Coriant Privacy Policy

Coriant Privacy Notice

We take the protection of your personal data very seriously. We process your data in accordance with applicable personal data protection legislation, in particular the General Data Protection Regulation (“GDPR”) and the applicable country-specific implementation laws.

Personal data is any information that makes it possible to identify a natural person. This includes, in particular, your name, date of birth, address, telephone number, email address and IP address.

1. Your Rights 

Your rights are set out in Articles 15 - 22 GDPR and include: 

  • The right of access
  • The right to erasure
  • The right to rectify inaccurate personal data
  • The right to data portability
  • The right to restriction of data processing
  • The right to object to data processing 
    • When we process your personal data for the purpose of direct marketing or the analysis of your use of our website, you may object to this data processing at any time without providing the reasons for such objection. This also applies to profiling insofar as it is associated with direct marketing. If you object to the processing for direct marketing, we will no longer process your personal data for such purposes.
    • Should we process your data to protect legitimate interests (for further information please see below under the header “Legal basis”), you may object to such processing at any time for reasons that arise from your specific situation; this also applies to profiling based on these provisions. We will then cease to process your personal information unless we can demonstrate compelling legitimate grounds for processing such information that prevail your interests, rights and freedoms, or the processing is intended to assert, exercise or defend legal claims.

2. Processing of personal data in connection with the use of our websites, applications and online platforms

When visiting our websites, applications and online platforms, we collect and process the following data:

  • Name of the Internet service provider
  • Information about the website from which you visit us
  • Used web browser used and operating system
  • IP address assigned by your Internet Service Provider
  • Requested files, transferred amount of data, downloads / file export
  • Information about the websites you visit (including date and time of visit)

For reasons of technical security (in particular to ward off attempts to attack our web server), these data are saved in accordance with Art. 6 para. 1 lit. f) GDPR.

If you contact us via the contact form available on our website, we will process your data provided in the form to contact you and answer your questions and requests.

We respect the principle of data minimization and data avoidance by requesting only the information we need to contact you. These are your name, your e-mail address and the message field itself. In addition, your IP address is processed for technical necessity and legal protection. All other data are optional fields and can be entered optionally (e.g. for more individual answers to your questions). 

If you contact us by e-mail, we will process the personal information provided in the e-mail solely for the purpose of processing your request. 

Otherwise, we collect and process the following data as part of a contact request: 

  • Surname, First Name
  • Title
  • Contact details
  • Job Title
  • Information on wishes and interests 

3. Processing of personal data of our business partners - Data categories, purposes and legal basis 


In the context of a business relationship with Coriant, Coriant may process personal data of current and future contact persons at our customers, suppliers and partners (each a “Business Partner”) for the following purposes: 

  • Communicating about products, services and projects, e.g. by responding to Inquiries or requests of the Business Partner;
  • Planning, performing and managing the (contractual) relationship between Coriant and the Business Partner; e.g. by performing transactions and orders of products or services, processing payments, performing accounting, auditing, billing and collection activities, arranging shipments and deliveries, facilitating repairs and providing support services;
  • Administrating and performing customer surveys, marketing campaigns, market analysis or other promotional activities or events;
  • Maintaining and protecting the security of our products, services and websites, preventing and detecting security threats, fraud or other criminal or malicious activities;
  • Ensuring compliance with legal obligations (such as record keeping obligations), export control and customs, Business Partner compliance screening obligations to prevent white-collar or money laundering crimes, and Coriant policies or industry standards; and
  • Solving disputes, enforcement of contractual agreements and to establish, exercise or defend legal claims. 

Data categories 

Coriant may process the following categories of personal data for the purposes as laid out above: 

  • Contact information, such as full name, work address, work telephone number, work mobile phone number, work fax number and business email address;
  • Payment data, such as data necessary for processing payments and fraud prevention, including credit/debit card numbers, security code numbers and other related billing information;
  • Further information necessarily processed in a project or contractual relationship with Coriant or voluntarily provided by the Business Partner, such as personal data relating to orders placed, payments made, requests, and project milestones;
  • Personal data collected from publicly available resources, integrity data bases and credit agencies; and
  • If required for Business Partner compliance screenings: date of birth, ID numbers, identity card numbers and information about relevant and significant litigation or other legal proceedings the Business Partner is involved with. 

Legal basis 

We process your personal data in accordance with the provisions of the BDSG and all applicable country specific data protection regulations. The legal basis for the data processing arise in particular from Art. 6 GDPR. Thereafter we are permitted to process your personal data if: 

  • the processing is necessary for the performance of the contract you hold with us (Art. 6 para. lit. 1 b) GDPR);
  • we are legally obliged to process it, e.g. to meet the retention periods vis-à-vis the tax office (Art. 6 para. 1 lit. c) GDPR);
  • processing is necessary for the purposes of the legitimate business interests pursued by us or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data (Art. 6 para. 1 lit. f) GDPR); or
  • you have given consent to the processing of your personal data for one or more specific purposes (Art. 6 para. 1 lit. a) GDPR). 

In case that we intend to process your personal data based on your consent we will inform you about the purposes of the data processing and your right of withdrawal. 

4. Transfer and disclosure of personal data Recipients 

Coriant may transfer your personal data: 

  • to other Coriant companies if this is necessary in connection with the submission of offers, the execution of an offer or the initiation, conduct or settlement of a business relationship,
  • to service providers which provide IT services to Coriant and which process such data only for the of such services (e.g., hosting or IT maintenance and support services); and
  • to courts, arbitration bodies, law enforcement authorities, regulators or attorneys if necessary to comply with the law or for the establishment, exercise or defense of rights or legal claims. 

Transfer to third countries 

We will only transfer your personal data to third countries (i.e. countries outside the European Union or the European Economic Area) insofar as this is necessary for the performance of a contractual relationship, is required by law or you have given us your consent to transfer. We will only share your personal data with Coriant subsidiaries and third party external companies if they have executed the EU standard contractual clauses. Data transfers to Google's servers are transmitted to the USA under the EU-US Privacy Shield on the basis of the European Commission's adequacy decision. For information and copies of our EU Standard Contract Clauses, please contact our Data Protection Officer using the contact details in Section 9.  The EU-US Privacy Shield certificate can be downloaded from www.privacyshield.gov/participant

5. Retention Periods 

To the extent that no explicit retention period is specified during the collection of your personal data, your personal data will be deleted insofar as they are no longer required to fulfill the purpose of the storage. This does not apply where statutory retention requirements (e.g. commercial and taxation retention requirements) require a longer storage term of your data. 

6. Cookies 

If you declared your consent in this regard, this website may use Google Analytics, a web analytics service provided by Google. Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Please note that on this website, Google Analytics code is supplemented by "gat._anonymizeIp();" to ensure an anonymized collection of IP addresses (so called IP-masking). Therefore Google will truncate/anonymize the last octet of the IP address for Member States of the European Union as well as for other parties to the Agreement on the European Economic Area. Only in exceptional cases, the full IP address is sent to and shortened by Google servers in the USA. 

On behalf of the website provider Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage to the website provider. Google will not associate your IP address with any other data held by Google. 

You can revoke your consent to the use of cookies at any time with effect for the future by selecting the appropriate settings on your browser. However, please note that if you do this, you may not be able to use the full functionality of this website. 

Furthermore you can prevent Google's collection and use of data (cookies and IP address) by downloading and installing the browser plug-in available under https://tools.google.com/dlpage/gaoptout?hl=en-GB 

Further information concerning the terms and conditions of use and data privacy can be found at http://www.google.com/analytics/terms/gb.html.

7. Links 

Our website contains links to the Internet sites of other companies. As far as links to websites of other providers are available, we have no influence on their content. Therefore, no guarantee and liability can be assumed for their content. The content of these pages lays always in the responsibility of the respective provider or operator of the pages. 

8. Social Plugins 

The content on our website can be shared via built-in social media buttons on social networks. All social media buttons that allow sharing are not directly linked to social network social plug-ins of the provider of the social network, but through simple hyperlinks. With this we ensure that your data is not automatically transferred to social network servers when you visit our website. In addition, when sharing content on our website with the social network, we only such information that is necessary to share the content. We do not share any personal data in this context. 

9. Newsletter & Direct marketing 

If you sign up on our website to receive our newsletter and agree to receive it, your data will only be used to carry out the newsletter. We base the processing of your data on your consent (Article 6 para.1 lit. f) GDPR). You can revoke this consent at any time. You can unsubscribe from our newsletter at any time. In each newsletter you will find a corresponding link. Your withdrawal from the newsletter will be noted in our database. 

Direct marketing using email is permitted for existing business relationships if: 

1. we acquired your email address in conjunction with a service or goods purchase contract,

2. we only use your address for direct marketing of our similar services or goods,

3. you did not object the use of your email address for this purpose,

4. we informed you about your right to object to the marketing at any time at the time of email collection and advise you about this right in every following marketing email thereafter. 

10. Data Controller and Data Protection Officer 

To exercise the rights stated in this Privacy Policy, you can contact our data protection officer as noted below. The same applies if you have questions about data processing in our company. 

Data Protection Officer:
atarax GmbH & Co. KG
Dr.-Dassler-Straße 57
91074 Herzogenaurach

Contact information:
Phone: +49 7 00 22 55 28 27 29
Fax: +49 9132  63638
E-Mail: info@atarax.de 

Coriant GmbH
St. – Martin – Straße 76
81541 München
Phone: +49 89 87806592
Fax: +49 89 54021 5002
E-mail: datenschutz@coriant.com 

You also have a right to lodge a complaint with the competent data protection supervisory authority if you consider that the processing of personal data relating to you by Coriant violates the GDPR (Art. 77 GDPR). An overview of the national and international data protection authorities is available here.