1. Subject of data protection, legal basis and sources


The subject of data protection is personal data. Personal data is any information relating to an identified or identifiable natural person (so-called data subject). Consequently, your personal data includes all data that allow your person to be identified, such as your name, address, telephone number or e-mail address. Personal data also includes information that necessarily arises through the use of our website, such as the beginning, end and extent of use or your IP address.

Personal data is also collected if you provide it to us for the performance of a contract (contract data).

We will only process your data if an applicable legal provision allows us to do so. In this context, we will base the processing of your data on the following legal bases, among others:

  • Consent (Art. 6 para. 1 p. 1 letter a DSGVO): we will only process certain data on the basis of your previously given explicit and voluntary consent. You have the right to revoke your consent at any time with effect for the future.
  • Fulfillment of a contract or implementation of pre-contractual measures (Art. 6 para. 1 p. 1 letter b DSGVO): In particular for the initiation or implementation of your contractual relationship with space one, we require certain data from you.
  • Fulfillment of a legal obligation (Art. 6 para. 1 p. 1 letter c DSGVO): In addition, we process your personal data to fulfill legal obligations such as regulatory requirements or commercial and tax retention obligations.
  • Safeguarding legitimate interests (Art. 6 para. 1 sentence 1 letter f DSGVO): space one will process certain data to safeguard its interests or the interests of third parties. However, this only applies if your interests are not overridden in the individual case.

Please note that this is not a complete or exhaustive list of possible legal bases, but merely examples intended to make the legal bases under data protection law more transparent. For more details on the legal basis of the individual data processing on our website, please refer to the explanations in the following paragraphs.


This personal data originates from the following sources:

  • Predominantly from yourself, in particular through your use of our website, from your contact inquiries and, if applicable, information provided when concluding a contract.

  1. Server log data

You can visit our website without providing any personal information. By visiting our website, the following information about the access can be stored:

  • IP address of the requesting end device,
  • Retrieved file,
  • The http response code,
  • The previous website from which you visit the website (referrer URL),
  • Date, time and time zone of the server request,
  • Browser type and version,
  • Operating system used by the requesting end device,
  • Search term with which the website was found, for example via Google.


We process this data on the basis of Art. 6 para. 1 sentence 1 letter f DSGVO to provide the website, to ensure the technical operation and security of our information technology systems. In doing so, we pursue the interest of enabling and permanently maintaining the use of our website and its technical functionality. When you access our website, this data is automatically processed. Without this provision, you cannot use our website. We do not use this data for the purpose of drawing conclusions about your identity.

The automatically collected data is usually deleted after 7 days, unless we exceptionally need it longer for the above purposes. In such a case, we delete the data immediately after the purpose ceases to apply.

You cannot object to the collection and storage of your server log data, as this data is absolutely necessary for the smooth operation of the website.


  1. Communication via e-mail and contact form

If you contact us by e-mail, the collection, processing and use of your voluntarily provided contact data (such as name, e-mail address) is only for the purpose of either receiving and possibly answering your request(s) as well as for technical administration.

In the "Contact" section, you can also contact us via a contact form. When you use this contact form, we collect and store the following data:

  • Name,
  • E-mail address,
  • Message


Furthermore, you can voluntarily provide us with:

  • Subject,
  • Company


The data you provide will be transmitted by your browser to our server, where it will be converted into an e-mail, which will then be sent to us. The collection, processing and use of your contact data is only for the purpose of receiving and, if necessary, answering your inquiry.

The processing of data transmitted in the context of a communication via contact form or by e-mail is based on Art. 6 para. 1 sentence 1 letter b DSGVO, if it is about the initiation of a contractual relationship, or on Art. 6 para. 1 sentence 1 letter f DSGVO. In the latter case, we have a legitimate interest in processing contact requests voluntarily addressed to us.

We will delete the data you have provided as soon as the purpose for which it was collected ceases to apply completely, subject to the fulfillment of any continuing statutory retention obligations.

Insofar as your data is processed on the basis of legitimate interests, you can object to the storage of your personal data at any time. In this case, we will no longer process your data unless we can prove a legitimate interest in this or are otherwise legally obliged to store it. To exercise your right of objection regarding storage, please contact us in writing, by fax or by e-mail.

Please note, however, that we cannot guarantee complete data security, especially when communicating via contact form and e-mail. Therefore, please refrain from sending confidential information, such as bank or credit card data, etc., via these means. We recommend that you use a secure transmission channel, such as letter post, for sending confidential information.


  1. Cookies


The website uses cookies and similar technologies such as HTML5 storage (hereinafter collectively referred to as "cookies") in order to be able to optimally design the website. Among other things, this enables easier navigation and a high level of user-friendliness.

