blu Gruppe has realized an efficient business model that facilitates first-class services, high employee motivation and an excellent cost structure. An ongoing intensive communication and cooperation with our subsidiaries is highly emphasized. The services of blu Gruppe focus on IT consulting and solutions for corporate functions within large companies and corporations, mainly in the fields of Finance, Automotive, Healthcare, Telco and IT.
The principles of fair and transparent data processing require that the data subject be informed of the existence of the processing operation and its purposes. The confidentiality and integrity of your personal data is of particular concern to us. Therefore, we will process and use your personal data carefully and purposefully in accordance with your consent and in compliance with the legal provisions on data protection.
The right to protection of personal data is not an unlimited right. It must be seen in the light of its social function and weighed against other fundamental rights, while respecting the principle of proportionality.
Personal data is any information relating to an identified or identifiable natural person. The data subjects are identifiable if they can be directly or indirectly assigned to an identifier such as a name, an identification number, location data, an online identifier or to one or more special features (Article 4, No. 1 GDRP).
This data protection notice describes how we collect, process and use your personal data when you visit our website. You will find more detailed information in the following sections:
The person responsible for data processing on this website in accordance with Article 4 No. 7 GDPR
blu Gruppe AG
Phone: +49 89 38 888 18 0
2. Who can I contact?
Our data protection officer can be reached via the following contact details:
blu Gruppe AG
Data protection officer
Phone: +49 89 38 888 18 0
3. Data processing on our website
Purpose of data processing
By making appropriate changes to your browser settings, you can be informed about the setting of cookies and decide individually whether to accept them or to generally exclude them, as well as arrange for the automatic deletion of cookies when the browser window is closed. By deactivating cookies, you may not be able to use all functions of our website.
|First Party Cookies|
The legal basis for the processing of this data is Art. 6 para. 1 letter f GDPR. We have a legitimate interest in the storage of cookies for the technically error-free and optimized provision of our services.
3.2 Server Log Files
Whenever you visit our website, our system automatically collects information and stores it in so-called server log files. The following data is collected by us:
Purpose of data processing/duration of storage
The storage of the above mentioned data in the log files is done to ensure the functionality of our website. In addition, this data serves us to optimize our website and to ensure the security of our information technology systems. This data is deleted after 14 days.
The legal basis for the processing of this personal data is Art. 6 para. 1 letter f GDPR.
The recipient of this data is our server host, with whom a contract for processing orders in the sense of Article 28 GDPR has been concluded.
3.3 Google Web Fonts
Purpose of data processing
In order to display our content correctly and graphically appealing across browsers, we use script libraries and font libraries such as Google Web Fonts (https://www.google.com/webfonts/) on our website. Google Web Fonts are transferred to your browser’s cache to avoid multiple loading. If the browser does not support Google Web Fonts or prevents access, content will be displayed in a default font.
The legal basis for data processing is Art. 6 Par. 1 letter f GDPR. Our legitimate interest results from our need for an attractive presentation of our online offer.
4. How can you contact us?
4.1 Contact us directly
Purpose of data processing
You have the possibility to contact us at any time by post, telephone, fax or e-mail. In order to process your contact request, we may store your communication (e.g. telephone number, e-mail) and identification data (e.g. name, address).
If the request aims at the conclusion of a contract or is necessary for the implementation of pre-contractual measures, the legal basis for the processing is Art. 6 para. 1 lit. b GDPR.
In all other cases the processing is based on our legitimate interest (Art. 6 para. 1 lit. f GDPR) in the effective processing of the inquiries addressed to us.
4.2 Microsoft Teams
We use Microsoft Teams, a service provided by Microsoft Corporation to conduct telephone and video conferences, online meetings and/or online seminars. If online meetings/online seminars are to be recorded, we will inform you before the start of the online meeting/online seminar and – if necessary – ask for (verbal) consent. If you do not wish a recording, you can leave the Online-Meeting/Online-Seminars. The following personal data may be processed:
The extent of the data depends on the information you provide before or during participation in the online meeting/online seminars.
