Website Privacy Statement

In accordance with the requirements for a functional and user-friendly website, our processing of personal data (hereafter referred to simply as “data”) is limited to what is necessary for maintaining the website’s content and services.

Under Article 4(1) of the General Data Protection Regulation (GDPR) of the EU, Regulation (EU) 2016/679, “processing” encompasses various operations on personal data. These operations include, but are not limited to, collecting, recording, organizing, structuring, storing, adapting, altering, retrieving, consulting, using, disclosing by transmitting, disseminating, making available, aligning, combining, restricting, erasing, or destroying the data, whether these actions are automated or not.

This privacy policy aims to provide detailed information about the nature, extent, purpose, duration, and legal basis of the data processing that we conduct or share with others. Additionally, we outline the third-party elements incorporated into our website to enhance functionality and user experience, which may involve these third parties processing the data they acquire and control.

The structure of our privacy policy is as follows:

I. Information about us as controllers of your data

II. The rights of users and data subjects

III. Information about the data processing

I. Information about us as controllers of your data

The party responsible for this website (the „controller“) for purposes of data protection law is:

AppSphere AG
represented through the executive board: Dipl. Ing. (FH) Frank Roth, Dipl. Ing. Frank Seibert, Daniel Vollmer

Ludwig-Erhard-Straße 2
76275 Karlsruhe

Tel: +49 7243 34887-0
Fax: +49 7243 34887-99

Register Court: Amtsgericht Mannheim
Register number: HRB709034

The controller’s data protection officer is:

Dr. Jörg Kümmerlein
secopan GmbH
Am Schoenblick 14
71229 Leonberg
Tel: 07152-5695810
Fax: 03212-1144458

II. The rights of users and data subjects

Users and data subjects, in the context of the data processing activities detailed below, have certain rights. These include:

  1. The right to verify if their data is being processed, access the specific data being processed, receive additional information on the data processing, and obtain copies of the data, as per Art. 15 GDPR.
  2. The right to rectify or complete any inaccurate or incomplete data concerning them, in accordance with Art. 16 GDPR.
  3. The right to have their data deleted promptly, as outlined in Art. 17 GDPR, or if further processing is required as per Art. 17 Para. 3 GDPR, the right to restrict processing according to Art. 18 GDPR.
  4. The right to receive and transfer to other providers/controllers the data concerning them, as per Art. 20 GDPR.
  5. The right to lodge complaints with the supervisory authority if they feel the processing of their data breaches data protection regulations, see Art. 77 GDPR.

Furthermore, the controller is required to inform all recipients of any corrections, deletions, or restrictions of processing the data per Art. 16, 17 Para. 1, 18 GDPR. However, this obligation is waived if it is impossible or requires disproportionate effort. Users, nonetheless, have the right to be informed about these recipients.

Also, as per Art. 21 GDPR, users and data subjects have the right to object to the future processing of their data by the controller as described in Art. 6 Para. 1 lit. f) GDPR, particularly in the case of data processing for direct marketing purposes.

III. Information about the data processing

Data processed when using our website will be deleted or blocked as soon as the purpose for its storage is no longer applicable, unless its deletion conflicts with any statutory storage obligations or other stipulations.

Follow-up comments

If you post comments on our website, you have the option to subscribe to any subsequent third-party comments. To notify you of these comments, your email address will be processed.

The basis for this is Art. 6 Para. 1 lit. a) GDPR. You can revoke your consent to this subscription under Art. 7 Para. 3 GDPR at any time, either by notifying us or through the unsubscribe link in each email.


a) Session cookies

Our website uses session cookies, small text files stored on your computer by your browser. These cookies process certain information like your browser, location data, or IP address, enhancing the website’s user-friendliness, efficiency, and security, such as by enabling language selection or shopping cart functionality.

The legal basis for these cookies, when used for initiating or processing contractual relationships, is Art. 6 Para. 1 lit. b) GDPR. If the processing serves other purposes, our legitimate interest in improving website functionality is the basis, under Art. 6 Para. 1 lit. f) GDPR. Session cookies are deleted when you close your browser.

b) Third-party cookies

Our website does not use cookies from companies with whom we cooperate for the purpose of advertising, analyzing, or improving the features of our website.

c) Disabling cookies

You can refuse or delete cookies through your browser settings. The steps vary depending on the browser. For flash cookies, adjustments must be made in the Flash player settings. Restricting cookies may impact website functionality.


