Rufen Sie uns gerne an: 05308 52112255

Privacy Policy

This data protec­tion decla­ra­tion informs you about the type, scope and purpose of the proces­sing of personal data (herein­after referred to as “data”) within our online offer and the websites, functions and content connected with it as well as external online presences, such as our social media profiles (herein­after jointly referred to as “online offer”). With regard to the terms used, such as “proces­sing” or “controller”, we refer to the defini­tions in Article 4 of the General Data Protec­tion Regula­tion (GDPR).


Cubos GmbH
Markus Knobloch
Brand­gehaege 16
38444 Wolfsburg

Managing Director/ Owner: Dipl.-Oec. Marc Wille
Link to imprint:
Contact data protec­tion officer:


– Inventory data (e.g., names, addresses).
– Contact data (e.g., email, phone numbers).
– Content data (e.g., text entries, photo­graphs, videos).
– Usage data (e.g., web pages visited, interest in content, access times).
– Meta/communication data (e.g., device infor­ma­tion, IP addresses).

Catego­ries of persons concerned
Visitors and users of the online offer (herein­after we also refer to the data subjects collec­tively as “users”).

Purpose of the proces­sing
– Provision of the online offer, its functions and contents.
– Respon­ding to contact requests and commu­ni­ca­ting with users.
– Security measures.
– Reach measurement/marketing.


“Personal data” means any infor­ma­tion relating to an identi­fied or identi­fiable natural person (herein­after “data subject”); an identi­fiable natural person is one who can be identi­fied, directly or indirectly, in parti­cular by reference to an identi­fier such as a name, an identi­fi­ca­tion number, location data, an online identi­fier (e.g. cookie) or to one or more factors specific to the physical, physio­lo­gical, genetic, mental, economic, cultural or social identity of that natural person.

“Proces­sing” means any operation or set of opera­tions which is performed upon personal data, whether or not by automatic means. The term is broad and covers virtually any handling of data.

“Pseud­ony­mi­sa­tion” means the proces­sing of personal data in such a way that personal data can no longer be related to a specific data subject without additional infor­ma­tion, provided that such additional infor­ma­tion is kept separ­ately and is subject to technical and organi­sa­tional measures which ensure that the personal data are not attri­buted to an identi­fied or identi­fiable natural person.

“Profiling” means any automated proces­sing of personal data which consists in using such personal data to evaluate certain personal aspects relating to a natural person, in parti­cular to analyse or predict aspects relating to that natural person’s perfor­mance at work, economic situation, health, personal prefe­rences, interests, relia­bi­lity, behaviour, location or change of location.

“Controller” means the natural or legal person, public authority, agency or other body which alone or jointly with others deter­mines the purposes and means of the proces­sing of personal data.

“Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.


In accordance with Art. 13 GDPR, we inform you of the legal basis for our data proces­sing. If the legal basis is not stated in the privacy policy, the following applies: The legal basis for obtaining consent is Art. 6(1)(a) and Art. 7 GDPR, the legal basis for proces­sing for the perfor­mance of our services and imple­men­ta­tion of contrac­tual measures as well as answering enquiries is Art. 6(1)(b) GDPR, the legal basis for proces­sing for the perfor­mance of our legal obliga­tions is Art. 6(1)© GDPR, and the legal basis for proces­sing for the protec­tion of our legiti­mate interests is Art. 6(1)(f) GDPR. In the event that vital interests of the data subject or another natural person make proces­sing of personal data necessary, Art. 6 (1) (d) GDPR serves as the legal basis.


We take appro­priate technical and organi­sa­tional measures to ensure a level of protec­tion appro­priate to the risk in accordance with Article 32 of the GDPR, taking into account the state of the art, the costs of imple­men­ta­tion and the nature, scope, circum­s­tances and purposes of the proces­sing, as well as the varying likeli­hood and severity of the risk to the rights and freedoms of natural persons.
The measures include, in parti­cular, ensuring the confi­den­tia­lity, integrity and availa­bi­lity of data by control­ling physical access to the data, as well as access to, input, disclo­sure, ensuring availa­bi­lity and segre­ga­tion of the data. We also have proce­dures in place to ensure the exercise of data subjects’ rights, deletion of data and response to data compro­mise. Further­more, we already take the protec­tion of personal data into account in the develo­p­ment and selection of hardware, software and proce­dures, in accordance with the principle of data protec­tion through techno­logy design and through data protec­tion-friendly default settings (Art. 25 GDPR).


