Responsible Person

The person responsible within the meaning of the General Data Protection Regulation, other data protection laws applicable in the EU member states and other data protection regulations is:

Julius-Reiber-Straße 15A
64293 Darmstadt

Local court Darmstadt
TRB 94377
VAT ID DE815570916
Managing Director: Andreas Plies

The protection of your data is our mission

We are pleased about your interest in our company and our products or services and would like you to feel secure when visiting our Internet pages, also with regard to the protection of your personal data. We take the protection of your personal data very seriously. It has always been a matter of utmost importance for us to observe the provisions of the General Data Protection Regulation and the Federal Data Protection Act (BDSG (new)).

We want you to know when we collect which data and how we use them. We have taken technical and organisational measures to ensure that the regulations on data protection are observed both by us and by external service providers commissioned by us.

Personal data

Personal data are information on your identity. This includes, for instance, details such as name, address, telephone number, e-mail address. This information is at all times processed in compliance with the requirements of the General Data Protection Regulation as well as other data law protection regulations applicable to our company.

In general, it is not necessary for you to disclose personal data in order to use our website. In certain cases, however, it may be necessary to process personal data, for example to be able to provide the services you have requested.

The same applies, for instance, for the sending of information material and ordered goods or for the answering of individual questions. Where necessary, we inform you accordingly.

If there is no legal basis for processing personal data, we will obtain your consent.

In addition, we only store and process data that you provide us voluntarily and, if applicable, data that we collect automatically when you visit our website (e.g. your IP address and the names of the pages you access, the browser you use and your operating system, date and time of access, search engines used, names of downloaded files).

If you make use of our services, as a rule only such data is collected as is required for us to provide the services. If we ask you for further data, this is voluntary information. The processing of personal data is carried out exclusively to provide the requested service and to protect our own legitimate business interests.

Purpose of the personal data

We use the personal data provided by you to answer your enquiries, process your orders or provide you with access to specific information or offers.

Of course, we will respect your choice if you do not wish to provide us with your personal data to support our customer relationship (especially for direct marketing or market research purposes). We will neither sell your personal data to third parties nor market it in any other way.

Use for specific purposes

We will collect, process and use the personal data you provide online only for the purposes communicated to you. Your personal data will not be disclosed to third parties without your express consent.

The collection of personal data and its transmission to state institutions and authorities entitled to receive information will only take place within the framework of the relevant laws or if we are obliged to do so by a court decision. Our employees and the service companies commissioned by us are required by us to maintain secrecy and to comply with the provisions of the General Data Protection Regulation.


Our Internet pages contain so-called "cookies". Cookies are small text files and do not cause any damage on your end device. They are either stored temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your end device. Session cookies are automatically deleted at the end of your session. Permanent cookies remain stored on your device until you delete them yourself or until your web browser automatically removes them. In some cases, cookies from third-party companies may also be stored on your device when you enter our site (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. cookies for the processing of payment services). Cookies have various functions. Many cookies are technically necessary because certain website functions would not work without them (e.g. the shopping basket function or the display of videos). Other cookies are used to evaluate user behaviour or display advertisements. Cookies that are required to carry out the electronic communication process or to provide certain functions that you have requested (e.g. the shopping basket function) are stored on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimised provision of his services. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time. You can set your browser so that you are informed about the setting of cookies and allow cookies only in individual cases, exclude the acceptance of cookies for specific cases or in general and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited. Insofar as cookies are used by third-party companies or for analysis purposes, we will inform you separately about this within the framework of this data protection statement and, if necessary, request your consent.

Borlabs Cookie

This website uses Borlabs cookie, which sets a technically necessary cookie (borlabs cookie) to store your cookie consent.

Borlabs Cookie does not process any personal data. The borlabs cookie stores your consent that you gave when you entered the website. If you wish to revoke these consents, simply delete the cookie in your browser. When you re-enter/reload the website, you will be asked again for your cookie consent.

