Note: This is a translation for your convenience only. The binding one is in German language.

Privacy Policy

This privacy policy is intended to inform users of this website about the nature, scope, and purpose of the collection and use of personal data by the website operator measX GmbH & Co. KG.

The website operator takes your privacy very seriously and treats your personal data confidentially and in accordance with legal regulations. As new technologies and the constant development of this website may result in changes to this privacy policy, we recommend that you review the privacy policy at regular intervals.

Definitions of the terms used (e.g., “personal data” or “processing”) can be found in Art. 4 GDPR.

Status: July 2, 2025

I Information about the processing of your data in accordance with Art. 13 of the General Data Protection Regulation (GDPR)

1 Who is responsible for data processing?

The controller within the meaning of data protection law is

measX GmbH & Co. KG
Trompeterallee 110
D-41189 Mönchengladbach

You can find further information about our company, details of the persons authorized to represent it, and further contact options in the legal notice on our website: https://www.measx.com/impressum

2 Name and address of the controller

The data protection officer of the controller is:

TÜV Rheinland Industrie Service GmbH
Theodorstraße 182
40472 Düsseldorf
Germany

Email: datenschutz@measx.com

3 Data processed for the provision of the website and the creation of log files

3.1 What data is processed and for what purpose?

Our website is hosted by an external service provider, Contabo GmbH, Aschauer Straße 32a; 81549 Munich. The servers are located in Germany or within the European Union. When you visit our website, the hosting provider automatically collects data and stores it in so-called server log files. The following data is collected:

- Date and time of access

- IP address

- Host name of the accessing computer

- Website from which the website was accessed

- Websites accessed via the website

- Page visited on our website

- Notification of whether the request was successful

- Amount of data transferred

- Information about the browser type and version used

- Operating system

The collection of this data is technically necessary to display the website and to ensure the stability and security of the system (e.g., for error analysis or defense against attacks). The data is not merged with other data sources.

The temporary storage of the data is necessary for the course of a website visit in order to enable the website to be delivered. Further storage in log files is carried out to ensure the functionality of the website and the security of the information technology systems. These purposes also constitute our legitimate interest in data processing.

3.2 On what legal basis is the data processed?

Data processing is carried out on the basis of Art. 6 (1) lit. f GDPR, as there is a legitimate interest in the technically error-free presentation, stability, and security of the website.

3.3 Are there other recipients of the personal data besides the controller?

The website is hosted by Contabo GmbH. The host receives the above-mentioned data as a processor.

A contract for order processing has been concluded with Contabo GmbH in accordance with Art. 28 GDPR.

3.4 How long is the data stored?

The data is deleted as soon as it is no longer necessary for the purpose for which it was collected. In the case of the provision of the website, this is the case when the respective session has ended. The log files are stored for a maximum of 3 months and are directly and exclusively accessible to administrators. After that, they are only indirectly available via the reconstruction of backup tapes and are finally deleted after 3 months.

3.5 Right to object

The collection of data for the provision of the website and its storage in log files is essential for the operation of the website. Therefore, there is no possibility for the user to object.

4 Contact options via the website (contact form and email contact)

4.1 What data is processed and for what purpose?

Our website features a contact form that can be used to contact us electronically. If a user takes advantage of this option, the data entered in the input mask is transmitted to us and stored. This data includes:

Name
Company
Email
Subject
Message
When the message is sent, the following data is also stored:



Name
Company
Email
Subject
Message
Your consent is obtained for the processing of the data during the sending process and reference is made to this privacy policy.

The data is sent by email exclusively to measX internal email addresses for further processing. It is not stored on the web server.

Alternatively, you can contact us via the email address provided.

The data is processed exclusively for the purpose of processing your request, contacting you, and for the associated technical administration.

4.2 On what legal basis is the data processed?

Your data is processed on the basis of Art. 6 (1) lit. b GDPR (for the implementation of pre-contractual measures) and Art. 6 (1) lit. f GDPR (legitimate interest in effective communication).

4.3 Are there other recipients of the personal data besides the controller?

In this context, no data is passed on to third parties unless this is necessary to process the request.

4.4 How long is the data stored?

The data collected when contacting us is deleted as soon as it is no longer required to achieve the purpose for which it was collected, i.e. regularly when the respective conversation with the user has ended. Statutory retention obligations remain unaffected.

4.5 Note on email communication

Please note that complete data security cannot be guaranteed when communicating by email. For confidential information, we recommend sending it by post or using encrypted transmission.

5 Rights of data subjects

5.1 Right to information

You may request confirmation from the controller as to whether personal data concerning you is being processed by us.

If such processing is taking place, you may request the following information from the controller:

(1) the purposes for which the personal data is being processed;
(2) the categories of personal data that are being processed;
(3) the recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed;
(4) the planned duration of storage of the personal data concerning you or, if specific information on this is not possible, criteria for determining the storage period;
(5) the existence of a right to rectification or erasure of personal data concerning you, a right to restriction of processing by the controller, or a right to object to such processing;
(6) the existence of a right to lodge a complaint with a supervisory authority;
(7) any available information on the origin of the data if the personal data is not collected from the data subject;
(8) the existence of automated decision-making, including profiling, pursuant to Art. 22 (1) and (4) GDPR and, at least in these cases, meaningful information about the logic involved, as well as the significance and the intended effects of such processing for the data subject.
You have the right to request information on whether the personal data concerning you is transferred to a third country or to an international organization. In this context, you may request to be informed of the appropriate safeguards pursuant to Art. 46 GDPR in connection with the transfer.

5.2 Right to object:

You have the right to object for specific reasons (see point II).

5.3 Right to rectification

You have the right to rectification and/or completion vis-à-vis the controller if the personal data processed concerning you is inaccurate or incomplete. The controller must rectify the data without delay.

5.4 Right to erasure

Obligation to erase
You may request that the controller erase personal data concerning you without undue delay, and the controller is obliged to erase such data without undue delay if one of the following reasons applies:

(1) The personal data concerning you is no longer necessary for the purposes for which it was collected or otherwise processed.
(2) You withdraw your consent on which the processing was based in accordance with Art. 6 (1) (a) or Art. 9 (2) (a) GDPR, and there is no other legal basis for the processing.
(3) You object to the processing pursuant to Art. 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 (2) GDPR.
(4) The personal data concerning you has been processed unlawfully.
(5) The erasure of personal data concerning you is necessary to comply with a legal obligation under Union law or the law of the Member States to which the controller is subject.
(6) The personal data concerning you has been collected in relation to information society services offered in accordance with Art. 8 (1) GDPR.
Information to third parties
If the controller has made the personal data concerning you public and is obliged to erase it pursuant to Art. 17(1) GDPR, the controller shall take reasonable steps, including technical measures, taking into account the available technology and the implementation costs, to inform controllers who process the personal data that you, as the data subject, have requested them to delete all links to this personal data or copies or replications of this personal data.

Exceptions
The right to erasure does not apply if the processing is necessary

(1) for exercising the right of freedom of expression and information;
(2) for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
(3) for reasons of public interest in the area of public health in accordance with Art. 9(2)(h) and (i) and Art. 9(3) GDPR;
(4) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes pursuant to Art. 89(1) GDPR, insofar as the right referred to in section a) is likely to render impossible or seriously impair the achievement of the objectives of this processing, or
(5) for the establishment, exercise, or defense of legal claims.
5.5 Right to restriction of processing

You may request the restriction of the processing of personal data concerning you under the following conditions:

(1) if you contest the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data;
(2) the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
(3) the controller no longer needs the personal data for the purposes of the processing, but you need it for the establishment, exercise, or defense of legal claims; or
(4) you have objected to processing pursuant to Article 21(1) of the GDPR and it is not yet clear whether the legitimate grounds of the controller override your grounds.
Where the processing of personal data concerning you has been restricted, such data may, with the exception of storage, only be processed with your consent or for the establishment, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.

If the restriction of processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.

5.6 Right to lodge a complaint

If you believe that the processing of your personal data violates data protection law, you have the right under Art. 77 (1) GDPR to lodge a complaint with a data protection supervisory authority of your choice. This also includes the data protection supervisory authority responsible for the controller: State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia, https://www.ldi.nrw.de/kontakt/ihre-beschwerde.

State Commissioner for Data Protection and Freedom of Information
North Rhine-Westphalia
Kavalleriestr. 2 - 4
40213 Düsseldorf

Tel.: 0211/38424-0
Fax: 0211/38424-10
Email: poststelle@ldi.nrw.de

5.7 Right to data portability

If the requirements of Art. 20 (1) GDPR are met, you have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to third parties. The collection of data for the provision of the website and the storage of log files are absolutely necessary for the operation of the website. They are therefore not based on consent pursuant to Art. 6 (1) (a) GDPR or on a contract pursuant to Art. 6 (1) (b) GDPR, but are justified pursuant to Art. 6 (1) (f) GDPR. The requirements of Art. 20 (1) GDPR are therefore not met in this respect.

5.8 Right to object pursuant to Article 21(1) GDPR

You have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data based on Article 6(1)(f) GDPR. The controller will then no longer process the personal data unless it can demonstrate compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the data subject, or the processing serves to assert, exercise, or defend legal claims. The collection of data for the provision of the website and the storage of log files are essential for the operation of the website.

6 Use of cookies

6.1 Description and scope of data processing

Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user's computer system. When a user visits a website, a cookie may be stored on the user's operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is visited again.

We use cookies to make our website functional. Some elements of our website require that the calling browser can be identified even after a page change.

The following data is stored and transmitted in the cookies:

Language settings
Login information
We do not use cookies that are not technically necessary and therefore do not provide any information about cookies when our website is accessed.

