A. Basic information as per Art. 13, 14 GDPR

The responsible authority in the context of the GDPR and other national data protection legislation of the member states and other data protection provisions is Hohenstein with the following companies:

  • Forschungsinstitut Prof. Dr. Jürgen Mecheels GmbH & Co. KG
  • Hohenstein Laboratories GmbH & Co. KG
  • Hohenstein Textile Testing Institute GmbH & Co. KG
  • Hohenstein Institut für Textilinnovation gGmbH

Corporate address:
Schlosssteige 1
74357 Bönnigheim
Telephone: +49 7143 271-0

You can contact the company data protection officer at:

Hohenstein Data Protection Officer
Schlosssteige 1
D-74357 Bönnigheim

You can contact the external data protection officer at:

Sven Lenz
Deutsche Datenschutzkanzlei – Datenschutzkanzlei Lenz GmbH & Co. KG
Bahnhofstraße 50
D-87435 Kempten
E-mail: lenz@deutsche-datenschutzkanzlei.de

If you feel that Hohenstein has processed your personal data in an unlawful manner, you can contact any data protection supervisory authority with your complaints. The responsible supervisory authority as per Art. 55 GDPR is

Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg [Data Protection Authority of the State of Baden-Wuerttemberg]
Postfach 10 29 32
D-70025 Stuttgart
Phone: 0711/615541-0

In general, we only process personal data when necessary for the provision of a functioning website and our content and services. The processing of personal data only takes place on a regular basis if a legal regulation permits this or if you have previously given consent. An exception to this occurs if it is not possible to obtain prior permission for factual reasons and if the processing of the data is permitted by statutory regulations. The collection and use of your personal data is, primarily, for the following purposes:

  • to use our website / online services
  • for the contact form and e-mail contact
  • for advertising purposes
  • video monitoring of the business premises

If we obtain consent from the person in question for the processing actions for personal data, Art. 6, section 1, lit. a) GDPR is applicable as the legal basis.

When processing personal data that is necessary for fulfilment of a contract whereby the contractual party is the person in question, Art. 6, section 1, lit. b) GDPR is applicable as the legal basis. This also applies to processing actions that are necessary for the execution of pre-contractual measures.

If it is necessary to process personal data in order to fulfil a legal obligation for which our company is liable, Art. 6 section 1, lit. c) GDPR is applicable as the legal basis.

In the event that essential interests of the person in question or another natural person make it necessary to process personal data, Art. 6, section 1, lit. d) GDPR is applicable as the legal basis.

If processing is necessary for the protection of a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the party concerned do not outweigh the first-mentioned interests, then Art. 6, section 1, lit. f) GDPR is applicable as the legal basis.

The legal basis for the processing of your personal data for an application procedure is § 26 BDSG [German Federal Data Protection Act].

Data is only passed to third parties within the framework of statutory guidelines. We only pass on the user data to third parties if this is necessary, for example, for the purposes of a contract or on the basis of legitimate interests in the economic and effective operation of our business.

If we hire subcontractors to provide our services, we will take suitable legal precautions and appropriate technical and organisational measures to ensure protection of the personal data in accordance with the pertinent statutory regulations.

Third countries are countries in which the GDPR is not directly applicable legislation. This basically includes all countries outside of the EU or European Economic Area.

Data is transmitted to a third country or international organisation. In this case, the adequacy decision of the EU Commission is taken into account. This states that it is a safe third country or a safe international organisation which offers an adequate level of protection.

The personal data for the person in question is deleted or locked as soon as the purpose of storage lapses. Furthermore, data can be stored if this was intended by the European or national lawmaker within the context of union law regulations, laws or other provisions to which the responsible party is liable. The data is also locked or deleted on expiration of a storage period prescribed by the specified standards unless it is necessary to store the data for a longer period in order to conclude or fulfil a contract.

Persons aged 18 years or younger may not send any personal data to us without the consent of a parent or guardian. We may only have access to personal data for persons aged 18 years or younger if there is explicit consent from a parent or guardian. The data is processed in accordance with this data protection declaration.

We and our service providers shall take technical and organisational security precautions to protect your personal data from any accidental or intentional manipulations, loss or destruction or from being accessed by unauthorised persons. Our data processing and security measures are continually improved in accordance with technical developments.

The security measures specifically include the encrypted transfer of data between your browser and our server. A 128-bit SSL (AES 128) encryption technology is used for this purpose.

