Your confidential data are treated confidentially by us, under strict observance of the valid data protection law provisions.

You are here: Home Privacy

Data protection statement

The following content is supposed to inform you about all questions related to data protection and the usage of your personal data that is collected during the visit on our website. This Webseite and all services offered are operated by

ITSM Consulting GmbH
Am Kuemmerling 21 -25,
55294 Bodenheim
Phone: +49 61 35 93 34 0

CEO: Siegfried Riedel
Registry: Commercial registry
Registry court: District court Mainz – HRB 47740

„ITSM Group“ means the association of companies of ITSM Consulting GmbH and all companies, in which ITSM Consulting GmbH is predominantly involved in and terms every single companie within that association.

You can contact our data protection officer as follows:

ITSM Consulting GmbH
Data Protection Officer
Am Kuemmerling 21 – 25
55294 Bodenheim


The ITSM Group

Die ITSM Group is pleased about your visit on our website and your interest in our company. We take the protection of your personal data seriously and want you to feel comfortable when visiting our website. Guarantying data protection and data security is one of the basic principles of the ITSM Group’s policies. Your personal data only will be processed compliant to the General Data Protection Regulation (GDPR).

All employees and cooperating partners are indentured to comply with all statutory provisions concerning data protection.

Please contact our data protection officer in case of date protection related questions, claims and requests.

Duration of data usage

Your personal data will be deleted as soon as you revoke your approval, or the purpose of the data usage is not given anymore, unless a statutory provision states the necessity of storing your data. In these instances, your data will be deleted as soon as the retention period is over.

The ITSM Group guarantees to inform all involved processors about your approval revocation. The ITSM Group indentures all processors to delete your personal data as soon as they become aware of your revocation.

Provisioning the website

Every webserver automatically records the access to websites. When visiting our website, our webserver will record following data temporarily with the purpose of system security and system control compliant with Article 6(1)(f) of GDPR, which may allow conclusions to your person.

-          IP address

-          The website, a file was requested

-          Filenames

-          Date and time of the request

-          Data amount being transferred

-          Access status

Without the data it would not be possible to technically provide and display the website’s contents. Collection these data is mandatory. Furthermore, we use the anonymous data for statistical purposes. These statistics help to optimize our services and technologies. We reserve the rights to analyse the log files in case of the suspicion of abuse of our services.

Collected data will be deleted after 7 days.

Processing personal data

We understand personal data as that kind of data you provide when using our forms, such as name, surname, postal address, e-mail address and phone number. You can use the website itself without providing any personal data, but you may not use all services offered.

By using the following services, the provision of your personal data is mandatory:

Contact form

If you contact us using the contact form or via e-mail, we will process your data to answer your requests. That can only be done after your approval as claimed in Article 6(1)(a) of GDPR. You may revoke this approval at any time without stating any reasons. The following personal data will be collected within this processing:

-          salutation (optional)

-          company (optional)

-          name (optional)

-          surname (optional)

-          phone number (optional)

-          e-mail address

Furthermore, you may approve us according to Article 6(1)(a) of GDPR, to store your personal data within our customer relationship system with the purpose to contact you within the context of sales activities. You may revoke this approval as well at any time without stating any reasons.

Booking of trainings

If you book trainings using our booking form we will processes your personal data with the purpose of handling your booking, including contract closing and billing, according to Article 6(1)(b) of GDPR. The following personal data will be collected within this processing:

-          company (optional)

-          name

-          surname

-          phone number

-          street address

-          postcode

-          city

-          e-Mail address

-          country

These data will be logged as well and serve as an evidence for booking a training via our website.

Furthermore, you have to provide the personal data of the training’s participants with the purpose of transmitting important information related to the training:

-          salutation

-          name

-          surname

-          e-mail address

Additionally, you may approve us according to Article 6(1)(a) of GDPR, to store your personal data within our customer relationship system with the purpose to contact you within the context of sales activities. You may revoke this approval at any time without stating any reasons.

If you are not willing to provide these data you are not able to book our trainings online. You still have the possibility to book our trainings via phone or by sending an e-mail, though.


If the seminar includes an exam by external institutes, we may need to transmit your personal data in order to register yourself for the exam. The data includes surname, name, e-mail address and will be transmitted to the corresponding institute according to Article 6(1)(b) of GDPR. For further information regarding the proceeding of your personal data be aware of the institute’s data protection statements you can find on their websites.

We transmit your data to the following institutes:

-          PeopleCert ( headquartered in Nicosia, Cyprus.

-          APMG ( headquartered in High Wycombe, England.

We do not transmit your personal data to the following institutes, but in order to take the exam you will have to register to their services

- ( headquartered in Burlington, USA

-          ServiceNow ( headquartered in Santa Clara, USA.


In case the seminars are held by one of our partners, we have to transmit your personal data as well, according to Article 6(1)(b) of GDPR. Contracts and agreements with our partners guarantee the proceedings in conformity with the current data protection laws.

Signing up for the newsletter

If you sign up for our newsletter, we process your personal data for the purpose of transmitting the newsletter and for the purpose of informing you within the registration process. That can only be done after your approval as claimed in Article 6(1)(a) of GDPR. You may revoke this approval at any time without stating any reasons. The following personal data will be collected within this processing:

-          e-Mail address

Within the newsletter creation and transmitting processes we take advantage of a processor. That means that your personal data you provided for newsletter service need to be transmitted to the processor. To guarantee the protection of your personal data we closed a processor contract according to Article 28(3) of DSGVO.

If you want to receive our newsletter you must provide a valid e-mail address. To exclude abuse of e-mail addresses we use the “Double-Opt-In” procedure. That means that you will receive a confirmation mail after signing up for the newsletter. You will not get a newsletter unless the confirmation has been transacted. In context of this procedure the order, the transmission of the confirmation email and the and the receipt of the registration confirmation will be logged. Therefore, your IP address, the date and the time of the registration and the date and the time of the confirmation will be recorded. These data serve as an evidence in case of abusing other’s e-mail addresses.

You may revoke your approval for the newsletter at any time without stating any reasons. To do so you may use the link provided in every single newsletter to starts the sign off procedure.

Application procedure

We offer the possibility to gain access to our application database and submit your application and all relevant personal data.

We process your data according to Article 6(1)(b) of GDPR. In the context of this processing you need to provide the following data:

-          Surname

-          Name

-          Date of birth

-          e-mail address

-          Address (Street, Number, Postal Code, Country)

-          phone number

-          earliest starting date

-          salary expectations

-          information regarding your final degree/ vocational training

We process your personal data to check your adequacy for the job and to contact you within the application procedure.

Your data and documents provided will be deleted after the application process, at least after a time of six months according to § 61b(1) of ArbGG and §15 of AGG, unless you approve the storage of your data and documents in our application database for a maximum of 24 months. If so, we use your data for adequacy checks to other vacancies. Your data may be transmitted within the ITSM Group. When identified as a potential employee we will contact you for further interviews and meetings related to the application procedure. We will store your data for a maximum of 24 months and delete it after this time has elapsed.

Use of cookies

We use cookies to operate our website. Cookies are tiny files being created by your browser automatically and stored on your device (notebook, tablet, smartphone or others) when visiting our website. Cookies do not harm your devices, especially they do not contain viruses trojan horses, or other forms of malware. A cookie stores information related to the specific device you are using. That does not mean that we are able to make conclusions to your person. The data processed by the cookies for the states purposes are meant to ensure our or third parties’ legitimate interests according to Article 6(1)(f) of GDPR. Most of the browsers accept cookies automatically. You may configure your browser to the effect that no cookies will be stored, or a hint is displayed each time a cookie is going to be created.

It depends on your browser how to manage cookies. As follows we provide you some links, that may help you in cookie management. These links are valid at the time of the creation of this data protection statement and may not be up to date at the time you use them. In this case consult the browser developer’s website.


Internet Explorer:

Google Chrome:



To deactivate the usage of third-parties’ advertising cookies  you may use the website of NAI, Network Advertising Initiative,

Analysis tools und plugins

Google Analytics

This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States.

In case of activation of the IP anonymization, Google will truncate/anonymize the last octet of the IP address for Member States of the European Union as well as for other parties to the Agreement on the European Economic Area. Only in exceptional cases, the full IP address is sent to and shortened by Google servers in the USA. On behalf of the website provider Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage to the website provider.

Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser. However, please note that if you do this, you may not be able to use the full functionality of this website. Furthermore you can prevent Google’s collection and use of data (cookies and IP address) by downloading and installing the browser plug-in available under

For further information regardind the proceedings of personal data by Google Analytics be aware of Google’s Data Protection Statement.

You can refuse the use of Google Analytics by clicking on the following link. An opt-out cookie will be set on the computer, which prevents the future collection of your data when visiting this website: Disable Google Analytics

Further services and third-party content

Our services may include third party content and services such as maps provides by Google Maps, Videos hosted at YouTube and graphics and pictures of other websites. To display these contents correctly in your browser it may be necessary to transmit your IP address to those third parties. The service provider may have access to your e-mail-address.

Although we strive to use solely third parties that only need your IP address to deliver content, we have no bearing on your IP address being possibly stored. This may serve for statistical purposes among others. As far as we have notice of your IP address being stored, we will pint it out.

Rights of the data subject

As soon as your personal data is being processed according to the GDPR you are a data subject and therefore have the right to:

  • revoke your approval at any time according to Article 7(3) GDPR. As a consequence, we are not allowed to process your data in the context of the purpose your approval was given to anymore.
  • obtain information about your personal data being processes by us according to Article 15 of GDPR. You may obtain information especially about the processing purposes, the category of personal data, the category of recipients to whom the personal data have been or will be disclosed, the envisaged period for which the personal data will be stored, the existence of the rights to rectification, erasure, restriction of processing, objection, complaint-lodging,  as well as information about the sources of the personal data when not collected by us and information about the existence of automated decision-making (including profiling).
  • claim the rectification of inaccurate data and the completion of incomplete data stored by us, without undue delay according to Article 16 of GDPR.
  • claim the erasure of your personal data stored by us according to Article 17 of GDPR unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims,
  • claim the restriction of processing your personal data according to Article 18 of GDPR, as far as the accuracy of the data is contested by you, the processing is unlawful and you oppose the erasure of the personal data, we do not need your personal data anymore, but the data are still required for the establishment, exercise or defence of legal claims or you objected to processings pursuant to Article 21(1) of GDPR.
  • to receive your personal data being processed by us in a structured, commonly used and machine-readable format and to have those data transmitted to another controller according to Article 20 of GDPR.
  • to lodge a complaint with a supervisory authority according to Article 77 of GDPR. You can find the supervisory authority in the Member State of your habitual residence, place of work or place of the alleged infringement. 

You can claim all rights (except the right to lodge a complaint) by contacting our data protection officer using the given contact information at the beginning of this statement.

Rights to object

In cases of processing your personal data based on legitimate interests according to Article 6(1)(f) of GDPR, you have the right to object this processing according to Article 21 of GDPR. This right includes profiling based on certain processings.
The ITSM Group will no longer process your personal data, unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims.

If your personal data is processes for direct marketing purposes, you have the right to object the processing, which includes profiling to the extent that it is related to direct marketing, at any time. If you object processings for direct marketing purposes, we will not process your personal data for purposes like that anymore. To claim that right you can contact our data protection officer using the contact information given at the beginning of this statement.

Data security

This website uses the common TLS encryption protocol (Transport Layer Security) in association with the highest encryption level being supported by your browser. This encryption is used to securely transmit confidential content to the ITSM Group. A (green) lock symbol in the status bar of your browser labels a website to be secure.

Changes to our data protection statement

This data protection statement corresponds to the data protection requirements being stated in the GDPR. To ensure our data protection statement to be up to date and correspond to actual legal regulation, we reserve the right to make modifications at any time. That also covers the cases that the date protection statement needs to be updated due to new or update services. An updated data protection statement is valid at your next visit to our website.