Make a Discovery Call
Make a Discovery Call

Privacy policy

1. An Overview of data protection

The following gives a simple overview of what happens to your personal information when you visit our website. Personal information is defined as any data with which you could be personally identified. Detailed information on the subject of data protection can be found in our privacy policy found below.

Data collection on our website
Who is responsible for the data collection on this website?
The data collected on this website are processed by the website operator.

Notice concerning the party responsible (Art. 4 (7) GDPR)
The party responsible for processing data on this website is:

knk Customer Engagement GmbH
Meßberg 1 20095 Hamburg
Phone: +49 (0)431) 57 97 2-0
You will find more information on the Legal Notice page.

How do we collect your data?
Some data are collected when you provide it to us. This could, for example, be data you enter on a contact form.
Other data are collected automatically by our IT systems when you visit the website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page. These data are collected automatically as soon as you enter our website.

What do we use your data for?
Part of the data is collected to ensure the proper functioning of the website. Other data can be used to analyze how visitors use the site.

What rights do you have regarding your data?
You always have the right to request information about the respective personal data as well as correction or deletion or restriction of the processing or a right of objection against the processing as well as the right of data portability.  You can contact us at any time using the contact data (responsible party) given above if you have further questions about the issue of privacy and data protection. You may also, of course, file a complaint with the competent regulatory authorities (Independent Center for Privacy Protection Schleswig-Holstein, Kiel).

Revocation of your consent to the processing of your data
Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.

2. General information and mandatory information

Data protection
Please note that data transmitted via the internet (e.g. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.

Right to data portability
You have the right to have data which we processed based on your consent or in fulfillment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.

SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser’s address line when it changes from “http://” to “https://” and the lock icon is displayed in your browser’s address bar.
If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.
In the case of encrypted communication, any payment details you submit to us cannot be read by third parties.

Information, blocking, deletion
As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal data.

Opposition to promotional emails
We hereby expressly prohibit the use of contact data published in the context of website legal notice requirements with regard to sending promotional and informational materials not expressly requested. The website operator reserves the right to take specific legal action if unsolicited advertising material, such as email spam, is received.

3. Data protection officer

Statutory data protection officer
We have appointed a data protection officer for our company.

TASCO Revision und Beratung GmbH
Herr Sami Abbas
Hasengartenstraße 25
65189 Wiesbaden
Telefon: +49 611 9491 2224


4. Data collection on our website

IP adress
To enable anonymous use of our blog, we deliberately refrain from logging or storing IP addresses in full form. Your IP address is transmitted anonymously to our server and used there in the anonymized form to detect attacks on the blog. Our Google Analytics and Matomo also receive only a pseudonymized form of their IP address from us to provide us with statistics for our blog.
In the case of comments, we do not record the IP address at all.


Some of our web pages use cookies. Cookies do not harm your computer and do not contain any viruses. Cookies help make our website more user-friendly, efficient, and secure. Cookies are small text files that are stored on your computer and saved by your browser.
Most of the cookies we use are so-called “session cookies.” They are automatically deleted after your visit. Other cookies remain in your device’s memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site.
You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your browser. Disabling cookies may limit the functionality of this website.
Cookies which are necessary to allow electronic communications or to provide certain functions you wish to use (such as the shopping cart) are stored pursuant to Art. 6 paragraph 1, letter f of GDPR. The website operator has a legitimate interest in the storage of cookies to ensure an optimized service provided free of technical errors. If other cookies (such as those used to analyze your surfing behavior) are also stored, they will be treated separately in this privacy policy
When visiting the website for the first time, a cookie notice will appear that allows you to make a cookie choice. When clicking on the button “Accept all cookies”, you accept the use of third party cookies, tracking cookies and session cookies on this website and their storage on your computer. When choosing the button “Only allow necessary cookies”, you will only allow session cookies and the cookie for saving the cookie settings on your computer.

For more information, please also read our Cookie policy.

Server log files

The website provider automatically collects and stores information that your browser automatically transmits to us in “server log files”. These are:

  • Browser type and browser version
  • Operating system used
  • Referrer URL
  • Host name of the accessing computer
  • Time of the server request
  • IP address

These data will not be combined with data from other sources.
The basis for data processing is Art. 6 (1) (f) DSGVO, which allows the processing of data due to legitimate interest on the basis of IT security and website operation.

Contact form

Should you send us questions via the contact form, we will collect the data entered on the form, including the contact details you provide, to answer your question and any follow-up questions. We do not share this information without your permission. This excludes linked businesses.

We will, therefore, only process any data you enter onto the contact form only with your consent per Art. 6 DSGVO. You may revoke your consent at any time. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.

We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.

Please note that if you do not provide data that might be necessary for the processing  we might not be able to process your request or only process it partially.

Data protection for applications and in the application process

We collect and process the personal data of applicants for the purpose of handling the application process. The processing may also take place electronically. This is particularly the case if an applicant submits corresponding application documents to us electronically, by e-mail. If the controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of handling the employment relationship in compliance with the statutory provisions. If the controller does not conclude an employment contract with the applicant, the application documents will generally be deleted six months after notification of the rejection decision. Please note that failure to provide data that may be necessary for processing may mean that we are unable to process your application.

5. Microsoft Bookings

We use the Microsoft Bookings service ( of the provider Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18 D18 P521 (in the following: “Microsoft”) to make appointments online. To make an appointment, your entries in the appointment form are transferred to Microsoft. You can find further information on the handling of your data in the Microsoft data protection declaration (

We process the following personal data from you:

  • Name
  • Telephone number
  • E-mail address
  • Company
  • Size of the company
  • Form of communication (phone, video call)
  • Reason for your request
  • Your free text
  • Time of appointment request and agreed date

This data is necessary for contacting you in order to best manage the appointment with you and organize it in coordination with you. We process the data to confirm the appointment and to contact you. The legal basis for processing your data is Art. 6 para. 1 lit. a DSGVO (consent). You have the right to revoke your consent at any time with effect for the future without giving reasons, even partially. You can address your revocation to the e-mail address stated in the imprint of this website.

Non-consent will preclude you from making appointments via Microsoft Bookings. Alternatively, you can send an e-mail to the e-mail address stated in the imprint of this website with the request to contact us directly.
We delete your data as soon as the purpose of collection ceases to apply.

This is the case when the respective conversation with the user has ended. The conversation is ended when the circumstances indicate that the matter in question has been conclusively clarified. If, as a result of the contact, a contract is concluded or a relationship similar to a contract arises from which mutual rights and obligations can arise, we delete the data when it is clear that there are no longer any rights and obligations arising from this relationship. This is regularly the case after expiry of the relevant limitation period, which is three years. If there are legal obligations to retain data (e.g. under tax or commercial law), we delete the data after this retention period has expired.

6. Microsoft Clarity

We use Microsoft Clarity. “Microsoft Clarity” is a Microsoft procedure that allows user analysis based on a pseudonymous user ID and thus on pseudonymous data, such as the evaluation of data on mouse movements or performance data on certain Internet presentations.

In particular, we process usage data (e.g. Internet presentations visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses), location data (information on the geographical position of a device or a person), movement data (mouse movements, scrolling movements) in pseudonymous form. We have made the appropriate settings so that even the collection of data to and by Microsoft alone is pseudonymized, in particular in the form of IP masking (pseudonymization of the IP address).

All users of our website who have consented to the corresponding use via our cookie consent service are affected by this data processing. The data processing is thus based solely on your consent pursuant to Art. 6 para. 1 lit. a GDPR.

The purpose of the processing is tracking (e.g. interest/behavior-based profiling, use of cookies), remarketing, conversion measurement (measurement of the effectiveness of marketing measures), interest-based and behavioral marketing, profiling (creation of user profiles), reach measurement (e.g. access statistics, recognition of returning users), cross-device tracking (cross-device processing of user data for marketing purposes).

You will be informed of your rights to object in accordance with this privacy policy. In addition, you can set an opt-out with the respective provider.

a) Europe:

b) Canada:

c) USA:

d) International:

Microsoft Clarity: Online marketing and web analysis; offered by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA; Internet presentation:; Privacy policy:; Opt-out:

Please note that we have concluded an AV contract with Microsoft to enable this activity, including the necessary standard contractual clauses.

