Privacy Policy

Protecting your personal data during the collection, processing, and use of personal data during your visit to our homepage is an important concern for us. Your data will be protected within the framework of legal regulations. We would like to inform you below about the type and extent of the processing of personal data via this website according to Article 13 of the General Data Protection Regulation (GDPR).


1. General Notes

Notice concerning the party responsible for this website

KOLLER Maschinen- und Anlagenbau GmbH
Bruchkampweg 5
29227 Celle

Phone: +49 5141 9898-0


Data Protection Officer

We have appointed a data protection officer for our company.

Arndt Halbach
Wetterauer Str. 6
42897 Remscheid

Phone: +49 2191 909430


2. Data collection on this website

Server log files

The website provider automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • Browser type and browser version
  • Operating system used
  • Referrer URL
  • Hostname of the accessing computer
  • Time of the server request
  • IP address


This data will not be combined with data from other sources. The collection of this data is based on Art. 6 para. 1 f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website – for this purpose, the server log files must be recorded.



Our website uses so-called “cookies.” Cookies are small text files that are stored on your device via your browser. They do no harm. They are either stored temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device. Session cookies are automatically deleted after your visit.

Cookies have various functions. Some cookies are technically necessary because certain website functions would not work without them (e.g., the language used, shopping cart function, or the display of videos).

Other cookies are used to evaluate user behavior or display advertising.

Data processing related to cookies that solely serve to provide the functionality of our online offering is carried out on the basis of our legitimate interest according to Art. 6 para. 1 f) GDPR.

In all other cases, especially for evaluating uses of our websites and marketing, we only use cookies after obtaining your consent. The legal basis is thus Art. 6 para. 1 a) GDPR § 25 para. 1 TTDSG.

You can revoke or change your consent at any time by changing your cookie settings via the link Cookie Settings.

If you do not wish to use cookies, you can set your browser to not accept the storage of cookies. Please note, however, that in this case you may not be able to use all functions of our websites.

For more details on cookies and services and storage periods, please refer to our privacy policy.


Consent with Borlabs-Cookie

Our website uses the consent technology of Borlabs-Cookie to obtain your consent to store certain cookies in your browser or to use certain technologies, and to document this in compliance with data protection regulations. The provider of this technology is Borlabs GmbH, Hamburger Str. 11, 22305 Hamburg, Germany (hereinafter Borlabs).

When you enter our website, a Borlabs-Cookie is stored in your browser, which stores the consents you have given or the revocation of these consents. This data is not shared with the Borlabs-Cookie provider.

The collected data will be stored until you request us to delete it, delete the Borlabs-Cookie yourself, or the purpose for data storage lapses. Mandatory statutory retention periods remain unaffected. Details on data processing by Borlabs-Cookie can be found at

The use of Borlabs-Cookie consent technology is carried out to obtain the legally required consents for the use of cookies. The legal basis for this is Art. 6 para. 1 c GDPR.


Contact Form

If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provided there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not share this data without your consent.

The processing of the data entered into the contact form is thus exclusively based on your consent (Art. 6 para. 1 a GDPR). You can revoke this consent at any time. An informal email making this request is sufficient. The legality of the data processing operations carried out before the revocation remains unaffected by the revocation.

The data you enter in the contact form will remain with us until you ask us to delete it, revoke your consent to storage, or the purpose for data storage no longer pertains (e.g., after your request has been processed). Mandatory statutory provisions – especially retention periods – remain unaffected.


Data Transfer

When you visit our website, a secure connection is established. You can recognize this by the “https://” in your browser’s address bar and the lock symbol in your browser line.

During transmission, your data is protected with an encryption protocol (TLS), which is up-to-date with current technology standards, to ensure the security of your data.


Job Applications at Koller Maschinen- und Anlagenbau

You have the opportunity to apply for a position advertised under the section ABOUT US/Careers via our applicant email – The personal data you send us, especially your name, address, contact details such as email address and phone number, as well as the usual application documents like cover letter, resume, and certificates, are used exclusively for application purposes (initiation of an employment relationship). The legal basis for data processing is Art 6 para. 1 b) GDPR, § 26 para. 1 BDSG.

