Privacy Policy

1. Responsible body and data protection officer

Thank you for your interest in our information service.

Your privacy as a data subject and your right to “informational self-determination” are very important to us. We process your personal data in accordance with the EU General Data Protection Regulation(EU GDPR) and the German Federal Data Protection Act(BDSG).

The responsible body within the meaning of the GDPR is
ESL Electronics GmbH
Lehnerstr. 2
85630 Grasbrunn
Phone: +49-89-4207969-0

Data Protection Officer:
Please send all requests for information, requests for information or objections to data processing to this address:

ESL Electronics GmbH
Lehnerstr. 2
85630 Grasbrunn
Phone: +49-89-4207969-0
We take the protection of your personal data very seriously. Personal data means any information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

2. Legal bases for the processing of your personal data

We process your personal data in accordance with specific purposes in connection with your expressions of interest in our offers, to initiate contractual or quasi-contractual business relationships, to offer products and services, to maintain business contacts and to comply with processing regulations under tax and commercial law and other relevant laws and regulations.

In this sense, if necessary, we also pursue changes to the purposes – e.g. in the context of advertising activities (direct marketing) – as long as these do not contradict your right to informational self-determination or you do not revoke your consent to this processing of your personal data.

The legal basis for the processing of your personal data arises in particular from Art. 6 EU GDPR.

To a large extent, personal data is collected and processed directly from the data subjects via our website – especially if you actively use the online forms yourself. This happens, for example, when you use the contact form or subscribe to the online newsletter.

Processing of special categories of personal data within the meaning of Art. 9 (1) GDPR only takes place, for example, when registering for events, applications or participation in training events, if this is necessary on the basis of your consent or legal regulations and there is no reason to assume that your legitimate interest in the exclusion of processing prevails, Art. 88 (1) GDPR. 1 EU GDPR.

3. Your rights as a data subject

The EU GDPR provides you as the data subject with relevant rights when your personal data is processed by the controller, in particular the right to data portability:

Right to information (Art. 15 EU GDPR)
You have the right to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if it was not collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information about its details;

Right to rectification (Art. 16 EU GDPR)
In accordance with Art. 16 GDPR, you have the right to demand the immediate correction of incorrect or the completion of your personal data stored by us;

Right to erasure (Art. 17 EU GDPR)
In accordance with Art. 17 GDPR, you have the right to request the deletion of your personal data stored by us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;

Right to restriction of data processing (Art. 18 EU GDPR)
You have the right to request the restriction of the processing of your personal data in accordance with Art. 18 GDPR if the accuracy of the data is disputed by you, the processing is unlawful but you refuse to delete it and we no longer need the data, but you need it to assert, exercise or defend legal claims or you have lodged an objection to the processing in accordance with Art. 21 GDPR;

Right to data portability (Art. 20 EU GDPR)
You have the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transferred to another controller in accordance with Art. 20 GDPR;

Right to withdraw your consent once given
You have the right, pursuant to Art. 7 para. 3 GDPR to revoke your consent once given to us at any time. As a result, we may no longer continue the data processing that was based on this consent in the future

Right to lodge a complaint with a data protection supervisory authority
You have the right to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our registered office, the Bavarian State Commissioner for Data Protection, for this purpose

Right to object to data processing (Art. 21 EU GDPR)
If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 para. 1 p. 1 lit. f GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR on grounds relating to your particular situation or if the objection is directed against direct marketing. In the latter case, you have a general right to object, which will be implemented by us without specifying a particular situation.
If you would like to exercise your right of revocation or objection, simply send an e-mail to the company data protection officer: .

4. Data protection in individual areas

Data security of the web platform

We use the widespread SSL (Secure Socket Layer) method in conjunction with the highest level of encryption supported by your browser when you visit our website. As a rule, this involves 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the status bar of your browser.

We also use suitable technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

Our website at is designed to make it easier for you to access our information and services.

We reserve the right to make changes or additions to the information provided at any time. When creating our website, we take great care to ensure that the information provided is correct, up-to-date, complete, comprehensible and available at all times. Service provider according to § 13 Telemediengesetz (TMG) and responsible body acc. Art. 4 No. 7 GDPR is ESL Elektronik GmbH, Lehnerstr. 2, 85630 Grasbrunn, Germany.

Collection and storage of personal data and the nature and purpose of its use:

a) When visiting the website
When you use our website, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is collected without any action on your part and stored until it is automatically deleted:

  • IP address
  • Date and time of the request
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • Access status/HTTP status code
  • Amount of data transferred in each case
  • Website from which the request comes
  • Browser
  • Operating system and its interface
  • Language and version of the browser software.

We process the aforementioned data for the following purposes:

  • Ensuring a smooth connection to the website,
  • To ensure a comfortable use of our website,
  • Evaluation of system security and stability and
  • for other administrative purposes.

The legal basis for data processing is Art. 6 para. 1 p. 1 lit. f GDPR. Our legitimate interest follows from the data collection purposes listed above. Under no circumstances do we use the data collected for the purpose of drawing conclusions about your person.
We also use cookies when you visit our website. You will find more detailed information on this in the separate Cookies section below.

b) Contact form
If you have any questions, you can contact us using the form provided on the website. It is necessary to provide your name and a valid e-mail address so that we know who sent the request and can respond to it. Further information can be provided voluntarily.
Data processing for the purpose of contacting us is carried out in accordance with Art. 6 para. 1 p. 1 lit. a GDPR on the basis of your voluntarily given consent.

c) Registration for events
If you would like to register for one of our events, we offer you the opportunity to register using a form provided on the website. You must provide your name, a valid e-mail address and your postal address so that we know who sent the registration and can process it. Further information can be provided voluntarily.
Data processing for the purpose of event registration with us is carried out in accordance with Art. 6 para. 1 lit. b GDPR. We delete your personal data after completion of the contract and expiry of the retention obligations under tax and commercial law.

Forwarding of data:

As a rule, personal data is passed on exclusively for the purpose of order processing by external service companies, in particular for the purpose of sending the Lebenshilfe-Zeitung, the trade journal Teilhabe and the legal service to the respective orderers or subscribers.
Your personal data will not be transmitted to third parties for purposes other than those listed.
We only pass on your personal data to third parties if:

  • You have given your consent in accordance with Art. 6 para. 1 p. 1 lit. a GDPR have expressly consented to this,
  • the disclosure pursuant to Art. 6 para. 1 p. 1 lit. f GDPR is necessary for the establishment, exercise or defense of legal claims and there is no reason to assume that you have an overriding legitimate interest in the non-disclosure of your data,
  • in the event that the disclosure pursuant to Art. 6 para. 1 p. 1 lit. c GDPR there is a legal obligation, and
  • this is legally permissible and in accordance with Art. 6 para. 1 p. 1 lit. b GDPR is required for the processing of contractual relationships with you.

5 Technical background to the processing of personal data

a) Use of cookies:

Furthermore, cookies are stored on your computer when you use the website. Cookies are small text files that are stored on your hard disk assigned to the browser you are using and through which certain information flows to the body that sets the cookie (in this case us). Cookies cannot run programs or transfer viruses to your computer. They serve to make the website more user-friendly and effective overall. We use cookies to identify you for subsequent visits if you have an account with us. Otherwise you would have to log in again for each visit.
This website uses cookies to the following extent:

  • Transient cookies (temporary use)
  • Persistent cookies (time-limited use)
  • Third-party cookies (from third-party providers)
  • Flash cookies (permanent use; cannot be excluded by third-party providers).

Transient cookies are automatically deleted when you close the browser. These include session cookies in particular. These store a so-called session ID, with which various requests from your browser can be assigned to the shared session. This allows your computer to be recognized when you return to the website. The session cookies are deleted when you log out or close the browser.

Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can delete the cookies in the security settings of your browser at any time. You can configure your browser settings according to your wishes and, for example, refuse to accept third-party cookies or all cookies. However, we would like to point out that you may then not be able to use all the functions of this website.

The Flash cookies used are not recorded by your browser, but by your Flash plug-in. These store the necessary data independently of the browser you are using and have no automatic expiration date. If you do not want Flash cookies to be processed, you must install an appropriate add-on, e.g. “Better Privacy” for Mozilla Firefox or Adobe Flash Killer Cookie for Google Chrome.
This stored information is stored separately from any other data you may have provided to us. In particular, the cookie data is not linked to your other data.

b) Use of Google products:

The legal basis for the processing of users’ personal data is generally the user’s consent in accordance with Art. 6 para. 1 S.1 lit. a GDPR.
With the tracking measures used, we want to ensure a needs-based design and the continuous optimization of our website. On the other hand, we use tracking measures to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer for you. The respective data processing purposes and data categories can be found in the corresponding tracking tools.

  • Google Fonts
  • Integration of Google Maps

1. Google fonts:
Our website uses so-called web fonts provided by Google for the uniform display of fonts. Google Fonts is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). For this purpose, the browser you are using must connect to Google’s servers. This gives Google knowledge that our website has been accessed via your IP address. The IP address of the browser of the end device of the visitor to this website is also stored by Google. If your browser does not support web fonts, a standard font will be used by your computer.