6.2 Legal basis for data processing

The legal basis for the processing of personal data using technically necessary cookies within the meaning of Section 25 (2) TDDDG is Art. 6 (1) lit. f GDPR.

6.3 Purpose of processing

The purpose of using technically necessary cookies is to enable the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after a page change.

We need cookies for the following applications:

Transfer of language settings
Log-in information
The user data collected by technically necessary cookies is not used to create user profiles.

6.4 Duration of storage, options for objection and removal

Cookies are stored on the user's computer and transmitted to our site by the user. Therefore, as a user, you have full control over the use of cookies. By changing the settings in your Internet browser, you can deactivate or restrict the storage of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website to their full extent.

7 Data protection for applications in the application process

The controller collects and processes the personal data of applicants for the purpose of handling the application process. Processing may also be carried out electronically. This is particularly the case if an applicant submits the relevant application documents to the controller electronically, for example by email or via a web form on the website. If the controller concludes an employment contract with an applicant, the data transmitted will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If the controller does not conclude an employment contract with the applicant, the application documents will be automatically deleted two months after notification of the rejection decision, provided that no other legitimate interests of the controller prevent deletion. Other legitimate interests in this sense include, for example, the burden of proof in proceedings under the General Equal Treatment Act (AGG).

8 Social media

Links to social networks On our website, you will find links to our social media platforms (e.g., LinkedIn, Facebook, Xing, etc.). These are simple links that do not transfer any data to the respective providers before you actively click on the link.

Facebook, Xing, LinkedIn

8.1 Facebook fan page

We operate a company page (fan page) on the social media platform Facebook, which is provided by Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

When you visit our fan page, Meta processes users' personal data, e.g., IP addresses and information about end devices, usage behavior, and interactions with our page. This data is also used to provide us with anonymized statistics (Facebook Insights) about the use of our page.

We are jointly responsible with Meta for the processing of this data within the meaning of Art. 26 GDPR. The corresponding agreement on joint responsibility can be found here:
https://www.facebook.com/legal/terms/page_controller_addendum

8.1.1 Purpose of processing

The processing of personal data within the scope of our Facebook fan page is carried out for the purpose of public relations, communication with interested parties and customers, and evaluation of the reach and use of our content.

8.1.2 Legal basis

Data processing is carried out on the basis of Art. 6 (1) lit. f GDPR for effective external representation and user interactions.

8.1.3 Note

The actual processing of personal data is carried out by Meta. We do not have full access to the data collected and, in particular, cannot view individual user profiles. Further information on data processing by Meta can be found in Facebook's privacy policy:
https://www.facebook.com/privacy/policy

8.2 XING company page

We maintain a company page on the Xing platform, which is operated by New Work SE, Am Strandkai 1, 20457 Hamburg, Germany.

When you visit our Xing page, Xing processes users' personal data, in particular to provide usage statistics (Xing Analytics), for communication, and for its own purposes. We receive aggregated information from Xing about the reach, interactions, and demographic characteristics of our target group, but no individual personal information.

Further information on data processing by Xing can be found in Xing's privacy policy:
https://privacy.xing.com/de/datenschutzerklaerung

8.2.1 Purpose of processing

The processing is carried out for the purpose of presenting our company to the outside world, communicating with users, and analyzing user behavior.

8.2.2 Legal basis

Data processing is carried out on the basis of Art. 6 (1) lit. f GDPR for the purpose of effective external presentation and user interactions.

8.3 LinkedIn company page

We operate a company page on LinkedIn, a service provided by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

When you visit our page, LinkedIn processes personal data of users, e.g., IP addresses, device data, and interactions. As the operator of the page, we receive anonymized statistical evaluations of the use and reach of our content via “LinkedIn Page Insights.”

Further information on data processing by LinkedIn can be found in LinkedIn's privacy policy:
https://de.linkedin.com/legal/privacy-policy

8.3.1 Purpose of processing

Processing is carried out for professional external representation, customer and contact maintenance, and analysis of page reach.

8.3.2 Legal basis

Data processing is based on our legitimate interest pursuant to Art. 6 (1) lit. f GDPR in effective external representation and user interactions.

11. Link to Google Maps

On our website, we also link to Google Maps for the respective locations to make route planning easier for you. These are simple links that only establish a connection to the servers of Google Ireland Limited, based in Gordon House, Barrow Street, Dublin 4, Ireland, when clicked.

Please note that when you access Google Maps, personal data (e.g., IP address, location data) may be transmitted to Google and processed in the USA. We have no influence on this data processing.

Further information on data processing by Google can be found at:
https://policies.google.com/privacy

11.1 Purpose of data processing

The link is provided on the basis of our legitimate interest in a user-friendly presentation of directions.

11.2 Legal basis

Data processing is carried out on the basis of our legitimate interest in accordance with Art. 6 (1) lit. f GDPR in order to provide a user-friendly route planning option.