Data Protection Policy

1.) This data protection policy informs you about the processing of personal data on the website (hereinafter referred to as “online offer”) by 

Ralf Lüttgen doing business as Superior Consulting Service Lüttgen, 

Heinrichstraße 36, 50999 Cologne, Germany
Telefon: +49 2236-963541
Telefax: +49 2236-963542 

(= responsible entity as defined by the General Data Protection Regulation – GDPR). 

2.) The collection, processing and use of personal data by the online offer takes place according to the official GDPR regulations. 

3.) When visiting the online offer, data is only collected, processed and used as required to use selected services. Personal data is collected if you transmit it to us via the contact or inquiry form, for the newsletter or directly by email. The use of the online offer is possible anonymously or using a pseudonym – with particular restrictions for technical reasons. 

4.) No transfer of personal data to third parties takes place without consent from the user, as well as a notification sent to the user

(see below social media). Personal data is transferred to third parties if 

  • under Art. 6 Para. 1 Sentence 1 Letter a) GDPR the affected person has explicitly consented to it,
  • The transfer is required under Art 6 Para. 1 Sentence. 1 Letter f) GDPR to assert, exercise or defend legal claims and there is no reason to assume that the affected person has an overwhelming interest worthy of protection in the non-transfer of their data,
  • There is a statutory obligation for the data transfer under Art. 6 Para. 1 Sentence 1 Letter c) GDPR, and/or this is required under Art. 6 Para. 1 Sentence 1 Letter b) GDPR to fulfil a contractual relationship with the affected person. 

5.) When calling up the website using a browser, data is sent to the server automatically and stored by the server in a log file. This takes place for the following purposes:

  • Quicker page construction,
  • Monitoring using security technology,
  • Statistical purposes,
  • Administration of the website, server and technologies used,
  • Improving usability, for example optimisation in terms of navigation and user-friendliness 

This processing is justified under Art. 6 Para. 1 lit. f) GDPR. No personal data is analysed.
This relates to the following data:

  1. the IP address from where the call-up was initiated incl. geo-localisation,
  2. hostname (name of the computer or network call-up),
  3. name of the website that was called up,
  4. date and time of the call-up,
  5. the transferred data quantity,
  6. clickstream  (which pages were and in which order they were called up),
  7. the access status (file transferred, file not found etc.),
  8. the page that requests the file,
  9. browser type and version,
  10. screen resolution and browser window size,
  11. the user’s operating system,
  12. status information on cookie and JavaScript activation,
  13. and the requesting provider.

6.) We continue to use cookies for the stated purposes. This is justified to maintain permitted interests under Art. 6 Para. 1 lit. f) GDPR. These are small text files that are stored in the user’s computer memory and are intended to improve the communication between the browser and server thus enabling the detection of the user during their next visit. After ending the browser session, the cookies used  are deleted  from the user’s computer again (“session cookies”). One can use their browser’s settings to set and configure the use, storage and refusal to accept cookie files. If further information is required, one can refer to the operating instructions of their browser. 

7.) Contact form: Visitors can transmit messages to the person responsible via an online contact form on the website. In order to receive an answer, at the very least a valid email address must be stated. The requesting person can voluntarily provide all additional information. When the message is sent via the contact form, the visitor consents to the processing of personal data that was transmitted. The data processing takes place exclusively for the purpose of handling and answering queries via the contact form. This takes place on the basis of freely given consent under Art. 6 Para. 1 Sentence 1 Letter a) GDPR. The personal data collected for using the contact form is deleted automatically as soon as the query is completed and there are no reasons for ongoing storage (e.g. subsequent information query or request). 

8.) Newsletter: When registering to receive the newsletter, the user explicitly declares their consent to the processing of their provided  personal data. Only the visitor’s email address is required to register for the newsletter. The legal basis for processing the visitor’s personal data to send the newsletters is consent regarding  Art. 6 Para. 1 Sentence 1 Letter a) GDPR. At any time the visitor can unsubscribe from receiving future newsletters. This can be achieved by using a special link at the end of the newsletter or a appropriate message sent by email to 

9.) The online offer uses so-called social media plug-ins, sharing buttons, sharing functions and links to social media services (see services listed below). These are offers (telemedia services) of other suppliers (third parties) to whom the data is transferred as soon as this is requested by the user during the use of the online offer. The user’s browser transfers data, for example whilst visiting the online offer, written content or comments posted to social media services and servers process it further to ,for example, share the content. We have no influence on the data processing after the user leaves the online offer. In regard to data flows, the collection of information or clarification of disagreements on the use of data the user can access their profile settings in their browser and social media(s) to prevent the use of their data. 