Data that is automatically collected when you visit our website

When you use our internet pages, the following data is stored for organisational and technical reasons: the names of the pages you visit, the browser you use and your operating system, date and time of access, search engines used, names of downloaded files and your IP address.

Matomo (formerly Piwik)

This website uses the open-source web analysis service Matomo. Matomo uses so-called "cookies". These are text files which are stored on your computer and which enable an analysis of your use of the website. For this purpose, the information generated by the cookie about the use of this website is stored on our server. The IP address is anonymized before being saved. Matomo cookies remain on your end device until you delete them.

The storage of Matomo cookies and the use of this analysis tool are based on Art. 6 Para. 1 letter f GDPR. The website operator has a legitimate interest in the anonymised analysis of user behaviour in order to optimise both his website and his advertising. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.

The information generated by the cookie about the use of this website is not disclosed to third parties. You can prevent the storage of cookies by setting your browser software; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.

If you do not agree with the storage and use of your data, you can deactivate the storage and use here. In this case an opt-out cookie is deposited in your browser, which prevents Matomo from saving usage data. If you delete your cookies, the Matomo Opt-Out-Cookie will be deleted as well. The Opt-Out must be reactivated when you visit this website again.

External Hosting

This website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster's servers. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses and other data generated by a website. The use of the hoster is for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f DSGVO). Our hoster will only process your data to the extent necessary to fulfil its performance obligations and will follow our instructions with regard to this data.

Conclusion of a contract for order processing: In order to guarantee data protection compliant processing, we have concluded a contract for order processing with our host.

1&1 Telecommunication SE
Elgendorfer Str. 57
56410 Montabaur
+49 (0) 721 96 00

Contact options via the website

Due to legal regulations, our website contains information that enables rapid electronic contact with us and direct communication with us. This includes the indication of an e-mail address as well as a contact form if necessary.

If you contact us by e-mail or via a contact form, the personal data you provide will be stored automatically. The data you voluntarily provide us with will be stored for the purpose of processing your request or contacting you. They will not be passed on to third parties.

Support requests

The user may contact AUTHADA GmbH by e-mail at with questions regarding the AUTHADA Identification Service. To process these inquiries AUTHADA GmbH uses the helpdesk software of weclapp SE, Neue Mainzer Straße 66 - 68, 60311 Frankfurt am Main. weclapp SE hosts its data in the data center 1 & 1 IONOS Cloud GmbH, Greifswalder Straße 207, 10405 Berlin.

Personal data collected by AUTHADA this way may be:

  • E-mail address in case of user request by e-mail
  • All personal data contained in the e-mail

In case of a support request the data will be stored on the systems of weclapp SE. Personal data will solely be used to answer the respective request. The contents of the support request are stored and used to improve the AUTHADA Identification Service. The processing of this data at AUTHADA GmbH is governed by Art. 6 Para. 1 lit. a GDPR and Art. 6 Para. 1 lit. f GDPR.

The personal data of each support request will be automatically deleted after 6 months.

Deletion and blocking of personal data

We process personal data of affected persons only as long as it is necessary to achieve the underlying purpose or as long as this has been provided for by legal regulations to which our company is subject. If the purpose of storage no longer applies or if a statutory storage period provides for this, personal data will be deleted in accordance with the statutory provisions unless we are legally obliged to store this data. In these cases the data will be blocked.

Rights of data subjects

To exercise each of the rights specified below, you can contact our data protection officer directly or any other employee.

Right to information

You can obtain information and a copy of the personal data stored about you and processed by us free of charge at any time.

This right of access shall include information on the purposes of the processing, the categories of personal data to be processed, the recipients or categories of recipients to whom the personal data have been or will be disclosed, and where possible, the envisaged duration for which the personal data will be stored, or if not possible, the criteria for determining this duration, the existence of the right to rectify or erase the personal data concerning you or to limit or object to the processing by us, the existence of a right of appeal to a supervisory authority and, if the data has not been collected from you, all available information on the origin of the data and the existence of automated decision-making including profiling pursuant to Art. 22 para. 1 and 4 GDPR and, at least in these cases, meaningful information on the logic involved and the scope and intended effects of such processing.