7. Adobe Typekit Web Fonts

Type and Purpose of processing
This website uses so-called web fonts provided by Adobe (Adobe Systems Software Ireland Companies, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Republic of Ireland) for the unanimous display of fonts and for visual design. When you access a page, your browser loads the required web fonts from a font library into your browser cache in order to display text and fonts correctly. For this purpose, the browser you are using must connect to Adobe’s servers. This enables Adobe to know that your IP address has been used to access our website. For more information about Adobe Typekit Web Fonts, see Adobe’s privacy policy:

Legal basis
Adobe Typekit Web Fonts are used in the interest of a consistent and appealing presentation of our online offers across devices, improved loading times that benefit you, and a smaller administrative effort to keep our website up to date. This presents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f DSGVO.

Duration of storage, possibility of objection and elimination
We do not collect any personal data by including Adobe Typekit web fonts. You can set your browser to not load the fonts from Adobe servers (for example, by installing add-ons such as NoScript or Ghostery). If your browser does not support Adobe fonts, or if you disable access to Adobe servers, the website text is displayed in your system’s default font.

8. Shield Plugin

Our online offer uses the Shield Security Plugin for the purpose of securing our websites. The provider of this plugin is Fernleaf Systems Limited, Suite 4, 2 Mount Oriel, Belfast BT8 7HR, Northern Ireland, UK.

This service protects our websites from viruses, malware and other attacks from criminals. Shield Security secures our website and thus also protects all visitors to our website from viruses and malware.

This data processing is based on our legitimate interest according to Art. 6 para. 1 lit. GDPR cal necessity to provide this website).

Cookies from Shield Security

Shield Security currently uses the following cookies:

At no time does the Shield Security plugin store sensitive, personally identifiable information in cookies. Cookies are used only to register the closing of the Shield plugin’s security badge to prevent repeated display to the visitor.

Cookie name: icwp-wpsf-notbot

Cookie lifetime: 600 seconds (although this may vary slightly with ongoing development).

For all visitors and users, a temporary cookie is used to provide a nonce value for the “NotBot” system. This cookie is used to overcome restrictions imposed by WordPress caching plugins that do not allow nonce values to be updated on the page. We send the nonce value via a cookie to ensure that the client has access to the latest, valid nonce. Again, this cookie does not track anything and is not associated with users or visitors. It simply provides data that the “NotBot” system needs to successfully complete requests.

Cookie name: shield-notbot-nonce

Cookie lifetime: 15 seconds (although this may vary slightly with ongoing development).

Data storage

User sessions

For logged in users, Shield Security Plugin stores information about the username, IP address and the time of last login and last activity.

This information is deleted when the user logs out or during data cleanup.

Audit trail function

Shield Security Plugin has an audit trail feature that logs the following information:

Audit trail message, which may contain email addresses,

Origin IP address of the request,

Logged in username (if applicable).

For logged in users, this represents information that can be used to locate and identify (by IP address) individuals and their activities on the site.

This information is stored by the website administrator for security reasons.

This data is kept and automatically deleted from the database after a certain period of time set by the website administrator.

Traffic Log

In addition to the audit trail, the traffic log is a useful tool for monitoring the behavior of requests from site visitors. This is crucial for making important security decisions about a visitor.

This information is automatically deleted by the plugin after a set period of time, determined by the site administrator, which by default (at the time of writing) is 7 days.


ShieldNET is a distributed knowledge system for tracking malicious web visitors and agents. Shield Security Plugin regularly shares its knowledge about the behavior of IP addresses, mainly malicious bots, with ShieldNET, which then shares this knowledge (on request) with other Shield Security Plugin installations.

All information is fully anonymized and aggregated, and no connection is ever made between an IP address and the website from which the IP information was received. Therefore, there is no processing or storage of specific behaviors and personal information about an IP address, and therefore no way to isolate and extract this information.

The only purpose for aggregating this IP data is for security analysis, defense and website security protection.

Details can be found here:


Privacy Policy:

GDPR Statement:

9. YouTube

Our website uses plugins from Google’s YouTube site. This website is operated by YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. If you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers is established. The Youtube server will be informed which pages you have visited. If you are logged into your YouTube account, you allow YouTube to associate your surfing behaviour and which pages you have visited directly with your personal profile. YouTube uses this data to give you the best online experience. You can prevent this by logging out of your YouTube account. The legal basis is Art. 6 para. 1 lit. a GDPR. For further information please visit