Privacy and your data rights | ISG Germany

As is true of most companies, ISG needs to collect and use your personal information for various purposes. We understand that you care about your privacy, and we take that seriously. This Privacy Notice describes ISG’s policies and practices regarding its collection and use of your personal data.


1. General Information

1.1. Controller

ISG plc is a company registered in England and Wales under the registration number 10081578. Our registered address is Aldgate House, 33 Aldgate High Street, London EC3N 1AG. All references to ‘ISG’, ‘we’, ‘us’, ‘our’ are references to ISG Ltd and its subsidiaries.


1.2. Data protection officer

ISG has appointed an internal data protection officer for you to contact if you have any questions or concerns about ISG’s personal data policies or practices. ISG’s data protection officer’s contact information are as follows:

ISG Limited 
86 Sandyhill Lane 
Ipswich, IP3 0NA 
United Kingdom


1.3. Your rights

Under the GDPR data subjects have the following rights:

  • The right to be informed of any data processing
  • The right of access to your personal data
  • The right to rectification of your personal data,
  • The right to erasure of your personal data,
  • The right to restrict processing of your personal data,
  • The right to data portability,
  • The right to object to the processing of your personal data,
  • The right to withdraw consent to the processing of your personal data, where applicable.

If you wish to unsubscribe from our marketing communications, you can contact us at

If you wish to exercise your rights as a data subject, please contact us at

However, should ISG not satisfy your questions, you also have the right to file a complaint with a supervisory authority for data protection at any time, e.g. with the competent supervisory authority of the federal state in which you live or with the authority responsible for us: 

          Information Commissioner’s Office (ICO):

Additionally, if you are aged under 13, we may require your parents’ or guardian’s consent for you to exercise any of your rights.


1.4. Legal Basis for collecting and using your data

We process your data based on your consent, to fulfill a contract or pre-contractual measures, to fulfill a legal obligation, or in pursuit of legitimate interests.


1.5. Recipients

We may share your information with other organisations or divisions within the ISG group located in the European Economic Area (EEA) and the United Kingdom (UK). We may also have to share your personal information with law enforcement authorities where we are required to do so by law.

We may engage service providers for some of our processing activities. These service providers are processors and are contractually obligated to process your data exclusively in accordance with our instructions.

We may send your data to other companies, which are not processors, but only if we have a legal basis which makes the data access or transfer legal.

Unless otherwise stated below, your data will not be transferred to a third country outside the European Union (EU) or European Economic Area (EEA). Your personal data will only be transferred to third countries if they meet requirements of sufficient legal protection of your data, with Standard Contractual Clauses, Binding Corporate Rules, or an adequacy decision of the European Commission.

For more information on the processors we engage and how we ensure safe data processing in the event of third-country transfers please contact us at


1.6. How long we keep your personal information

The duration of data storage depends on the respective processing activity. If the retention period is not specified further, your personal data will be deleted or blocked as soon as the purpose or legal basis of the storage ceases to apply. Personal data will not be deleted if storage is required by law or in the event of possible legal dispute.


1.7. Provision of data

The provision of data is generally voluntary, unless it is contractually required or prescribed by law. Under certain circumstances, the requested service cannot be provided or can only be provided with difficulty without providing your data.


1.8. Automated decision making

We do not make any automated decision-making or profiling using your personal information.


1.9. Security of your information

To help protect the privacy and confidentiality of your personal information, we maintain physical, technical and administrative safeguards. We update and test our security technology on an on-going basis. We restrict access to your personal data to those employees who need to know that information to provide benefits or services to you. In addition, we train our employees about the importance of confidentiality and maintaining the privacy and security of your information. We commit to taking appropriate disciplinary measures to enforce our employees' privacy responsibilities.


1.10. Changes to the privacy policy

We reserve the right to adapt this privacy policy so that it always complies with the current legal requirements. The current version of the privacy policy applies.


2. How we process your personal information on this website

2.1 Server log files

Purpose of data processing: When visiting this website, certain connection data is stored in a server log of the hosting provider. These server log files record, for example, the name of the requested file, your anonymized IP address, the date and time of the request, the amount of data transferred and the requesting provider (access data) and document the request. This access data is evaluated solely for the purpose of ensuring trouble-free operation of the site and improving this website.

Legal basis: The processing is carried out in the legitimate interest of maintaining the stability, security and functionality of the website.

Recipients: The services for hosting and displaying the website are provided by service providers as part of processing on our behalf. Unless otherwise explained in this privacy policy, all access data as well as all data collected in forms provided for this purpose on this website are processed on their servers.

Deletion period: All access data will be deleted no later than 30 days after the end of your visit to the site unless a security-related event occurs (e.g. a DDoS attack). In the event of such an event, server log files are stored until the security-relevant event has been eliminated and fully resolved.


2.2. Contact

Purpose of data processing: You can contact us by sending us an e-mail or entering data in the end-to-end encrypted contact form. The data you enter and submit will be processed for the purpose of individual communication with you.

Legal basis: The data processing is carried out for the implementation of pre-contractual measures, for the fulfillment of a contract or based on our legitimate interests in providing an efficient and secure procedure communication.


2.3. News and Updates

Purpose of data processing: To provide you with information and updates about ISG, you can sign up to our newsletter.

Marketing Policy: We will always exercise restraint and send you only materials that we feel are relevant to your interests.

If you no longer wish to receive any more updates, you can unsubscribe via the link in each newsletter. This link will send you to a Preference Centre where you can manage where you no longer wish to receive any newsletter or adapt your preferences. You can also unsubscribe by sending us a request to We will move your name and email address to our suppression list to ensure you will no longer receive any marketing content.

Legal basis: We process your data based on your consent.

Recipients: Our newsletter are sent through an external newsletter service provider who is engaged as a processor, who processes your data exclusively based on our instructions.


3. Cookies

Purpose of data processing: Our website uses „cookies“. Cookies do not cause any damage to your device and do not contain viruses. Cookies serve to make our offer more user-friendly, effective and secure. Cookies are small text files that are stored on your terminal device and in your browser.

All detailed information about the cookies used on this website can be found in our cookie consent banner.

We would like to point out that the use and especially the comfort of use may be limited without the use of cookies. The cookies are set via a consent management tool.

Legal basis: We use cookies, which are strictly necessary for our legitimate interest (Art. 6 para. 1 lit. f) GDPR) to provide a functional and safe website for you. For all other purposes, the placement of cookies requires your consent (Art. 6 para. 1 lit. a) GDPR).


4. Social Media

Purpose of processing: For the purpose of establishing an online presence, we operate social media accounts. We regularly publish posts and communicate with you within the comments or via direct messages.

The respective provider assumes the data protection obligations towards you as a user, such as informing you about data processing, and is the contact person for your rights. This results from the fact that such a provider has direct access to the relevant information on the social media site and the processing of your data.

Insofar as you have given your consent to the respective social media operator, your data will be collected and stored when you visit our profile. The detailed use of your data by the respective social media operator, as well as a contact option and your rights and settings options in this regard to protect your privacy, can be found in the privacy notices of the operators linked below.

Legal basis: Primarily, the processing is carried out within our legitimate overriding interest in establishing an online presence. Insofar as communication takes place with a view to initiating a contract, the processing is carried out for the fulfillment of contractual or pre-contractual measures.