Legal basis for online meetings
The legal basis for the processing is Art. 6 para. 1 letter b) GDPR.
During the online meeting, the registration names of all participants and the communication content generated are displayed and can be viewed by the other participants in the online meeting. The communication contents are stored for documentation purposes. If necessary, the online meeting is recorded and then made available to the participants.
Legal basis for online seminars
The legal basis for the processing is our legitimate interest in an attractive design of our online seminar, Art. 6 para. 1 lit. f) GDPR.
During the online seminar, the registration names of all participants as well as the generated communication contents will be displayed and can be viewed by the other participants of the online seminar. The communication contents are stored for documentation purposes. If necessary, the online seminar is recorded and then made available to the participants.
Purpose of the processing
The data processing is carried out for the purpose of registration, receipt, organization and realization of the event. Photos or video recordings made during the event may be processed for public relations purposes and published on the Internet or in our publications.
Legal basis of the processing
The data processing is based on Art. 6 para. 1 letter b GDPR and on Art. 6 para. 1 letter f GDPR. If you have given us your consent to process photos and video recordings for the above-mentioned purposes, the data processing will take place on the basis of Art. 6 para. 1 letter a GDPR. You can withdraw your consent at any time with effect for the future.
Recipient of the data
An internal transfer of your personal data will only take place for the fulfilment of the above-mentioned purposes or to comply with legal obligations.
The following companies within blu Gruppe can access your personal data as far as the purpose allows:
All responsible employees are obliged to maintain the confidentiality of your data. As a matter of principle, your personal data will not be passed on to third parties unless we have legal permission or have your consent to do so. Should we use a service provider for the purpose of order processing, we nevertheless remain responsible for the protection of your data. All processors are contractually obliged to treat your data confidentially and to process it only within the scope of the service provision.
It cannot be ruled out that your personal data will be transferred to a third country. In doing so, we ensure that an adequate level of data protection exists before transferring your personal data, whether it is through an adequacy decision of the European Commission, through guarantees, certifications or through EU Standard contractual clauses.
5. Social Media
We use on our website the features of the LinkedIn network, a service of LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. When you access our website, which includes LinkedIn’s functionality, a connection is made to LinkedIn’s servers. To the best of our knowledge, your personal data will not be stored, in particular the IP address will not be stored or the usage behaviour will not be evaluated.
On our website, we use the functions of the network XING, which are offered by XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. Each time our website is accessed, a connection is established to XING servers. To the best of our knowledge, no personal data is stored, in particular, no evaluation of usage behavior and IP addresses are not stored.
6. SSL Encryption
For security reasons our website uses SSL encryption. This protects transmitted data and prevents it from being read by unauthorized third parties. You can recognize an encrypted connection by the fact that the address line of the browser changes from
“http://” to “https://” and by the padlock symbol, which is visible in your browser line.
7. Automated decision making and profiling
An automated decision making including profiling according to Art. 22 and Art. 4 No. 4 GDPR does not take place on our website.
8. How long will your data be stored?
Your personal data will be deleted as soon as they are no longer required for the purpose for which they were collected, as soon as you request us to delete them or as soon as you revoke your consent to their storage. Exceptionally, your personal data will only be stored to the extent required by the laws, regulations or other legal provisions to which we are subject. Data stored by us for other purposes remains unaffected.
9. What rights do you have?
You have the following rights in relation to the personal data concerning you:
If you have given us your consent, you can revoke it at any time with effect for the future, without affecting the legality of the processing already carried out.
For this purpose, an informal notification by e-mail to: email@example.com
Note on complaints to a supervisory authority
Without prejudice to any other administrative or judicial remedy, the person concerned has the right to appeal to the competent supervisory authority. This depends on the state of your residence, your work or the alleged violation. A list of the supervisory authorities (for the non-public sector) with their addresses can be found at: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
Our responsible state office for data protection supervision (BayLDA)
PO Box 606
Online complaint form: