Data protection at ista: The protection of your personal data is very important to ista.

ista has been a member of the German Society for Data Protection and Data Security (Gesellschaft für Datenschutz und Datensicherung e.V.(GDD)) since February 2002.

ista complies with the legal data protection regulations and does everything to keep your and your customer’s/tenant‘s data confidential. All personal data is collected, processed and used in accordance with the provisions of the General Data Protection Regulation (GDPR) and only for the purposes of contract processing, fulfilment of legal obligations or for safeguarding our own legitimate business interests with regard to the advice and support of the customers as well as the demand-oriented product design.

All service providers of ista dealing with the processing of personal data also comply with the provisions of the GDPR in accordance with Art. 28 GDPR. Compliance is monitored by our data protection officer.

1. Collection and processing of personal data

Each time a user accesses the ista website and each time a file is accessed, data about that activity is stored in a log file. These data are not related to a person; so ista cannot trace back which user has retrieved which data.

In detail, the following data record is saved for each call:

  • Name of the file
  • Date and time of access
  • Amount of data transferred
  • Message whether the call was successful
  • Anonymous IP-Address
  • If necessary, operating system and browser software on your computer
  • As well as the website from which you visited the ista website

Personal user profiles cannot be created.

The above-mentioned data are evaluated for statistical purposes only.

Personal data will only be collected if you give it to ista on your own - for example, when registering for a survey or conducting a contract. A transmission of your data to third parties does not take place, unless ista is legally obliged to do so. Insofar as external service providers come into contact with your personal data, ista has ensured that they comply with the provisions of data protection laws through legal, technical and organizational measures as well as regular checks.


ista uses so-called cookies on the ista website to recognize multiple use of the offer by the same user/internet connection owner. Cookies are small text files that your internet browser stores on your computer. They serve to optimize ista's internet presence and offers. The cookies are usually so-called "session cookies", which are deleted after the end of your visit.

In some cases, however, these cookies provide information in order to automatically recognize you. This recognition is based on the IP address stored in the cookies. The information obtained in this way serves to optimize ista's offers and to make it easier for you to access the ista website.

You may refuse the use of cookies by selecting the appropriate settings in your browser; however, ista points out that in this case you may not be able to use the full functionality of the ista website.

1.1 Webanalytics

1.1.1 etracker

This website uses technologies from etracker GmbH ( to collect and store data for marketing and optimization purposes. From this data, usage profiles can be created under a pseudonym. For this purpose cookies can be used. Cookies are small text files stored locally in the cache of the site visitor's Internet browser. Cookies enable recognition of the Internet browser. The data collected with the etracker technologies will not be used to personally identify the visitor to this website without the separately granted consent of the person concerned and will not be combined with personal data about the bearer of the pseudonym. Data collection and storage may be objected to at any time with effect for the future.

1.1.2 Piwik PRO Analytics Suite

On this website, data are collected and stored for marketing and optimisation purposes using technologies from the Piwik PRO Analytics Suite ( User profiles can be generated from these data under a pseudonym. Cookies can be used for this purpose. Cookies are small text files that are stored locally in the site visitor's Internet browser cache. Cookies allow recognition of the Internet browser. The data collected using the Piwik PRO Analytics Suite technologies will not be used to personally identify the visitor to this website, nor will they be combined with personal data pertaining to the bearer of the pseudonym without the explicit consent of the person concerned.  Consent to the collection and storage of data can be withdrawn at any time with immediate future effect. The data are stored for up to 25 months.

Click here to read the privacy policy of the data processor

Click here to withdraw consent on all domains of the data processing company

1.1.3 Google Tag Manager

Google Tag Manager is a solution that we can use to manage “website tags” using an interface (allowing us, for example, to incorporate Google Analytics and other Google marketing services into our online offering). The tag manager itself (which implements the tags) does not process any personal data relating to users. With regard to the processing of users' personal data, we refer users to the following information on the Google services. Use policy:

1.1.4 Google Ads and Conversion Measurement

On the basis of the consent of the users of our online offering within the meaning of Art. 6, para. 1, lit. a. and Art. 7 GDPR), we use the services provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google").