Furthermore, you have the right to request information as to whether your personal data has been transferred to a third country or international organisation and what appropriate guarantees exist for such transfer.

Right of rectification

Furthermore, you have the right to demand the immediate correction of incorrect personal data concerning you. In addition, you have the right to request the completion of incomplete personal data, taking into account the purposes of the processing.

Right of erasure

You also have the right to demand that the data we have stored about you be immediately erased if one of the following reasons applies: the personal data has been collected or otherwise processed for purposes for which it is no longer necessary; you revoke your consent on which the processing was based pursuant to Art. 6 para. 1 a GDPR or Art. 9 para. 2 GDPR, and there is no other legal basis for the processing; You object to the processing in accordance with Article 21 para. 1 GDPR and there are no legitimate overriding reasons for the processing, or you object to the processing in accordance with Article 21 para. 2 GDPR; the personal data have been processed unlawfully; the deletion of the personal data is necessary to comply with a legal obligation under Union law or the law of the Member States to which we are subject; the personal data have been collected in relation to information society services offered in accordance with Article 8 para. 1 GDPR.

Right to limit processing

You have the right to request that the processing of your personal data be restricted, provided that one of the following conditions is met: you contest the accuracy of the personal data, for a period of time which allows us to verify the accuracy of the personal data; the processing is unlawful and you refuse to delete the personal data and instead request the restriction of the use of the personal data; we no longer need the personal data for the purposes of the processing but you need it for the purpose of asserting, exercising or defending legal claims, or you have objected to the processing in accordance with Article 21 para. 1, as long as it is not yet clear whether the legitimate reasons of our company outweigh yours.

Right to data portability

You may at any time receive the data concerning you which you have provided us with in a common and machine-readable format. Furthermore, you have the right to transfer this data to another responsible person without being hindered by us, provided that the processing is based on a consent pursuant to Art. 6 para. 1 a GDPR or Art. 9 para. 2 a GDPR or on a contract pursuant to Art. 6 para. 1 b GDPR and the processing is carried out with the aid of automated procedures, unless the processing is necessary for the performance of a task that is in the public interest or is carried out in the exercise of official authority that has been assigned to us.

Furthermore, you can demand that personal data stored by you be transferred directly by us to another person responsible, as far as this is technically feasible and does not affect the rights and freedoms of other persons.

Right to objection

You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you, which is carried out on the basis of Art. 6, para. 1 e or f GDPR. This also applies to profiling based on these provisions.

In the event of an objection, we will no longer process the personal data unless we can prove that there are legitimate reasons for processing that outweigh your interests, rights and freedoms, or unless the processing serves to assert, exercise or defend legal claims.

Where we process your personal data for the purpose of direct marketing, you have the right to object at any time to the processing of personal data relating to you for the purpose of such marketing, including profiling, to the extent it is connected with such direct marketing. If you object to the processing for direct marketing purposes, we will no longer process your personal data for those purposes.

You have the right to object, for reasons arising from your particular situation, to the processing of personal data concerning you which is carried out for the purposes of scientific or historical research or for statistical purposes in accordance with Article 89 paragraph 1 GDPR, unless such processing is necessary for the performance of a task carried out in the public interest.

You are free to exercise your right of objection in connection with the use of information society services and notwithstanding Directive 2002/58/EC by means of automated procedures involving technical specifications.

Right of revocation

You can revoke your consent to the processing of your personal data at any time with effect for the future.

Right to confirmation

You have the right to obtain confirmation as to whether personal data concerning you are being processed.

Right to appeal to the competent supervisory authority

In the case of infringements of the GDPR, the persons concerned have a right of appeal to a supervisory authority, in particular in the Member State of their habitual residence, place of work or place of the suspected infringement. This right of appeal is without prejudice to other administrative or judicial remedies.


Automatic decision making

As a responsible company, we do not engage in automated decision making or profiling.

