Privacy Policy

Privacy Policy as of February 2021

General and mandatory information
Designation of the data controller
The data controller for data processing within the meaning of the GDPR on this website is:

Proway Holding GmbH
Ingeborg-Bachmann-Straße 71-73
89134 Ulm-Blaustein
Commercial Register: Ulm Commercial Register No.: 738105
VAT ID No.: DE 130856853

Proway GmbH
Ingeborg-Bachmann-Straße 71-73
89134 Ulm-Blaustein
Commercial Register: Ulm Commercial Register No.: 734785
VAT ID No.: DE 815681935

Proway IM GmbH
Ingeborg-Bachmann-Straße 71-73
89134 Ulm-Blaustein
Commercial Register: Ulm Commercial Register No. 737041
VAT ID No.: DE319376115

Proway RST GmbH
Carl-Zeiss-Str. 51
D-85521 Hohenbrunn/Riemerling
Commercial Register: Munich Commercial Register No. 103626
VAT ID No.: DE 811466035

Telephone: +49 731 55 01 98 -0
Fax: +49 731 55 01 98 -20
Email: info(at)

Mr. Thomas Kammer

The data controller, alone or together with others, decides on the purposes and means of processing personal data (e.g. names, contact data, etc.).

Purposes of data processing by the data controller and third parties (Article 6 para.1 of the GDPR)
In principle, we only process our users’ personal data insofar as this is necessary to provide a functional website and our content and services. We also use a contact form to save your contact details, process your request or be available for follow-up questions. Your personal data will not be transferred to third parties for purposes other than those mentioned. We will only pass on your personal data to third parties if:
– you have given your express consent
– the processing is necessary to process a contract with you
– the processing is necessary to fulfill a legal obligation
– the processing is necessary to safeguard legitimate interests and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data

Revocation of your consent to data processing (Article 7 para.3 of the GDPR)
Some data processing procedures are only possible with your express consent. You can revoke consent you have already given at any time. An informal notification by email is sufficient to withdraw consent. The legality of the data processing carried out before the revocation remains unaffected.

Right to complain to the competent supervisory authority (Article 13 para. 2 (d) of the GDPR)
As a data subject, you have the right to lodge a complaint with the competent supervisory authority in the event of a breach of data protection law. The competent supervisory authority with regard to data protection issues is the state data protection officer of the federal state in which our company is based. The following link provides a list of data protection officers and their contact details: node.html.

Right to data portability (Article 20 of the GDPR)
You have the right to have data that we process automatically based on your consent or to fulfill a contract handed over to you or to third parties. It is made available in a machine-readable format. If you request the direct transfer of the data to another data controller, this will only be done if technically feasible.

Right to information, correction, restriction, blocking and erasure (Article 13 para.2 (d) of the GDPR
You have the right to free information about your stored personal data, the origin of the data, its recipients and the purpose of the data processing at any time within the framework of the applicable legal provisions. You may also have the right to correct, restrict, block or erase this data. You can contact us at any time via the contact options listed in the legal notice if you have any further questions on the subject of personal data.

Information to third parties
If we have made personal data concerning you public and are obliged to delete it in accordance with Article 17 para. 1 of the GDPR, we will take appropriate measures to inform those responsible for data processing that you have requested the deletion of all links or copies or replications of this personal data.

Right to information (Article 19 of the GDPR)
If you have asserted the right to correction, erasure or restriction of processing against us, we are obliged to notify all recipients who have received your personal data of its correction or erasure or restriction of processing. This does not apply if this proves impossible or involves a disproportionate effort. You also have the right to be informed about these recipients.

Right to object
Due to a special situation, you have the right to object to the processing of your personal data at any time, based on Article 6 para. 1 sentence 1 (e) or (f) of the GDPR; this also applies to profiling based on these provisions. In the event of an objection, we will no longer process the personal data relating to you, unless we can demonstrate that there are verifiable, necessary, legitimate reasons that outweigh your interests, rights and freedoms in this case. You are entitled to exercise your right to object with the help of automated procedures in which technical specifications are used.

Data erasure and storage period (Article 17 para.1 of the GDPR)
You have the right to demand that the data be erased or blocked immediately as soon as the storage purpose no longer applies. The purpose of storage is no longer applicable as soon as your request can no longer be processed and/or there are no more follow-up questions, or as soon as the data is no longer required for our services within our operational interests. In this case, we are obliged to erase or block your personal data. If the European or national legislator requires in ordinances, laws or other regulations that personal data is stored, such storage can take place. The data will also be blocked or erased if a storage period prescribed by the standards mentioned expires. This does not apply if the data is necessary to conclude or fulfill a contract.

SSL or TLS encryption
For security reasons and to protect the transmission of confidential content which you send to us as the website operator, our website uses SSL or TLS encryption. This means that data you transmit via this website cannot be viewed by third parties. You can recognize an encrypted connection by the “https://” address line of your browser and the lock symbol in the browser line.

Data protection officer
We have appointed a data protection officer:
Oskar, Brendler
Ingeborg-Bachmann-Strasse 71-73
89134 Blaustein
Telephone: 0731 550198 – 0

Server log files
The website provider automatically collects and stores information that your browser automatically transmits to us in server log files. This information is:
Browser type and browser version

  • Operating system used
  • Referrer URL
  • Time of the server request
  • IP address

This data is not merged with other data sources. The basis for data processing is Article 6 para. 1 (b) of the GDPR, which allows data to be processed to fulfill a contract or pre-contractual measures.

Contact form
Data transmitted via the contact form, including your contact details, will be stored in order to process your request or to be available for follow-up questions. This data will not be passed on without your consent. The data entered in the contact form is processed exclusively on the basis of your consent (Article 6 para. 1 (a) of the GDPR). You can revoke consent you have already given at any time. An informal notification by email is sufficient to withdraw consent. The legality of the data processing operations carried out before the revocation remains unaffected. Data transmitted via the contact form will remain with us until you ask us to delete it, revoke your consent to storage or there is no longer any need to store data. Any mandatory statutory provisions, in particular retention periods, remain unaffected.

Use of Google Maps
This website uses Google Maps API to visually display geographic information. When Google Maps is used, Google also collects, processes, and utilizes data about visitors’ use of map functions. You can find more information about data processing by Google in Google’s data protection information. There you can also change your personal data protection settings in the data protection center.

Our website uses cookies. These are small text fragments that your web browser saves on your device. Cookies help us make our website more user-friendly, effective and secure. Some cookies are “session cookies”. These cookies are automatically deleted at the end of your browser session or expire after a short time (usually 60 minutes). Apart from session cookies, only the language used by the user is saved. No further cookies are used, and there is no tracking. You can use a modern web browser to monitor, restrict or prevent the setting of cookies. Many web browsers can be configured so that cookies are automatically deleted when the program is closed. Deactivating cookies can limit the functionality of our website. The setting of cookies, which are necessary to carry out electronic communication processes or to provide certain functions you want (e.g. shopping cart), is based on Article 6 para. 1 (f) of the GDPR. As the operator of this website, we have a legitimate interest in storing cookies to provide our services smoothly and free from technical errors. If other cookies are stored (e.g. for analytics purposes), these are treated separately in this Privacy Policy.

XING plugin
Our website uses functions of the XING network. The provider is XING AG, Dammtorstrasse 29-32, 20354 Hamburg, Germany. When a page with integrated Xing functions is called up, a connection to the Xing servers is established. To the best of our knowledge, personal data is not stored. IP addresses are not saved, and usage behavior is not evaluated. For more information about data protection and the XING Share button, please see the XING Privacy Policy at:

On the subpage, we use plugins from the video portal Vimeo. The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA. For technical reasons, the Vimeo servers are called up through the integration of Vimeo videos. Data from your browser or device is transmitted to the Vimeo server. The Vimeo server is also informed which of our pages you have visited. Vimeo additionally obtains your IP address. This also applies if you are not logged in to Vimeo or do not have a Vimeo account. The information recorded by Vimeo is transmitted to the Vimeo server in the USA.
If you are logged in as a member of Vimeo, Vimeo will assign this information to your personal user account. When using the plugin, e.g. if you click the start button of a video, this information is also assigned to your user account. Via the Vimeo component, Vimeo always receives information that the person concerned has visited our website if this person is logged into Vimeo when accessing our website; this takes place regardless of whether the person clicks on a Vimeo video or not. You can prevent this by logging out of your Vimeo account and deleting the relevant Vimeo cookies.

In addition, Vimeo calls up the Google Analytics tracker via an iFrame in which the video is called up. This is Vimeo’s own tracking system, to which we have no access. Vimeo uses cookies or comparable recognition technologies (e.g. device fingerprinting) to recognize website visitors.

Vimeo is used in the interests of making our online presence more attractive. This constitutes a legitimate interest pursuant to Article 6 para. 1 (f) of the GDPR. If corresponding consent has been requested, processing takes place exclusively on the basis of Article 6 para. 1 (a) of the GDPR; consent may be revoked at any time. The data transfer to the USA is based on the standard contractual clauses of the EU Commission and, according to Vimeo, on “legitimate business interests”. You can find details here:

Further information on handling user data can be found in Vimeo’s Privacy Policy at: