General information

With the following information, we want to inform you in an understandable way about the type, scope, and purpose of personal data according to the Telemedia Act by visiting this website. Furthermore, we would like to inform you about the processing of personal data in countries outside the scope of the General Data Protection Regulation (GDPR).

Data collection on our website.

Who is responsible for data collection on this website?
Date processing on this website is performed by the website operator. See the legal notice on this website for contact information.

How do we collect your data?

On the one hand, your data will be collected when you communicate it to us. This may include data you enter into a contact form.
Other data are collected automatically by our IT systems during your visit to the website. This is primarily technical data such as the browser, operating system, and time of access. These data are collected automatically as soon as you enter our website.

Where do we collect your data?

The provider of this website commissioned to operate the web server operates its servers in a data center within Germany. We have entered into a corresponding data processing contract with the provider.

What do we use your data for?

Some of the data are collected to ensure the proper functioning of the website. Other data can be used to analyze your user behavior.
The purposes of data processing on this website include corporate presentation and the presentation of our products and services. In addition, you can contact us or find out the addresses of our locations or cooperation partners at home and abroad.

What rights do you have regarding your data?

You always have the right to request information about your stored data, their origins, recipients, and the purpose of collection at no charge. You also have the right to request that data be corrected, blocked, or deleted. You can contact us at any time using the address given in the legal notice if you have further questions about the issue of privacy and data protection. You may also file a complaint with the competent regulatory authorities.

Furthermore, you have the right to request a restriction on the processing of your personal data under certain circumstances. For details, see the data protection notice under “Right to the restriction of processing”.

Data protection

The operator of this website takes the protection of your personal data very seriously. We treat your personal data as confidential and comply with the applicable data protection regulations as well as this data protection notice.
Various personal data are collected when you use this website. Personal data means data that can be used to identify you personally. This data protection notice explains what data we collect and what the data is used for. It also explains how this is done and for what purposes.
Please note that data transmitted via the Internet (e.g. via email communication) may be subject to security breaches. It is not possible to fully protect data from third-party access.

Notice concerning the controller

The controller for data processing on this website in terms of data protection is:
FREY & Co. GmbH
Papyrerstraße 12, 83661 Lenggries-Fleck, Germany
Represented by Dietrich Lauber
Phone: +49 8042 9176-0
E-Mail: [email protected]
The controller is a natural or legal person who, alone or together with others, decides on the purposes and means of processing personal data (names, e-mail addresses, etc.).

Data Protection Officer

We have appointed a Data Protection Officer for our company. You may contact Stephan Krischke at [email protected]

Revoking your consent to data processing

In many cases, data processing is only possible with your express consent. You may revoke your previously given consent at any time. An informal e-mail making this request is sufficient. The lawfulness of data processing prior to the withdrawal of consent remains unaffected.

Right to object to data collection in special cases and to direct marketing (Art. 21 GDPR)

You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you that is based on point (e) or (f) of Art. 6(1) GDPR, including profiling based on those provisions. See this data protection notice for the respective legal basis on which processing is based. If you object, we shall no longer process your personal data in question, unless we can demonstrate compelling legitimate grounds for processing that override your interests, rights, and freedoms, or in case of processing for the establishment, exercise or defense of legal claims (objection according to Art. 21(1) GDPR).
If your personal data are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. If you object to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes (objection according to Art. 21(2) GDPR).

Right to lodge a complaint with the responsible supervisory authority

In case of violations of the GDPR, every data subject shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work, or place of the alleged infringement. The right to lodge a complaint exists without prejudice to any other administrative or judicial remedy.

Right to data portability

You have the right to receive data that we have processed using automated means based on your consent or in the course of contract fulfillment in a commonly used and machine-readable format, delivered to you or to a third party. If you request direct transmission of the data to another controller, this is only done where technically feasible.

SSL or TLS encryption

This website uses SSL/TLS encryption for security reasons and to protect the transfer of confidential content, such as orders or inquiries, that you send to us as the site operator. An encrypted connection is identified by the change from “http://” to “https://” in your browser’s address bar and by the lock symbol in your browser.
When SSL/TLS encryption is active, data you transmit to us cannot be read by third parties.

Information, blocking, erasure, and correction

Under the applicable legal provisions, you have the right to obtain information free of charge at any time about your stored personal data, their origins and recipients, and the purpose of data processing, as well as the right to correction, blocking, or erasure of these data. Please contact us at any time under the address provided in the legal notice regarding this and other questions on the topic of personal data.