This includes the prevention or reduction of data transfers if one were to log out of their social media service and/or switch off JavaScript use in their browser when visiting the online offer. The legal basis for using social plug-ins is Art. 6 Para. 1 f) GDPR. A justified interest and purpose for the use of plug-ins from social networks to make the online offering suitable for a wider range of audiences . The social networks are responsible for handling the user’s data in regards with data protection regulations. 

10.) (Our) website sallows access and data transfer to the social network Facebook Inc., 1601 Willow Road, Menlo Park, CA 94025 USA, which is responsible in Europe via Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”). The legal provisions of Facebook can be found at https://de-, the data protection regulations, in particular the purpose, range and ongoing use of data collection by Facebook are found at The use or activation of Facebook services takes place via the Facebook logo or the “Like” button or other links. One can find further information from Facebook Inc. at 

11.) Our online offer enables access to and data transfer with the contact and communication forum XING, a service provided by XING SE, Dammtorstraße 30, 20354 Hamburg, Germany. The data protection provisions for using these services are found under “terms and conditions” ( and “data protection” ( supplier XING SE is responsible for these. 

12.) Our website makes use of the social network Google+ and the Hangout messaging service, which are services provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). The legal provisions of Google are found at or The data protection regulations, in particular the purpose, scope and use of the data, as well as, contradictions and questions are found at The use takes place via the “Hangout” and “+1” button (for more information on this,see: 

13.) We have integrated the Twitter service on our website (button with a blue “bird” and the title “Follow” ), which is provided by Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA. By using Twitter and the “retweet” function the website that the user visits is linked with the user’s Twitter account, which then notifies other user’s of the activity. Further information can be found in Twitter’s data privacy statement at The user can modify their data protection settings at Twitter in the account settings. 

14.) Our online offer links to the LinkedIn offer provided by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. The usage terms for LinkedIn are found at, the data protection provisions at 

15.) Our online offer uses the service of YouTube, an offer by YouTube LLC with its head office at 901 Cherry Avenue, San Bruno, CA 94066, USA. The usage terms of YouTube apply and can be viewed at, the Community Guidelines can be viewed here,, and YouTube’s data protection provisions are found here 

16.) On our website we use the website analysis services of Google Analytics. The legal basis for the use of the analysis tool is Art. 6 Para. 1 Sentence 1 Letter f) GDPR. The website analysis is a justified due to the interest of our chambers and is used to statistically record page usage for the ongoing improvement of our website and the offering of our services.  This online offering also uses the “Google Analytics” analysis service by Google Inc. (“Google”). Google Analytics also uses “cookies” (text files that are saved on your computer and enable the use of the website to be analysed). The information created by the cookie on the user’s use of this website is transferred to and stored on a Google server in the USA. 

As a result of activating IP anonymity for this website (see use of the “anonymizeIp” code extension = the last 8 bits of the IP addresses are deleted and therefore anonymised), the user’s IP address is stored by Google within the European Union countries, and the states that are party to the Treaty on the European Economic Area, after having been shortened. Only in exceptional cases will  the complete IP address be sent to a Google server in the U.S. and shortened there. 

We point out that the Google Analytics on this website have been supplemented with the code “gat._anonymizeIp();” in order to ensure the anonymous recording of IP addresses (called IP masking). 

On behalf of the operator of this website, Google uses this information to analyse the user’s activity on the website, to create reports on the website activities, and to provide other services associated with the website and the internet use for the website operator. The IP address’ collected by Google Analytics are not combined with other Google data. The user can prevent the installation of cookies by adjusting the relevant setting in their browser software; but in this case we explicitly point out that you may not be able to use the full functions of this website. 

The user can further prevent the collection of their data, chosen by the cookie related to the specific  use of our online offering(incl. your IP address), and the processing of this data by Google, by downloading and installing a browser plug-in available from the following link (e.g. 

The user can prevent the recording by Google Analytics by clicking the following link. An opt-out cookie is set that prevents the future entry of your data when visiting this website: Click here to opt-out. 

The user can find more information on the usage terms and data protection of Google Analytics at or at 

Through the use of this website you declare agreement with the processing of the data collected about you by Google in the manner described and for the purpose stated above. 

17.) As an “affected person” as defined by GDPR, the users and visitors to our online offer are able to exercise a number of rights. These are in detail the following GDPR rights. For such requests and also other questions, please contact us using the contact data stated in the legal notes (impressum) or by email to: info@scs- 

a) Right of access: The user can request information on 

  1. the reason why your personal data is processed;
  2. the categories of personal data that are processed;
  3. the recipient or the categories of recipients to whom your personal data was
    disclosed or will be disclosed;
  4. the scheduled storage period for your personal data or, if no specific statements can be made we will present the user with the criteria for defining the storage period and when the data will be deleted;
  5. the existence of a right to correction or deletion of your personal data, a right to limit processing by the responsible party or the right to object to this ;
  6. the existence of a right to complain to a supervisory authority;
  7. all available information on the origin of the data if the personal data is not collected from the affected person;
  8. the existence of automated decision-making including profiling under Art. 22  Para. 1 and 4 GDPR and – at least in these cases – meaningful information on the logic involved, extent and the desired effects of such processing for the affected person;
  9. in the event of transfer to recipients in third-party countries, the user has the right to request information on which appropriate guarantees exist under Art. 46 GDPR for the transfers if there is no resolution from the EU Commission on the appropriateness of the protection level under Art. 45 Para. 3 GDPR.

