Data Protection

In the following, we would like to explain for you what data we collect about you and what we do with this data. We also inform you about your data protection rights and explain who you can contact with questions about the protection of your data.


Who we are

Entity responsible for the processing of your data:

terpatent PartGmbB
Burgunderstraße 29
40549 Düsseldorf

If you have any questions about this data protection declaration, the processing of your data, your rights or other concerns in the area of data protection, our data protection officer will be happy to help you.


Contact details of the data protection officer:

Xamit Bewertungsgesellschaft mbH
Monschauer Straße 12
40549 Düsseldorf


Scope of application

This data protection declaration applies to the website It is addressed to the visitors of our website.

Our website contains links to the websites of other operators to which this data protection declaration does not apply.

The responsibility of inserting advertising banners, text advertising or advertising films before or during embedded videos lies with the respective operator.


Do I have to enter my data?

When you visit our website, user data is automatically stored. Some of the data collected is necessary for the use of a website. In addition, we also process your data to protect our legitimate interests after weighing up the interests. This enables us to continuously improve the services we offer you. On the following pages, you will find out the background to our interests and whether or how you can object to the use of your data.

In order to use one of our offers or to send an enquiry, you will be asked to provide your personal data. You can decide for yourself whether to take advantage of these offers and provide your data for this purpose.

Please note that if you provide information about other people, you must have obtained their consent before doing so and informed them of the purposes of the disclosure as set out in this privacy policy.

We also ask you to share this information with those you involve in using our services, such as family members or agents.


Processing purposes, legal bases and data processed

We distinguish between different types of processing, which we describe below. In tables we describe the data processed for this purpose.

Service provision
In order to visit and use our website, your data must be collected. We process this data to protect our legitimate interest in providing a functioning website (Art. 6 para. 1 lit. f) DS-GVO).

Data security:
Every access to our website is stored and evaluated in a log file. We process this data for data security purposes. The processing is carried out to protect our legitimate interest in being able to guarantee data security (Art. 6 para. 1 lit. f) DS-GVO).

Map service:
To help you find terpatent and plan your journey, we offer you a map of the OpenStreetMap map service. By using the map, your data will be passed on to the OpenStreetMap Foundation.

Processing of enquiries:
We process the data you give us when you have a question or request. This also includes, for example, the data you send us by e-mail. The processing of your data is necessary so that we can deal with your enquiry. It is done to protect our legitimate interest in answering your questions and concerns (Art. 6 para. 1 lit. f) DS-GVO).


Data processed:

IP numberxxx 
Name of the retrieved file xx 
Web page accessed  xx 
Accessed websitex x 
Referrer URL (the previously visited website) xx 
User agent sent by your browser (only for mobile version or automatic voice control)xxx 
Time of the server request xx 
Operating system and browser version used xx 
Host name of the accessing computer xx 
Name   x
E-mail address   x
Subject   x
Message   x


In addition, the above-mentioned data is used for the following purposes within the framework of interest considerations (Art. 6 para. 1 lit. f DS-GVO):

  • Should a security incident occur in our company in which your data is affected, we are obliged to report the case to the data protection supervisory authority responsible for us (Art. 33 DS-GVO). As it is our legitimate interest to comply with this legal obligation to report as quickly as possible, it may happen that data relating to you is processed as part of the clarification of the corresponding security incident. The reporting of these security incidents to data protection supervisory authorities does not involve any of your personal data.
  • As it is in our interest to ensure the security of our systems, we regularly carry out security and effectiveness tests, during which your data mentioned above may be processed.
  • As it is in our interest to resolve legal disputes, we process your data for a specific purpose in such a case. It is also in our interest to retain evidence in the event of legal disputes until all relevant statutory limitation periods pursuant to §§ 195ff. BGB have expired. For this purpose, we retain the relevant data about you in accordance with these limitation periods. The deletion periods cannot be predicted as a general rule, as they result from the respective subject matter of the dispute and the relevant statutory limitation period, which can be up to 30 years. The regular limitation period is 3 years.
  • In addition, it is in our interest to investigate suspicious cases and to hand over relevant information to law enforcement authorities in the event of a concrete suspicion of a criminal offence.
  • We conduct audits, internal audits and other control measures (e.g. monitoring by the data protection officer), as it is our legitimate interest to comply with legal regulations, to create transparency about our business processes, to constantly optimise these processes and to prevent and recognise actions that are harmful to business. In the process, documents or files containing your personal data may be processed.
  • We process your data to test IT systems and software products and to carry out migrations. The processing is carried out to fulfil our legitimate interest in checking the correctness of new products or the correctness and completeness of migrations.


Information about automated individual decisions

No automated individual decisions are made.


Deletion periods (or storage period)

  • Data processed for the purpose of data security are deleted after 7 days at the latest.
  • We delete the data from a contact enquiry at the latest 6 months after clarification of the enquiry or at the latest 10 years after expiry of an order resulting from the enquiry.
  • In order to preserve evidence, we retain data in individual cases within the framework of the statutory limitation provisions pursuant to §§ 195ff. BGB.


Origin of the data

No data is collected from third parties.

Which organisations receive your data?

The following list shows which organisations ("data recipients") receive your data and in which cases. You can read about which data is specifically involved in the corresponding chapters of this declaration. In some cases, your data is passed on due to legal or contractual obligations. In other cases, we use selected vicarious agents and service providers who act for us as processors (in accordance with Art. 28 DS-GVO) and who may have access to your data to the extent necessary in each case. Processors are subject to numerous contractual obligations and may, in particular, only process your personal data on our instructions and exclusively for the fulfilment of the orders received from us.

  • Auditors
  • Data protection officer
  • Service providers for the destruction of data media
  • Service provider for mail and logistics (for dispatch)
  • Recipient's e-mail provider (for communication by e-mail)
  • IT service provider
  • Map service provider
  • Lawyers, prosecution authorities, public prosecutor's office, courts, opposing lawyers, state or federal criminal investigation office (in the case of legal disputes and concrete suspicion of criminal offences)
  • Telecommunications service providers (if we communicate by telephone)


Data recipients in non-EU countries

Our IT service providers in the EU have affiliates or subcontractors outside the EU that can access your data. The EU Commission determines which non-EU/EEA countries (third countries) have an adequate level of data protection. Our service provider is responsible for using EU standard contractual clauses in accordance with Commission Decision No. (EU) 2021/914. A model of these EU standard contractual clauses can be found on the websites of the EU Commissioner for Justice and in the Official Journal of the EU.

We use a map from the OpenStreetMap mapping service on our website. To display the map, data is transferred to the OpenStreetMap Foundation in the UK. The transfer of personal data to the UK is subject to an adequacy decision of the EU Commission with the number C(2021) 4800, which you can find on the websites of the EU Commissioner for Justice.


Your rights

You have the legal right to:

  • Information about the personal data stored about you (Art. 15 DS-GVO). 
  • Correction and completion of the data we hold about you (Art. 16 DS-GVO)
  • Deletion (Art. 17 DS-GVO)
  • Restriction of processing (Art. 18 DS-GVO)
  • Data portability (Art. 20 DS-GVO)
  • Revocation of consent given (Art. 7 DS-GVO) with effect for the future. The lawfulness of the processing of the data carried out up to the time of the revocation remains unaffected.
  • Present your point of view and challenge a decision based on automated processing (Art. 22 DS-GVO). 
  • Objection to the processing of your data to protect our legitimate interests or the legitimate interests of third parties (Art. 21 DS-GVO) - You have the right to object to such processing at any time on grounds relating to your particular situation; this also applies to profiling based on these provisions within the meaning of Art. 4(4) DS-GVO.
  • Objection to direct marketing: You have the right to object to the processing of your data for the purpose of direct marketing at any time and without giving reasons.

To exercise these rights, you can contact us in particular via the contact details provided above.

You also have the statutory right to lodge a complaint with a data protection supervisory authority (Art. 77 DS-GVO).