Privacy Policy

Thank you for visiting the ILSA Gateway. In the following, we would like to inform you about the handling of your data according to Art. 13 of the Basic Data Protection Regulation (GDPR), in German: Datenschutz-Grundverordnung (DSGVO).


Responsible for the data processing described below is the body named in the colophon.


Usage data

When you visit our website, so-called usage data is temporarily evaluated on our web server for statistical purposes as a log to improve the quality of our website. This data record consists of

  • the date and time of the request,
  • the amount of data transferred,
  • the access status (content transferred, content not found),
  • the description of the web browser and operating system used,
  • the referral link, which indicates the page from which you came to ours,
  • the IP address of the requesting computer, which is shortened so that a personal reference can no longer be established.

The log data is only evaluated anonymously.


Data security

To protect your data from unwanted access as comprehensively as possible, we take technical and organizational measures. We use an encryption procedure on our web pages. Your data is transferred from your computer to our server and vice versa via the Internet using TLS encryption. You can usually recognize this by the fact that the lock symbol is closed in the status bar of your browser and the address line begins with https://.


Required cookies

On our website, we use cookies that are required to use our website.

Cookies are small text files that are stored on your terminal device and can be read. A distinction is made between session cookies, which are deleted again as soon as you close your browser, and permanent cookies, which are stored beyond the individual session.

We do not use these necessary cookies for analysis, tracking or advertising purposes.

In some cases, these cookies only contain information about certain settings and are not personally identifiable. They may also be necessary to enable user guidance, security, and implementation of the site.

We use these cookies based on Art. 6 para. 1 p. 1 lit. f DSGVO.

You can set your browser to inform you about the placement of cookies. This makes the use of cookies transparent for you. You can also delete cookies at any time via the appropriate browser setting and prevent the setting of new cookies. Please note that our web pages may then not be displayed, and some functions may no longer be technically available.

PurposeProviding our content management system

Storage durationCookies are deleted at the end of the session.



We use the web analysis tool "Matomo" to design our website according to demand. Matomo creates usage profiles based on pseudonyms. For this purpose, permanent cookies are stored on your terminal device and read by us. In this way, we can recognize returning visitors and count them as such.

The data processing is based on your consent according to Art. 6 para. 1 p. 1 lit. a DSGVO or § 15 para. 3 p. 1 TMG, if you have given your consent via our banner.

You can revoke your consent at any time. To do so, please follow this link [to the cookie banner] and make the appropriate settings via our banner.


Embedded videos

On our web pages, we embed videos that are not stored on our servers. To ensure that calling up our web pages with embedded videos does not automatically lead to content from the third-party provider being reloaded, we only display locally stored preview images of the videos in a first step. This does not provide the third-party provider with any information.

Only after a click on the preview image is content from the third-party provider loaded. This provides the third-party provider with the information that you have accessed our site as well as the usage data technically required in this context. In addition, the third-party provider is then able to implement tracking technologies. We have no influence on the further data processing by the third-party provider. By clicking on the preview image, you give us permission to reload content from the third-party provider.

The embedding is based on your consent pursuant to Art. 6 para. 1 p. 1 lit. a DSGVO, if you have given your consent by clicking on the preview image. Please note that the embedding of many videos leads to your data being processed outside the EU or EEA. In some countries, this poses the risk that authorities may access the data for security and monitoring purposes without you being informed or having legal recourse. If we use providers in unsafe third countries and you consent, the transfer to an unsafe third country will be based on Art. 49 (1) lit. a DSGVO.

Provider: YouTube/Google (USA)

Adequate level of data protection: No adequate level of data protection. The transfer takes place based on Art. 49 (1) lit. a DSGVO.

Withdrawal of consent: If you have clicked on a preview image, the third-party content is reloaded immediately. If you do not want such reloading on other pages, please do not click the preview images anymore.


Storage period

Unless we have already informed you in detail about the storage period, we delete personal data when they are no longer required for the processing purposes and no legal retention obligations prevent deletion.


Other order processors

We pass on your data to service providers as part of order processing pursuant to Art. 28 DSGVO, who support us in the operation of our website and related processes. These are, for example, hosting service providers. Our service providers are strictly bound by instructions to us and are contractually obligated accordingly.

In the following, we will name the order processors with whom we work, if we have not already done so in the preceding text of the data protection declaration. If data is transferred outside the EU or EEA in this context, we provide information on the appropriate level of data protection.

Processor: Mittwald CM Service GmbH & Co. KG (Germany)

Purpose: Web hosting and support

Adequate level of data protectionProcessing within EU/EEA only


Your rights as a data subject

When processing your personal data, the Datenschutz-Grundverordnung grants you certain rights as a data subject:

Right to information (Art. 15 DSGVO)

You have the right to request confirmation as to whether personal data relating to you is being processed; if this is the case, you have the right to be informed about this personal data and to receive the information listed in detail in Art. 15 DSGVO.

Right to rectification (Art. 16 DSGVO)

You have the right to request without undue delay the rectification of any inaccurate personal data concerning you and, where applicable, the completion of any incomplete data.

Right to erasure (Art. 17 DSGVO)

You have the right to request that personal data concerning you be erased without delay, provided that one of the reasons listed in detail in Art. 17 DSGVO applies.

Right to restriction of processing (Art. 18 DSGVO)

You have the right to request the restriction of processing if one of the conditions listed in Art. 18 DSGVO applies, e.g., if you have objected to the processing, for the duration of the review by the controller.

Right to data portability (Art. 20 DSGVO)

In certain cases, which are listed in detail in Art. 20 DSGVO, you have the right to receive the personal data concerning you in a structured, common, and machine-readable format or to request the transfer of this data to a third party.

Right of withdrawal (Art. 7 DSGVO)

If the processing of data is based on your consent, you are entitled to revoke your consent to the use of your personal data at any time in accordance with Art. 7 (3) DSGVO. Please note that the revocation is only effective for the future. Processing that took place before the revocation is not affected.

Right of objection (Art. 21 DSGVO)

If data is collected based on Art. 6 (1) sentence 1 lit. f DSGVO (data processing to safeguard legitimate interests) or based on Art. 6 (1) sentence 1 lit. e DSGVO (data processing to safeguard public interest or in the exercise of official authority), you have the right to object to the processing at any time for reasons arising from your particular situation. We will then no longer process the personal data unless there are demonstrably compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

Right to lodge a complaint with a supervisory authority (Art. 77 DSGVO)

Pursuant to Art. 77 DSGVO, you have the right to lodge a complaint with a supervisory authority if you are of the opinion that the processing of data concerning you violates data protection provisions. The right of complaint may be asserted in particular before a supervisory authority in the Member State of your habitual residence, your place of work or the place of the alleged infringement.

Assertion of your rights

Unless otherwise described above, to assert your data subject rights, please contact the office mentioned in the colophon.


Contact details of the data protection officer

Our external data protection officer will be happy to provide you with information about data protection under the following contact details:

datenschutz nord GmbH



If you contact our data protection officer, please also indicate the responsible office named in the colophon.