b) Correction and completion: the user has the right to correction and/or completion, if the personal data processed by us is incorrect or incomplete. 

c) Deletion: The user has the right of deletion (“right to be forgotten”) if the processing is not required to exercise the right to free expression, right to information or to fulfil a legal obligation or undertake a task that is in the public interest, required for statistical purposes and one of the following reasons applies: 

  • The personal data is no longer required for the purposes for which they were collected.
  • The justification basis for the processing was exclusively the user’s consent that was revoked.
  • The user has submitted an objection to the processing of their personal data that we have published.
  • The user has submitted an objection to us processing personal data not made public and there is no primary, justified reason for the processing.
  • The user’s personal data was processed illegally.
  • The deletion of personal data is required to fulfil a statutory obligation which we have to follow.
    There is no right to deletion if the deletion is not possible for legal, non-automated data processing due to the special type of storage and the user’s interest in the deletion is low. In this case restriction of processing applies in place of deletion.

d) Restricting the processing: The user can request the restriction on processing from us

  • if the user disagree with the precision of your personal data for a term that enables the person responsible to check the precision of the personal data;
  • If the processing is illegal and the user rejects the deletion of the personal data and instead request a restriction on the use of their personal data;
  • If the responsible person no longer requires the personal data for the processing purposes but does require them to assert, exercise or defend legal claims;
  • if the user has submitted an objection under Art. 21 Para. 1 GDPR and it is not yet clear whether the justified reasons of the responsible person outweigh their reasons.
    Restriction on processing means that this personal data may only be processed with the user’s consent or to assert, exercise or defend legal claims or to protect the rights of another existent person or legal entity or for reasons of an important public interest. Before we lift the restriction, we have the obligation to inform you.

e) Right to notification: If the user has asserted the right to correction, deletion or restriction on processing, the responsible entity is obligated to inform all recipients to whom the user’s personal data was disclosed, about this correction or deletion of data or restriction to processing, unless this proves to be impossible or is associated with unreasonable time and expense. The user has the right to be informed about these recipients by the person responsible.

f) Ability to transfer data: The user has the right to transfer data if the processing is based on their consent (Art. 6 Para. 1 Sentence 1 Letter a) or Art. 9 Para. 2 Letter a) GDPR) or on a contract to which the user is a party and the processing is by means of an automated procedure. The right to transfer data includes, in this case, the following rights, if this does not adversely affect the rights and freedoms of other people: 

The user can request that the personal data that they provided to us is sent to them in a structured, conventional and machine-readable format.

 The user has the right to transfer this data to another responsible person without hindrance. If technically feasible, they can request that we transfer their personal data directly to another responsible person.

g) Objection: If the processing under Art. 6 Para. 1 Sentence 1 Letter e) GDPR (undertaking a task in the public interest or executing public force) or Art. 6 Para. 1 Sentence 1 Letter f) GDPR (justified interest of the person responsible or a third party),in particular situation the user has the right to object  to the processing of their personal data. This also applies to profiling based on Art. 6 Para. 1 Sentence 1 Letter e) or f) GDPR. 

After exercising the objection right, we no longer process the user’s personal data unless we can provide compelling and legitimate grounds for processing the data that outweigh their interests, rights and freedoms, or processing the data serves to assert, exercise or defend legal claims. The user can object to the processing of their personal data for the purposes of direct advertising at any time. 

This also applies to profiling connected with such direct advertising. After exercising this objection right, we will no longer use your personal data for the purposes of direct advertising.
The user has the opportunity to inform us about the objection by phone, email, possibly by fax or by sending notification in no specific form to the email address stated at the beginning of the data protection policy. 

h) Revocation of consent: The user is entitled to cancel any data protection law consent given to become effective in the future. The revocation does not affect the legality of the data processing that occurred, based on consent before the revocation is received. After receiving the revocation, the data processing that is exclusively based on your consent is stopped. 

i) Complaints: If the user is of the opinion that the processing of their personal data is illegal, they can submit a complaint to a data protection supervisory authority that is responsible for their place of residence or work or the location of the apparent invasion 

Final provisions: This data protection policy is in the version dated 25/05/2018. We reserve the right to update the data protection policy at any time in order to improve the data protection and/or adapt it to modified official practice or jurisprudence.