Duration of storage

Personal data will be deleted after expiry of the legal retention period, provided that they are no longer required for the fulfilment of the contract or the initiation of a contract

Legal basis of the processing

If you have given us your consent to process your personal data for a specific purpose, the processing is carried out on the basis of Art. 6 Para. 1 a GDPR. If such processing is necessary to fulfil a contract with you or to initiate such a contract, the processing is based on Art. 6 para. 1 b GDPR. In some cases, e.g. to fulfil tax obligations, we may be subject to a legal obligation to process personal data. In such cases, the legal basis for this is Art. 6 para. 1 c GDPR. In rare cases, processing may also take place to protect vital interests of you or another natural person. In this exceptional case, processing is carried out on the basis of Art. 6 para. 1 d GDPR. Finally, processing may also be based on Art. 6 para. 1 f GDPR. This is the case if the processing is carried out to protect a legitimate interest of our company or of a third party, provided that your interests, fundamental rights and freedoms do not prevail. Such a legitimate interest can already be assumed if you are a customer of ours. If the processing of personal data is based on Art. 6 para. 1 f GDPR, our legitimate interest is the performance of our business activities.

Provision of personal data

In some cases, the provision of personal data is required by law or contract. For this reason, it may be necessary, for example, for the purpose of concluding a contract, for you to provide us with personal data which must be processed by us. For example, you are obliged to provide personal data for the conclusion of a contract. Failure to provide such data would mean that the contract could not be concluded.

Before providing personal data, you can contact our data protection officer. He will inform you whether the provision of personal data is required by law or contract in individual cases and what the consequences would be if you did not provide the data.


As the data controller, we have taken technical and organisational security measures to protect your personal data from loss, destruction, manipulation and unauthorised access. All our employees and all persons involved in data processing are obliged to comply with the General Data Protection Regulation and other laws relevant to data protection and to handle personal data confidentially.

In the case of the collection and processing of personal data, the information is transmitted in encrypted form to prevent misuse of the data by third parties. Our security measures are continuously revised in line with technological developments.

Nevertheless, internet-based data transmissions can generally have security gaps, so that absolute protection cannot be warranted.

Changes to our data protection information

We reserve the right to change our security and data protection measures if this becomes necessary due to technical developments. In these cases, we will also adapt our data protection information accordingly. Therefore, please note the current version of our data protection information.


If you use external links which are offered within the framework of our internet pages, this data protection information does not extend to these links. Insofar as we offer links, we assure you that at the time of setting the link, no violations of applicable law were discernible on the linked internet pages. However, we have no influence on the compliance with data protection and security regulations by other providers. Therefore, please also inform yourself on the websites of the other providers about the data protection statements provided there.

The use of third-party services and content always requires that the providers of such content (hereinafter referred to as "third-party providers") perceive the IP address of the users. Without the IP address of the user, they cannot send the content to the browser of the respective user. The IP address is therefore required for the presentation of this content. We make every effort to use only those contents whose respective providers only use the IP address to deliver the contents. However, we have no influence on whether the third party providers store the IP address for statistical purposes, for example. As far as this is known to us, we inform the users about it.


With the following we inform you about the contents of our newsletter as well as about the registration, distribution and statistical evaluation procedure and inform you about your right of objection. By subscribing to our newsletter, you agree to receive it and to the described procedures.

Content of the newsletter: We send newsletters, e-mails and other electronic notifications containing advertising information (hereinafter referred to as "newsletter") only with the consent of the recipients or a legal permission. Insofar as the contents of the newsletter are specifically described in the context of a registration for the newsletter, they are decisive for the consent of the users. Furthermore, our newsletters contain information about our services and us.

Double-Opt-In and logging: The registration to our newsletter takes place via a so-called Double-Opt-In procedure. I.e. after registration you will receive an e-mail with which you will be requested to confirm your registration. This confirmation is necessary to prevent anybody from registering with third-party e-mail addresses. The registrations for the newsletter are logged in order to be able to demonstrate the registration process to be compliant with legal requirements. This includes the storage of the registration and confirmation times as well as the IP address. In addition, any changes to your data that is stored with the newsletter provider are logged.