Cookies are small identifiers that our web server sends to your browser and that your terminal device stores if the appropriate default setting is selected.

Cookies are small identifiers that our web server sends to your browser and that your terminal device stores if the corresponding default setting is selected. These can be used to determine whether there has already been communication from your end device to us.  In this way, they serve the purpose of making the use more comfortable for you and optimizing our offer. We differentiate according to whether the cookie is technically mandatory, whether it was set by our website itself or by third parties. For detailed information on the type, function, purposes, legal basis and objection options for data processing in the case of cookies, please refer to the provisions below:

If you use our website, you will be informed by us about the use of cookies and agree to the use and storage of cookies on your terminal device. You can object to the storage of cookies at any time by selecting "do not accept cookies" in your browser settings. For the procedures for managing and deleting cookies in your browser settings, please refer to the help function of your browser. In addition, you can also disable all cookies using free browser add-ons, such as "Adblock Plus" ( in combination with the "EasyPrivacy" list ( "Ghostery" ( If you do not accept cookies, however, this may lead to functional limitations of the website.


a) Absolutely necessary cookies

We use the following cookies on our website that are absolutely necessary for the functioning of our website, in the storage of which we have a legitimate interest, as otherwise we would not be able to offer our website with certain basic functionalities.




Storage Duration

Transient Cookies

Temporary storage of data (e.g. form or login)


Login Cookies

Storage of login data




The data processing is carried out to protect our legitimate interests on the basis of Art. 6 para. 1 p. 1 letter f DSGVO. In this respect, our legitimate interest results from the purposes of use outlined.


b) Additional own cookies

Additional own cookies that are not absolutely necessary to use the website (also called "first party cookies") fulfill important tasks. They enable comfortable browsing on our website, such as pre-filled forms. Furthermore, they allow us to respond to you with customized offers. We use the following additional first party cookies on our website:




Storage Duration






Data processing is carried out to protect our legitimate interests on the basis of Art. 6 (1) p. 1 letter f DSGVO. Our legitimate interest in this respect results from the purposes of use outlined.


c) Cookies from third-party providers

For the integration of content or functions of third-party providers (see the following paragraphs), we use cookies from third-party providers (also called "third-party cookies"), which enable them, for example, to obtain the information that you have accessed this website. Please visit the third party website for more information about their use of cookies. We use the following third-party cookies:





Third-Party Provider

Storage Duration



Google Analytics 




Google AdWords 




Google Remarketing



Data processing is carried out to protect our legitimate interests on the basis of Art. 6 (1) sentence 1 letter f DSGVO. In this respect, our legitimate interest results from the purposes of use outlined.

For further details and options to object to data processing in the case of third-party cookies, please refer to the descriptions below of the individual functions that are based on the use of such cookies or cookie-like technologies.

  1. Google Analytics


This website uses Google Analytics, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). Google Analytics uses third-party cookies to identify the frequency of use of certain areas of our website and preferences. The information generated by the cookie about your use of our website (including your shortened IP address) is usually transmitted to a Google server in the USA and stored there. The data processing is thereby based on our legitimate interests within the meaning of Art. 6 (1) letter f DSGVO, namely our interest in the analysis, optimization and economic operation of our online offer. Google is certified under the Privacy Shield agreement and thereby offers a guarantee of compliance with European data protection law.

Google will use this information on our behalf and on the basis of an order processing agreement in order to evaluate your use of our website, compile reports on website activity for us and provide us with other services relating to website activity and internet usage.

We only use Google Analytics with IP anonymization activated. This means that the IP address of the user is shortened by Google within member states of the European Union (EU) or in other contracting states of the Agreement on the European Economic Area (EEA). Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. The IP address transmitted by your browser is not merged with other data from Google.

The data is deleted as soon as it is no longer required for our recording purposes. In our case, this is usually the case after 14 months.

You can prevent the storage of cookies for Google Analytics through appropriate browser settings or browser add-ons. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the further processing of this data by Google by downloading and installing the browser plugin available at the following link:


For more information on data usage by Google, settings and opt-out options, please visit Google's websites at the following links: ("Data use by Google when you use our partners' websites or apps"), ("Data Use for Advertising Purposes"), ("Manage information Google uses to serve ads to you").


  1. Retargeting/remarketing

We use retargeting/remarketing technologies on our website to optimize our offer. The legal basis is Art. 6 para. 1 p. 1 letter f DSGVO, as we have a legitimate interest in the economic operation of our website and in optimizing our advertising and our entire online offering.


a) What is retargeting/remarketing?

