Privacy Policy

Privacy Policy Thomas Schorn Consulting


With the following data protection declaration, we inform you in particular about the type, scope, purpose, duration and legal basis of the processing of personal data, insofar as we decide either alone or jointly with others on the purposes and means of the processing. In addition, we inform you about the third-party components we use for optimisation purposes and to increase the quality of use, insofar as third parties process data under their own responsibility.

Name and address of the controller

The controller for the processing of your personal data within the meaning of Art. 4 No. 7 GDPR is:

Schorn Consulting

Cimbernstr. 35

40545 Düsseldorf

Tel.: +49 (0)211 98 70 97 00

Fax: +49 (0)211 98 70 97

Processing operations

We process personal data for the purpose of providing the website.

Processing of personal data when visiting our website

In the case of mere informational use of the website, if you do not register or otherwise transmit information to us, we only collect the personal data that your browser transmits to our server. For this purpose, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security (legal basis is Art. 6 para. 1, lit. f GDPR):

  • IP address,
  • Date and time of the request,
  • Content of the request (concrete page),
  • Access status/HTTP status code,
  • the amount of data transferred in each case,
  • Website from which the request comes,
  • Browser,
  • Operating system,
  • Language and version of the browser software.

Processing of personal data when using the contact form

When using contact forms, the data transmitted through them as well as the following personal data are processed (legal basis is for processing customer enquiries, Art. 6 para. 1, lit. f or lit. b) GDPR:

  • Name,
  • Company,
  • E-mail address,
  • Telephone number.

In addition to the aforementioned data, cookies are stored on your computer when you use our website.


We use cookies on our websites. Cookies are small text files that are stored on your hard drive by the browser you are using and through which certain information flows to the entity that sets the cookie (in this case by us). Cookies cannot execute programs or transmit viruses to your computer. They are used to make the website as a whole more user-friendly and effective. The cookies we set are called first-party cookies. We also use third-party cookies for advertising and sales purposes. Third-party cookies are those from websites other than ours.

Cookies can contain data that make it possible to identify the device used. In some cases, however, cookies only contain information on certain settings that are not personally identifiable. As a rule, cookies cannot directly identify a user.


–    Technically necessary cookies: These are mandatory in order to use the basic functions of the website and to ensure the security of the website. As a rule, they are only set in the course of an action performed by you. These include, for example, your privacy settings or filling in forms. You can set your browser to block these cookies or warn you about them.

Cookie provider Cookie Name Cookie Group
Google Recaptcha _GRECAPTCHA Third-Party
Schorn Consulting Pil_language First-Party
Schorn Consulting CookieLawInfoConsent First-Party
Schorn Consulting Viewed_cookie_policy First-Party


–    Analysis and personalisation cookies: By agreeing to these cookies, functions are permitted that allow you the most user-friendly access to the website. Analysis cookies allow us to permanently improve our website.

Cookie provider Cookie Name Cookie Group
Google Analytics _ga, _gat, _gid Third-Party


Any use of cookies that is not absolutely technically necessary constitutes data processing that is only permitted with your express consent pursuant to Art. 6 (1) p. 1 lit. a GDPR. We will only pass on your personal data processed by cookies to third parties if you have given your express consent to do so in accordance with Art. 6 para. 1 p. 1 lit. a GDPR.

On individual cookies used

The information generated by the cookies used may contain personal data which may be transferred to the third party providers and their parent companies, which may be located outside the EU and EEA.

  • Google Services:
    • The Google services used are offered by Google Ireland Limited, (Gordon House, Barrow Street, Dublin 4, Ireland) whose parent company is Alphabet Inc (1600 Amphitheatre Parkway Mountain View, CA 94043 USA).
    • Google Analytics: This is a web analysis service. Google Analytics is used to analyse the usage behaviour of our website.
    • Google Maps: This is a map service. We use the Google Maps service to integrate maps into our website. This enables us to display our location on the website and to make it easier for you to find us.
    • Google Recaptcha: This is a service that increases the security of our website. Google Recaptcha helps us to prevent automated access to our website, e.g. by bots.
    • Google Fonts: This is a service that allows us to use certain fonts on our website.
    • Click here for Google’s privacy policy (
  • Font Awesome: Font Awesome is a service that allows us to embed Font Awesome fonts and visual elements into our website. Font Awesome is a service of Fonticons Inc, 6 Porter Road, Apartment 3R, Cambridge, MA 02140, USA.

Click here for Font Awesome’s privacy notice.


Data deletion and storage period

Your data will only be stored for as long as is necessary to achieve the aforementioned processing purposes. The legal bases stated in the context of the processing purposes apply accordingly. Third parties engaged by us will store your data on their system for as long as is necessary in connection with the provision of the services for us in accordance with the respective order.

However, storage may take place beyond the specified time in the event of a (threatened) legal dispute with you or other legal proceedings or if storage is provided for by statutory regulations to which we are subject as the responsible party (e.g. obligations stemming from trade law). If the storage period prescribed by the legal regulations expires, the personal data will be blocked or deleted unless further storage by us is necessary and there is a legal basis for this.

Data security

We use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments. This is done taking into account the state of the art, the implementation costs and the nature, scope, context and purpose of the processing as well as the existing risks of a data breach (including its likelihood and impact) for the data subject.

Cooperation with processors

We use external domestic and foreign service providers (e.g. for IT, logistics, telecommunications, sales and marketing) to process our business transactions. These service providers only act on our instructions and are contractually obliged to comply with data protection regulations in accordance with Art. 28 GDPR.

Conditions for the transfer of personal data to third countries

In the course of our business relationships, your personal data may be passed on or disclosed to third party companies. These may also be located outside the European Economic Area (EEA), i.e. in third countries. Such processing takes place exclusively for the fulfilment of contractual and business obligations and to maintain your business relationship with us.

Some third countries are certified by the European Commission as having a level of data protection comparable to the EEA standard through so-called adequacy decisions. However, in other third countries to which personal data may be transferred, there may not be a consistently high level of data protection due to a lack of legal provisions. If this is the case, we ensure that data protection is sufficiently guaranteed. This is possible through binding company regulations, standard contractual clauses of the European Commission for the protection of personal data, certificates or recognised codes of conduct.

No automated decision making (including profiling)

Your personal data will not be used by us in any automated decision-making process (including profiling).

No obligation to provide personal data

We do not make the conclusion of contracts with us dependent on you providing us with personal data beforehand. As a customer, you are under no legal or contractual obligation to provide us with your personal data; however, we may only be able to provide certain services to a limited extent or not at all if you do not provide us with the necessary data.

Legal obligation to transmit certain data

We may be subject to a specific legal or statutory obligation to provide the lawfully processed personal data to third parties, in particular public authorities (Art. 6 para. 1 p. 1 lit. c GDPR).

Your rights

You have the following rights against us regarding the processing of personal data relating to you:

  • Right of access (Art. 15 GDPR),
  • Right to rectification (Art. 16 GDPR),
  • Right to erasure (Art. 17 GDPR),
  • Right to restriction of processing (Art. 18 GDPR),
  • Right to data portability (Art. 20 GDPR),
  • Right to object (Art. 21 GDPR).
  • Right to withdraw consent (Art. 7 para. 3 GDPR)
  • Right to file a complaint with the competent data protection authority (Art. 77 GDPR)

The competent authority for us is the: Landesbeauftragter für Datenschutz und Informationsfreiheit Nordrhein-Westfalen, Kavalleriestraße 2-4, 40213 Düsseldorf, Tel.: 0211/384240, E-Mail:

You can exercise your rights by informally notifying the data controller or the data protection officer.

Changes to the privacy policy

In the context of the further development of data protection law and the underlying technology, we regularly review the data protection policy and adapt it if necessary. The date of the last data protection declaration can be found in the note at the end.


Status as of: May 2021