. Entelios’ persistent cookies allow the site to remember your choices (for example, the language you choose or the region you are in).


If you do not want to accept cookies from the website, you can refuse them and deny access to previously stored information by setting your Internet browser accordingly. The settings within your browser that allow you to do this vary from browser to browser. The settings can usually be found under “Privacy” or “Cookies” of the “Internet Options” or “Settings” menu of your browser. If you need help to disable or delete cookies, you should use the “Help” menu within your browser. Information about the administration and deletion of cookies as well as a corresponding instruction for the common browsers are e.g. available at www.meine-cookies.org. Please note, however, that you may not be able to use all of the interactive features and functionality of the website if cookies are blocked or deleted.

As far as cookies are used with your consent and as a result personal data are collected and processed, the legal basis for this is Art. 6 para. 1 sent. 1 letter a of the DS-GVO. Incidentally, the legal basis is Art. 6 para. 1 sent. 1 letter f of the DS-GVO, because this processing is necessary to ensure our legitimate interests. We hereby pursue the legitimate interests to personalize the website for the visit of the user and to facilitate the use of the website.

4 Recipients of personal data

Within our organization, only those departments or employees have access to the user data which are necessary to fulfill our contractual and legal obligations or for the purpose of exercising our legitimate interests.

A transfer of personal data of the user to third parties takes place exclusively in the context of the contract execution or for purposes of the fulfillment of legal requirements, according to which we are obliged to the information, the announcement or the passing on of data or if the data transfer is of public interest, or if external service providers process the data on our behalf or by failover, or because of our legitimate interest or the legitimate interest of the third party, or if you have given your consent for transmission to third parties.

5 Duration of storage of personal data

We process and store your personal data for the duration of the existing business relationship between you and us. This also includes the initiation of a contract (pre-contractual legal relationship) and the execution of a contract.
In addition, we process and store the personal data, if this is necessary due to legal storage and documentation obligations. Such obligations arise i.a. from the Commercial Code (HGB) and the German Fiscal Code (AO). The deadlines for storage and documentation specified are up to ten years beyond the end of the business relationship or the pre-contractual legal relationship.
Furthermore, other legal requirements may require a longer storage period, such as e.g. the preservation of evidence within the framework of the statutory statute of limitations. According to §§ 195 et seq. of the Civil Code (BGB) the regular limitation period is three years; however, in certain cases limitation periods of up to 30 years may apply.
If the data is no longer required for the fulfillment of contractual or legal obligations and rights, they are regularly deleted unless their further processing is necessary for the fulfillment of purposes that result from an overriding legitimate interest within the meaning of the first sentence of Art. 6 para. 1 sent. 1 letter f of the DS-GVO. An overriding legitimate interest on our part is e.g. if deletion is not possible or only possible with disproportionately high costs because of the special nature of the storage and processing for other purposes is precluded by suitable technical and organizational measures.

6 Your rights as an affected person

You have the following rights:

  • Right to obtain information about the personal data concerned (Art. 15 DS-GVO),
  • Right to rectification (Art. 16 DS-GVO),
  • Right to cancellation (Art. 17 DS-GVO),
  • Right to restriction of processing (Art. 18 DS-GVO),
  • Right to object to processing if the data processing takes place on the basis of Art. 6 para. 1 sent. 1 letter e or f of the DS-GVO (Art. 21 DS-GVO); see also the reference to the right of objection according to Art. 21 DS-GVO at the end of this privacy policy,
  • Right to data portability (Art. 20 DS-GVO),
  • Right to revoke consent at any time without affecting the lawfulness of the processing on the basis of consent until the revocation if the processing of the data is based on a consent under Art. 6 para. 1 letter a or Art. 9 para. 2 letter a of the DS-GVO,
  • Right to appeal to a supervisory authority (Art. 77 DS-GVO).

7 Obligation to provide personal data and consequences of non-provision

The provision of personal data is required to use the website. In the case of a non-provisioning, the website cannot be used or only with limited functionality.

8 No automated decision-making

We do not make an automated decision-making process within the meaning of Art. 22 para. 1 DS-GVO, which has a legal effect on you or significantly affects you in a similar manner.

9 Modification of this Privacy Policy

It is necessary to adapt and change the contents of this privacy statement on a case-by-case basis. Entelios therefore reserves the right to change this Privacy Policy and will provide the amended Privacy Policy on the website and inform the person concerned in advance of the amended Privacy Policy if Entelios intends to further process the Personal Information for any other purpose.

Reference to the right of objection under Art. 21 DS-GVO

1 Right of objection due to particular situations

At any time you have the right of objection, for reasons arising from your particular situation, regarding the processing of personal data concerning you, according to Art. 6 sent. 1 letter e (public security) or Article 6 para. 1 sent. 1 letter f (data processing on the basis of a balance of interests) of the DS-GVO; this also applies to profiling based on these provisions. Entelios no longer processes your personal information unless Entelios can demonstrate compelling legitimate reasons for processing that overcompensate your interests, rights and freedoms, or the processing is for the purpose of enforcing, pursuing or defending legal claims.

2 Exercise of the right of opposition

The right of objection can be exercised informally, for example by mail to Entelios AG, Loopsite 31, Werinherstrasse 81, 81541 Munich or by e-mail to dp@entelios.com.