Privacy Policy
Privacy Policy and Legal Information
Last Updated: September 17, 2025
This notice informs you, pursuant to Articles 13 and 14 of the GDPR, about the processing of personal data when visiting our website.
1. Controller
Spectral Service AG
Emil-Hoffmann-Str. 33, 50996 Cologne, Germany
Telefon: +49 2236 96947-0
E-Mail: info@spectralservice.de
Web: https://www.spectralservice.de
Emil-Hoffmann-Str. 33, 50996 Cologne, Germany
Telefon: +49 2236 96947-0
E-Mail: info@spectralservice.de
Web: https://www.spectralservice.de
If you have any questions regarding this policy or the handling of personal data within our company, you may contact our external Data Protection Officer:
Klaus Pampuch
Frankenforster Str. 44
51427 Bergisch Gladbach, Germany
www.five.consulting.de
datenschutz@five.consulting
Frankenforster Str. 44
51427 Bergisch Gladbach, Germany
www.five.consulting.de
datenschutz@five.consulting
2. Hosting & Operation of the Website
Our website is hosted by IONOS SE, Elgendorfer Straße 57, 56410 Montabaur, Germany. All data collected when visiting this site (e.g., server log files) is processed exclusively on servers located in Germany. A data processing agreement pursuant to Art. 28 GDPR has been concluded with IONOS. Server location: Germany.
Purpose/Legitimate Interests: Provision of the website, stability, IT security (Art. 6(1)(f) GDPR).
Storage Period: Deletion/Anonymization by the hosting provider as soon as data is no longer required for the purposes.
3. Accessing the Website (Server Log Files)
With every access, we or our hosting provider automatically process, among other things: IP address, date/time, accessed content, referrer, and user-agent.
Legal Basis: Art. 6(1)(f) GDPR (technical operation / defense against attacks).
Obligation to Provide Data: Without this data, provision of the website is technically not possible.
4. Cookies, Local Storage & Consents
We use cookies and similar technologies. Non-essential technologies (e.g., for statistics) are only activated after your consent (§ 25(1) TTDSG in conjunction with Art. 6(1)(a) GDPR). Essential cookies are based on § 25(2) TTDSG and Art. 6(1)(f) GDPR.
We use the Complianz consent banner in WordPress. Consent is not logged in a personally identifiable way; only your consent status is stored locally on your device (e.g., consent cookie/local storage).
Withdrawal/Adjustment of Consent:
You can withdraw or adjust your consent at any time with future effect.
You have loaded the Cookie Policy without javascript support. On AMP, you can use the manage consent button on the bottom of the page.
The list of cookies/tools used on this website, including their purposes and storage periods, is available in the cookie banner and the linked cookie information.
5. Third-Party Services
5.1 Google Maps
We embed maps from Google Maps (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) to conveniently display locations. When viewing the map, Google processes, among other things, your IP address and device information; data may be transferred to Google servers in third countries (including the USA).
Legal Basis: Your consent (Art. 6(1)(a) GDPR, § 25(1) TTDSG). The map loads only after your consent (two-click/consent solution).
Data Transfer to the USA: For certified companies, an adequacy decision exists under the EU-US Data Privacy Framework; in addition, Google relies on Standard Contractual Clauses.
5.2 Web Analytics with Google Analytics (GA4)
We use Google Analytics 4 (Google Ireland Ltd.) for audience measurement. GA4 only sets cookies/similar technologies after your consent.
– IP addresses are not logged or stored in GA4; for EU users, IPs are discarded before logging and processed via EU domains/servers.
– Data region and granularity controls are available.
– The retention of event data in GA4 can be configured (typically 2–14 months).
Legal basis: Consent (Art. 6 (1) (a) GDPR; Sec. 25 (1) TTDSG).
Data transfer: As explained above regarding the DPF; in addition, Standard Contractual Clauses apply.
You can withdraw or modify your consent at any time via
You have loaded the Cookie Policy without javascript support. On AMP, you can use the manage consent button on the bottom of the page.
.6. Contacting Us
When you contact us via email or telephone, we process the data you provide (e.g., name, contact details, company, content of the inquiry).
Purpose/Legal Basis: Processing your inquiry and, where applicable, pre-contractual communication (Art. 6(1)(b) GDPR); documentation, traceability, and IT security (Art. 6(1)(f) GDPR). Where legally required, archiving is performed for statutory retention obligations (e.g., HGB/AO), Art. 6(1)(c) GDPR.
Storage Period: Requests remain stored in our email systems for the duration of processing and thereafter in line with statutory retention requirements. After expiry, data is deleted or anonymized.
Objection/Deletion: You may object to processing at any time on grounds relating to your particular situation (Art. 21 GDPR). Please send objections or deletion requests to info@spectralservice.de.
7. Recipients & Categories of Data
Processors: IONOS (hosting), IT maintenance/service providers (Art. 28 GDPR).
Independent Third Parties: Google (Maps/Analytics/reCAPTCHA after your consent).
Data will only be disclosed otherwise where a legal basis exists.
8. Third-Country Transfers
When using Google services, data may be transferred to third countries (notably the USA). For certified U.S. recipients, an adequacy decision applies under the EU-US Data Privacy Framework. Where necessary, Standard Contractual Clauses and supplementary safeguards are used.
9. Security Measures
We use TLS encryption and take appropriate technical and organizational measures to protect your data (Art. 32 GDPR).
10. Obligation to Provide Data
The provision of personal data is not legally required for purely informational visits. For technically essential data/consent, provision is necessary to deliver the website.
11. Your Rights
You have the rights, under the legal conditions, to: Access, rectification, erasure, restriction of processing, data portability; Object to processing based on Art. 6(1)(e) or (f) GDPR; Withdraw consent at any time with future effect.
Right to lodge a complaint: You may lodge a complaint with a supervisory authority, in particular at your habitual residence, place of work, or the place of the alleged infringement. For NRW:
Landesbeauftragte für Datenschutz und Informationsfreiheit NRW (LDI NRW), Kavalleriestraße 2-4, 40213 Düsseldorf, Germany; https://www.ldi.nrw.de
Landesbeauftragte für Datenschutz und Informationsfreiheit NRW (LDI NRW), Kavalleriestraße 2-4, 40213 Düsseldorf, Germany; https://www.ldi.nrw.de
12. Updates & Changes
We will update this privacy policy if technical or legal changes make it necessary. The current version is always available on this page.