CompanyPortfolioUse CasesBlogMediaCareerContact

INFORMATION OBLIGATIONS

Information for Visitors

The protection of your personal data is of particular importance to us. We therefore process your personal data (hereinafter referred to as “data”) exclusively on the basis of the applicable legal provisions. With this Privacy Notice, we would like to comprehensively inform you, in accordance with Art. 13 of the European General Data Protection Regulation (EU GDPR), about the processing of your data within our company as well as the data protection rights and claims to which you are entitled.

1. Who is responsible for data processing and who can you contact?

The controller responsible for data processing is:

e:fs TechHub GmbH
Dr.-Ludwig-Kraus-Str. 6
85080 Gaimersheim
Germany

Phone: +49 8458 39730-00
Fax: +49 8458 39730-099
E-Mail: datenschutz@efs-techhub.com

The company Data Protection Officer is:

Jürgen Beer
Projekt 29 GmbH & Co. KG
Ostengasse 14
93047 Regensburg
Germany

E-Mail: info@projekt29.de

Phone: +49 941 2986930

2. Which data is processed and from which sources does this data originate?

We process the data that we receive from you in connection with your visit to our company premises and facilities:

Personal data includes in particular:

In addition, we also process the following personal data:

3. For which purposes and on which legal basis is the data processed?

We process your data in accordance with the provisions of the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG), as amended from time to time.

• For compliance with legal obligations (Art. 6 para. 1 lit. c GDPR)

The processing of your data is necessary for the purpose of complying with legal obligations as well as implementing information security, security, and data protection requirements. This includes, in particular, measures relating to access control, the protection of confidential information, and compliance with information security standards and TISAX® requirements.

• For the purposes of legitimate interests (Art. 6 para. 1 lit. f GDPR)

Based on a balancing of interests, data processing may be carried out to safeguard our legitimate interests or those of third parties. Data processing for the protection of legitimate interests may take place, for example, in the following cases:

Assertion, exercise, or defense of legal claims

4. Who receives my data?

Where we engage a service provider as a processor within the meaning of data processing agreements, we remain responsible for the protection of your data. All processors are contractually obliged to treat your data confidentially and to process it only within the scope of the services provided.

The processors commissioned by us receive your data only insofar as this is necessary for the fulfilment of their respective services. Recipients of your data may include, in particular, IT service providers, hosting providers, operators of visitor management systems, reception services, and security service providers.

Where a legal obligation exists or in the context of legal enforcement, authorities, courts, and external auditors may also receive your data.

5. How long will my data be stored?

What data is processed?

Visitor data is generally retained only for as long as necessary to fulfil the purposes described above and in accordance with applicable statutory retention obligations. Beyond this period, data may be retained where necessary for the establishment, exercise, or defence of legal claims.

6. Will personal data be transferred to a third country?

As a general principle, we do not transfer data to third countries. Any transfer will only take place in individual cases on the basis of an adequacy decision by the European Commission, standard contractual clauses, appropriate safeguards, or your explicit consent.

7. Which data protection rights do I have?

You have the right at any time to access, rectify, erase, or restrict the processing of your stored data, the right to object to processing, the right to data portability, and the right to lodge a complaint, subject to the requirements of applicable data protection law.

Right of access:

You may request information from us regarding whether and to what extent we process your data.

Right to rectification:

If we process incomplete or inaccurate data relating to you, you may request the correction or completion of such data at any time.

Right to erasure:

You may request the deletion of your data if we process it unlawfully or if the processing disproportionately interferes with your legitimate interests worthy of protection.

Right to restriction of processing:

You may request the restriction of the processing of your data where the legal requirements are met.

Right to data portability:

You may request that we provide your data to you in a structured, commonly used, and machine-readable format.

Right to object:

Where we process your data based on legitimate interests, you may object to such processing at any time.

Right to lodge a complaint:

If you believe that we have violated German or European data protection law in processing your data, you have the right to lodge a complaint with a data protection supervisory authority.

If you wish to exercise any of the rights mentioned above, please contact our Data Protection Officer.

8. Am I obliged to provide data?

The processing of your data is required to gain access to our company premises and facilities. If you do not provide us with this data, access may not be granted.

As of May 2026