On our website, data is collected on the basis of a cookie/tracking technology to optimize our advertising and the entire online offer (so-called retargeting/remarketing). This data is not used to identify you personally, but is used solely to evaluate the use of our website and, under certain circumstances, to address users who have already shown interest in our website with advertising on our website and the websites of our partners. We are convinced that the display of interest-related advertising is usually more interesting for the user than advertising that has no such personal reference. The insertion of advertising on our website or on the websites of our partners is based on an analysis of prior usage behavior. However, the creation of usage profiles is exclusively anonymized or pseudonymized. At no time will your tracking data be merged with personal data stored by us. You can find out how to deactivate retargeting/remarketing technologies in the following section of this privacy policy.


b) Google AdWords Remarketing

We use the remarketing or "similar target groups" function in AdWords of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter "Google", on this website.

Google uses cookie/tracking technologies that are stored on your terminal device and that enable an analysis of your use of the website. The information generated by the cookie/tracking technology about your use of this website (including your IP address) will be transmitted to and stored by Google on servers in the United States. The IP address is then shortened by Google by the last three digits, a clear assignment of the IP address is therefore no longer possible.

Further information on the analysis of your search and usage behavior can be found here: and

You can object to the storage and use of cookies for remarketing/retargeting purposes at any time with effect for the future by technically preventing the storage and use of cookies through appropriate browser settings or browser add-ons. You can also deactivate Google's interest-based advertising at the following link:

  1. Social media tracking tools, including "tracking pixels".

We use other tools on our website that allow us to provide you with a more personalized and interactive web experience by serving ads on your social media channels that are more relevant to you. To this end, we use cookie-based (again, please see our Cookie Policy) tools provided by the following third-party social media service providers:



In each case, we integrate code snippets from these social media providers that load a small library of functions (sometimes referred to as "tracking pixels", i.e. transparent, pixel-sized images embedded in the website with tracking function). These features allow us to track your activities on our website, such as URLs visited, domains visited, devices used and, in particular, advertising conversions (counting events when you interact with one of our advertisements, such as clicks on it and subsequent purchase of our product). These are based on the cookies set by the aforementioned third-party providers, which also allows us to compare our website visitors with the corresponding user accounts on the social media platforms.

We may also use the "Custom Audience" service of Facebook Inc. to provide you with targeted advertising. In this context, we would check whether you have an account with Facebook and use the same email address that you provided to us for this purpose and include you in a corresponding "custom audience" group. The way this works is that we provide your email address to Facebook in hashed form. This ensures that Facebook, as a processor, only processes those email addresses of users who are subscribed to its service at our instruction (for more information, please visit

You can opt-out of receiving targeted advertising messages as part of a "custom audience" group created by VISPA by clicking on an appropriate link when you select the "Why am I being shown this?" feature on the Facebook Platform (see 

Please note your options to prevent the described tracking and (re-)marketing ("opt-out").

  1. Social media plugins

On this website, social media plugins (hereinafter also "plugins"), e.g. of the social networks and platforms Facebook, Google Plus, Twitter, LinkedIn and XING are used by means of the so-called Shariff function. These services are each offered by the companies listed below (hereinafter also referred to as "providers").

  • Facebook is operated by Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA.
  • Google Plus is operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA.
  • Twitter is operated by Twitter Inc, 1355 Market St, Suite 900, San Francisco, CA 94103.
  • LinkedIn is operated by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.



As long as you do not select the sharing function of the respective provider on our website, no data is transmitted to the provider due to the Shariff function. However, after selecting one of the buttons, you will leave our website and your data will be sent to the respective provider, even if you are not logged in to that provider.


The data processing in this case is based on our legitimate interests. Your data is processed to enable you to use the aforementioned functions and use certain content within the scope of our website on the basis of Article 6(1)(f) DSGVO and to optimize our website.


For more information on the purposes and scope of data collection and the further processing and use of data by Facebook, Google Plus, Twitter, LinkedIn and XING, as well as your rights in this regard and the available settings options for protecting your privacy, please refer to the privacy notices of the providers:




If you do not want the providers to assign your visit to this website to your user account there, you must log out of the respective service before visiting this website. Even if you are not logged in to the providers, websites with active plugins may send data to the providers via the use of cookies, which allow the provider to create a pseudonymized user profile, for example.


You can deactivate the loading of the plugins - independently of the Shariff function - in the settings of your browser or by means of browser add-ons, such as "Adblock Plus" (   in combination with the "EasyPrivacy" list (  or "Ghostery" ( ; however, we would like to point out that in this case you may not be able to use all the functions of our website.


  1. Recipients of personal data

Your personal data will only be passed on by us to external recipients if this is necessary for the processing or handling of your request, if we have your consent for this or if there is another legal permission.


External recipients can be in particular:


  • Order processors: these are service providers that we use to provide services, for example in the areas of technical infrastructure and maintenance of our website. Such processors are carefully selected and regularly reviewed by us to ensure that your privacy is protected. These service providers may only use the data for the purposes specified by us and in accordance with our instructions. We are authorized to use such processors subject to the legal requirements of Article 28 of the GDPR.
  • Public bodies: These are public authorities, state institutions and other bodies under public law, e.g. supervisory authorities, courts, public prosecutors' offices or tax authorities. Personal data will only be transferred to such public bodies for legally compelling reasons. The legal basis for such a transfer is, if applicable, Art. 6 para. 1 p. 1 letter c DSGVO.
  • Non-public bodies: Service providers and auxiliary persons to whom data is transferred on the basis of a legal obligation or in order to safeguard legitimate interests, for example tax consultants or auditors. The transfer is then made on the basis of Art. 6 para. 1 sentence 1 letter c and/or f DSGVO.


  1. Data processing in third countries

If we transfer your data to third countries outside the EU or the EEA in accordance with the above, we ensure before the transfer that, apart from exceptional cases permitted by law, either an adequate level of data protection exists at the recipient or you consent to the data transfer. An adequate level of data protection is guaranteed, for example, by an EU-US Privacy Shield certification of the recipient, the conclusion of EU standard contractual clauses or the existence of so-called Binding Corporate Rules (BCR).

  1. Security

We take technical and organizational security measures to protect your personal data against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons. Our security measures are adapted to the current state of the art.


Your personal data transmitted in the course of using our website is transferred securely by us using encryption. We use the encryption protocol Transport Layer Security (TLS), more widely known under the predecessor name Secure Sockets Layer (SSL).Our employees are committed to data secrecy.

  1. Storage period

For further details on the storage period of your personal data, please refer to the respective explanations under the preceding paragraphs.


  1. Your rights

As a person affected by data processing, you are entitled to numerous rights. In detail, these are:

  • Right to information (Art. 15 DSGVO): you have the right to receive information about the data we have stored about you.
  • Right to rectification and deletion (Art. 16 and Art. 17 DSGVO): You can demand that we correct incorrect data and - insofar as the legal requirements are met - delete your data.
  • Right to restriction of processing (Art. 18 DSGVO): You can demand from us - as far as the legal requirements are fulfilled - that we restrict the processing of your data.
  • Right to data portability (Art. 20 DSGVO): If you have provided us with data on the basis of a contract or consent, you may, if the legal requirements are met, request that you receive the data you have provided in a structured and common format or that we transfer it to another controller.
  • Right to object to data processing based on legitimate interests (Art. 21 DSGVO):You have the right to object to data processing by us at any time for reasons arising from your particular situation, insofar as this is based on legitimate interests within the meaning of Art. 6 (1) sentence 1 letter f DSGVO. If you exercise your right to object, we will stop processing your data unless we can demonstrate compelling legitimate grounds for further processing that override your rights.
  • Objection to cookies: you can also object to the use of cookies at any time. If you wish to object to the use of certain cookies, please refer to our explanations under point 4.
  • Revocation of consent (Art. 7 DSGVO): If you have given us consent to process your data, you can revoke this consent at any time with effect for the future. The lawfulness of the processing of your data until the revocation remains unaffected.
  • Right of complaint to the supervisory authority (Art. 77 DSGVO): You can also file a complaint with the competent supervisory authority if you believe that the processing of your data violates applicable law. For this purpose, you can choose to contact the data protection authority responsible for your place of residence, your workplace or the place of the alleged infringement, or the data protection authority responsible for us. The supervisory authority for data protection responsible for us is the State Commissioner for Data Protection Baden-Württemberg (LfDI), reachable at Königstraße 10a, 70173 Stuttgart, Tel: 0711 615541-0, Fax: 0711 615541-15, E-Mail:, Internet:


If you have any questions regarding the processing of your personal data, your rights as a data subject and any consent you may have given, our data protection officer will be happy to help you via the communication channels mentioned in section 13. Please also contact our data protection officer directly to exercise your data subject rights.


  1. Our data protection officer

We have appointed a company data protection officer. You can reach him as follows:


Mr. Helmut Glaser

- Data Protection Officer -

space one GmbH

Mönchhaldenstrasse 27A

70191 Stuttgart

Fax: +49 (0) 711 400 543 - 90



  1. Changes

From time to time it may become necessary to adapt the content of this privacy policy. We therefore reserve the right to change it at any time. If your consent is required for a change, we will obtain it from you. We will also publish the amended version of the data protection declaration here. When you visit our website again, you should therefore read through the data protection declaration again.


Status: December 2021