For evaluation purposes, cookies are stored on your end device and through them information is collected, which is also stored on servers of our data processor Google LLC ("Google"). Access to the information by Google LLC ("Google"), a U.S.-based company, cannot be excluded so relevant EU standard data protection clauses have been agreed to offer adequate safeguards for data processing in non-European countries. You have the right to be informed about this standard contract as part of the information provided. We use the Google "Ads" online marketing process to place ads in the Google Advertising Network (e.g. in search results, in videos, on websites etc.) so that they are displayed to users who have a presumed interest in the ads. This allows us to display ads for and within our online offering in a more targeted manner in order to present users only with those ads that potentially match their interests. For example, if a user is shown ads for products in which he/she has shown an interest in other online offerings, this is referred to as “remarketing”. For these purposes, when our and other websites on which the Google Advertising Network is active are accessed, Google directly executes a code from Google and “(re)marketing tags” (invisible graphics or code, also known as “web beacons”) are incorporated into the website. With their help, an individual cookie, i.e. a small file, is stored on the user's device (comparable technologies can also be used instead of cookies). This file records which websites the user visits, which content he/she is interested in and which offers the user has clicked on, as well as technical information on the browser and operating system, referring websites, the time of the visit and further information on the use of the online offering.

We also receive an individual “conversion cookie”. The information collected with the help of the cookie is used by Google to generate conversion statistics for us. However, we only receive information on the total number of anonymous users who clicked on our ad and were redirected to a page with a conversion tracking tag. We do not, however, receive any information that can be used to identify users personally.

The users' data is processed pseudonymously within the Google Advertising Network. This means that Google does not store and process, for example, the names or e-mail addresses of users, but processes the relevant data on a cookie-related basis within pseudonymous user profiles. Consequently, from Google's point of view, the ads are not managed and displayed for a specifically identified person, but for the cookie holder, regardless of who this cookie holder is. This does not apply if a user has expressly permitted Google to process the data without this pseudonymization. The information collected about the users is transmitted to Google and stored on Google's servers in the USA.

For more information about how Google uses your information, setting and opt-out options, please read Google's Privacy Policy ( and the settings for the display of advertisements by Google (

1.2 Remarketing activities and cookies

This website uses the remarketing or "similar target group" function of Google Inc. (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; „Google“).

This feature allows you to view interest-based ads on Google Display Network web pages. For this purpose, a cookie is stored in your browser when you visit a website. This serves to recognize you as a visitor to the website and to determine visits and usage data.

According to Google's own information, server logs are stored in which parts of the IP address and cookie information are partially deleted after 9 to 18 months. For more information, please visit

An example of a server log is provided by Google at the following link:

There are several ways in which cookies can be deactivated in the browser to exclude your own browser from remarketing.

Google provides the option of downloading a browser plug-in that permanently deactivates these cookies under the following link:

You can also make settings in your browser to deactivate the installation of cookies.

If you wish to object to tracking, you can do so by adjusting your browser settings regarding cookie installations. You can find information on this under the following links:


Internet Explorer:



Third-party providers may also disable browser cookies. The Network Advertising Initiative (NAI) offers the possibility to implement an opt-out for your own browser. Information can be found on the following page:

This website uses the conversion tracking of "Google-Adwords", a Google service.

When you visit Google pages, Google stores cookies. You can deactivate or leave this storage activated. If the cookie is still activated and you visit certain websites on the website, Google and ista can recognize that you have clicked on an ad placed by ista and have thus been forwarded to an ista page.

The information collected is used by Google to generate statistics for Adwords customers. These statistics include information about the number of users who clicked on ads and were redirected to pages that were tagged with a conversion tracking tag.

You can find Google's privacy policy here:

1.3 Google Maps and Google Address Autocomplete

Several contact and order forms are available for contacting ista. In this context, we ask for your address in order to process the request. To help you enter the address, we use the Google Address Autocomplete function of Google Inc. (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; "Google").

1.4 Usercentrics

Use of the Usercentrics Consent Management Platform
We use the Usercentrics Consent Management Platform to comply with the statutory provision pursuant to Article 7, para. 1 GDPR. The operator is Usercentrics GmbH, Rosental 4, 80331 Munich. The Usercentrics Consent Management Platform collects Logfile data, user agent (device, browser type, browser language, browser version, resolution) and consent data (consent yes/no, timestamp, data extent, data attributes, ControllerID, ProcessorID, consentID) by means of a Javascript. This JavaScript permits Usercentrics GmbH to inform the user about specific tags and web technologies on our website and to obtain, manage and document the user's consent. The legal basis for data processing is Article 6, para. 1, letter c) GDPR since we are legally obliged to prove consent (pursuant to Article 7, para 1 GDPR). Our aim is to know and implement our users' preferences as well as to document these legally in a secure manner. The data are deleted as soon as they are no longer required for our documentation and there are no legal obligations to retain records.

You can permanently disable the execution of JavaScript at any time by selecting the relevant settings in your browser, which would also prevent Usercentrics from executing JavaScript.

For further details on Usercentrics data protection policy go to:


You can select your privacy settings here:

2. Rights of data subjects

In accordance with the GDPR, ista takes appropriate measures to provide the data subject with all information and communications relating to processing in a precise, transparent, comprehensible and easily accessible form in clear and simple language. The information shall be transmitted in writing or in any other form, including, where appropriate, electronically.

Since ista processes personal data automatically, ista informs you of the following information in accordance with Art. 13 GDPR:

Mr. Thomas Zinnöcker, ista International GmbH, Luxemburger Straße 1, 45131 Essen, is the person responsible for ista.

The contact details of ista's data protection officer are:

ista International GmbH, data protection officer, Luxemburger Straße 1, 45131 Essen, Germany, e-mail:

The purpose for which the personal data are to be processed and the legal basis for the processing are as follows: Optimization of customer satisfaction and the website, Art. 6 paragraph 1 f GDPR.

The legitimate interest in this is to be seen in particular in the pseudonymized processing for the optimization of the website.

Data deletion and duration of storage

The personal data of the data subjects will be deleted or blocked as soon as the purpose of storage ceases to apply. Furthermore, data may be stored if this has been provided for the European or national legislator in EU regulations, laws or other provisions to which the person responsible is subject. The data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.


ista offers you the option to subscribe to a newsletter on the ista webpage. From this newsletter you will receive information on ista topics and offers at regular intervals. To receive this newsletter, you need a valid e-mail address. Your entered e-mail address will be checked by ista for accuracy and completeness. Your login data as well as your official IP address, date and time will be stored. This serves as security to prevent your e-mail address from being misused by unauthorized third parties. No other data will be stored by ista. The data collected will only be used for the newsletter dispatch. ista undertakes not to transmit the data collected to other third parties. You have the option of cancelling the newsletter at any time without giving reasons and requesting information from the ista site. The details are marked in each newsletter.

3. Use and disclosure of personal data and earmarking

Visitors to ista’s website are always informed if their information is transmitted to third parties. So you can decide whether you agree to a transfer of your personal information to third parties or not.

3.1 Social Media / Social Bookmarks

Social bookmarks from LinkedIn, Twitter, kununu, Xing and YouTube are integrated on the ista website. Social Bookmarks are internet bookmarks that allow users of such services to collect links and news messages. These are only included on the website as a link to the corresponding services. After clicking on the integrated graphic you will be forwarded to the page of the respective provider, i.e. only then will user information be transferred to the respective provider. For information on the handling of your personal data when using these websites, please refer to the respective data protection regulations of the provider.

Important Notice: This data protection information applies exclusively to ista's internet service offering. The ista website contains links to other websites. Please note that ista is not responsible for the data protection or the content of these other internet services. We recommend all internet users to inform themselves about the respective data protection notices of other internet services when leaving ista's website.

4. Rights of data subjects

In accordance with the GDPR, ista takes appropriate measures to provide the data subject with all information and communications relating to data processing in a precise, transparent, understandable and easily accessible form in clear and simple language. The information shall be transmitted in writing or in any other form, including, where appropriate, electronically.

5. Changes to this data protection information

ista reserves the right to amend this disclosures at any time in compliance with the applicable data protection regulations; current status is May 2018.

If you have any questions regarding the processing or security of your personal data, you can contact ista’s data protection officer/responsible directly.