Data Protection

1. Who is responsible for this website?
2. What is it about?
3. How is your data processed when you visit this website?
4. Who receives your data?
5. When will your data be deleted?
6. Will your data be transferred to a third country or to an international organization?
7. Will your data be used for automated decision making or profiling?
8. Data protection information in the application process
9. What rights do you have when it comes to the processing of your data?
10. Amendment and updating of the data protection notice

1. Who is responsible for this website?
The responsible person within the meaning of the General Data Protection Regulation is:

Hänsch GmbH
Schützenstraße 21
D - 49770 Herzlake
E-Mail: info[at]
(hereinafter also referred to as "Hänsch GmbH" or "we")
If you have any questions about this data protection notice or about the protection of your data by Hänsch GmbH, you can also contact our data protection officer at any time:

Carla Holterhus
E Mail: datenschutz[at]

2. What is it about?
When we process personal data, this means that we collect, store, transmit, delete or otherwise use it. Personal data refers to information about natural persons who use this website to obtain information about the offers and services of Hänsch GmbH.

If you are a customer, interested party, employee, supplier or applicant of Hänsch GmbH, your data will also be processed by us in the context of your business relationship with us or your legitimate interest in a feedback. You will find information on this in the notes on handling your personal data.

Below you will find an overview of which data Hänsch GmbH processes when you visit this website and for what purpose. Information on the handling of your data on the social media offers of Hänsch GmbH can be found in the data protection information for social media.

3. How is your data processed when you visit this website?

3.1 Data required to display the website and to ensure its stability and security.
During the mere informational use of the website, the following technically necessary data are processed:

  • IP address of the user
  • Browser used (type, version, language)
  • Operating system used
  • Internet service provider of the user
  • Date and time of access to our web pages
  • Files accessed on our web pages
  • Web page from which the user accessed our web pages

The processing of the aforementioned data is carried out for the implementation of pre-contractual measures or for the fulfillment of the contract in accordance with Art. 6 para. 1 sentence 1 lit. b DSGVO. In addition, the processing of the data may also be carried out to protect the legitimate interests of Hänsch GmbH on the basis of a balancing of interests in accordance with Art. 6 para. 1 sentence 1 lit. f DSGVO. In the event of unlawful use of this website, this data is also used to clarify possible legal violations.

Hänsch GmbH also evaluates this information for statistical purposes and to improve this website without forming personal user profiles.

3.2 Use of cookies?
This website uses cookies. Cookies are small pieces of information that are stored on your terminal device. This serves to make it easier for visitors to navigate through the website and use certain functions and, above all, to be able to use this information again at a later time. In addition to these technically and functionally necessary cookies, cookies may also be used for other purposes, such as targeted advertising. You will find more detailed explanations in the notes below.

If you do not wish cookies to be stored on your terminal device, you can prevent this by setting your browser software accordingly. Cookies that have already been stored can also be deleted there. However, when deactivating technically necessary cookies, the use of this website is no longer fully possible.

Necessary cookies:
We use cookies that are necessary for the operation and playout of functions to make the use of this website safe and user-friendly. Only in this way can users navigate the web pages and operate the modules or functions of the website. Without these cookies, the use of the website may not be possible or may be limited. For some functions, it is necessary that the browser is recognized even after a page change.

The data collected with the help of these necessary cookies are not used to create user profiles. The following data is stored and transmitted in the cookies:

  • Current session ID
  • Use of certain website content, for example, frequency or volume of use
  • Awareness of certain website content, such as product instructions

Since websites have no memory, cookies inform the server which pages to display to the visitor. This has the advantage that the visitor does not have to remember everything or navigate through the entire page again.

Almost all of the technically and functionally necessary cookies used are session cookies. The data stored in them is automatically deleted after the end of your visit.

The cookies we use on our website are:
name   purpose   domain name   expiration   provider
name   purpose   domain name   expiration   provider
Advertising / Tracking
name   purpose   domain   name   expiration   provider

The processing of data by means of technically and functionally necessary cookies takes place on the basis of § 25 para. 2 TTDSG.