In accordance with statutory provisions, you, as the person concerned, have the right at any time to receive free-of-charge information about your data stored by Hohenstein.

Furthermore, you can assert to Hohenstein your rights to correction, deletion or restriction of the data processing or the right of objection at any time. The same applies to a right to data transferability.

Should you have provided your personal data on the basis of consent, you can revoke the consent for the future at any time.

From time to time, it becomes necessary to edit the content of this information regarding data protection. We therefore reserve the right to change this information at any time. We will also publish the changed version of the data protection information here. If you visit us again, you should therefore read through the data protection information again.

B. Purposes and scope of data processing

I. Provision of website and creation of log files

Each time our internet site is accessed, our system automatically records data and information from the computer system for the calling computer. The following data is collected in this case:


  • (1) Information about the browser type and the version used
  • (2) The user’s operating system
  • (3) The user’s internet service provider
  • (4) The user’s IP address
  • (5) Date and time of access
  • (6) Websites from which the user’s system accesses our internet site
  • (7) Websites called from the user’s system via our website


The log files contain IP addresses or other data which enables assignment to a user. This may be applicable, for example, if the link to the website from which the user accesses the internet site, or the link to the website to which the user switches, contains personal data. The data is also saved in the log files for our system. This data is not stored together with other personal user data.

It is saved in log files to ensure the functioning of the website. We also use the data to optimise the website and to guarantee the security of our information technology system. In this context, no evaluation of the data for marketing purposes takes place.

These purposes also form our legitimate interest in data processing as per Art. 6, section 1, lit. f) DSGVO.

Legal basis for temporary storage of data and log files is Art. 6, section 1, lit. f) GDPR.

The data is deleted as soon as it is no longer required for achieving the purpose of its collection. If the data is collected for provision of the website, this applies when the session is over.

If the data is saved in log files, this applies after a maximum of six months. Storage for a longer time is possible. In this case, the IP addresses for the user are deleted or distorted so that assignment of the calling client is no longer possible.

The collection of data to enable provision of the website and storage of the data in log files is essential for operation of the internet site. There is thus no possibility for objection by the user.

If you feel that Hohenstein has processed your personal data in an unlawful manner, you can contact any data protection supervisory authority with your complaints.

II. Use of cookies

We use cookies in some areas to make our website more user friendly and tailor it to your needs. Cookies are small files that are stored locally on the hard drive of your computer and which are held ready for subsequent use to facilitate the use of our website. They allow our system to recognise your browser and make specific services available to you. Cookies also enable the analysis of your use of our website.

Some of the cookies that we use are deleted again after the end of the browser session, that is, after you close your browser (these are called session cookies). Other cookies remain on your end device for up to 24 months and allow us or our service providers to recognise your browser again during your next visit (persistent cookies). Cookies also enable the analysis of your use of our website (web tracking, see below).

The cookies store the following data and information:


  • log-in information
  • language settings
  • search terms entered
  • information on the number of times our website is called and on the use of individual functions of our website.


When cookies are activated, an identification number and an allocation are assigned There is no assignment of your personal data to this identification number. Your name, your IP address or similar data which would enable an assignment of the cookie to you, are not stored in cookies. On the basis of cookie technology, we only receive pseudonymised information, for example, on which sites have been visited, etc.

You can configure your browser so that you are informed in advance when cookies are set and you can decide in individual cases whether to prevent the acceptance of cookies for specific cases or in general or whether cookies are fully blocked. This may restrict the functionality of the website.

Our legitimate interest in the use of cookies as per Art. 6, section 1 page 1 lit. f) GDPR lies in the goal of making our website more user-friendly, effective and secure.

The legal basis for the processing of personal data using cookies for the purposes of analysis is, with the existence of relevant consent for this by the user, Art. 3, section 1 lit. a) GDPR.

Cookies are saved to the user’s computer which transmits them to our website. Therefore, as the user, you also have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the transfer of cookies. Cookies that have already been saved can be deleted at any time. This can take place automatically. If cookies are deactivated for our website, it is possible that not all of the website functions will be fully available for use.

If you feel that Hohenstein has processed your personal data in an unlawful manner, you can contact any data protection supervisory authority with your complaints.

III. Anonymised web tracking

Our website uses Google Analytics, a web analysis service provided by Google Inc., USA (“Google”). Google Analytics uses cookies which are stored on your computer to allow an analysis of your use of the website. The information created by the cookie about your use of our website is usually transmitted to a Google server in the USA and stored there.

By activating IP anonymisation on our website, your IP address is routinely shortened within member states of the European Union or in other countries that are contracting parties to the Agreement on the European Economic Area. The full IP address is only transferred to a Google server in the USA in exceptional cases and shortened there.

Google will use this information on our behalf to anonymously evaluate your use of the website, to compile reports on website activities and to provide us with services related to website usage and internet usage.

You can prevent the recording of data created by the cookie and relating to your use of the website (including your shortened IP address) with Google and the processing of this data by Google by downloading and installing the browser plug-in available from the link http://tools.google.com/dlpage/gaoptout?hl=en or, as described under c. (Consent and refusal of cookies), configure the settings for your browser software.

If you feel that Hohenstein has processed your personal data in an unlawful manner, you can contact any data protection supervisory authority with your complaints.

IV. Contact form and e-mail contact

If you contact us by e-mail or using a contact form on our internet site, you are assumed to be in agreement with the electronic communication. Personal data is collected when contact is made with us. Which data is collected via the contact form is apparent from the respective contact form. Your data is transmitted securely (SSL encryption).

The information you provide is only used for the purposes of processing the contact and for possible follow-up questions.

Your consent is obtained for the processing of the data during the dispatch process and this data protection declaration is referenced.

Processing for fulfilment of our services and execution of contractual measures as per Art. 6 section 1 lit. b) GDPR. Processing for protection of our legitimate interests as per Art. 6, section 1, lit. f) GDPR.

We only store the data you have made available to us for as long as it is necessary to fulfil the above purposes or for the storage periods defined by the legislator. If the respective purpose lapses or after expiration of the corresponding time periods, your data is routinely locked or deleted in accordance with the statutory regulations.

You can object to the processing of your personal data at any time, provided that there are no statutory storage obligations. If such an obligation exists, we can also lock your data if you wish. If there is a corresponding statutory requirement, we will also delete your personal data without the need for a corresponding request on your part.

If you feel that Hohenstein has processed your personal data in an unlawful manner, you can contact any data protection supervisory authority with your complaints.

V. Advertising measures

If we receive your e-mail address in connection with your (fee-based) participation in a seminar, webinar, event or virtual press conference, we will also use this for the promotion of our own, similar events by e-mail, provided that you have not objected to its use.

We also use your information for customer analyses and written advertising by post, also on behalf of partner companies from the textile industry.

Provided there is the consent of the user, the legal basis for the processing of data is Art. 6, section 1, lit. a) GDPR. For processing your data for the protection of our legitimate interests, the legal basis is Art. 6, section 1, lit. f) GDPR.

The data is deleted as soon as it is no longer required for achieving the purpose of its collection.

You can submit an objection to the processing of your personal data at any time; this also includes your e-mail address (Art. 6, section 1, Art. 21, section 1, section 4, GDPR).

If you want us to stop processing and using your personal data for advertising purposes or would like to revoke any consent that you have granted at any time, simply send a brief message by e-mail to datenschutz@hohenstein.de or by letter to Hohenstein, Abt. Datenschutz, Schlosssteige 1, 74357 Bönnigheim, Germany.

Once you have done so, your data will no longer be used for advertising purposes. This will not affect the legality of any use of your data up until the time at which you revoke your consent or request that your data is not used for advertising purposes.

You can also exercise your right of objection for example, by using the Unsubscribe function on our website. You can find a link to this function in the footer of each newsletter.

If you feel that Hohenstein has processed your personal data in an unlawful manner, you can contact any data protection supervisory authority with your complaints.

VI. Video surveillance

The company premises in Bönnigheim is monitored around the clock with video cameras. The resulting recordings may be considered personal data.

The video surveillance of the company premises is used for safeguarding domiciliary rights and to secure the property of the company and employees.

The legal basis is Art. 6, section 1, lit. f) GDPR.

The recordings are stored for 10 days or until the intended purpose has been achieved.

You have the right to information about your personal data processed by us. If your information request is not in writing, please understand that we will then require evidence from you to prove that you are really the person you claim to be.

If you feel that Hohenstein has processed your personal data in an unlawful manner, you can contact any data protection supervisory authority with your complaints.