When you contact us via email or contact form, the provided data is processed to handle your request. We require this data to respond to your inquiry; without it, we may not be able to respond fully or at all.

The legal basis for this data processing is Art. 6 Para. 1 lit. b) GDPR.

Your data will be deleted once your inquiry is fully addressed, unless there is a legal obligation to retain the data, such as arising from subsequent contracts or orders.

Server data

For technical reasons, your internet browser transmits data to us or our server provider, including browser type/version, operating system, referrer URL, visited webpages, date/time of visit, and IP address. This data, stored temporarily, is separate from other data you may provide.

The basis for this storage is Art. 6 Para. 1 lit. f) GDPR, aimed at improving, stabilizing, and securing our website. Data is deleted within no more than seven days unless needed for evidentiary purposes.

Facebook Presence

For advertising, communication, and interaction with interested parties or customers, we have established a presence on the Facebook platform, in partnership with Meta Platforms Ireland Limited, located at 4 Grand Canal Square, Dublin 2, Ireland.

The Facebook data protection officer can be contacted through this link: Facebook Contact Form. We have outlined our shared responsibilities under GDPR in an agreement, available here: Facebook Terms.

The processing of personal data on Facebook, which may include personal information, IP addresses, and more, is based on Art. 6 Para. 1 lit. f GDPR, driven by our goals in analysis, communication, sales, and promotional activities. Consent, as per Art. 6 Para. 1 lit. a GDPR, can be revoked anytime as stated in Art. 7 Para. 3 GDPR.

Facebook Ireland Ltd. uses this data for statistical analysis, market research, and advertising, creating user profiles for targeted advertising. Your data is linked to your user account if you are logged into Facebook during your visit.

Any personal data provided to us via Facebook will be processed for handling your inquiries and deleted afterwards, unless legal retention obligations arise.

Cookies set by Facebook Ireland Ltd. can be managed or refused via browser settings. Specific instructions depend on the browser and Flash player used. Please note that blocking cookies may affect your experience on Facebook. For more information, visit Facebook Privacy Policy.

Processing by Facebook Ireland Ltd. may occur in the United States by Meta Platforms, Inc., 1601 Willow Road, Menlo Park, California 94025.

Instagram Presence

Similarly, for advertising and communication purposes, we are active on the Instagram platform, co-managed with Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

The Instagram data protection officer is reachable through this link: Instagram Contact Form. Joint responsibilities under GDPR are detailed in this agreement: Instagram Terms.

The legal foundations for processing data on Instagram are identical to Facebook, based on Art. 6 Para. 1 lit. f GDPR, with user consent as an alternative basis. This consent can be withdrawn anytime.

Facebook Ireland Ltd. processes Instagram data for user analysis and advertising, linking it to user accounts if logged in during site access.

Data provided through Instagram interactions is used for query processing and is retained or deleted based on legal requirements.

Instagram cookies can be managed through browser settings, with detailed guidelines depending on your browser and Flash player. Restricting cookies may impact functionality on Instagram. For more details, visit Instagram Privacy Policy.

Processing in the United States by Meta Platforms, Inc. is a possibility.

LinkedIn Presence

Our LinkedIn presence serves to showcase our company and communicate with clients and prospects. LinkedIn is managed by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland, a subsidiary of LinkedIn Corporation, USA.

This international data processing may pose certain risks, such as difficulty in accessing user data. Our access to this data is limited to LinkedIn’s provisions.

For more information on LinkedIn’s data processing, please see their privacy policy at LinkedIn Privacy Policy.

General Social Media Links

We provide links to various social media platforms (Facebook, Instagram, LinkedIn) for enhanced user interaction and experience. The integration of these links is based on Art. 6 Para. 1 lit. f GDPR, aimed at improving website usability.

Clicking these links may lead to data collection by these platforms, including IP addresses, user activity, and more. This data can be associated with user accounts if logged in simultaneously. To prevent this, users should log out before clicking or adjust account settings.

These platforms’ privacy policies are available at their respective links: