Website users


We at bitExpert AG take the protection of your personal data very seriously. Your privacy is an important concern for us. The following provisions are intended to inform you about the processing of personal data in accordance with the requirements of the General Data Protection Regulation (GDPR). In particular, in consideration of the obligations to provide information in accordance with Art. 12 to 14 GDPR. We process your personal data in the context of the respectively applicable legal data protection requirements for the purposes listed below.

Responsible authority

bitExpert AG
Industriestraße 35
68169 Mannheim

Tel: +49 621 150 217 00
Fax: +49 621 150 217 11

Privacy Policy
Our data protection officer can be reached by email at or by post at the address given above.

Scope of application

This privacy policy applies to all pages of our online network that link to this policy.

General Data Processing

In principle, we collect and use personal data of our users only to the extent necessary to provide a functional website and our contents and services. The collection and use of personal data of our users are only carried out after the consent of the user. An exception is made in those cases where prior consent cannot be obtained for factual reasons and the processing of the data is permitted by legal regulations.

Legal basis for the processing of their data:

  • Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a) of the EU General Data Protection Regulation (EU-GDPR) serves as the legal basis.
  • In the processing of personal data required for the performance of a contract to which the data subject is a party, Art. 6 para. 1 lit. b) GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.
  • Insofar as it is necessary to process personal data in order to fulfill a legal obligation to which our company is subject, Art. 6 para. 1 lit. c) GDPR serves as the legal basis.
  • In the event that vital interests of the data subject or any other natural person require the processing of personal data, Art. 6 para. 1 lit. d) GDPR is used as the legal basis.
  • If the processing is necessary to safeguard the legitimate interests of our company or a third party and if the interest, fundamental rights, and fundamental freedoms of the person concerned do not outweigh the former interest, Art. 6 para. 1 lit. f) GDPR applies as the legal basis for the processing.

Legitimate interests can be in particular:

  • the answering of inquiries;
  • the performance of direct marketing activities;
  • the provision of services and/or information intended for you;
  • the processing and transfer of personal data for internal or administrative purposes;
  • the operation and administration of our website;
  • the technical support of the users;
  • the prevention and detection of fraud and criminal offenses;
  • the protection against non-payment when obtaining creditworthiness information in connection with the requests for goods and services; and/or
  • the protection of network and data security, insofar as these interests are in accordance with the applicable law and with the rights of the user

Categories of recipients:

  • Service providers for the optimization of websites, online marketing service providers and tools, service companies for information and communication technology, companies for software and equipment maintenance, some of them are described in detail below;
  • Social networks and communities;
  • Internal recipients according to the “need to know” principle.

User data / Server log files

Whenever you visit our website, our systems automatically collect data and information from the computer system of the calling computer. The following types of data are collected: Browser type, the version used, the operating system of the user, internet service provider, IP address of the user, date and time of retrieval, websites from which the user's system has come to our website or to which the user of our website accesses. The legal basis for the temporary storage of data and log files is Art. 6 para. 1) lit. f) GDPR with the above mentioned legitimate interests. The temporary storage of the IP address by the system is necessary to enable the website to the computer of the user. For this purpose, the user's IP address must remain stored for the duration of the session.

Storage in log files is done to ensure the functionality of the website. In addition, the data is used to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context. These purposes also include our legitimate interest in data processing in accordance with Art. 6 para. 1 lit. f) GDPR. The data will be deleted as soon as they are no longer required for the purpose of their collection. In the case of the collection of data for the purpose of providing the website, this is the case when the respective session has ended. The collection of the data for the provision of the website and the storage of the data in log files is essential for the operation of the website. Furthermore, we reserve the right to check the files if, based on concrete evidence, there is a legitimate suspicion of illegal use or a concrete attack on the pages. In this case, our legitimate interest is the processing for the purpose of clarification and criminal prosecution of such attacks and illegal use.

Use of cookies

We use cookies. Cookies are text files that can be stored and retrieved on the user's computer system when visiting a website in the Internet browser or by the Internet browser. Cookies can contain a characteristic string of characters that enables the browser to be uniquely identified when the website or a service integrated into it is accessed up again. We use cookies to enable the operation of our website (technically necessary cookies), to make our website more user-friendly (functional cookies), and for marketing and advertising purposes (advertising cookies).

Technical cookies: Some elements of our website require that the calling browser can be identified even after a page change. The purpose of this use is to enable the functionality of the website in the first place. Examples of technically necessary cookies are the provision of a shopping cart or the login as a registered user. The processing is therefore based on Art. 6 para. 1 lit. b) or f) GDPR.

Functional cookies: There may be functions that are not technically necessary for the operation of our website, but which considerably simplify its use, such as the adoption of language settings or font sizes, the memorization of search terms, etc. Processing is also carried out on the basis of Art. 6 para. 1 lit. b) or f) GDPR.

Advertising cookies: We also use cookies on some of our websites, which enable an analysis of the surfing behavior of the users. In this way, e.g.: search terms entered in search engines, frequency of page views, use of website functions, and information about the operating system and browser, etc. are transmitted. The user data collected in this way is pseudonymized by technical precautions. It is therefore no longer possible to assign the data to the calling user. The data is not stored together with other personal data of the users. The legal basis for the processing of personal data using cookies for analysis purposes is Art. 6 para. 1 lit. a) GDPR if the user has given his consent to this - e.g. by selecting in a cookie opt-in banner - otherwise Art. 6 para. 1 lit. f) GDPR in conjunction with If third-party services are integrated, the processing by them is governed by their respective data protection provisions, which are mentioned and/or linked below.

Cookie Consent with Usercentrics

On this website, we use Usercentrics' cookie content technology to obtain your consent to the storage of cookies on your terminal device and to document this consent. The provider of this technology is Usercentrics GmbH ("Usercentrics"), Rosental 4, 80331 Munich, Germany.

When you access our website, the following personal data is transmitted to Usercentrics:

  • Your consent(s) or the revocation of your consent(s)
  • Your IP address
  • Information about your browser
  • Information about your device
  • Time of your visit to the website

In addition, Usercentrics stores a cookie in your browser in order to be able to allocate the consents granted or their revocation to you. The data collected in this way is stored until you request us to delete it, delete the Usercentrics cookie itself or until the purpose for which the data is stored no longer applies. Mandatory statutory storage obligations remain unaffected.

Usercentrics is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 lit. c) GDPR.

General statements about webbeacons / tracking pixel

Web beacons are invisible graphics with the size of a pixel. They are used by partner companies, for the purpose of tracking a user via various web pages to create a profile for use in advertising tailored to the user (targeting). A pixel integrated into the web page is loaded from the partner's server when the web page is accessed. In this way, the partner receives your IP address, as well as information about your browser and its version, browser plug-ins used (browser fingerprint), your operating system, and your network operator. For the integration of external services through web beacons/tracking pixels or other scripts, the specifications for advertising cookies apply accordingly.

Content of external providers

On our website, we use active JavaScript content and fonts, which may also come from external providers such as Google. By accessing our website, these providers may receive information about your visit to our website, for example by transmitting your IP address. You can prevent this transmission by installing a JavaScript blocker such as the browser plugin 'NoScript' or by deactivating JavaScript in your browser. However, this can lead to functional restrictions.

Some of our web pages integrate third-party content within the offer, such as videos from YouTube, map material from Google Maps, images, texts, and multi-media files, RSS feeds, or other services from other websites. This always requires the transmission of your IP address to the providers of these contents. We cannot make any statement about the use of your data by these providers and have no influence on further processing. We do not know whether the data will be used for other purposes, such as profile building. Please refer to the corresponding data protection information of the respective third-party providers.

You can protect yourself against further persecution by tracking pixels from these providers by deactivating the acceptance of third-party cookies in your browser settings. The legal basis for the transmission of personal data when integrating third-party providers is Art. 6 para. 1 lit. a) GDPR if the user has given his consent to this - e.g. by selection in a cookie opt-in banner - otherwise Art. 6 para. 1 lit. f) GDPR in conjunction with recital 47.

Contact form and e-mail contact

On our website is a contact form available, which can be used for electronic contact. If a user takes advantage of this possibility, the data entered in the input mask is transmitted to us and stored. These data are: name, address, e-mail address, telephone number, etc. Not all of these data must be mandatory. At the time the message is sent, the following data is also stored: The IP address, date, and time. The other personal data processed during the sending process serves to prevent misuse of the contact form and to ensure the security of our information technology systems.

Alternatively, it is possible to contact us via the provided e-mail address. In this case, the user's personal data transmitted with the e-mail will be stored. In this context, the data will not be passed on to third parties. The data will be used exclusively for processing the conversation.

The legal basis for the processing is:

  • For the receipt of the data based on the sending of the contact form as consent in accordance with Art. 6 para. 1 lit. a) in connection with Art. 5 (expected processing) GDPR or alternatively on the basis of the legitimate interest of answering your contact request according to Art. 6 para. 1 lit. f) GDPR.
  • For the processing of data transmitted in the context of sending an e-mail, Art. 6 para. 1 letter f) GDPR with the above-mentioned legitimate interests.
  • If the e-mail contact aims at the conclusion of a contract, an additional legal basis for the processing is Art. 6 para. 1 lit. b) GDPR.

The data will be deleted as soon as they are no longer required for the purpose of their collection. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended and there is no reason for further storage. The conversation is finished when it can be concluded from the circumstances that the matter in question has been finally clarified. Retention periods under commercial and tax law may exist.

The user has the possibility to revoke his or her consent to the processing of personal data at any time. If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case the conversation cannot be continued.


On our website, you have the possibility to subscribe to a free newsletter with promotional content. Our newsletters contain information about our service offers, promotions, events, competitions, job offers, contributions/articles. Newsletters, on the other hand, do not include news without advertising information that is sent within the framework of our contractual or other business relationship. This includes, for example, the sending of service e-mails with technical information and queries about orders, events, notifications of competitions, or similar messages. When registering for the newsletter, the data from the input mask is transmitted to us. In addition, the IP address of the calling computer and the time of the call are collected. For the processing of the data, your consent is obtained during the registration process and reference is made to this data protection declaration. In case you purchase goods on our website via our online shop and enter your e-mail address, we reserve the right to send you newsletters with direct advertising for similar goods. In connection with the data processing for the dispatch of newsletters, the data will not be passed on to third parties. The data will be used exclusively for the dispatch of the newsletter. The legal basis for the processing of the data after registration for the newsletter by the user is, if the user has given his consent, Art. 6 para. 1 lit. a) GDPR and for the dispatch of the newsletter as a result of the sale of goods in accordance with § 7 para. 3 UCA or Art. 6 para. 1 lit. f) (dispatch based on our legitimate business interest).

The collection of the user's e-mail address is used to send the newsletter. The collection of other personal data in the course of the registration process serves to prevent misuse of the services or the e-mail address used. The subscription to the newsletter can be revoked by the user at any time. For this purpose, there is a corresponding link in every newsletter.

A statistical evaluation of the reading behavior only takes place to the extent that it can be determined whether the recipients have opened the newsletter and clicked on the links. This is a function that we use, however, only to check the user activities and to be able to make corresponding optimizations. For this purpose, the newsletter contains a so-called "web beacon", a pixel-sized file that is retrieved from our server when the newsletter is opened. This web-beacon can be personalized so that personal data is collected. Clicks are tracked via personalized links to the respective website. If personalized data are collected, the legal basis is Art. 6 para. 1 lit. a) GDPR.

Data in user-generated content

If you write comments or contributions, upload files to our servers, publish pictures or use other services, your IP address and - if you are logged in - your user data will be saved for our security. Due to the large number of illegal contents that are posted on the internet every day, we reserve the right to use this information for the defense in legal disputes or for criminal prosecution, i.e. also to pass it on to the opponents of claims, criminal prosecution authorities, and courts. The legal basis for the content provided is Art. 6 para. 1 lit a) and/or b) GDPR, for all other data collected in the process Art. 6 para. 1 lit f) GDPR.

Use of disqus (comment function)

We offer you the opportunity to comment on some of our websites. For this, we use the DISQUS commentary system of DISQUS Inc, 301 Howard St., Floor 3 San Francisco, California 94105, USA.

To use DISQUS you can either use your own DISQUS user account or an existing user account from Twitter, Google Plus, and Facebook. Commenting as a guest is also possible, subject to the limitations of the range of functions.

If you use your social media account to use DISQUS, the respective service provider will collect and process information about your use of the DISQUS function. Please pay attention to the data protection policies of the respective service providers (Twitter, Google Plus, and Facebook). Additional information on the use of DISQUS can be found at

In order to publish your comments, DISQUS publishes not only the comment text but also the user name you used. DISQUS also transmits the IP address assigned to you at the time you submitted the comment form, as well as the e-mail address you used, to bitExpert AG. bitExpert will use the e-mail address provided only to contact you if they have questions about a comment. By transmitting the IP address, we can prevent abuse of the commenting function (e.g. if a user repeatedly submits offensive content). Your data will not be forwarded to third parties. Information on DISQUS' data protection can be found at:

The legal basis for the provision of the DISQUS comment function is our legitimate interest in efficient and user-friendly comment management according to Art. 6 para. 1 lit. f) GDPR.

Matomo (former piwik)

We use the open-source software tool Matomo (formerly PIWIK) on our website to analyse the surfing behaviour of our users. The software sets a cookie on the user's computer (for cookies see above). If individual pages of our website are called up, the following data are stored: Two bytes of the IP address of the calling system of the user, called up website, the website from which the user has reached the called up website (referrer), the subpages called up from the called up website, duration of stay on the website, frequency of calling up the website. The software runs exclusively on the servers of our website. Storage of the personal data of the users only takes place there. The data will not be passed on to third parties. The legal basis for the processing of the users' personal data is Art. 6 para. 1 lit. a) GDPR. The processing of the users' personal data enables us to analyze the surfing behaviour of our users. By evaluating the data obtained, we are able to compile information on the use of the individual components of our website. This helps us to constantly improve our website and its user-friendliness. By anonymizing the IP address, the interest of the users in their protection of personal data is sufficiently taken into account. The data is deleted as soon as it is no longer required for our recording purposes.

Cookies are stored on the user's computer and transmitted by the user to our site. Therefore you as a user have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Already stored cookies can be deleted at any time. This can also be done automatically. If cookies for our website are deactivated, it may not be possible to use all the functions of the website to their full extent.

We offer our users on our website the option of opting out of the analysis procedure. To do so, you must follow the respective link. In this way, another cookie is set on your system, which signals our system not to store the user's data. If the user deletes the corresponding cookie from his own system in the meantime, he has to set the opt-out cookie again.


On our website, we use the service HubSpot, the HubSpot Inc, 25 First Street, 2nd Floor, Cambridge, MA 02141, USA. HubSpot is an integrated software solution that covers various online marketing activities. This includes, for example, our website content management, e-mail marketing, social media publishing & reporting, contact management, as well as the provision of any landing pages and contact forms.

Through our registration service we enable our website visitors to learn more about our company. You can also download content and provide your contact information and other demographic information. This information and the content of our website is stored on servers of our software partner HubSpot and can be used by us to contact our website visitors. We also use the information to determine which of our company's services are of interest to you.

We use HubSpot on the basis of your consent in accordance with Art. 6 para. 1 lit. a) GDPR.

HubSpot is a software company from the USA. In order to legitimise the transfer of data to the USA, HubSpot Inc. relies on EU standard contract clauses:

Further information on data protection can be found in the HubSpot privacy policy: HubSpot privacy policy, HubSpot information on the GDPR, information on the cookies used by HubSpot.

Inclusion of the facebook button

This offer uses social plugins ("plugins") from the social network, which is operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland ("Facebook"). The plugins are recognizable by one of the Facebook logos (white "f" on blue tile, the terms "Like", "Like" or a "thumbs up" sign) or are marked with the addition "Facebook Social Plugin". The list and appearance of Facebook Social Plugins can be viewed here:

When a user calls a web page of this offer that contains such a plugin, its browser establishes a direct connection to the Facebook servers. The content of the plugin is transmitted by Facebook directly to your browser and integrated by this in the website. The provider, therefore, has no influence on the amount of data that Facebook collects with the help of this plugin and therefore informs users according to their level of knowledge: By integrating the plugins, Facebook receives the information that a user has called up the corresponding page of the offer. If the user is logged in to Facebook, Facebook can assign the visit to his Facebook account. If users interact with the plugins, for example, press the Like button or leave a comment, the corresponding information is transmitted from your browser directly to Facebook and stored there. If a user is not a member of Facebook, there is still the possibility that Facebook will find out and save their IP address. According to Facebook, only an anonymous IP address is stored in Germany. The purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as the related rights and settings options for protecting the privacy of users, can be found in Facebook's privacy policy:

If a user is a Facebook member and does not want Facebook to collect data about him/her via this offer and link it with his member data stored on Facebook, he must log out of Facebook before visiting the website. Other settings and inconsistencies regarding the use of data for promotional purposes are possible within the Facebook profile settings:

Inclusion of twitter plugins

Our website uses plugins and services from Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA, and are linked by buttons or links to "Twitter" or "episode" or a picture with a blue bird. This makes it possible to share a post or page on Twitter or follow an account or topic on Twitter. If you visit a web page of this website that contains such a button, your browser establishes a connection with the servers of Twitter in order to transmit the content of the button to your browser. We have no control over the amount of data that Twitter collects from these services and we can only provide information to the best of our knowledge. After that, only your IP address and the URL of the respective website will be transmitted when the button is received. We can not say if Twitter uses this information for any other purpose. For more information, see the Twitter privacy policy at

Inclusion of the XING button

Some of our websites use the "XING Share Button". When accessing this website, your browser will quickly establish a connection to XING AG servers ("XING") with which the "XING Share Button" functions (in particular the calculation/display of the counter value) will be provided. XING does not store personal data about you by calling this website. In particular, XING does not store any IP addresses. There is also no evaluation of your usage behavior via the use of cookies in connection with the "XING Share Button". The current data protection information on the "XING Share Button" and additional information can be found on this website:

Data transfer

If you provide us with personal data, this data will only be passed on to third parties if this is necessary for the processing of the contractual agreement or if another legal reason legitimizes this passing on. However, we provide certain services with the cooperation of service providers. We have carefully selected these service providers and have taken appropriate measures to protect your personal data.

Storage periods

The personal data of the person concerned will be deleted or blocked as soon as the purpose of the storage no longer applies. Furthermore, data may be stored if this has been provided by the European or national legislator in EU regulations, laws, or other regulations to which the person responsible is subject. Data will also be blocked or deleted when a storage period prescribed by the above-mentioned standards expires unless there is a need to continue storing the data for the purpose of concluding or fulfilling a contract.

Diese Webseite verwendet Cookies, um die Bedienfreundlichkeit zu erhöhen. Mit der Nutzung unserer Webseite wird das Einverständnis erklärt, dass wir Cookies verwenden. Weitere Informationen.