Right to the restriction of processing

You have the right to request the restriction of personal data concerning you. To exercise this right, you may contact us at any time using the address given in the legal notice. You have the right to obtain the restriction of processing from us where one of the following applies:

• When the accuracy of the personal data stored by us is contested by you; we then generally need time to review this. You have the right to request the restriction of your personal data for the duration of the review.
• When the processing of your data was/is unlawful, you may request the restriction of processing instead of the erasure of the data.
• When we no longer need your personal data, but they are required by you for the establishment, exercise or defense of legal claims, you have the right to request the restriction of processing instead of the erasure of your personal data.
• When you object according to Art. 21(1) GDPR, your interests have to be weighed against our interests. You have the right to request the restriction of processing instead of the erasure your personal data until it is established whose interests shall override those of the other party.
• If you have restricted the processing of your personal data, these data – aside from storage – may only be processed with your consent or for the establishment, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.

Objection to promotional emails

We hereby object to the use of the contact information provided to meet our obligation to publish a legal notice in order to send promotional and information materials that are not expressly requested. The website operator expressly reserves the right to take legal steps if promotional material is sent without request, for example, in the form of spam e-mails.

Data collection on the website

Server log files
Information automatically transmitted by your browser is automatically collected and stored in server log files by the website provider. Said information includes: Browser type/browser version, operating system used, referrer URL, host name of the accessing computer, date and time of the server request, IP address
Said data are not combined with any other data sources. The provider automatically erases the data after 7 days.
The basis for data processing is point (b) of Art. 6(1) GDPR, which permits the processing of data for the performance of a contract or in order to take steps prior to entering into a contract.

The website in part uses what are known as cookies. Cookies do not harm your computer and do not contain any viruses. Cookies help make our website more user-friendly, efficient, and secure. Cookies are small text files that are stored on your computer and saved by your browser.
Most cookies used by us are known as “session cookies”. They are automatically deleted after your visit. These cookies allow us to recognize your browser when you next visit the site. Other cookies, called “persistent cookies”, remain stored on your device for 6 or 12 months. We use these cookies for the evaluation of visitors. See “Visitor evaluation with Matomo” for further information.
You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your browser. Deactivating cookies may limit the functionality of this website.
Cookies required to carry out the electronic communication process or to provide certain functions desired by you (such as the shopping cart function) are stored on the basis of point (f) of Art. 6(1) GDPR. The website operator has a legitimate interest in the storage of cookies for the technically sound and optimized delivery of its services. To the extent other cookies (such as cookies to analyze your surfing behavior) are stored, these are addressed separately in this data protection notice.

Functions of the website

Contact form
When you submit an inquiry to us using a contact form, your information from the contact form including your data provided there, such as your title, first name, last name, company, address, phone number, and e-mail address will be stored by us to process the inquiry and in case of follow-up questions. We do not share these data without your consent.
Thus the data entered in the contact form are processed exclusively based on your consent (point (a) of Art. 6(1) GDPR). You may revoke your consent at any time. An informal e-mail making this request is sufficient. The lawfulness of data processing prior to the withdrawal of consent remains unaffected.
We store the data you enter into the contact form until you request their erasure, revoke your consent to storage, or the purpose of data storage ceases to apply (for example, after processing your inquiry is concluded). Mandatory legal provisions – notably retention periods – remain unaffected.

Contact by e-mail
You can also send us inquiries directly by e-mail to the addresses provided on the website, for example, in order to submit reporting forms to us electronically.
Security notice: Sending unencrypted e-mails via the Internet is not sufficiently protected against unauthorized access by third parties. S/MIME or TLS encryption can be used for confidential communication.


Google Tag Manager
This website uses Google Tag Manager. The operator is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).
Within the scope of Google AdWords and Google Analytics, we use Google Tag Manager to simplify visitor evaluation in the context of our promotional measures with Google AdWords. We have configured the anonymized transmission of data between the tools.
More information about Google Tag Manager is available in Google’s data protection provisions
You can configure your browser to prevent the use of Google Tag Manager.
The use of Google Tag Manager is based on point (f) of Art. 6(1) GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising.
Data processing under contract: We have entered into a data processing contract with Google.

Our website uses plugins from YouTube, which is operated by Google. The operator is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
When you visit one of our pages with the YouTube plugin, a connection is established to YouTube’s servers. The YouTube server is informed about which of our pages you visited.
If you are logged on to your YouTube account, YouTube can assign your surfing behavior directly to your personal profile. You can prevent this by first logging out of your YouTube account.
YouTube is used to help make our website appealing. This is a legitimate interest pursuant to point (f) of Art. 6(1) GDPR.
Further information about the handling of user data is found in YouTube’s data protection notice at:

Google Web Fonts
This website uses Google Web Fonts for the uniform depiction of fonts. When a page is called, your browser loads the required Web Fonts into your browser cache to display texts and fonts correctly.
Your browser has to establish a connection to Google’s servers for this purpose. This informs Google that our website was accessed from your IP address. The use of Google Web Fonts is done in the interest of a uniform and appealing presentation of our website. This is a legitimate interest pursuant to point (f) of Art. 6(1) GDPR.
If your browser does not support web fonts, a standard font is used by your computer.
Further information about Google Web Fonts is available at and in Google’s data protection notice:

Google Maps
This site uses the Google Maps map service via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Storing your IP address is necessary to use the functions of Google Maps. This information is generally transmitted to a Google server in the USA and stored there. The operator of this site has no influence on this data transfer.
The use of Google Maps is in the interest of making our website appealing and to facilitate locating the places we specify on the website. This is a legitimate interest pursuant to point (f) of Art. 6(1) GDPR.
Further information on the handling of user data is found in Google’s data protection notice:

Last update: 13 July 2018

Data protection notice for YouTube

In the following, we provide you with information about the processing of personal data in the context of using “YouTube”.


Purpose of processing

FREY & Co. GmbH operates this YouTube channel to present the company to YouTube users and other interested parties who visit this YouTube channel, and to communicate with them


FREY & Co. GmbH as the operator of this social media profile is the controller under data protection law. This means that FREY & Co. GmbH is responsible for the lawful processing of your data via this profile and for ensuring that you can exercise your rights regarding your data in the relationship with FREY & Co. GmbH (see Art. 26 GDPR).


Data about you may be collected through this social media channel using cookies, regardless of whether you have a YouTube account or not. Cookies are data packets that identify computers, smartphones, and other user devices with a unique ID. They are regularly stored on the user’s device when visiting a YouTube channel, including our channel. The information stored in the cookies is received, recorded, and processed by YouTube, in particular when the user utilizes the YouTube services, services provided by other members of the corporate group, and services provided by other companies that utilize the YouTube services. Other entities such as YouTube partners and even third parties can use cookies with the YouTube services to provide services to companies that advertise on YouTube. Further information on the use of cookies by YouTube is found in YouTube’s data protection notice. Cookies are primarily used to display, for example, personalized advertising to visitors on the YouTube channels. This is done by displaying advertisements of YouTube advertising partners whose websites the user previously visited to the user on our YouTube channel. Cookies are also used to prepare statistics about the use of a social media profile so that YouTube and FREY & Co. GmbH can understand the use of a social media channel. The collection of data using cookies during the use of the social media channel is not prescribed by law or contract. Neither is it required for the conclusion of a contract. Thus there is no obligation to transmit your data to YouTube. However, not transmitting your data (by blocking cookies, for example) has the consequence that we are no longer able to offer our social media channel to you, or only with restrictions. Please see the privacy policy for further details on the use of cookies by YouTube (

Legal basis of data processing

Processing the personal data of users is based on the legitimate interest of FREY & Co. GmbH in optimizing the presentation of the company (point (f) of Art. 6(1) GDPR).

Recipients/dissemination to third parties

Your data can be provided to Google Inc. in the USA via the cookies. The transfer of data outside the EU and therefore data transmission to a third country is regulated with Google based on the EU standard contract clauses. This means that Google has to maintain a data protection standard in accordance with the GDPR for users in Europe.

Regarding your personal data, you can request, from FREY & Co. GmbH,

  • information in the form of a copy of the personal data and corresponding details,
  • delivery in a structured, machine-readable format,
  • correction in case of errors,
  • erasure, in particular when you revoke your consent or when the purpose of processing ceases to exist, and
  • the restriction of processing in certain cases,
  • and you can object to the use of your data for direct marketing purposes at any time.

YouTube users can change the settings for advertising preferences to influence the extent to which their user behavior may be recorded during the visit to our YouTube channel. Further possibilities are offered by the YouTube settings and the form to exercise the right to object.

The processing of information by means of the cookies used by YouTube can also be prevented by not allowing cookies of third-party providers or YouTube in your browser settings.

Our Data Protection Officer

We have appointed a Data Protection Officer in our company. You may contact Stephan Krischke at [email protected]

Right to complain to a supervisory authority

If you believe that the processing of personal data by FREY & Co. GmbH does not comply with the applicable legal requirements, you may submit a complaint to the responsible supervisory authority.

Amendment of this data protection notice

We revise this data protection notice as needed in case of data processing changes or on other occasions. The respective current version is always found on this website.

Last update: March 2021

Data protection information for online meetings, telephone conferences and webinars via "WebEx" of FREY & Co. GmbH

Privacy policy for online meetings, conference calls and webinars via “WebEx” of FREY & Co. GmbH


We would like to inform you in the following about the processing of personal data in connection with the use of “WebEx”.


Purpose of processing

We use the “WebEx” tool to conduct conference calls, online meetings, video conferences and/or webinars (hereinafter referred to as “Online Meetings”). “WebEx” is a service of Cisco Systems, Inc.



The person responsible for data processing directly related to the execution of “online meetings” is FREY & Co. GmbH.


Note: If you access the website of “WebEx”, the provider of “WebEx” is responsible for the data processing. However, calling up the website is only necessary for the use of “WebEx” in order to download the software for the use of “WebEx”. If you do not want to or cannot use the “WebEx” app, you can also use “WebEx” via your browser. In this case, the service is then also provided via the “WebEx” website.


Which data is processed?

Various types of data are processed when using “WebEx”. The scope of the data also depends on the information you provide before or during participation in an “online meeting”. The following personal data is processed:

  • registration information: name, email address, password, public IP address, billing information, geographic region, unique user ID (UUID), user information included in the customer’s active directory (if synched). Optional: phone number, mailing address, avatar
  • host and usage information: IP address, user agent identifier, hardware type, operating system type and version, client version, ip addresses along the network path, MAC address of your client (as applicable), service version, actions taken, geographic region, meeting session information (title, date and time, frequency, average and actual duration, quantity, quality, network activity, network connectivity), number of meetings, number of screen-sharing and nonscreen-sharing sessions, number of participants, meeting host information (host name, meeting site URL, meeting start/end time), screen resolution, join method, performance – troubleshooting and diagnostics information, call attendee information (including email addresses, IP address, username, phone number, room device information)
  • user-generated information: meeting and call recordings, transcriptions of call recordings, uploaded files (for webex events and training only)


Scope of Processing

We use “WebEx” to conduct “online meetings”. If we want to record “online meetings”, we will inform you transparently in advance and – if necessary – ask for your consent. If necessary, for the purposes of recording the results of an online meeting, we will log the chat content. However, this will usually not be the case. Automated decision-making within the meaning of Art. 22 GDPR is not used.


Legal basis of data processing

As far as personal data of employees of FREY & Co. GmbH are processed, § 26 BDSG is the legal basis of the data processing. If, in connection with the use of “WebEx”, personal data is not required for the establishment, execution or termination of the employment relationship, but is nevertheless an elementary component of the use of “WebEx”, Art. 6 para. 1 lit. f) GDPR is the legal basis for the data processing. In these cases, we are interested in the effective conduct of “online meetings”.

In addition, the legal basis for data processing in the conduct of “online meetings” is Art. 6 para. 1 lit. b) GDPR, insofar as the meetings are conducted within the framework of contractual relationships.

If no contractual relationship exists, the legal basis is Art. 6 para. 1 lit. f) GDPR. Here too, we are interested in the effective implementation of “online meetings”.


Recipient / passing on of data

Personal data processed in connection with participation in “online meetings” are generally not passed on to third parties unless they are specifically intended to be passed on. Please note that content from “online meetings”, as well as in personal meetings, often serves precisely to communicate information with customers, interested parties or third parties and is therefore intended for disclosure.

Other recipients: The provider of “WebEx” necessarily obtains knowledge of the above-mentioned data to the extent that this is provided for in our contract processing agreement with “WebEx”.


Data processing outside the European Union

“WebEx” is a service which is provided by a contractor in the US. This means processing of personal data also takes place in a third county. We have signed a data processing agreement (DPA) with the provider of “WebEx” which meets the requirements of art. 28 GDPR. An adequate level of data privacy protection is guaranteed by the conclusion of the EU standard contractual clauses (SCC).


Our data protection officer

We have appointed a data protection officer in our company. You can reach Stephan Krischke at [email protected]


Your rights as a data subject

You have the right of access to personal data concerning you. You can contact us for information at any time. In the case of a request for information that is not made in writing, we ask for your understanding that we may require you to provide evidence that proves that you are the person you claim to be. Furthermore, you have the right to correction or deletion or to restriction of processing, as far as you are legally entitled to do so. Finally, you have the right to object to the processing within the scope of the statutory provisions. You also have a right to data transferability within the framework of the data protection regulations.


Deletion of data

As a matter of principle, we delete personal data when there is no need for further storage. A requirement can exist in particular if the data is still needed to fulfil contractual services, to check and grant or ward off warranty and, if applicable, guarantee claims. In the case of statutory storage obligations, deletion shall only be considered after the expiry of the respective storage obligation.


Right of appeal to a supervisory authority

You have the right to complain about the processing of personal data by us to a data protection supervisory authority.


Amendment of this data protection notice

We revise this privacy policy in the event of changes in data processing or other reasons that make this necessary. The current version can always be found on this website.


Status: July 2021