If we cannot offer you a position in our company, your data will be automatically deleted no later than 6 months after a rejection is issued.


Inquiries via Email, Phone, or Fax

If you contact us by email, phone, or fax, your inquiry, including all resulting personal data (name, inquiry), is stored and processed by us for the purpose of handling your request. We do not share this data without your consent.

The processing of this data is based on Art. 6 para. 1 b) GDPR if your inquiry is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the inquiries addressed to us (Art. 6 para. 1 f GDPR) or on your consent (Art. 6 para. 1 a GDPR) if this has been requested.


Customer Feedback Form Microsoft Forms

Your opinion is very important to us to continuously improve our products and services. As part of an online feedback form using the Microsoft Forms application, we ask our customers to evaluate our products.

Participation in the survey is voluntary. If you participate in the survey, you give us your consent to process your personal data (Art. 6 para. 1 a GDPR), which we collect in connection with the feedback survey. You can revoke your consent at any time for the future. Your data will then be promptly deleted.

If there is no operational necessity or legal obligation for longer-term storage, all data will be deleted within one year.

Our form is provided by Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland. Data processing via the form is carried out on behalf of Koller as the controller by Microsoft as the processor. A data processing agreement has been concluded with Microsoft in accordance with Article 28 of the General Data Protection Regulation (GDPR).

In principle, personal data can also be processed via the feedback form, although our online form only includes your company and your order number. Entering personal data is not necessary or would only occur if you initiate it, for example, by entering your name in the context of voluntary individual feedback in the corresponding text field.

Data are stored in the Microsoft Cloud and accessed by the project team from there. Your data is transmitted exclusively encrypted via https://.

Data processing outside the European Union (EU) generally does not take place since we have limited our storage location to data centers in the European Union. However, we cannot exclude that personal data such as your IP address or browser data may be transferred to servers located outside the EU. It is also possible that U.S. government agencies could access personal data under the Cloud Act. As far as possible, this has been secured by concluding standard contractual clauses of the EU Commission. Moreover, Microsoft is effectively certified under the EU-U.S. Data Privacy Framework.

If you require information on the processing of your personal data by Microsoft, we ask you to consult the relevant declaration from Microsoft.

Microsoft Privacy Statement:


3. Recipients of Personal Data

We assure you that we do not pass on your personal data to third parties unless this is necessary for contract processing, we are legally obliged to do so, or you have previously given us your consent.

For the implementation and processing of processing processes, we may employ service providers as part of data processing outsourcing.

Specifically, we have engaged a service provider for hosting our website.

Mittwald CM Service GmbH & Co. KG
Königsberger Straße 4-6
32339 Espelkamp

The contractual relationships with our service providers are regulated according to the provisions of Article 28 GDPR, which includes the legally required points regarding data protection and data security.


4. Plugins and Tools

YouTube with Enhanced Privacy

Our website embeds videos from YouTube. The operator of the pages is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

We use YouTube in enhanced privacy mode. According to YouTube, this mode means that YouTube does not store any information about visitors to this website before they watch the video. However, the enhanced privacy mode does not necessarily exclude the sharing of data with YouTube partners. Thus, YouTube – regardless of whether you watch a video – establishes a connection to the Google DoubleClick network.

As soon as you start a YouTube video on our website, a connection to YouTube’s servers is established. This tells the YouTube server which of our pages you have visited. If you’re logged into your YouTube account, you allow YouTube to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.

Furthermore, after starting a video, YouTube may store various cookies on your device or use comparable recognition technologies (e.g., device fingerprinting). This way, YouTube can obtain information about visitors to this website. This information is used, among other things, to compile video statistics, improve user-friendliness, and prevent attempts at fraud.

If you start a YouTube video, it could trigger further data processing operations that we have no control over.

The use of YouTube is based on your consent according to Art. 6 para. 1 a GDPR; § 25 para. 1 TTDSG. The consent is revocable at any time.