Registration data: To subscribe to the newsletter it is sufficient to enter your e-mail address. Optionally, we ask you to enter a name in the newsletter for personal contact.

The dispatch of the newsletter and the measurement of success associated with it are based on the consent of the recipients in accordance with Art. 6 para. 1 a, Art. 7 GDPR in conjunction with § 7 para. 2 No. 3 Act against unfair competition (UWG) or, if consent is not required, on our legitimate interests in direct marketing in accordance with Art. 6 para. 1 f. GDPR in conjunction with § 7 para. 3 UWG.

The logging of the registration procedure takes place on the basis of our legitimate interests according to Art. 6 Para. 1 f GDPR. Our interest is directed to the use of a user-friendly and secure newsletter system, which serves our business interests as well as the expectations of the users and furthermore allows us the proof of consent.

Termination/revocation: You can terminate the subscription to our newsletter at any time, i.e. withdraw your consent. You will find a link to unsubscribe the newsletter at the end of each newsletter. We may store the unsubscribed e-mail addresses for up to three years on the basis of our legitimate interests before we delete them in order to be able to prove a previously given consent. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for deletion is possible at any time, provided that the former existence of a consent is confirmed at the same time.

Performance measurement

The newsletters contain a so-called "web-beacon", i.e. a pixel-sized file which is retrieved from our server or the server of our distribution service provider when the newsletter is opened. Within the scope of this query, technical information such as information on the browser and your system as well as your IP address and the time of the query are initially collected.
For technical reasons, this information can be assigned to individual newsletter recipients. However, it is neither our nor our mailing service provider's intention to observe individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.

Distribution service provider Newsletter2Go

The distribution of the newsletter is carried out by the distribution service provider Newsletter2Go GmbH, Köpenicker Str. 126, 10179 Berlin, Germany. You can view the data protection guidelines of the distribution service provider on the website of Newsletter2Go . The distribution service provider is commissioned on the basis of our legitimate interests in accordance with Art. 6 para. 1 f GDPR and a data processing agreement according to Art. 28 para. 3 sentence 1 GDPR.

The distribution service provider may use the recipient's data in pseudonymous form, i.e. without allocation to a user, to optimise or improve its own services, e.g. for technical optimisation of the distribution and presentation of the newsletter or for statistical purposes. However, the distribution service provider does not use the data of our newsletter recipients to write to them itself or to transfer the data to third parties.

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • Browser type/ browser version
  • Operating system used
  • Referrer URL
  • Host name of the accessing computer
  • Time of the server request

These data cannot be assigned to specific persons. This data will not be merged with other data sources. We reserve the right to subsequently check this data if we become aware of concrete indications of illegal use.

Social networks

AUTHADA GmbH is only liable for intent or gross negligence. We are not in a position to control or permanently observe the behavior of social network services (e.g. Facebook, Twitter, google+, YouTube, XING, LinkedIn and Pinterest) or their providers.

Google Maps

This site uses the map service Google Maps via an API. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. To use the functions of Google Maps it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer. The use of Google Maps is in the interest of an attractive presentation of our online offers and to make it easy to find the places we have indicated on the website. This represents a legitimate interest in the sense of Art. 6 para. 1 lit. f GDPR. More information on the handling of user data can be found in Google's privacy policy.

Data Protection Officer

The contact details of our data protection officer are:

Mr Mario Arndt, DEUDAT GmbH
Zehntenhofstraße 5b
65201 Wiesbaden

Tel: +49 611 950008 - 32
Fax: +49 611 950008 - 5932

Our data protection officer is available to you at any time for questions and suggestions regarding data protection.

Competent Data Protection Authority

You have the possibility to contact the above data protection officer or data protection authority. The competent data protection authority in our case is:

The Hessian Commissioner for Data Protection and Freedom of Information
Postfach 31 63
65021 Wiesbaden

Gustav-Stresemann-Ring 1
65189 Wiesbaden

Tel. 0611/1408-0
Fax 0611/1408-611


Version 12/2020