Further information on Google Fonts can be found at and in Google’s privacy policy: Integration of Google Maps:
We have integrated content from Google Maps on this website. When you visit the website, Google Maps receives the information that you have visited the corresponding subpage of our website and the links listed under para. 1 mentioned data. Google Maps works with an autofill function that automatically completes your address data to make it easier for you to enter it. The note on Google Analytics also applies to the transmission of data to Google Maps. The additional terms of use of Google Maps at also apply. You can deactivate the Google Maps service at any time and thus prevent the transfer of data to Google by deactivating JavaScript in your browser. However, we would like to point out that you will not be able to use the map display in this case.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here:

5. Use of the Google Tag Manager:
We use Google Tag Manager to implement the tracking codes of the online marketing tools listed above on our online presence. The Google Tag Manager does not collect any data or set any cookies, it is technically only responsible for managing and controlling the individual pixels.

c) Transfer to third countries

The use of cookies may result in data transfers to third countries – in particular the USA – for which there is no adequacy decision pursuant to Art. 45 para. 3 GDPR and no suitable guarantees pursuant to Art. 46 GDPR. We would like to point out that data transmission without an adequacy decision and without suitable guarantees entails certain risks, which we would like to point out to you below:

US intelligence agencies use certain online identifiers (such as IP addresses or unique identification numbers) as a starting point for monitoring individuals. In particular, it cannot be ruled out that these messaging services have already collected information about you, with the help of which the data transmitted here can be traced back to you.

Providers of electronic communications services headquartered in the United States are subject to surveillance by U.S. intelligence agencies pursuant to 50 U.S. Code § 1881a (“FISA 702”). Accordingly, providers of electronic communications services headquartered in the USA are obliged to make personal data available to the US authorities in accordance with 50 U.S. Code § 1881a, without you possibly being entitled to any legal remedies. Even encryption of data in the data centers of the electronic communications service provider cannot provide adequate protection, as an electronic communications service provider has a direct obligation to grant access to or hand over imported data in its possession, custody or control. This obligation may also expressly extend to the cryptographic keys without which the data cannot be read.

The fact that this is not merely a “theoretical risk” is demonstrated by the ECJ ruling of July 16, 2020, C-311/18.

The legal basis for the transfer of users’ personal data to a third country is the user’s consent in accordance with Art. 49 para. 1. lit. a GDPR.

6. Social Media

We use different networks for our corporate presence. When using some networks, personal data may be transferred to servers in the USA. In order to ensure suitable guarantees for the protection of the transfer and processing of personal data outside the EU, data is transferred to and processed by the companies listed below on the basis of suitable guarantees in accordance with Art. 46 ff GDPR, in particular by concluding so-called standard data protection clauses in accordance with Art. 46 para. 2 lit. c GDPR.


The operating company of Facebook is Facebook, Inc, 1 Hacker Way, Menlo Park, CA 94025, USA. If a data subject lives outside the USA or Canada, the controller for the processing of personal data is Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

With each call-up to one of the individual pages of this Internet site, which is operated by the controller and into which a Facebook component (Facebook plug-ins) was integrated, the web browser on the information technology system of the data subject is automatically prompted to download display of the corresponding Facebook component from Facebook through the Facebook component. A complete overview of all Facebook plug-ins can be found at As part of this technical process, Facebook receives information about which specific subpage of our website is visited by the person concerned.

If the data subject is logged in to Facebook at the same time, Facebook recognizes which specific subpage of our website the data subject is visiting each time the data subject accesses our website and for the entire duration of the respective stay on our website. This information is collected by the Facebook component and assigned by Facebook to the respective Facebook account of the data subject. If the data subject clicks on one of the Facebook buttons integrated on our website, for example the “Like” button, or if the data subject makes a comment, Facebook assigns this information to the personal Facebook user account of the data subject and stores this personal data.

Facebook always receives information via the Facebook component that the data subject has visited our website if the data subject is logged in to Facebook at the same time as accessing our website; this occurs regardless of whether the data subject clicks on the Facebook component or not. If the data subject does not want this information to be transmitted to Facebook, they can prevent the transmission by logging out of their Facebook account before accessing our website.

The data policy published by Facebook, which is available at, provides information about the collection, processing and use of personal data by Facebook. It also explains what settings options Facebook offers to protect the privacy of the data subject. Various applications are also available that make it possible to suppress data transmission to Facebook. Such applications can be used by the data subject to suppress data transmission to Facebook.


YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066, United States

Our website uses plugins from the YouTube site operated by Google. The operator of the pages is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. When you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

On our YouTube company page, we provide information and offer YouTube users the opportunity to communicate. If you perform an action on our corporate YouTube presence (e.g. comments, posts, likes, etc.), you may make personal data (e.g. real name or photo of your user profile) public. However, since we generally or to a large extent have no influence on the processing of your personal data by the jointly responsible company YouTube, we cannot provide any binding information on the purpose and scope of the processing of your data.

Our company presence in social networks is used for communication and information exchange with (potential) customers. The publications on the company’s website may contain the following content:

  • Information about products
  • Information about services
  • Competitions
  • Advertising
  • Customer contact

Every user is free to publish personal data through activities.
The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. a GDPR.

The data generated by the company website is not stored in our own systems.

You can object to the processing of your personal data that we collect in the context of your use of our YouTube corporate presence at any time and assert your rights as a data subject. Please send us an informal e-mail. You can find more information on the processing of your personal data by YouTube and the corresponding objection options here:


7. Updating and amending this privacy policy

This privacy policy is currently valid and was last updated in October 2022.

Due to the further development of our website and offers on it or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can call up and print out the current data protection declaration at any time on the website via this link.