Privacy Policy

1. Field of Application

This explanation of our privacy policy covers the nature, scope and purpose of the compilation and use of personal data on the website: (hereafter referred to as ‘website’). The body responsible for all personal data compiled on this website (unless this privacy policy explanation states otherwise) is the emcra GmbH, Hohenzollerndamm 152, 14199 Berlin, Germany (hereafter referred to as ‘we’, ‘us’ or ‘our’).

Further information about emcra GmbH and our contact details can be found in the imprint.

For any questions about data protection regarding the website it is possible to reach emcra GmbH via the following email address:

2. Personal Data

Personal data is the information that helps identify an individual, i.e. information that can be traced back to a person. This typically includes a name, email address or phone number. In addition to this, however, purely technical data that can be associated with a person is also regarded as personal data.

3. Automatic Compilation of
Access Data and Server Log Files

A range of technical data relating to personal data is automatically compiled whenever the website is accessed. This data is:

  • The IP address of the user
  • Directory protection user
  • Name of the website or file accessed
  • Date and time of access
  • Amount of data transferred
  • Protocols
  • Status code
  • Referrer URL (the page previously visited)
  • Host name accessed

This data is not merged with other personal data which you actively enter whilst using the website. The IP addresses are anonymised immediately after they have been surveyed. This is done by removing the final block of numbers.

We maintain the right to save the server log files for a longer period of time when circumstances arise that suggest inappropriate access (such as an attempt to hack the website or a so-called DoS attack). Access over FTP will be anonymously logged and stored for 60 days.

Server log files are collected in order to facilitate the website’s general functionality. This data processing is supported by the General Data Protection Regulation (GDPR) Art. 6 (1) lit f, according to which data processing is permitted if it is in the legitimate interests of the data processor. There exists a legitimate interest for emcra GmbH in the storage of server log files for the purposes of maintaining the website’s functionality.

4. What is an IP Address?

Every device (e.g. smartphone, tablet, PC) that is connected with the internet is allocated an IP address. The nature of the IP address depends on the internet access that is currently connecting your device to the internet. This can be the IP address that is given to you by your internet provider if you are using the WiFi at your own home, but it can also be an IP address that has been provided by your mobile contract provider or by the provider of public or private WiFi or other form of internet access. In its current format (IPv4), an IP address consists in four numerical sequences separated by dots.

As a private user you will usually not use a constant IP address, since it has only been temporarily allocated to you by your provider (so-called ‘dynamic IP address’). It is possible to definitively assign user data when a permanently allocated IP address (so-called ‘static IP address’) is used. Other than for tracking unauthorised access to our internet offer, we will not use this data in a way specific to the individual. It will be analysed solely on an anonymous basis to view which of our websites have been favourited, how often they have been accessed daily and other similar information.

Our websites support IPv6 addresses. If you are already using an IPv6 address you should be aware of the following: the IPv6 address consists in eight groups of four. The first four blocks are typically assigned dynamically for private users, just as with the entire IPv4 address. The last four blocks of an IPv6 address (so-called ‘Interface Identifier’) are, however, determined by the device used to browse the website. Unless this has been configured differently by your operating system, the so-called MAC address will be used here. A MAC address is a kind of serial number that has been uniquely assigned to every IP-capable device worldwide. Because of this, we will not save the last four blocks of your IPv6 address.

In general, we recommend that you activate the so-called ‘Privacy Extensions’ on your device in order to anonymise the last four blocks of your IPv6 address. Most operating systems offer a ‘Privacy Extensions’ function which is in some cases, however, not preset in factory mode.

5. User Profile

The self-assessment tool can be used without creating an account. In order to save the self-assessment it is necessary to enter a username and password. The username may be anonymous. It is also possible as a further option to enter an email address. Do not enter a private email address here. Use only an email address from your organisation. We save this data to make it possible for you to continue the self-assessment at a later date. Please feel free to let us know at any point if you would like to delete these data files by sending an email to the email address listed under ‘Contact’.

This data processing is supported by the General Data Protection Regulation (GDPR) Art. 6 (1) lit b, according to which data processing is permitted if it is necessary for the performance of a contract (here the user contract for the self-assessment tool).

6. Contact

Information provided by the user will be saved whenever contact is made with us (for example with the contact form or via email). This is to help us deal with the request and in case follow-up questions arise.

7. Cookies

Cookies are small text files which are saved on your device through the browser you are using when you access our website. Individual services on our website can hereby ‘recognise’ and ‘remember’ which settings you have chosen. This supports the user-friendliness of websites on the one hand and thereby serves users (e.g. saving login information). On the other hand, cookies help gather statistical data about the usage of a website. This data can then be used for analysis and advertising purposes.

Some cookies are automatically deleted from your device as soon as you leave the website (co-called ‘session cookie’). Other cookies are saved for a specific length of time, but never longer than two years (‘persistent cookies’). We also employ so-called ‘third party cookies’ which are governed by third parties in order to offer specific services.

The user is able to control the use of cookies. Most browsers offer the option of limiting or completely disabling cookies being saved. It is worth bearing in mind, however, that use and, in particular, ease of use are limited without cookies.

Edit cookie settings

8. Google Analytics

This website makes use of Google Analytics, a web analysis service from Google Inc. (‘Google’). Google Analytics uses multiple ‘cookies’ (see above) to identify your browser. Information gathered through cookies about your use of this website is generally transferred to the Google server in the USA and saved there. We have, however, activated the IP anonymisation function on this website.

This means that your IP address is abbreviated by Google within the member states of the European Union or in other contractual states for the agreement about the European Economic Area. Only in exceptional circumstances will a complete IP address be transferred to a server of Google in the USA and abbreviated there. Having been commissioned by the operator of this website, Google will use this information to evaluate your use of the website, to collate reports about website activities and to generate further services for the website operator that are linked with use of the website and internet.

The IP address communicated by your browser via Google Analytics will not be merged with other data from Google. You can prevent Google’s acquisition of data generated by cookies and linked to your use of the website (including your IP address) as well as Google’s processing of this data, by downloading and installing the available browser plugin under the following link:

9. Your rights

You have the right upon application to obtain free of charge information about personal data concerning you that has been saved. Additionally, you have the right to rectify incorrect data, the right to demand the restricted processing of data that has been too thoroughly processed, and the right to erase unlawfully processed personal data or personal data that has been stored for too long (to the extent that this is not countered by a legal obligation to preserve records or any other reason in accordance with Article 17 Section 3 of the GDPR). Furthermore, you have the right to transfer all data that you have committed to us in a common data format (right to data portability), to the extent that you have committed this data to us as part of a declaration of consent or in order to fulfill a contract.

Within the descriptions of each process we will outline the extent to which you also have the right to object to the processing of data in individual processes.

To exercise your rights simply send an email to

Furthermore, you also have the right to lodge a complaint with the supervisory authority. A list of the German and European data protection officers, as well as their contact information can be found under the following link: