Privacy Statement



Privacy statement

1. Name and contact details of the person responsible for the processing and of the company data protection officer.

This privacy statement applies to data processing by:


comspace GmbH & Co. KG
Elsa-Brandström-Strasse 2-4
33602 Bielefeld
Tel: +49 521 98647-0
Fax: +49 521 98647-99

The operational data protection officer of comspace GmbH & Co. KG, Maren Muke, can be reached as follows:

Maren Muke
Adenauerplatz 4 
D-33602 Bielefeld
Tel. +49 521 91414 - 300
Fax +49 521 91414 - 99


2. The collection and storage of personal data and the nature and purpose of its use

a) When visiting the website

When you visit our website and all its subdomains, information is automatically sent to the server of our website. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until automated deletion:

  • IP address of the requesting computer,
  • date and time of access,
  • name and URL of the retrieved file,
  • website from which access is made (referrer URL),
  • the browser used and, if applicable, the operating system of your computer as well as the name of your access provider.

The data mentioned will be processed by us for the following purposes:

  • to ensure a smooth connection of the website,
  • to ensure a comfortable use of our website,
  • evaluation of system safety and stability as well as
  • for other administrative purposes.

The legal basis for data processing is Art. 6, Para. 1 S. 1 lit. f DSGVO. Our legitimate interest arises from the purposes of the data collection listed above. In addition, we use cookies and analysis services when you visit our website. More detailed explanations can be found under points 4 and 5 of this data protection declaration.

b) When using our contact form


To contact us via our contact form, it is necessary to state your name, your valid e-mail address and your request. All other information is voluntary. Data processing for the purpose of contacting us is carried out in accordance with Art. 6 Para. 1 S. 1 lit. a DSGVO on the basis of your voluntary consent. All personal data collected will be deleted after processing.

c) When using our newsletter

To protect against the misuse of personal data such as e-mail addresses, we carry out the double opt-in procedure during the registration process for the newsletter. Data processing takes place in accordance with Art. 6 Para. 1 S. 1 lit. a DSGVO on the basis of your voluntary consent. All personal data collected will be deleted after you have unsubscribed.

d) For an application

Which data of yours are processed by us? And for what purposes?

We process the data you have sent us in connection with your application in order to assess your suitability for the position (or any other open position in our company) and to complete the application process. 

What is the legal basis for the processing?

The legal basis for the processing of your personal data in this application procedure is primarily § 26 BDSG in the version valid as of 25.05.2018. Accordingly, the processing of the data required in connection with the decision on the establishment of an employment relationship is permissible. Should the data be necessary for legal prosecution after completion of the application procedure, it may be processed on the basis of the requirements of Art. 6 DSGVO, in
particular to safeguard legitimate interests pursuant to Art. 6 para. 1 lit. f) DSGVO. Our interest then lies in the assertion or defence of claims.

How long is the data stored?

Data relating to applicants will be deleted after 6 months in the event of rejection. In the event that you have agreed to further storage of your personal data, we will transfer your data to our applicant pool. There the data will be deleted after two years. If you have been approved for a position as part of the application process, the data will be transferred from the applicant data system to our personnel information system.

To which recipients will the data be forwarded?

To process applications, we use software for process and project management. The software is maintained by our in-house IT department and hosted on company servers. After receiving an application, the personnel department ("People & Culture") reviews the applicant's data and processes it with the help of the software for process and project management. Suitable applications are made available to those responsible for the respective open position (e.g. team leaders, trainers or specialist colleagues) in order to jointly coordinate the further course of the application process ("peer recruiting"). In the company only those persons have access to applicant data who need it for the smooth running of the application process.

Your rights as an applicant:

You have the right to information about the personal data processed by us about your person. In the case of a request for information which is not made in writing, we ask for your understanding that we may then demand proof from you that you are the person you claim to be. Furthermore, you have the right to correction or deletion or to restriction of the processing to the extent to which you are legally entitled to do so. Furthermore, you have the right to object to the processing within the scope of the statutory provisions. The same applies to a right to data transfer.

The encrypted transmission of your application documents:

In order to protect your data from unauthorized access, you have the option of encrypting your e-mails and the application documents transmitted in this context with the public GnuPG key provided by us. You can download the key here.

e) Use of the guest WLAN

When using the guest WLAN via a guest account, your name, your company, the computer name, the access code used as well as logins, logouts and the transferred data volume are stored for a period of 30 days. This data is used by us for the purpose of ensuring convenient use and evaluation of system security and stability and can only be viewed by IT staff. The data will be deleted automatically after the deadline. 

3. Disclosure of data

Your personal data will not be transferred to third parties for purposes other than those listed below.

We will only pass on your personal data to third parties if:

  • you have given your express consent to this in accordance with Art. 6 para. 1 sentence 1 lit. a DSGVO,
  • the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f DSGVO is necessary for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data,
  • in the event that there is a legal obligation to pass on data pursuant to Art. 6 para. 1 sentence 1 lit. c DSGVO, and
  • this is legally permissible and required for the execution of contractual relationships with you pursuant to Art. 6 para. 1 sentence 1 lit. b DSGVO.
4. Cookies

We use cookies on our site. These are small files that are automatically created by your browser and stored on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not cause any damage to your terminal device and do not contain viruses, Trojans or other malware. Information is stored in the cookie, which results in each case in connection with the specifically used terminal device. This does not mean, however, that we will immediately become aware of your identity. The use of cookies serves on the one hand to make the use of our offer more pleasant for you. For example, we use so-called session cookies to recognize whether you have already visited individual pages on our website. The cookies are automatically deleted when you leave our site.

In addition, we also use temporary cookies to optimise user-friendliness, which are stored on your terminal device for a specified period of time. If you visit our site again in order to use our services, it is automatically recognised that you have already been with us and which entries and settings you have made so that you do not have to enter them again.

Furthermore, we use cookies in order to statistically record the use of our website and to evaluate it for you for the purpose of optimising our offer (see point 5). These cookies enable us to automatically recognize that you have already visited our site when you visit it again. These cookies are automatically deleted after a defined period of time. The data processed by cookies are necessary for the purposes mentioned to safeguard our legitimate interests and those of third parties pursuant to Art. 6 Para. 1 S. 1 lit. f DSGVO.

Most browsers automatically accept cookies. However, you can configure your browser in such a way that no cookies are stored on your computer or a message always appears before a new cookie is created. However, if you deactivate cookies completely, you may not be able to use all the functions of our website.

Below you will find further information about the individual cookies we use on our websites and how you can deactivate them.

Absolutely necessary cookies

These cookies are necessary for our websites to function and cannot be deactivated in our systems. They are usually set only in response to actions on your part that result in a service request (such as setting your privacy preferences or filling out forms). You can set your browser to block or notify you of these cookies. However, parts of our websites will then not work. These cookies do not store any data that can be attributed to individuals. 

Performance Cookies

These cookies allow us to track the number of visits and traffic sources in order to measure and improve the performance of our websites. They help us determine which pages are the most popular and which are the least popular, and show us how visitors move around the site. If you do not accept these cookies, some or all of these services may not function properly. All information collected by these cookies is aggregated data and is therefore anonymous. If you do not accept these cookies, we will not know when you visited our website and we will not be able to monitor their performance.

Functional cookies.

These cookies allow the site to offer improved functionality and 
personalization. These may be set by us or by third parties whose services we have included in our pages.

Targeting Cookies

These cookies can be set by our advertising partners on our website. They may be used by these companies to profile your interests and show you appropriate advertisements on other websites. They do not store personal information directly, but are used only to identify your browser and Internet device. If you do not allow these cookies, you will receive less targeted advertising.

Cookies from social media

These cookies are set by a number of social media services that we have included on our website so that you can share your content with your friends and your networks. These cookies allow you to track your browser on other websites, profile your interests and possibly other personal information. This may affect the content and messages you see on other websites you visit. If you do not accept these cookies, you may not be able to use or view these information sharing tools. Social media platforms for which cookies have been set on our websites include Facebook, LinkedIn, Twitter, and Google+. For their privacy statements and policies, we refer you to the websites of these social media platforms.


A tag is a collective term for code elements found on our websites. Most tags simply describe the content of the page, but some types of tags contain programmatic elements or add dynamic content such as video or audio files to the page. Some tags, especially those that add content or features from sources outside our domain, may involve privacy risks that require risk assessment and risk management. These are third-party tags that, in most cases, add value to our site. However, you need to know these tags so you can focus on where the risks are higher. Most of the cookies set on our websites are set through these tags, but some tags may also collect information about you without the use of cookies.

5. Analysis Tools

Tracking Tools

The tracking measures listed below and used by us are carried out on the basis of Art. 6 para. 1 sentence 1 lit. f DSGVO. With the tracking measures used, we want to ensure that our website is designed in line with requirements and continuously optimised. On the other hand, we use the tracking measures to record the use of our website statistically and to evaluate it for you for the purpose of optimising our offer. These interests are to be regarded as justified within the meaning of the aforementioned provision. 

The respective data processing purposes and data categories can be found in the corresponding tracking tools.


Our website contains functions of Twitter Inc, 795 Folsom Street, Suite 600, San Francisco, CA 94107, USA. If you use Twitter and in particular the "Re-Tweet"
function, Twitter links your Twitter account to the websites you visit. This will be communicated to other Twitter users, in particular your followers. This is also the way in which data is transmitted to Twitter. We, as the provider of our website, are not informed by Twitter about the content of the transmitted data or the use of the data. You can find further information under the following link:

Please note, however, that you have the option to change your Twitter privacy settings in your Twitter account settings at

6. Children

Persons under the age of 18 should not transmit any personal data without the consent of their parents or legal guardians.

7. Timeliness and amendment of this data protection declaration

This data protection declaration is currently valid and as of May 2018. Due to the ongoing development of our website and offers on it or due to changed legal or official requirements, it may be necessary to amend this data protection declaration. You can call up and print out the current data protection statement at any time on the website at

Change history

Version 1.0 initialization based on the DSGVO.

Your rights as a user

In the following, we would like to inform you about your rights as a website visitor, which the data protection basic regulation (DSGVO) grants you with the processing of your personal data.

Right of information (Art. 15 DSGVO)

You have the right to request confirmation as to whether personal data relating to you is being processed; if this is the case, you have the right to access this personal data and the information specified in Art. 15 DSGVO.

Right of rectification and deletion (Art. 16 and 17 DSGVO)

You have the right to request the rectification without delay of incorrect personal data concerning you and, where appropriate, the completion of incomplete personal data. You also have the right to demand that personal data relating to you be deleted immediately if one of the reasons specified in Art. 17 DSGVO applies, e.g. if the data is no longer required for the purposes pursued.

Right of restriction of processing (Art. 18 DSGVO)

You have the right to demand the restriction of the processing if one of the conditions listed in Art. 18 DSGVO is met, e.g. if you have lodged an objection against the processing for the duration of any examination.

Right of data transferability (Art. 20 DSGVO)

In certain cases, which are listed in detail in Art. 20 DSGVO, you have the right to receive the personal data concerning you in a structured, common and machine-readable format or to request the transfer of this data to a third party.

Right of objection (Art. 21 DSGVO)

If data is collected on the basis of Art. 6 para. 1 lit. f (data processing to safeguard legitimate interests), you have the right to object to such processing at any time for reasons arising from your particular situation. We will then no longer process the personal data unless there are verifiable compelling grounds for processing worthy of protection which outweigh the interests, rights and freedoms of the person concerned, or the processing serves to assert, exercise or defend legal claims. If you wish to make use of your right of revocation or objection, an e-mail to is sufficient.

Alternatively, the following contact options are available to you:

comspace GmbH & Co. KG
Elsa-Brändström-Straße 2-4
33602 Bielefeld
Fax: +49 (0)521 - 986 47 - 99

Furthermore, pursuant to Art. 77 DSGVO, you have the option of lodging a complaint with the competent state data protection authority. In the case of comspace GmbH & Co. KG, this is the competent supervisory authority: 

The State Commissioner for Data Protection and Freedom of Information North
Kavalleriestr. 2-4
40213 Düsseldorf
Telephone: 0211/38424-0
Fax: 0211/38424-10

Right of appeal to a supervisory authority:

According to Art. 77 DSGVO, you have the right to lodge a complaint with a supervisory authority if you are of the opinion that the processing of the data concerning you violates data protection provisions. The right of appeal can be asserted in particular with a supervisory authority in the member state of your residence, your place of work or the place of the presumed infringement.