Privacy Statement Website


This privacy policy describes the processing of personal data when using the website of validio GmbH & Co. KG. It also sets out the options that you have with respect to your personal data (‘Your rights’) and provides details on how you can contact us.

I. Who is the controller and how can I contact the Data Protection Officer?

The controller within the meaning of the GDPR is

validio GmbH & Co. KG
Pretzfelder Straße 13
90425 Nuremberg
Nuremberg Commercial Register HRA 12160
Managing Director: Dipl.-Kfm. Michael Oschmann

Please contact our Data Protection Officer Dr. Stefan Drewes, who you can reach at the address in the imprint or at the following email address:, for any questions you may have about how we process your personal data or about data protection in general.

II. Your rights as a data subject

Each data subject has the following rights:
• Right of access (Article 15 of the GDPR);
• Right to rectification of incorrect data (Article 16 of the GDPR);
• Right to erasure/‘right to be forgotten’ (Article 17 of the GDPR);
• Right to restriction of processing personal data (Article 18 of the GDPR); and
• Right to data portability (Article 20 of the GDPR).

You can object to the processing of personal data for the purposes of marketing, including the analysis of customer data for marketing purposes, at any time without stating any reasons for this.

The data subject also has a general right to object (see Article 21 Paragraph 1 of the GDPR). In this case, reasons must be given for the objection to data processing. If data processing is based on consent, your consent may be withdrawn at any time with future effect.

To exercise data subject rights, the easiest option is to contact Otherwise, please use the address in our imprint. You also have the right to complain to data protection supervisory authorities responsible for you.

III. Processing of personal data by validio GmbH & Co. KG

We would like to give you an overview below of how we guarantee that your personal data is protected against access when you visit our website, and what types of personal data we process for what purposes and to what extent.

1. Processing data when accessing our website – log files

When you access our website, general information is automatically collected. This information (server log files) includes the type of web browser, the operating system used, the domain name for your internet service provider and other similar information. The IP address is also sent and used for the service requested by you. This information is required for technical reasons in order to be able to provide you with the website content you have requested, and is mandatory when using the internet.

Based on our IT security concept, the resulting log file data is saved for a period of 28 days in order to recognise and analyse any attacks against our website. The legal basis for data processing is Article 6 Paragraph 1 Sentence 1 Letter f) of the GDPR.

2. Processing data when accessing our website – your enquiries

If you send us an enquiry by email or via the contact form, we collect the data you share in order to process it and respond to your concern. We save this information for a period of up to two years for evidence purposes. The legal basis for data processing is Article 6 Paragraph 1 Sentence 1 Letter f of the GDPR.

3. Notes on guaranteeing data security

We take technical and operational security precautions on our website to protect the personal data saved by us against third-party access, loss or misuse, and to facilitate secure data transfer.

Please note that due to the structure of the internet, it is possible for there to be unauthorised access to data by third parties. You are therefore responsible for protecting your data from misuse using encryption or other means. If appropriate security measures aren’t taken, unencrypted transmitted data in particular can be read by third parties, even if such data is sent by email.

1. General information about using cookies

Our website uses ‘cookies’. Cookies are small text files that are placed on your end device and saved by your browser. They are used to make our website more user-friendly, effective and secure. We also use ‘temporary cookies’ that are automatically deleted when you close your browser (‘session cookies’), as well as persistent cookies.

You have the choice of whether to allow the use of cookies. You can make changes in your browser settings. You essentially have the choice of accepting all cookies, being notified when cookies are saved, or rejecting all cookies. If you have chosen the latter option, you may not be able to use our website to its full extent.

When using cookies, a distinction must be made between mandatory cookies and cookies for other purposes (measuring page views, advertising purposes).

2. Mandatory cookies when using the website

We use session cookies on our websites, which are required for you to be able to use our websites. This includes cookies that allow us to recognise you again when you visit the site as part of a single session. These session cookies contribute to the secure use of our website by allowing the shopping cart function and the payment process to work in a secure way.

Below we will provide you with an overview about the cookies below which are used by us with the consent you provide when you start using our website. Each time you are notified of cookies being used, you also have an opt-out option. These are cookies that record our website’s use behaviour as well as cookies that are used for advertising purposes.

a. Using cookies to record use behaviour (tracking)

Using tracking cookies allows us to recognise when users visit our website again and to assign an internal identifier (pseudonym) to use processes. This allows us to record repeat visits to our website and to analyse them in a coherent way.

Specifically, the following tracking cookies are used:

Tracking by Google Analytics

This website uses Google Analytics, a web analysis service from Google Inc. (‘Google’). Google Analytics uses ‘cookies’, text files that are saved on your computer and allow website use to be analysed. Information collected by the cookie about your use of this website is generally sent to a Google server in the USA and saved there. Due to the activation of IP anonymisation on this website, your IP address is truncated by Google within the European Union Member States or in other signatory states to the Agreement on the European Economic Area before it is sent. A full IP address is only sent to a Google server in the USA and truncated there in exceptional cases. We instruct Google to use this information to evaluate your use of the website, to compile reports about website activities and to provide other services to us that relate to website and internet use. The IP address sent from your browser as part of Google Analytics will not be merged with other Google data.

You can prevent cookies from being saved by changing your browser settings; please note that in this case, you may not be able to use all of this website’s functions in full. You can also prevent the data generated by the cookie relating to your use of the website (inc. your IP address) from being captured and processed by Google by downloading and installing the browser plug-in available via the following link:

We use Google Analytics to analyse the use of our website and to make regular improvements. We are able to use these statistics to improve our offering and create designs that are more interesting for users. In the exceptional cases where personal data is sent to the USA, Google is subject to the EU-US Privacy Shield, The legal basis for saving cookies is consent (Article 6 Paragraph 1 Sentence 1 Letter a of the GDPR). Further evaluation of the data collected by Google Analytics takes place over a period of 26 months, based on Article 6 Paragraph 1 Sentence 1 Letter f of the GDPR.

You can also find more information about this at or at

(general information about Google Analytics and data protection).