Data privacy at

Legal notice and data protection

This privacy policy applies to data processing on the website


IKOR GmbH, Borselstraße 20, 22767 Hamburg: Imprint.


You will leave digital traces when you move around our websites. Some of these traces could allow conclusions to be drawn about you personally, even though this is neither practically possible nor intentional for these pages. In the following, we will inform you what to expect with regard to your personal data when you visit our web pages.

As a general rule, you can use these pages without us knowing or attempting to learn your identity. Personal data (“digital traces”) that are generated when you visit a website include not only data that may be entered in contact forms, such as name and address, but also IP addresses. An IP address is the number of a computer (or smartphone, tablet …) that identifies the computer on the Internet. When transmitting web pages over the Internet, the IP address of the computer retrieving the web page must be known. However, we do not know the identity of each user and we do not try to find out.

Visiting our Website

When you visit our website www.ikor. one, your browser automatically sends information to our website’s server in the background. This information is temporarily stored in a so-called log file. As a matter of principle, we do not collect or store your IP address in its entirety. It is only collected/stored in an abbreviated, anonymous form.

The following information is collected without your intervention when you access our pages:

  • Date and time of access,
  • Name and URL of the retrieved file,
  • Website from which the access is made (referrer URL),
  • The browser used and, if applicable, the operating system of your computer as well as the name of your access provider.

We need this data to ensure:

  • A reliable, smooth internet / site connection is guaranteed.
  • System security and stability can be evaluated and managed.
  • Various other administrative purposes can be managed.

Art. 6 para. 1 p. 1 lit. f DSGVO allows us to collect your data for these purposes. Our legitimate interest follows from the data collection purposes listed above.

In no case do we use the collected data for the purpose of drawing conclusions about your person. Collected user data is automatically deleted after 7 days.

Apart from that, we use cookies and other services when you visit our website. You will find the details below in the sections “Cookies” and “Analysis Tools”.

Contact Form

For questions of any kind, we offer you the opportunity to contact us via a form provided on the website. In doing so, it is necessary to provide a valid e-mail address as well as your name so that we may respond in a timely manner.

Data processing for the purpose of contacting us is carried out in accordance with Art. 6 para. 1 p. 1 lit. a DSGVO on the basis of your voluntarily given consent.

The personal data collected by us through the contact form will be automatically deleted after the request you have made has been dealt with, unless you have given us express consent for further processing.

Social Networks


We manage our social media channels with Hootsuite, HootSuite Media Inc, 37 Dunlevy Ave, Vancouver, BC, Canada V6A 3A3. Hootsuite allows you to manage social media channels across platforms, schedule, publish and analyze posts. Hootsuite processes data uploaded by users on social media channels or shared and made public by sharing and liking posts. We use the portal for our appearances on LinkedIn, Facebook, YouTube and Twitter.

The processing of this data is based on sec. 6 para. 1 sentence 1 lit. f GDPR and pursues our legitimate interests in the most efficient and successful company presentation possible on various social media channels.

Hootsuite acts as our service provider, you can access the existing contract for order processing under the following link:*. Further information as well as the currently applicable privacy policy of Hootsuite can be found at and at


On our pages, plug-ins of the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA are integrated. You can recognize the Facebook plug-ins by the Facebook logo or the “Like” button (“Like”) on our site.

When you visit our pages, a direct connection between your browser and the Facebook server is established via the plug-in. Facebook thereby receives the information that you have visited our site with your IP address. If you click the Facebook “Like” button while logged into your Facebook account, Facebook can link the content of our pages that you visit to your Facebook profile. This allows Facebook to associate the visit to our pages with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Facebook. For more information, please refer to Facebook’s privacy policy at

If you do not want Facebook to associate your visit to our pages with your Facebook user account, please log out of your Facebook user account before visiting our pages.


Our pages include functions of the Twitter service. These functions are offered by Twitter Inc, Twitter, Inc. 1355 Market St, Suite 900, San Francisco, CA 94103, USA. If you use the “tweet” function of the Twitter plug-in on our pages, the web pages you visit will be linked to your Twitter account and made known to other users. In the process, data is also transmitted to Twitter. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Twitter. For more information about Twitter’s handling of personal data, please refer to Twitter’s privacy policy at You can change your privacy settings on Twitter in the account settings at


We use the functions of the career network XING on our websites. The provider is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. Each time one of our pages containing XING functions is called up, a connection to XING servers is established. As far as we are aware, no personal data is stored in this process. In particular, XING does not store IP addresses or evaluate usage behavior.

For more information on data protection and the XING Share button, please see XING’s privacy policy at:


We use the functions of the social network Kununu on our websites. Kununu is operated by Kununu GmbH, Fischhof 3 Top 7, A – 1010 Vienna, Austria. When you access a web page of our website that contains such a button (a “plugin”), your browser establishes a direct connection with the servers of Kununu. If you are logged into Kununu and visit our pages, Kununu will store and evaluate your visit to our pages. For the purpose and scope of data collection and the further processing and use of the data by Kununu, as well as your rights in this regard and setting options for protecting your privacy, please refer to the data protection information of Kununu:

If you do not want Kununu to be able to assign the visit to our pages to your user account, please log out of your Kununu user account beforehand.


Our newsletter dispatch is based on your registration for the newsletter subscription on our website. For this purpose, we work together with the German newsletter system promio.connect (service provider GmbH, Giergasse 2, 53113 Bonn, Germany), whose servers are located in Germany. We maintain a corresponding order data processing contract with GmbH to ensure the security of your data. When you register for the newsletter, your e-mail address is transmitted to us, which we use exclusively for sending the newsletter. All other information requested by us, such as your name, is optional and only serves to address you appropriately and to prevent misuse.

In addition, the following data is collected during registration:

  • IP address of the calling computer
  • Date and time of registration

For the processing of data, your consent is obtained during the registration process and reference is made to this privacy policy.

The legal basis for the processing of data after registration for the newsletter is Art. 6 para. 1 lit. a DSGVO if the user has given his consent.

We store your email address as long as your subscription to the newsletter is active. If you unsubscribe, your data will be deleted. If a subscription is not confirmed by means of the double opt-in procedure, we delete your data after 30 days.

The other personal data collected during the registration process is usually deleted after a period of seven days.

You can cancel the subscription to the newsletter at any time. For this purpose, you will find a corresponding link in each newsletter. This also allows you to revoke your consent to the storage of personal data collected during the registration process.

You may cancel your subscription at any time. When you unsubscribe, your data will be moved to a blacklist in the database that cannot be viewed and will be archived there. Only the software can compare the e-mail addresses (of former subscribers) with the imported e-mails or the e-mails used in the registration in the event of a new import of subscribers or registration by an interested party.

This data processing is based on our legitimate interest according to Art. 6 I lit f DS-GVO.

Passing on Data

As a rule, we do not pass on your data, which we receive when you visit our pages, to third parties. An exception to this principle and a transfer of your data may occur if: You have given us your express consent to do so (Art. 6 para. 1 p. 1 lit. a DSGVO).

The disclosure is necessary for us because we wish to assert legal claims and we have no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data (Art. 6 para. 1 p. 1 lit. f DSGVO).


We use cookies on our website. These are small files that are automatically created by your browser and stored on your end device (laptop, tablet, smartphone) when you visit our site. Cookies do not cause any damage to your end device, do not contain viruses, Trojans or other malware.

In the cookie, information is stored that arises in each case in connection with the specific end device used. This does not mean, however, that we gain direct knowledge of your identity. The use of cookies serves on the one hand to make the use of our offer more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website. These are automatically deleted after you leave our site.

In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your end device for a certain fixed period of time. If you visit our site again to use our services, it is automatically recognized that you have already been with us and what entries and settings you have made, so that you do not have to enter them again.

On the other hand, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer for you (see ” Analysis tools “). These cookies enable us to automatically recognize that you have already been to our site when you visit it again. These cookies are automatically deleted after a defined period of time.

The data processed by cookies is necessary for the aforementioned purposes to protect our legitimate interests and those of third parties in accordance with Art. 6 (1) p. 1 lit. f DSGVO.

Most browsers accept cookies automatically.

However, you can configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. However, the complete deactivation of cookies may mean that you cannot use all the functions of our website.

Google Analytics

The use of Google Analytics on our websites is based on Art. 6 para. 1 p. 1 lit. f DSGVO. With the use of Google Analytics, we want to ensure a needs-based design and continuous optimization of our website. On the other hand, we use it to statistically record the use of our website. These interests are considered legitimate in the sense of the aforementioned provision.

Google Analytics is provided by Google Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. In the event that IP anonymization is activated on this website, however, your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. We use Google Analytics on our websites in a variant that works with anonymized IP addresses. The IP addresses are shortened before being transmitted to Google. (“gat._anonymizeIp();”).

Google uses the information from cookies to evaluate your use of the website on our behalf, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics is not merged with other data from Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link (

For more information on terms of use and data protection, please visit or We would like to point out that on this website Google Analytics has been extended by the code “gat._anonymizeIp();” to ensure anonymized collection of IP addresses (so-called IP masking). You can prevent the collection by Google Analytics by clicking on the following link. An opt-out cookie will be set, which will prevent the future collection of your data when visiting this website: Disable Google Analytics

You can prevent the collection by Google Analytics by clicking on the following link. An opt-out cookie will be set, which will prevent the future collection of your data when visiting this website: Disable Google Analytics

Your Rights in relation to your Data

According to Art. 15 DSGVO, you can request information about the data we process about you.

In addition, if we have inaccurate or incomplete data from you, you can request the correction of this data (Art. 16 GDPR). You can also request the deletion of your data (Art. 17 DSGVO). However, there may be cases where we are not allowed or required to delete your data despite your request. If you request us to delete this data, we will check whether such reasons exist. If not, we will delete your data. The alternative to deleting your data is in certain cases to restrict the processing of your personal data (Art. 18 DSGVO). Here, too, the following applies: let us know how you want to proceed, and we will check the legal requirements and find a way that balances our mutual interests.

If you believe that we are not complying with the data protection requirements for the processing of your data on these websites, you can complain to a data protection supervisory authority. You can find a list of European supervisory authorities here:

Information on the handling of your personal data in accordance with Article 13 of the EU General Data Protection Regulation / Hubspot.

Person responsible for data processing: IKOR GmbH, Borselstraße 20, 22767 Hamburg, represented by Sebastian Herrgesell (Managing Director).

Data protection officer: PrivCom Datenschutz GmbH, Dr. Bettina Kähler,

Purpose of Processing:

IKOR uses the service Hubspot, a service of Hubspot Inc. We use it to process your data for marketing purposes, for example when you subscribe to our newsletter or request and download exclusive editorial content by e-mail.

Recipient of the Data:

Hubspot has its headquarters in the USA. Here, based on your consent, "cookies" or similar technologies (such as "web beacons") are set, which are stored on your computer and which enable us to analyze your use of our website. Hubspot evaluates the information collected (e.g., IP address, geographic location, browser type, length of visit, and pages viewed) on behalf of IKOR to generate reports about IKOR's visits and web pages visited. If you have registered on our website, Hubspot also allows us to link your visits to IKOR websites with your personal information (typically name/email address), again based on your consent. This enables us to address you individually and in a targeted manner on preferred topics. For the same purpose, we link your personal data with further information from freely accessible sources.

The data obtained in this way is stored by Hubspot Inc. in a data center in Frankfurt, Germany. As Hubspot Inc. is based in the USA, US authorities have the right to retrieve all data held by Hubspot Inc. if required. For more information on how Hubspot operates, please see the Hubspot Inc. privacy policy, available at:

IKOR internally transfers the data to our sales database.

Legal basis for data processing: Art. 6 para. 1 lit a DSGVO (consent).

Deletion of Data:

The stored data will be deleted if you revoke your consent. Otherwise, they will be deleted as soon as the last activity with these data on the part of the data subject or on the part of IKOR has exceeded a period of three years.

Your rights in connection with your data:

You can request information from us at any time about the data we process about you (Art. 15 DSGVO). If requested, we provide you with a copy of your data.

If we have stored incorrect data from you, you have the right to demand that we correct your data (Art. 16 DSGVO). We will then make immediate corrections.

Likewise, you have the right to demand that we delete your data. However, we may only delete your data if we no longer need it to comply with legal requirements (Art. 17 DSGVO). In this case, you may, under certain conditions, request us to restrict the processing of your data. This applies, for example, if we have incorrect data from you and we need time to conduct a review. In this case, we will not use your data for the time being (Art. 18 DSGVO).

If you have given us consent to process your data, you can revoke this consent at any time (Art. 7 (3) DSGVO). We will then no longer process your data.

Automated decision-making: We do not use automated decision-making (including profiling) within the meaning of Art. 22 DSGVO.

Competent supervisory authority: You can address complaints regarding the handling of your data to a data protection supervisory authority. You can find a list of European supervisory authorities here:

Information regarding the Handling of Personal Data in line with Art. 13 EU General Data Protection / FIGMA

Responsible for Data Handling:
IKOR GmbH, Borselstraße 20, 22767 Hamburg, represented by Sebastian Herrgesell (Managing Director).

Data Protection Official:
PrivCom Datenschutz GmbH, Dr. Bettina Kähler,

Purpose of Data Handling:
For easy exchange of design drafts between us and our clients while working on front-end projects we use the tool “Figma” in its web-based version.

Legal Basis of Data Handling:
Art. 6 para. 1 lit f) GDPR. Our legitimate interest, in line with the regulations, for using Figma is the easy and quick cooperative work with our clients which other tools do not offer. In order to avail of this service an online account needs to be setup by creating a username and password. An e-mail address and a username are all that is required to use this service. For both login details pseudonyms can be used, this way only a fraction of your personal data will be collected.

Recipient of the Data:

Provider Figma, of company Figma Inc., based in San Francisco, USA.
Conveyance of Data to Third Countries:
If you decide to use Figma in cooperation with us, your e-mail address will be forwarded to the provider’s servers which are located in the USA.

Duration of Data Retention:
Your user account along with any personal data connected to it will be stored until you delete it.
Your Rights in Relation to your Data:
The use of Figma is voluntary. If you do not want to use Figma we will find other options to work together. If you have created a user account for Figma you may delete it at any time. Deleting your account needs to be done through Figma’s platform.

Automated Decision Making:
An automated decision making (including profiling) as per Art. 22 EU-GDPR is not involved in the usage of Figma.
Competent Supervisory Authority:
Complaints in relation to the usage of your data through us can be directed to this supervisory authority:
Der Hamburgische Beauftragte für Datenschutz und Informationssicherheit
Ludwig-Erhard-Str 22, 7. OG, 20459 Hamburg
Telefon: 040 / 42854 – 4040
 Fax: 040 / 428 54 - 4000

Right to Object

We have mentioned our “legitimate interests” a few times in this privacy policy, which allows us to process your data on these websites. If we process your data on the grounds of our “legitimate interest”, you may object to this data processing (Article 21 DSGVO). For the objection, however, you must assert reasons “arising from your particular situation”, as the aforementioned provision wants it.

If you wish to exercise your right to object, simply send an e-mail to info(at) We will then review your request and get back to you with a result.

Data Protection Officer

We have appointed a company data protection officer to provide ongoing support and advice on compliance with data protection requirements: PrivCom, Dr. Bettina Kähler, Tel. or info(at)

Data Security

Our web pages are SSL-encrypted, i.e. the transmission is secured and protected against external access. You can see whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.

Software Products

IKOR always observes the requirements after implementation of the General Data Protection Regulation (GDPR) in its software products. The requirement for 'data protection by design' in accordance with Article 25, Data Protection by Design and by Data Protection Friendly Default Settings, becomes relevant. This means that data protection in processing activities is best observed if it is already technically implemented during the development of the processing activities.

For example, authorization management, a deletion concept for personal data, a logging concept, a cryptography concept or a pseudonymization or anonymization concept must already be taken into account during technical implementation.

The IKOR-Prozessleitstand (IPLS) is a framework that an IKOR customer can use to map its processes and processing activities in a SAP environment. The IPLS is deliberately kept as generic as possible in order to be able to implement (almost) any data and processing activities. The customer decides whether personal data or confidential data is to be processed in its processes, for which the customer must then implement the requirements of Article 25, Data Protection by Design and by Default Settings. The IPLS does not contain any generic modules with which the requirement to implement the GDPR can be met directly. Instead, the IPLS customer is required to use the functions and tools of the SAP environment for this purpose.


The reproduction of information or data, in particular the use of texts, parts of texts or images is not permitted or requires the prior consent of IKOR GmbH.

Legal Notice

IKOR constantly checks and updates the information on its websites. Nevertheless, it cannot assume any liability or guarantee for the topicality, correctness and completeness of the information provided.

The same applies to all other websites to which reference is made by means of links. IKOR is not responsible for the content of the websites that are reached via such a link. Furthermore, IKOR reserves the right to make changes or additions to the information provided.

Trademark Notice

SAP, R/3, mySAP, SAP NetWeaver and other SAP products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of SAP SE in Germany and in several other countries all over the world. All names of products and services are trademarks of their respective companies.

Guidewire, Guidewire Software, Guidewire ClaimCenter, Guidewire PolicyCenter, and Guidewire BillingCenter are registered trademarks of Guidewire Software Inc. in the U.S. and/or other countries.