Privacy Policy

We take the protection of your personal data seriously and want you to feel comfortable when visiting our website. The protection of your privacy when processing personal data is an important concern for us, which we consider in our business processes. This privacy notice explains how personal data is collected, processed, and used during and after your use of our website, what types of data are involved, why such data is collected, with whom it is shared and what rights you have in this regard.

Please read this notice carefully.

This privacy notice may be updated from time to time. Therefore, please check the privacy notice regularly.


    We have designed our data protection notice in accordance with the principles of the GDPR, see Art. 5 GDPR. However, if there are any ambiguities regarding the use of terms, you can view the relevant definitions here


    Gewerbeweg 15
    9490 Vaduz
    Principality of Liechtenstein
    Telephone: +43 1 236 70 38 29


    blu Systems GmbH
    Data Protection Officer
    Keltenring 11
    82041 Oberhaching
    Telephone: +49 (0)89 9192 9056 0


    Unless a more specific storage period has been specified within this data protection notice, your personal data will remain with us until the purpose or legal basis for the data processing no longer applies. If you assert a justified request for deletion or revoke consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g., retention periods under tax or commercial law); in the latter case, the data will be deleted once these reasons no longer apply.


    When you visit our website, information is automatically sent to our website server by the browser used on your terminal device. This information is temporarily stored in a log file. The following information is collected without your intervention and stored until automatic deletion:

    • IP address of the requesting computer
    • Date and time of access
    • Name and URL of the file accessed
    • Website from which the access was made
    • Browser used and, if applicable, the operating system of your computer as well as the name of your access provider

    The aforementioned data is processed by us for the following purposes:

    • Ensuring a smooth connection of the website
    • Ensuring comfortable use of the website
    • Evaluation of system security and stability
    • error analysis
    • for further administrative purposes

    The legal basis for data processing is Art. 6 (1) (f) GDPR. Our legitimate interest follows from the purposes for data collection listed above. In no case do we use the collected data for the purpose of drawing conclusions about your person.

    The legitimate interest for this processing is as follows: The integrity and security of the website, which is carried out by Security through the collection of logs, in particular IP addresses, in order to detect the possible abuse at an early stage and to be able to take measures to reduce the damage.

    Your personal data is stored with our provider, with whom a contract for processing within the meaning of Art. 28 GDPR has been concluded.


    For security reasons, our website uses SSL encryption. This protects transmitted data and prevents it from being read by unauthorised third parties. You can recognise an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol, which is recognisable in your browser line on the left.

  7. 7. COOKIES

    At present, our website does not use cookies.
    These are small text files that are stored on your end device and contain information about the websites you visit. Cookies do not damage your computer and do not contain viruses.

    By making appropriate changes to your browser settings, you can be informed about the setting of cookies and decide individually whether to accept them or generally exclude them, as well as arrange for the automatic deletion of cookies when closing the browser window.


    We use tools from companies based in the USA or other third countries that are not secure under data protection law. If these tools are active, your personal data may be transferred to these third countries and processed there. We would like to point out that no level of data protection comparable to that in the EU can be guaranteed in these countries. For example, US companies are obliged to hand over personal data to security authorities without you as a data subject being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g., intelligence services) process, evaluate and permanently store your data located on US servers for monitoring purposes. We have no influence on these processing activities.


    You have the possibility to contact us at any time. We would like to provide you with the following information:

    General contact options

    As general contact media you have the following options

    • by post,
    • by telephone or
    • by e-mail.

    To process your contact request, we will have to store your communication data (e.g., telephone number, e-mail address) and identification data (e.g., name, address).

    The legal basis of Art. 6 (1) (b) GDPR applies here, only if the contact is based on the initiation of a contract, the implementation of an existing contractual relationship or the amendment of a contractual relationship.

    For all other cases of contact, the processing is based on the legitimate interest according to Art. 6 (1) (f) GDPR of the company.

    The legitimate interest for this processing is as follows: As a company, we pursue the economic interests of individualisation and optimisation of our products, which are declared as economic factors of the company.

    Contact via the contact form on the website

    You have the option of contacting us via the contact form on the website. For this purpose, the personal details you have filled in will be stored by us for the purpose of processing your enquiry.

    The purpose is to respond to your questions, suggestions, and criticisms as a company. The legal basis is Art. 6 (1) (f) GDPR.

    The legitimate interest for this processing is as follows: As a company, we pursue the economic interests of individualisation and optimisation of our products, which are declared as economic factors of the company.

    Contact via the Compliance form on the website

    Similarly, you have the option of reporting any compliance violations to us via the compliance form. You have the option of reporting anonymously. The incoming reports and messages are not tracked, and the originators are not registered automatically. The purpose is to be made aware of compliance violations and to eliminate and prevent them as best as possible. The legal basis is Art. 6 (1) (f) GDPR.