For more information on data protection at YouTube, please see their privacy policy at:


Google Web Fonts

For uniform representation of fonts, this page uses web fonts provided by Google. When you open a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly. The Google Fonts are installed locally. A connection to Google servers is not established.

If your browser does not support web fonts, a standard font is used by your computer.

Further information about Google Web Fonts can be found at and in Google’s privacy policy:


Google Maps

This site uses the map service Google Maps. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. Using Google Maps is in the interest of making our online offers appealing and to facilitate the location of places specified by us on the website.

To use the features of Google Maps, it may be necessary to process information about your use of this website, including your IP address, which could be transmitted to Google in the United States and stored there. The provider of this page has no influence on this data transfer.

Regarding the transfer of personal data to the USA, an adequacy decision by the European Commission is in place for data processing by U.S. companies that are certified under the EU-U.S. Data Privacy Framework (DPF). The processing by Google LLC is based on its certification under the EU-U.S. Data Privacy Framework.

Additionally, to ensure an adequate level of data protection, we have concluded EU standard contractual clauses with the service provider. Details can be found here:

The usage agreement we have with Google includes a supplement regarding joint responsibility according to Article 26 of the GDPR. Accordingly, Google Ireland is responsible for enabling the rights of data subjects in accordance with Articles 15-20 of the GDPR regarding the personal data stored by Google after joint processing. For more information, visit:

More information on handling user data can be found in Google’s privacy policy:

The use of Google Maps is based on your consent according to Art. 6 para. 1 a GDPR; § 25 para. 1 TTDSG. The consent can be revoked at any time.



We have integrated Wordfence on this website. The provider is Defiant Inc., 800 5th Ave Ste 4100, Seattle, WA 98104, USA (hereafter Wordfence).

Wordfence is used to protect our website from unwanted access or malicious cyber-attacks. For this purpose, our website establishes a permanent connection to the Wordfence servers to allow Wordfence to compare its databases with the accesses made to our website and, if necessary, block them. Personal data such as the IP address is also stored. To protect against attacks or spam, IP addresses are stored on the Wordfence servers. IP addresses deemed safe are placed on a whitelist. Wordfence Security ensures our website and thus protects visitors to the website from viruses and malware. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.

The use of Wordfence is based on your consent according to Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the most effective protection of its website against cyberattacks.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here:

Learn more about the data processed through the use of Wordfence in their privacy policy at


5. Data Deletion Deadlines

Unless a specific storage period is specified within this privacy policy or our Cookie Consent Tool, data will generally be deleted when they are no longer necessary for the purpose of their processing and no statutory retention periods remain. Different periods apply for the storage of personal data; for example, data relevant to tax law are usually stored for 10 years, while other data as per commercial law provisions are typically stored for 6 years.


6. Your Rights

Under §§ 15-21 GDPR, you can exercise the following rights regarding the personal data processed by us, provided that the conditions described therein are met:

  • Right to access information about your personal data processed by us (Art. 15 GDPR).
  • Right to rectify incorrect personal data concerning you (Art. 16 GDPR).
  • Right to deletion if one of the reasons listed in Art. 17 GDPR applies, e.g., if the data are no longer needed for the intended purposes.
  • Right to restriction of processing if one of the conditions listed in Art. 18 GDPR is met, e.g., if you have objected to processing, for the duration of the controller’s examination.
  • Right to object on grounds relating to your particular situation (Art 21 GDPR).
  • If data is processed based on your consent, you have the right to revoke it at any time with effect for the future. The link to our Cookie Consent Tool can be found under the heading Cookies in this privacy policy.


7. Right to Lodge a Complaint with a Supervisory Authority

In case of GDPR violations, data subjects have a right to lodge a complaint with a supervisory authority, particularly in the member state of their habitual residence, place of work, or place of the alleged infringement.


For the location of our company, the competent supervisory authority is:

The State Commissioner for Data Protection Lower Saxony
Prinzenstr. 5
30159 Hannover

Phone: 0511-120-4500