3.3 Contact form and e-mail contact
A contact form is available on our websites, which can be used for electronic contact. If a user takes advantage of this option, the data entered by him in the input mask will be transmitted to us and stored:

• Name
• E-mail address
• Free field for individual text
• IP address of the user
• Date and time of sending

Alternatively, it is possible to contact us via the e-mail addresses provided on the web pages. In this case, the user's personal data transmitted with the e-mail will be stored by us. The legal basis for the processing of the data is Art. 6 para. 1 lit. f DSGVO. If the contact aims at the conclusion of a contract, Art. 6 para. 1 lit. b DSGVO is the legal basis.

The data is used exclusively for processing the contact and the subsequent communication. In this context, the data will not be passed on to third parties. The personal data from the input mask of the contact form and those sent by e-mail are deleted when the respective communication with the user has ended, i.e. as soon as it can be inferred from the circumstances that the matter concerned has been conclusively clarified.

The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

3.4 Information applications from other providers

Microsoft Cloud Services
For document storage and management, calendar management, e-mailing, spreadsheets and presentations, exchange of documents, content and information with specific recipients or publication of web pages, forms or other content and information, as well as chats and participation in audio and video conferences, the cloud and cloud software services offered by Microsoft (so-called Software as a Service, e.g. Microsoft Office) are used. Here, among other things, master data and contact data of users, data on transactions, contracts, other processes and their contents are processed. Microsoft also processes usage data and metadata, which is used by Microsoft for security purposes and service optimization. Information about our privacy policy for video conferencing via Microsoft Teams is available here.

In the context of the use of publicly accessible documents, websites or other content, Microsoft may store cookies on users' computers for the purpose of web analysis or to remember users' settings.

We use the Microsoft cloud services on the basis of our legitimate interests pursuant to Art. 6 (1) lit. f DSGVO in efficient and secure administration and collaboration processes. Insofar as processing of data to the USA takes place, we refer to processing on the basis of standard contractual clauses with Microsoft as well as on the basis of fall-back exceptions from Art. 49 (1) DSGVO.

For further information, please refer to the Microsoft privacy policy ( and the Microsoft cloud services security notices ( You can object to the processing of your data in the Microsoft Cloud in accordance with the legal requirements. In addition, the deletion of data within Microsoft's cloud services is determined by the other processing processes in the context of which the data are processed (e.g., deletion of data no longer required for contractual purposes or storage of data required for taxation purposes). Microsoft Cloud Services are provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA.

Google Ads and conversion measurement
We use the online marketing method "Google Ads" to place ads in the Google advertising network (e.g., in search results, in videos, on web pages, etc.) so that they are displayed to users who have a presumed interest in the ads (so-called "conversion"). Furthermore, we measure the conversion of the ads. However, we only learn the anonymous total number of users who clicked on our ad and were redirected to a page marked with a so-called "conversion tracking tag". However, we ourselves do not receive any information with which users can be identified; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Legal basis: consent (Art. 6 para. 1 p. 1 lit. a. DSGVO); Website:; Privacy policy:; Further information: Types of processing as well as data processed:; Data processing conditions between data controllers and standard contractual clauses for third country transfers of data:

Google Maps
For this website, Google Maps is used to display maps. This allows interactive maps to be displayed directly on the website and enables the use of the map function. By visiting the sub-page of this website on which Google Maps is used, Google receives the information that you have called up the corresponding sub-page. In addition, the data mentioned under point 3. 1 are transmitted to Google. The collected data is used exclusively for the creation of the map. A combination with data of your Google user account does not take place. Personal data of end users are not logged by Google.

For more information on the purpose and scope of data collection and its processing by Google Maps, please refer to the provider's privacy policy. There you will also find further information on your rights in this regard and setting options for protecting your privacy:

The legal basis for the processing of the data is Art. 6 para. 1 sentence 1 lit. b and f DSGVO.

We send newsletters, e-mails and other electronic notifications (hereinafter referred to as "newsletter") only with the consent of the recipients or a legal permission. If the contents of the Newsletter are specifically described in the course of registration, they are decisive for the consent of the users. Otherwise, our newsletters contain information about our services and us.

In order to subscribe to our newsletters, it is generally sufficient to provide your e-mail address. However, we may ask you to provide a name, for the purpose of personal address in the newsletter, or further information, if this is necessary for the purposes of the newsletter.

Double opt-in procedure: The registration for our newsletter is always carried out in a so-called double opt-in process. This means that after registration you will receive an e-mail in which you are asked to confirm your registration. This confirmation is necessary so that no one can register with other e-mail addresses. The registrations for the newsletter are logged in order to be able to prove the registration process according to the legal requirements. This includes the storage of the registration and confirmation time as well as the IP address. Likewise, changes to your data stored with the shipping service provider are logged.

Deletion and restriction of processing: We may store unsubscribed email addresses for up to three years based on our legitimate interests before deleting them in order to be able to prove consent formerly given. The processing of this data will be limited to the purpose of a possible defense against claims. An individual request for deletion is possible at any time, provided that the former existence of consent is confirmed at the same time. In the event of obligations to permanently observe objections, we reserve the right to store the e-mail address in a block list (so-called "block list") for this purpose alone.

The logging of the registration process takes place on the basis of our legitimate interests for the purpose of proving its proper course. If we commission a service provider to send e-mails, this is done on the basis of our legitimate interests in an efficient and secure sending system.

Notes on legal basis: The newsletter is sent on the basis of the recipients' consent or, if consent is not required, on the basis of our legitimate interests in direct marketing, if and to the extent that this is permitted by law, e.g. in the case of existing customer advertising. Insofar as we commission a service provider to send e-mails, this is done on the basis of our legitimate interests. The registration process is recorded on the basis of our legitimate interests to prove that it was carried out in accordance with the law.

Analysis and performance measurement: The newsletters contain a so-called "web beacon", i.e. a pixel-sized file that is retrieved from our server when the newsletter is opened or, if we use a shipping service provider, from their server. In the course of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and the time of the retrieval, are initially collected.

This information is used for the technical improvement of our newsletter based on the technical data or the target groups and their reading behavior based on their retrieval locations (which can be determined with the help of the IP address) or the access times. This analysis also includes determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can indeed be assigned to individual newsletter recipients. However, it is neither our intention nor, if used, that of the dispatch service provider to observe individual users. Rather, the evaluations serve us to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.

The evaluation of the newsletter and the measurement of its success are carried out, subject to the express consent of the users, on the basis of our legitimate interests for the purpose of using a user-friendly and secure newsletter system that serves both our business interests and meets the expectations of the users.

A separate revocation of the performance measurement is unfortunately not possible, in this case the entire newsletter subscription must be cancelled, or it must be contradicted.
The following types of data are processed by us in this context: Inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), meta/communication data (e.g. device information, IP addresses), usage data (e.g. websites visited, interest in content, access times). The data subjects in this processing are our communication partners, whose data we process for the purpose of direct marketing (e.g. by e-mail or postal mail). Our legal basis here is your consent pursuant to Art. 6 para. 1 p. 1 lit. a DSGVO and our legitimate interest pursuant to Art. 6 para. 1 p. 1 lit. f. DSGVO.

Option to object (opt-out): You can cancel the receipt of our newsletter at any time, i.e. revoke your consent or object to further receipt. You will find a link to cancel the newsletter either at the end of each newsletter or you can otherwise use one of the above contact options, preferably e-mail, for this purpose.

Our service provider for newsletter dispatch is CleverReach: Email Marketing Platform; Service Provider: CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede, Germany; website:; privacy policy:

Search function Findologic
Use of FINDOLOGIC for Product Discovery

For product discovery, in particular search and navigation, we use the services of FINDOLOGIC GmbH, Jakob-Haringer-Str. 5a, 5020 Salzburg, Austria, a technology company that attempts to address personal needs and preferences through data analysis. In doing so, cookies are used to store information about the website user and various data is transferred to the service provider, these include in particular the IP address and browser identification of the user, as well as associated behavioral data such as search queries, categories visited, selected filters, products viewed and purchased. This helps us understand which products our users are most interested in and optimize the shopping experience for them.

This information may be transferred to third parties if required by law or if third parties process it on behalf of FINDOLOGIC.

A contract for order processing has been concluded with FINDOLOGIC.

Please note that the stored IP addresses are anonymized after 6 months.

If you have any further questions on this subject, simply send an e-mail to the data protection coordinator at Further information on data protection at FINDOLOGIC can be found at the following link:

Push notifications
If push notifications are activated by you for this website through the "Signalize" service, a function of your Internet browser or mobile operating system is used to provide the notifications to you. Only anonymous or pseudonymous data is transmitted for sending messages. Depending on the configuration of the website, this can be:

  • Pseudonymous user identifier: a randomly generated value (example: 108bf9a85547edb1108bf9a85547edb1), which is stored in a tracking cookie ID.
  • Pseudonymous digital fingerprints, pseudonymous mobile device identifiers, and pseudonymous cross-device identifiers, if applicable.
  •  Pseudonyme digitale Fingerprints, pseudonyme mobile Gerätekennziffern und ggf. pseudonyme Cross-Device-Identifier

This data is processed only to deliver the notifications you have subscribed to and to make notification-related settings. We ask for your consent to store this data. The legal basis for data processing in this case is Art. 6 (1) lit. a DSGVO. You can object to receiving notifications at any time via the settings of your browser or mobile device. Information about opting out for push notifications can be found here.

In order to make the push notifications meaningful for you in terms of content, we use the preferences collected on the basis of a pseudonymous user profile by means of tracking pixels and, with consent, also by means of cookies, and merge your notification ID with the user profile of the website solely for the purpose of personalized messaging. Tracking technology is also used for statistical analysis of notifications on our behalf. This makes it possible to determine whether a notification was delivered and whether it was clicked on. The data thus generated is processed and stored on our behalf by etracker GmbH of Hamburg, which provides the Signalize service, exclusively in Germany and is thus subject to strict German and European data protection laws and standards. etracker has been independently audited and certified in this regard and is entitled to bear the ePrivacyseal data protection seal of approval.

Data processing for statistical analysis of the notifications as well as to better adapt future notifications to the interests of the recipients is based on our legitimate interest in personalized direct advertising pursuant to Art. 6 (1) lit. f DSGVO. Since the privacy of our visitors is very important to us, data that may allow a reference to an individual person, such as the IP address, login or device identifiers, are anonymized or pseudonymized as soon as possible. A direct reference to a person is thereby excluded. No other use is made of the data, nor is it merged with other data or passed on to third parties.

4. Who receives your data?
Data will only be passed on to third parties if you have given your consent or if there is a legal obligation to do so.

Under these conditions, recipients of personal data can be in particular:

  •  Law enforcement authorities
  •  Other companies of Hänsch GmbH

Commissioned service providers may also receive such data if they meet the special confidentiality requirements of Hänsch GmbH. These may be, in particular, companies in the categories of IT services, consulting, and sales and marketing. Appropriate data protection agreements are then made with the service providers.

5. When will your data be deleted?
If the data mentioned in these notes is no longer required for the original purpose, it will be deleted. Something else only applies if their - temporary - further processing is required for other purposes.

If a different storage period is defined for certain services, you will find this in the description of the respective service.

6. Will your data be transferred to a third country or to an international organization?
As a matter of principle, data that Hänsch GmbH receives as a result of your visit to this website will not be transmitted to international organizations or to third countries (countries outside the European Economic Area - EEA). Insofar as Hänsch GmbH uses analysis services, you will find the explanations above under section 3.2 Use of cookies.

7. Is your data used for automated decision-making or profiling?
Data from your visit to this website will not be used for automated decision-making within the meaning of Art. 22 DSGVO.

8. Data protection information in the application process
We process applicant data only for the purpose of and within the scope of the application process in accordance with legal requirements. Applicant data is processed for the fulfillment of our (pre)contractual obligations in the context of the application procedure within the meaning of Art. 6 para. 1 lit. b. DSGVO Art. 6 para. 1 lit. f. DSGVO insofar as the data processing becomes necessary for us, e.g. within the scope of legal procedures (in Germany, § 26 BDSG also applies).

The application procedure requires applicants to provide us with applicant data. The necessary applicant data are marked if we offer an online form, otherwise they result from the job descriptions and basically include the personal details, postal and contact addresses and the documents belonging to the application, such as cover letter, CV and the certificates. In addition, applicants may voluntarily provide us with additional information.

By submitting their application to us, applicants consent to the processing of their data for the purposes of the application process, in accordance with the type and scope set out in this data protection information. Insofar as special categories of personal data within the meaning of Art. 9 (1) DSGVO are voluntarily communicated within the scope of the application procedure, their processing is additionally carried out in accordance with Art. 9 (2) lit. b DSGVO (e.g. health data, such as severely disabled status or ethnic origin). Insofar as special categories of personal data within the meaning of Art. 9 (1) DSGVO are requested from applicants as part of the application process, their processing is additionally carried out in accordance with Art. 9 (2) a DSGVO (e.g. health data, if this is necessary for the exercise of the profession).

Applications can be sent to us via e-mail. It should be noted here that e-mails are generally not sent encrypted and applicants must ensure encryption themselves. We can therefore accept no responsibility for the transmission path of the application between the sender and receipt on our server.

The data provided by applicants may, in the event of a successful application, be further processed by us for the purposes of the employment relationship. Otherwise, if the application for a job offer is not successful, the general statutory retention and deletion periods apply. We delete the data within the scope of the application process, subject to a justified revocation by the applicants, in accordance with the relevant legal provisions after completion of the respective job filling process. Access to and use of the personal data by our company is then no longer possible. Information on the processing and use of your application data is available here.

9. What rights do you have when it comes to the processing of your data?
You have the following rights vis-à-vis Hänsch GmbH regarding the personal data concerning you:

Right to information
Right to correction or deletion
Right to restriction of processing
Right to data portability
Right to revoke consent given

9.1 Information about your right to object according to Art. 21 DSGVO

Individual right of objection
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out on the basis of Article 6 (1) sentence 1 lit. e DSGVO (data processing in the public interest) and Article 6 (1) sentence 1 lit. f DSGVO (data processing on the basis of a balance of interests); this also applies to profiling based on this provision within the meaning of Article 4 No. 4 DSGVO.

If you object, your personal data will no longer be processed by Hänsch GmbH. Unless the company can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms. Or the processing serves the assertion, exercise or defense of legal claims.

Objection to the processing of your data for direct marketing purposes.
In individual cases, Hänsch GmbH processes your personal data for direct advertising. You have the right to object at any time to the processing of personal data concerning you for the purposes of such advertising; this also applies to profiling, insofar as it is associated with such direct advertising.

If you object to processing for direct marketing purposes, the Hänsch GmbH will no longer process your personal data for these purposes.

The objection can be made form-free and should preferably be addressed to:

Hänsch GmbH
Schützenstraße 21
D - 49770 Herzlake
E-Mail: datenschutz[at]

You also have the right to lodge a complaint with a supervisory authority for data protection in connection with the processing of your personal data:

The State Commissioner for Data Protection of Lower Saxony
Prinzenstraße 5
30159 Hannover
T elephone: 0511 120-450

10. Modification and updating of the data protection information
We ask you to inform yourself regularly about the content of our data protection information. We adapt the data protection information as soon as the changes in the data processing carried out by us make this necessary. We will inform you as soon as the changes require an act of cooperation on your part (e.g. consent) or other individual notification.

Insofar as we provide addresses and contact information of companies and organizations in this data protection notice, please note that the addresses may change over time and please check the information before contacting us.

Status: 22.09.2022