    The legitimate interest lies in the detection, elimination, and prevention of compliance violations of our company, which can be seen as an economic interest.

  10. 10. GOOGLE MAPS

    We use the map service Google Maps on our website. The provider is Google Ireland Limited, Gordon House, Barrow St, Dublin 4, Ireland.

    To use the functions of Google Maps it is necessary to store your IP address. This information is usually transferred to Google servers in the US and stored there. the provider of this website has no influence on this data transfer. If Google Maps is activated, Google may use Google Fonts for the purpose of a uniform display of fonts. When calling up Google Maps, your browser will load the required fonts into its browser cache in order to display texts and fonts correctly.

    Google Maps is used in the interest of an appealing presentation of our online service and to make it easy to find the locations we indicate on our website. This constitutes a legitimate interest according to Art. 6 (1) (f) GDPR. If a corresponding consent has been requested, the processing will be carried out exclusively on the legal basis of Art. 6 (1) (a) GDPR and Section 25 (1) TTDSG, insofar as the consent includes the storage of cookies or access to information in the user’s device (e.g., device fingerprinting) as defined by the TTDSG. The consent can be withdrawn at any time.

    The transfer of data to the USA is based on the standard contractual clauses of the EU Commission.

    You can find details here: and

    More information on the handling of user data can be found in Google’s privacy policy:

  11. 11. GOOGLE FONTS

    In order to display content on our website correctly and graphically appealing across browsers, we use Google Fonts from Google Ireland Limited, Gordon House, Barrow St, Dublin 4, Ireland on our website.

    A connection to the Google servers is established when you visit the website in order to load the font used and stored on your device.

    When connecting with the Google servers, your IP address is stored. In addition to your IP address, other information such as the name of the browser you are using, the version of said browser, the language settings and the screen resolution of the browser are also transmitted.

    A data transfer to Google servers in the US cannot be ruled out. Your personal data will be used by Google for analysis purposes over which we have no control.

    The collected information about the used fonts will be stored by Google for 1 year.

    You can find Google’s privacy policy here:

    Legal basis for processing is your consent according to Art. 6 (1) (a) GDPR. You give consent by accepting Google Fonts in our consent banner.


    We maintain publicly accessible profiles on social networks. The individual social networks used by us can be found below.

    Social networks such as Facebook, Twitter, etc. can generally comprehensively analyse your user behaviour when you visit their website or a website with integrated social media content (e.g., like buttons or advertising banners). By visiting our social media presences, numerous data protectionrelevant processing operations are triggered.

    In detail: If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected under certain circumstances if you are not logged in or do not have an account with the respective social media portal. In this case, this data collection takes place, for example, via cookies that are stored on your end device or by recording your IP address.

    With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, you can be shown interestbased advertising inside and outside the respective social media presence. Provided you have an account with the respective social network, the interestbased advertising may be displayed on all devices on which you are or were logged in.

    Please also note that we are not able to track all processing procedures on the social media portals. Depending on the provider, further processing procedures may therefore be carried out by the operators of the social media portals. For details, please refer to the terms of use and data protection provisions of the respective social media portals.

    Legal basis

    Our social media presences are intended to ensure the most comprehensive presence possible on the internet. This is a legitimate interest within the meaning of Art. 6 (1) (f) GDPR.

    The analysis processes initiated by the social networks may be based on different legal grounds, which must be stated by the operators of the social networks (e.g., consent within the meaning of Art. 6 (1) (a) GDPR).

    Responsible party and assertion of rights

    If you visit one of our social media sites (e.g., Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. In principle, you can assert your rights (information, correction, deletion, restriction of processing, data portability and complaint) both against us and against the operator of the respective social media portal (e.g., Facebook).

    Please note that despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are largely determined by the corporate policy of the respective provider.

    Duration of the Data storage

    The data collected directly by us via the social media presence will be deleted from our systems as soon as you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies. Stored cookies remain on your end device until you delete them. Mandatory legal provisions - in particular, retention periods - remain unaffected.

    We have no influence on the storage period of your data, which is stored by the operators of the social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g., in their privacy policy, see below).

    Used social media in detail

    We have a profile on Facebook. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. According to Facebook, the data collected is also transferred to the USA and other third countries.

    We have entered into a joint processing agreement (Controller Addendum) with Facebook. This agreement specifies which data processing operations we or Facebook are responsible for when you visit our Facebook page. You can view this agreement via the following link:

    You can independently adjust your advertising settings in your user account. To do so, click on the following link and log in:

    The data transfer to the US is based on the standard contractual clauses of the EU Commission.

    Details can be found here: and

    For details, see Facebook's privacy policy:

    We have a profile on Instagram. The provider is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. According to the provider, the collected data is also transferred to the US and other third countries. Data transfer to the USA is based on the standard contractual clauses of the EU Commission.

    Details can be found here:,, and

    For details on their handling of your personal data, please refer to Instagram's privacy policy:

    On our website, we use the functions of the LinkedIn network, a service of LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. When you call up our website that contains the LinkedIn function, a connection is established to LinkedIn servers. As far as we know, your personal data is not stored, in particular the IP address is not stored, or the usage behaviour is not evaluated.

    For more information, please refer to the LinkedIn privacy policy:


    Right of access
    In accordance with Art. 15 GDPR, you have the right to request information about your personal data that we process. This right includes information about:

    • the purposes of processing,
    • the categories of personal data,
    • the recipients or categories of recipients to whom your data have been or will be disclosed
    • the planned storage period, or at least the criteria for determining the storage period,
    • the existence of a right to rectification, erasure, restriction of processing or objection,
    • the existence of a right of appeal to a supervisory authority,
    • the origin of your personal data, if it has not been collected by us, or
    • the existence of automated decisionmaking, including profiling, and, if applicable, meaningful information about its details.

    Right of rectification
    In accordance with Art. 16 GDPR, you have the right to have incorrect or incomplete data stored with us corrected without delay.

    Right of erasure
    Pursuant to Art. 17 GDPR, you have the right to request that we delete your personal data without undue delay, unless further processing is necessary for one of the following reasons:

    • the personal data are still necessary for the purposes for which they were collected or otherwise processed,
    • for the exercise of the right to freedom of expression and information,
    • for compliance with a legal obligation which requires processing under the law of the European Union or the Member States to which the controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller,
    • for reasons of public interest in public health in accordance with Art. 9 (2) (h) and (i) and Art. 9 (3) GDPR,
    • for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes pursuant to Art. 89 (1) GDPR, insofar as the right referred to in section a) is likely to render impossible or seriously prejudice the achievement of the purposes of such processing, or
    • for the assertion, exercise, or defence of legal claims.

    Right of restriction of processing
    According to Art. 18 GDPR, you can request the restriction of the processing of your personal data on one of the following grounds:

    • You dispute the accuracy of your personal data,
    • The pdispute the accuracy of your personal data,
    • Throcessing is unlawful, and you object to the erasure of the personal data,
    • We no longer need the personal data for the purposes of processing, but you need it for the assertion, exercise, or defence of legal claims, or
    • You object to the processing pursuant to Art. 21 (1) GDPR.

    Right of notification
    If you have requested the rectification or erasure of your personal data or a restriction of processing in accordance with Art. 16, Art. 17 (1) and Art. 18 GDPR, we will notify all recipients to whom your personal data has been disclosed, unless this proves impossible or involves a disproportionate effort. You can request that we inform you of these recipients.

    Right to data portability
    We grant you the right to receive your personal data that you have provided to us in a structured, common, and machinereadable format.

    You also have the right to request the transfer of this data to a third party if the processing is carried out with the aid of automated procedures and is based on consent pursuant to Art. 6 (1) (a) GDPR, Art. 9(2) (a) GDPR or Art. 6 (1) (b) GDPR.

    Right to withdraw consent
    In accordance with Art. 7 (3) GDPR, you have the right to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of the processing carried out based on the consent until the withdrawal. In the future, we may no longer continue the data processing based on your revoked consent.

    Right to lodge a complaint with a supervisory authority
    Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with the competent supervisory authority pursuant to Art. 77 GDPR. This depends on the federal state of your residence, your work, or the alleged violation. A list of the supervisory authorities (for the non-public sector) with address can be found at:

    Our responsible supervisory authority is:
    Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
    PO Box 1349
    91504 Ansbach
    Online complaint:

    Right to object
    If we process your personal data based on a legitimate interest pursuant to Art. 6 (1) (f) GDPR, you have the right to object to this processing pursuant to Art. 21 GDPR if you can demonstrate special reasons for this. These grounds may arise from your particular situation or be directed against direct marketing. In the latter case, you have a general right of objection, which must be implemented by us without any indication of the specific situation. You can send your right of objection or revocation directly by email to

    Automated individual decisionmaking, including Profiling
    Pursuant to Art. 22 GDPR, you have the right not to be subject to a decision based solely on automated processing - including profiling - which produces legal effects concerning you or similarly significantly affects you.

    However, this does not apply if the decision:

    1. is necessary for the conclusion or performance of a contract between the data subject and the controller,
    2. is permissible based on legal provisions of the Union or the Member States to which the controller is subject, and these legal provisions contain appropriate measures to safeguard the rights and freedoms as well as the legitimate interests of the data subject; or
    3. with the express consent of the data subject.

    For the cases mentioned in 1 and 3, we take measures to safeguard your rights and freedoms as well as your legitimate interests, which include at least the right to obtain the involvement of a person from our side, to express your point of view and to contest the decision.


    In the process of updating, changes may be made to our privacy policy from time to time. If changes are made to this notice, we will mark them for you.

This privacy policy is dated August 1st, 2022