Go to homepage

Privacy Policy

We appreciate your interest in our B2B online shop. Protecting your personal data is very important to us. Below we inform you about the processing of your personal data in accordance with the General Data Protection Regulation (GDPR).

1. Controller

Holmenkol GmbH
Monrepos 7
71634 Ludwigsburg
Germany
Phone: +49 (0) 7141 / 3894 - 0
Fax: +49 (0) 7141 / 3894 - 100
Email: info@holmenkol.com

2. Data Protection Officer

Holmenkol GmbH
Conny Klemm
Monrepos 7
71634 Ludwigsburg
Germany
Email: datenschutz@holmenkol.com

3. Access Data and Hosting

When accessing our website, server log files are automatically collected. These include IP address, date and time of access, accessed file, referrer URL, browser type and operating system. Processing is carried out for security and stability purposes. Legal basis: Art. 6(1)(f) GDPR.

Hosting (AWS)

The online shop is operated using Shopware 6 and hosted on Amazon Web Services (AWS). AWS processes personal data solely on our behalf under a data processing agreement pursuant to Art. 28 GDPR.

AWS Web Application Firewall (AWS WAF)

We use AWS WAF to protect our website against unauthorized access, automated attacks, bot traffic and technical abuse. This involves the processing of IP addresses and technical request data.

The legal basis is Art. 6(1)(f) GDPR (legitimate interest in website security).

4. Data Processing for Contract Fulfilment (B2B)

We process personal data of business customers for order processing, customer accounts and communication. Legal basis: Art. 6(1)(b) GDPR.

5. Data Disclosure

Data is disclosed only where necessary, in particular to shipping service providers and IT/hosting providers.

6. Newsletter (CleverReach)

Newsletter subscription is based on your consent pursuant to Art. 6(1)(a) GDPR. You may withdraw your consent at any time.

7. Cookies and Consent Management

Necessary cookies are used based on legitimate interest. Analytics and marketing cookies require prior consent.

8. Analytics and Marketing

We use Google Analytics, Google Ads, Google Tag Manager, LinkedIn Insight Tag and Dealfront only with your consent.

9. Third Country Transfers

Personal data may be transferred to third countries (e.g. the USA) only with appropriate safeguards such as EU Standard Contractual Clauses.

10. Your Rights

You have rights under Articles 15–21 GDPR, including access, rectification, erasure and objection.

11. Right to Lodge a Complaint

You may lodge a complaint with a supervisory authority.

Last updated: January 2026