If we disclose data to other persons and companies (proces­sors or third parties) in the course of our proces­sing, transmit it to them or otherwise grant them access to the data, this is only done on the basis of a legal permis­sion (e.g. if a trans­mis­sion of the data to third parties, such as to payment service providers, is necessary for the perfor­mance of the contract pursuant to Art. 6 (1) lit. b GDPR), you have consented, a legal obliga­tion provides for this or on the basis of our legiti­mate interests (e.g. when using agents, web hosts, etc.). If we commis­sion third parties with the proces­sing of data on the basis of a so-called “order proces­sing contract”, this is done on the basis of Art. 28 GDPR.


If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this is done in the context of using third-party services or disclo­sing or trans­fer­ring data to third parties, this is only done if it is done in order to fulfil our (pre-)contractual obliga­tions, on the basis of your consent, due to a legal obliga­tion or on the basis of our legiti­mate interests. Subject to legal or contrac­tual permis­sions, we only process or allow the proces­sing of data in a third country if the special requi­re­ments of Art. 44 ff. GDPR. This means that the proces­sing is carried out, for example, on the basis of special guaran­tees, such as the officially recognised deter­mi­na­tion of a level of data protec­tion corre­spon­ding to that of the EU (e.g. for the USA through the “Privacy Shield”) or compli­ance with officially recognised special contrac­tual obliga­tions (so-called “standard contrac­tual clauses”).


You have the right to request confir­ma­tion as to whether data in question are being processed and to infor­ma­tion about these data as well as further infor­ma­tion and a copy of the data in accordance with Art. 15 of the GDPR.

You have the right according to. Article 16 of the GDPR, you have the right to request that the data concer­ning you be completed or that the inaccu­rate data concer­ning you be corrected.

In accordance with Art. 17 of the GDPR, you have the right to demand that the data in question be deleted without delay, or alter­na­tively, in accordance with Art. 18 of the GDPR, to demand that the proces­sing of the data be restricted.

You have the right to request that the data concer­ning you that you have provided to us be received in accordance with Art. 20 of the GDPR and to request that it be trans­ferred to other data control­lers.

You also have the right to lodge a complaint with the competent super­vi­sory authority in accordance with Article 77 of the GDPR.


You have the right to revoke consent granted in accordance with Art. 7 (3) GDPR with effect for the future.


You may object to the future proces­sing of data concer­ning you in accordance with Art. 21 GDPR at any time. The objection can be made in parti­cular against proces­sing for direct marketing purposes.


“Cookies” are small files that are stored on users’ computers. Different infor­ma­tion can be stored within the cookies. A cookie is primarily used to store infor­ma­tion about a user (or the device on which the cookie is stored) during or after his or her visit to an online offer. Temporary cookies, or “session cookies” or “transient cookies”, are cookies that are deleted after a user leaves an online offer and closes his or her browser. In such a cookie, for example, the contents of a shopping basket in an online shop or a login status can be stored. Cookies that remain stored even after the browser is closed are referred to as “permanent” or “persis­tent”. For example, the login status can be stored if users visit them after several days. Likewise, the interests of users can be stored in such a cookie, which is used for range measu­re­ment or marketing purposes. “Third-party cookies” are cookies that are offered by providers other than the respon­sible party that operates the online offer (otherwise, if they are only its cookies, they are referred to as “first-party cookies”).

We may use temporary and permanent cookies and will explain this in our privacy policy.

If users do not want cookies to be stored on their computer, they are asked to deacti­vate the corre­spon­ding option in the system settings of their browser. Stored cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restric­tions of this online offer.

A general objection to the use of cookies used for online marketing purposes can be declared for a large number of services, especially in the case of tracking, via the US American site or the EU site Further­more, the storage of cookies can be achieved by deacti­vating them in the browser settings. Please note that not all functions of this online offer can then be used.


The data processed by us will be deleted or restricted in its proces­sing in accordance with Articles 17 and 18 GDPR. Unless expressly stated within the scope of this data protec­tion decla­ra­tion, the data stored by us will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obliga­tions. If the data is not deleted because it is required for other and legally permis­sible purposes, its proces­sing will be restricted. I.e. the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commer­cial or tax law.

According to legal requi­re­ments in Germany, data is stored for 10 years in accordance with §§ 147 para. 1 AO, 257 para. 1 nos. 1 and 4, para. 4 HGB (books, records, manage­ment reports, accoun­ting vouchers, commer­cial books, documents relevant for taxation, etc.) and 6 years in accordance with § 257 para. 1 nos. 2 and 3, para. 4 HGB (commer­cial letters).

According to legal requi­re­ments in Austria, retention takes place in parti­cular for 7 years pursuant to § 132 para. 1 BAO (accoun­ting records, vouchers/invoices, accounts, receipts, business papers, statement of income and expen­diture, etc.), for 22 years in connec­tion with real property and for 10 years for records in connec­tion with electro­ni­cally provided services, telecom­mu­ni­ca­tions, radio and televi­sion services provided to non-entre­pre­neurs in EU member states and for which the Mini-One-Stop-Shop (MOSS) is claimed.


We only process the applicant data for the purpose of and within the scope of the appli­ca­tion procedure in accordance with the legal requi­re­ments. Applicant data is processed to fulfil our (pre)contractual obliga­tions within the scope of the appli­ca­tion procedure in accordance with Art. 6 (1) lit. b. GDPR Art. 6 para. 1 lit. f. GDPR insofar as the data proces­sing becomes necessary for us, e.g. within the scope of legal proce­dures (in Germany, § 26 BDSG also applies).

The appli­ca­tion procedure requires appli­cants to provide us with applicant data. The necessary applicant data are marked if we offer an online form, otherwise they result from the job descrip­tions and basically include personal details, postal and contact addresses and the documents belonging to the appli­ca­tion, such as cover letter, CV and certi­fi­cates. In addition, appli­cants may volun­ta­rily provide us with additional information.

By submit­ting their appli­ca­tion to us, appli­cants consent to the proces­sing of their data for the purposes of the appli­ca­tion process in the manner and to the extent set out in this privacy policy.

Insofar as special catego­ries of personal data within the meaning of Art. 9 (1) DSGVO are volun­ta­rily disclosed within the scope of the appli­ca­tion procedure, their proces­sing is additio­nally carried out in accordance with Art. 9 (2) lit. b DSGVO (e.g. health data, such as severely disabled status or ethnic origin). Insofar as special catego­ries of personal data within the meaning of Art. 9 (1) GDPR are requested from appli­cants as part of the appli­ca­tion process, their proces­sing is additio­nally carried out in accordance with Art. 9 (2) a GDPR (e.g. health data if this is necessary for the exercise of the profession).

If provided, appli­cants can submit their appli­ca­tions to us using an online form on our website. The data is trans­mitted to us in encrypted form in accordance with the state of the art. Appli­cants can also send us their appli­ca­tions by e-mail. Please note, however, that e-mails are generally not sent in encrypted form and appli­cants must ensure that they are encrypted themselves. We cannot therefore accept any respon­si­bi­lity for the trans­mis­sion path of the appli­ca­tion between the sender and receipt on our server and therefore recommend rather using an online form or sending by post. This is because instead of applying via the online form and e-mail, appli­cants still have the option of sending us their appli­ca­tion by post.

In the event of a successful appli­ca­tion, the data provided by appli­cants may be processed by us for the purposes of the employ­ment relati­onship. Otherwise, if the appli­ca­tion for a job offer is unsuc­cessful, the appli­cants’ data will be deleted. Appli­cants’ data will also be deleted if an appli­ca­tion is withdrawn, which appli­cants are entitled to do at any time.

Subject to a justified withdrawal by the appli­cants, the deletion will take place after the expiry of a period of six months so that we can answer any follow-up questions about the appli­ca­tion and meet our obliga­tions to provide evidence under the Equal Treatment Act. Invoices for any reimbur­se­ment of travel expenses will be archived in accordance with tax law requirements.


When users leave comments or other contri­bu­tions, their IP addresses may be stored for 7 days on the basis of our legiti­mate interests as defined in Art. 6 (1) lit. f. GDPR are stored for 7 days. This is done for our security in case someone leaves unlawful content in comments and posts (insults, prohi­bited political propa­ganda, etc.). In this case, we ourselves can be prose­cuted for the comment or post and are therefore interested in the identity of the author.

Further­more, we reserve the right, on the basis of our legiti­mate interests pursuant to Art. 6 para. 1 lit. f. GDPR, to process the user’s details for the purpose of spam detection.

On the same legal basis, we reserve the right to store the IP addresses of users for the duration of surveys and to use cookies in order to avoid multiple voting.

The data provided in the context of comments and contri­bu­tions will be perma­nently stored by us until the user objects.


When conta­c­ting us (e.g. via contact form, email, telephone or social media), the user’s details are used to process the contact enquiry and handle it in accordance with Art. 6 Para. 1 lit. b. (in the context of contrac­tual/pre-contrac­tual relations), Art. 6 para. 1 lit. f. (other enquiries) GDPR. The user’s details may be stored in a customer relati­onship manage­ment system (“CRM system”) or compa­rable enquiry organi­sa­tion.

We delete the enquiries if they are no longer necessary. We review the necessity every two years; Further­more, the legal archiving obliga­tions apply.


With the following infor­ma­tion, we inform you about the contents of our newsletter as well as the regis­tra­tion, dispatch and statis­tical evalua­tion procedure and your rights of objection. By subscribing to our newsletter, you agree to receive it and to the proce­dures described.

Content of the newsletter: We send newslet­ters, e-mails and other electronic notifi­ca­tions with promo­tional infor­ma­tion (herein­after “newsletter”) only with the consent of the recipi­ents or a legal permis­sion. If the contents of the Newsletter are speci­fi­cally described in the course of regis­tra­tion, they are decisi­vely for the consent of the users. Apart from that, our newslet­ters contain infor­ma­tion about our services and us.

Double opt-in and logging: Regis­tra­tion for our newsletter is carried out in a so-called double opt-in procedure. This means that after regis­tra­tion you will receive an e-mail in which you are asked to confirm your regis­tra­tion. This confir­ma­tion is necessary so that no one can register with other email addresses. The regis­tra­tions for the newsletter are logged in order to be able to prove the regis­tra­tion process in accordance with the legal requi­re­ments. This includes the storage of the regis­tra­tion and confir­ma­tion time as well as the IP address. Likewise, changes to your data stored with the dispatch service provider are logged.

Regis­tra­tion data: To register for the newsletter, it is suffi­cient to enter your e-mail address. Optio­nally, we ask you to enter a name for the purpose of a personal address in the newsletter.

The newsletter is sent and its success measured on the basis of the recipi­ents’ consent pursuant to Art. 6 Para. 1 lit. a, Art. 7 GDPR in conjunc­tion with § 7 Para. 2 No. 3 UWG or, if consent is not required, on the basis of our legiti­mate interests in direct marketing pursuant to Art. 6 Para. 1 lt. f. GDPR in conjunc­tion with § 7 Para. 2 No. 3 UWG. GDPR in conjunc­tion with. § 7 para. 3 UWG.

The logging of the regis­tra­tion process takes place on the basis of our legiti­mate interests pursuant to Art. 6 para. 1 lit. f GDPR. Our interest is directed towards the use of a user-friendly as well as secure newsletter system that serves our business interests as well as the expec­ta­tions of the users and further­more allows us to prove consent.

Cancellation/revocation - You can cancel the receipt of our newsletter at any time, i.e. revoke your consent. You will find a link to cancel the newsletter at the end of each newsletter. We may store unsub­scribed email addresses for up to three years based on our legiti­mate interests before deleting them in order to be able to prove consent previously given. The proces­sing of this data is limited to the purpose of a possible defence against claims. An indivi­dual deletion request is possible at any time, provided that the former existence of consent is confirmed at the same time.


The newslet­ters contain a so-called “web beacon”, i.e. a pixel-sized file that is retrieved from our server when the newsletter is opened or, if we use a dispatch service provider, from their server. Within the scope of this retrieval, technical infor­ma­tion such as infor­ma­tion on the browser and your system, as well as your IP address and the time of the retrieval are initially collected.

This infor­ma­tion is used for the technical impro­ve­ment of the services on the basis of the technical data or the target groups and their reading behaviour on the basis of their retrieval locations (which can be deter­mined with the help of the IP address) or the access times. Statis­tical surveys also include deter­mi­ning whether newslet­ters are opened, when they are opened and which links are clicked. For technical reasons, this infor­ma­tion can be assigned to the indivi­dual newsletter recipi­ents. However, it is neither our intention nor, if used, that of the dispatch service provider to observe indivi­dual users. The evalua­tions serve us much more to recognise the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.

Unfor­tu­n­a­tely, a separate revoca­tion of the perfor­mance measu­re­ment is not possible; in this case, the entire newsletter subscrip­tion must be cancelled.


We, or rather our hosting provider, collect on the basis of our legiti­mate interests within the meaning of Art. 6 para. 1 lit. f. GDPR, we collect data on every access to the server on which this service is located (so-called server log files). The access data includes the name of the website accessed, file, date and time of access, amount of data trans­ferred, notifi­ca­tion of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the reques­ting provider.

Log file infor­ma­tion is stored for security reasons (e.g. for the clari­fi­ca­tion of abuse or fraud) for a maximum of 7 days and then deleted. Data whose further storage is required for eviden­tiary purposes is exempt from deletion until the respec­tive incident is finally clarified.


We maintain online presences within social networks and platforms in order to be able to commu­ni­cate with the customers, interested parties and users active there and to inform them about our services there. When calling up the respec­tive networks and platforms, the terms and condi­tions and data proces­sing guide­lines of their respec­tive operators apply.

Unless otherwise stated in our privacy policy, we process the data of users if they commu­ni­cate with us within the social networks and platforms, e.g. write posts on our online presences or send us messages.


Within our online offer, we use content or service offers of third parties on the basis of our legiti­mate interests (i.e. interest in the analysis, optimi­sa­tion and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. GDPR) to integrate content or services offered by third-party providers, such as videos or fonts (herein­after uniformly referred to as “content”).

This always requires that the third-party providers of this content are aware of the IP address of the user, as without the IP address they would not be able to send the content to their browser. The IP address is therefore necessary for the display of this content. We endeavour to only use content whose respec­tive providers only use the IP address to deliver the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statis­tical or marketing purposes. The “pixel tags” can be used to evaluate infor­ma­tion such as visitor traffic on the pages of this website. The pseud­ony­mous infor­ma­tion may also be stored in cookies on the user’s device and may contain, among other things, technical infor­ma­tion about the browser and operating system, referring websites, time of visit and other infor­ma­tion about the use of our online offering, as well as being linked to such infor­ma­tion from other sources.


This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyse how users use the site. The infor­ma­tion generated by the cookie about your use of this website is usually trans­mitted to a Google server in the USA and stored there. In the event that IP anony­mi­sa­tion is activated on this website, however, your IP address will be truncated before­hand by Google within member states of the European Union or in other treaty states of the Agreement on the European Economic Area. Only in excep­tional cases will the full IP address be trans­mitted to a Google server in the USA and shortened there. IP anony­mi­sa­tion is active on this website. On behalf of the operator or creator of this website, Google will use this infor­ma­tion for the purpose of evalua­ting your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator or creator. The IP address trans­mitted by your browser as part of Google Analytics will not be merged with other Google data. You may refuse the use of cookies by selecting the appro­priate settings on your browser, however please note that if you do this you may not be able to use the full functio­n­a­lity of this website. You can also prevent the collec­tion of data generated by the cookie and related to your use of the website (including your IP address) by Google and the proces­sing of this data by Google by downloading and instal­ling the browser plugin available at the following link:


We integrate the videos of the platform “YouTube” of the provider Google LLC, 1600 Amphi­theatre Parkway, Mountain View, CA 94043, USA. Privacy policy:, Opt-Out:


We integrate the fonts (“Google Fonts”) of the provider Google LLC, 1600 Amphi­theatre Parkway, Mountain View, CA 94043, USA. Privacy policy:, Opt-Out:


We integrate the maps of the “Google Maps” service of the provider Google LLC, 1600 Amphi­theatre Parkway, Mountain View, CA 94043, USA. The data processed may include, in parti­cular, IP addresses and location data of the users, which, however, are not collected without their consent (usually executed within the framework of the settings of their mobile devices). The data may be processed in the USA. Privacy policy:, Opt-Out:


We use social plugins (“plugins”) of the social network, which is operated by Facebook Ireland Ltd, Grand Canal Square, Grand Canal Harbour. GDPR) social plugins (“plugins”) of the social network, which is operated by Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”). The plugins can display inter­ac­tion elements or content (e.g. videos, graphics or text contri­bu­tions) and are recognis­able by one of the Facebook logos (white “f” on a blue tile, the terms “Like”, “Like” or a “thumbs up” sign) or are marked with the addition “Facebook Social Plugin”. The list and appearance of Facebook social plugins can be viewed here:

Facebook is certified under the Privacy Shield agreement and thereby offers a guarantee of compli­ance with European data protec­tion law (

When a user calls up a function of this online offer that contains such a plugin, his or her device estab­lishes a direct connec­tion with Facebook’s servers. The content of the plugin is trans­mitted by Facebook directly to the user’s device and integrated into the online offer by the latter. In the process, user profiles can be created from the processed data. We therefore have no influence on the scope of the data that Facebook collects with the help of this plugin and therefore inform users according to our level of knowledge.

By integra­ting the plugins, Facebook receives the infor­ma­tion that a user has accessed the corre­spon­ding page of the online offer. If the user is logged in to Facebook, Facebook can assign the visit to his or her Facebook account. If users interact with the plugins, for example by clicking the Like button or posting a comment, the corre­spon­ding infor­ma­tion is trans­mitted from their device directly to Facebook and stored there. If a user is not a member of Facebook, there is still the possi­bi­lity that Facebook will find out and store his or her IP address. According to Facebook, only an anony­mised IP address is stored in Germany.

The purpose and scope of the data collec­tion and the further proces­sing and use of the data by Facebook, as well as the related rights and setting options for protec­ting the privacy of the users, can be found in Facebook’s privacy policy:

If a user is a Facebook member and does not want Facebook to collect data about him or her via this online offer and link it to his or her membership data stored with Facebook, he or she must log out of Facebook and delete his or her cookies before using our online offer. Further settings and objec­tions to the use of data for adver­ti­sing purposes are possible within the Facebook profile settings: or via the US site oder die EU-Seite The settings are platform-indepen­dent, i.e. they are applied to all devices, such as desktop computers or mobile devices.


Within our online offer, functions and contents of the service Xing, offered by XING AG, Dammtor­straße 29-32, 20354 Hamburg, Germany, may be integrated. This may include, for example, content such as images, videos or texts and buttons with which users can share content of this online offering within Xing. If the users are members of the Xing platform, Xing can assign the call-up of the above-mentioned content and functions to the user’s profile there. Privacy policy of Xing:


Within our online offer, functions and contents of the service LinkedIn, offered by LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland, may be integrated. This may include, for example, content such as images, videos or texts and buttons with which users can share content of this online offer within LinkedIn. If the users are members of the LinkedIn platform, LinkedIn can assign the call-up of the above-mentioned content and functions to the user’s profile there. Privacy policy of LinkedIn: LinkedIn is certified under the Privacy Shield agreement and thus offers a guarantee of compli­ance with European data protec­tion law ( Privacy policy:, Opt-Out: