+49 511 410448-0 info@newsroom.works

Online searches for “data protection” average over 45 million hits, while “information security” yields a still respectable three million. Clearly, the fields of endeavour represented by these two terms are immensely large and complex.

Nevertheless, at media.works we take data protection and information security extremely seriously. We are committed to compliance with the more stringent requirements introduced by the EU General Data Protection Regulation (GDPR) and we are committed to fighting the rising tide of cybercrime. As part of this commitment, we will in the following provide more information about the various data protection and information security measures we have in place for you as our customers and service providers, and for our employees.

We will be using this page to keep you up to date on the latest developments on this front, including our Information Security Policy. The full wording is currently available in German only. The policy defines the scope and objectives of the information security management system at media.works.

Effective 1 January 2018, we have also appointed an in-house Information Security Officer and a Data Protection Coordinator.

Please do not hesitate to get in touch if you have any questions or would like to ‘compare notes’ with us. We’re always happy to share ideas.



Data Protection and Privacy Statement


Dear user of our website,

Thank you for visiting us here online and thank you for your interest in media.works. We value your trust and confidence and therefore attach great importance to protecting the personal data that we collect from you, process and use in relation to your visit on our website. You can rest assured that your data is protected to the full extent of the law.

Please take a moment to read through the information below. It tells you how we manage your personal data, how we process it and for what purpose, who we disclose it to, and what measures we take to protect it.

We take your privacy and personality rights extremely seriously and will always do our utmost to respect and safeguard them.


Scope of application

The controller responsible for determining the means and purpose of processing of your personal data within the meaning of the EU General Data Protection Regulation (GDPR) is:

media.works GmbH & Co. KG
Personally liable partner: Freya GmbH, 30855 Langenhagen
Court of registry:
AG Hannover HRB 203617
Management: Hannes Boekhoff
Ahornstraße 21a
D-30855 Langenhagen
Phone: +49 511 41 04 48-0
E-mail: info@media-hannover.de

Management of personal data

Personal data means personally identifiable information – details that can be traced back to an actual person. Examples include personal names, e-mail addresses and telephone numbers.

We will only ever collect, use and/or disclose your personal data if you have given your consent or if the collection, use and/or disclosure is already permitted by law.

Server log files

Certain data are logged every time you access our website and every time you request a file that is stored on our website. The logged data are stored for internal system-related and statistical purposes.

The following types of data are logged:

  • browser type and browser version
  • operating system used
  • referrer URL
  • hostname of the remote host which made the request to our server
  • time at which the request was made to our server
  • IP address (partially)

We will not use these data to personally identify you. We collect these data solely to ensure that the content of our website can be displayed correctly on your computer, to continually optimize our content for you, and to assist with criminal prosecutions in the event of cyberattacks.

Insofar as this website collects personal data from you (such as your name, address, e-mail address, etc.), this is done only with your freely given consent and with your knowledge. Personal data is collected and processed by us in accordance with the German Tele-Media Act (TMG), the EU General Data Protection Regulation (GDPR) and the German Data Protection Act (BDSG). You are free to withdraw your consent at any time.

IP addresses

As a rule, this website does not store complete user IP addresses. In those exceptional cases where it does, the addresses are deleted immediately after the user leaves the website. This is achieved by configuring the web server so that, by default, the log file (access log and error log) stores the IP address of the server instead of the actual IP address of the user. It is therefore not possible to use the IP addresses as personally identifying information. 

Use and disclosure of personal data to others

Insofar as you make personal data available to us, then, in compliance with European and German data protection legislation, we will use them 1) only for the purposes of responding to your enquiries, forming, performing and ending contracts with you, undertaking technical administration, and, potentially, marketing our products and services to you, and 2) only if these uses have been consented to by you or are already permitted by law.

Your personal data will be disclosed to or otherwise transmitted to third parties only if this is necessary for the purpose of performing a contract with you (e.g. disclosure of your order data in cases where we engage service providers and/or suppliers) or is necessary for billing purposes, or if you have given your prior consent. You have the right to withdraw your consent at any time, in which case the withdrawal will apply from the time of withdrawal forward.

Contact form

Please take note of the following information, which is relevant to you if you use our contact form in order to get in touch with us.

The personal data or other information which you disclose to us using the contact form on our website will be collected and processed only for the purpose of processing and answering your enquiries. The legal basis for this is Art. 6(1)(1)a) and b) GDPR.

The personal data collected via our contact form are your first and last names and your e-mail address. We collect this data in order to be able to process and respond to your enquiry. We cannot respond to your enquiry without this data. If we wish to process your personal data for purposes other than these, we will do so only if you have given your consent or if the other purposes are already permitted by law.

It is entirely up to you whether this data is collected, stored and processed. In other words, you are under no legal or contractual obligation to disclose personal data. However, if you wish us to be able to respond to your enquiry, you will need to voluntarily provide your name and, as mandatory data, your e-mail address. If you do not provide these details, you will be unable to use the contact form and, consequently, we will be unable to contact you.

If you do not provide these details, then, unfortunately, we will not be able to contact you and process your enquiry. We do not undertake any automated decision-making.

If you would like to contact us without transmitting personal data to us via the contact form, you can get in touch with us via telephone as described here.

The personal data provided by you will not be transmitted to any third country or international organisation, nor are there plans for any such transmission. Your personal data will not be disclosed to external third parties. When you provide personal data to us via the contact form, we will store it only for so long as we are processing your enquiry and will immediately delete or block it once we have finished processing your enquiry.

Live Chat Software

We use Userlike, a live chat software provided by Userlike UG (haftungsbeschränkt). Userlike uses “cookies” (see below), which are stored on your computer and enable a personal conversation in the form of a real-time chat on the website with you. The data collected is not used to personally identify the visitor to this website and is not merged with personal data about the bearer of the pseudonym. For more information, please refer to Userlike’s privacy policy at https://www.userlike.com/de/terms#privacy-policy.

Protection of stored data

We have in place technical and organizational IT security measures to safeguard the data you provide to us against manipulation, loss, destruction and access by unauthorised persons. Our IT security measures are continually improved and updated to ensure they meet the current state of the art. However, if you transmit data to us in unencrypted form, it is not possible to completely rule out the risk that they may be intercepted and viewed by third parties during transmission. Security can never be 100% guaranteed when transmitting data via the Internet (e.g. sending via e-mail). Therefore, sensitive data should either not be transmitted via the Internet at all, or, if it is, the transmission should be via a secure connection (SSL).

This website uses SSL encryption in the interests of security and to protect transmissions of confidential information, such as enquires that you send us via the contact form. When a site is encrypted, the address line in your browser will read “https://” rather than “http://” and there will be a padlock symbol to the left of the address. If SSL encryption is activated, authorised parties will not be able to intercept your data transmissions without considerable difficulty.

Protection of minors

Only persons of full legal age can give consent for the processing of personal data. However, under Art. 8 GDPR, it is lawful for children aged sixteen years or older to give consent for information society services.

Storage of anonymised data/cookies

On this website, your usage data is collected and stored in anonymised form using cookies. Cookies are text files that are stored on your computer and which enable us to analyse your use of our website. Cookies collect and store data exclusively in pseudonymised form. These pseudonymised data will not be used to identify you personally and will not be associated or aggregated with identifying data about you. They are used to enhance your experience of our website and to collect website usage information (see below). If you do not give your consent, no cookies will be set.

You can set your browser so that you receive notifications whenever a site attempts to set cookies. You will then be prompted to accept or reject cookies on a case-by-case basis. Alternatively, you can set it so that only certain types of cookies are accepted or so that all cookies are rejected by default. You can also set your browser so that cookies are deleted every time it is closed. Some browsers also allow you to activate a “Do Not Track” function, which will prevent web analytics tools from tracking your visit on our website.


Our website uses the web analytics service Matomo. Matomo is an open-source software that uses cookies (see above) to analyse your use of our website.

The data for analysis are stored on a server in Germany. With Matomo, your IP address is anonymised (see above) prior to processing so that it cannot be used to identify you personally. Your anonymised IP address is then used to identify the country from which your visit originated and the access provider (ISP) used. The data collected and stored in this process are not disclosed to third parties. The IP address data provided to us by Matomo will not be associated or aggregated with other data.

To enable its analytics, Matomo uses “persistent cookies” – cookies that remain stored (persist) on your device after you close your browser. The cookies are set via the domain “media-hannover.de” and have the following name:

  • 12345 (the numeric component is dynamic)

Each such cookie has an expiration period of 1 year. It enables our server to “remember” you (i.e. your anonymised IP address) and thus recognise you the next time you use our website. It also enables our server to conduct non personally identifying analysis of your behaviour on our website. For example, with this cookie, media.works is able to recognise the web page from which you clicked to our website (the referring web page) as well as the pages on our website that you view and for how long you view them.

As well as the persistent cookie, Matomo also sets “session cookies” with the following name:

  • 12345 (the numeric component is dynamic)

A session cookie is a cookie that is automatically deleted each time you close your browser.

If you prefer not to have your data stored and used for analytics purposes, you can opt out, in which case storage and use of your data for analytics will be deactivated from the time of opt-out forward. If you opt out, an opt-out cookie will be stored in your browser, thereby preventing Matomo from storing your usage data. If you delete your cookies, this will also delete your Matomo opt-out cookie, meaning you will then have to reactivate the opt-out the next time you visit our website.

Rights of data subjects

Under Art. 15 GDPR, you have a right of access to information regarding the processing of your personal data.

Under Articles 16-18 and 20 GDPR, you also have a right to rectification, a right to erasure or, if erasure is no longer possible, the right to restriction of processing of your data, and the right to data portability. You can enforce these rights at any time. Please contact our data protection officer if you wish to enforce any of these rights.

Under Art. 13(2)b) GDPR you also have the right to object at any time to the processing of your personal data.

In addition, you have the right to lodge a complaint with a supervisory authority. media.works comes under the jurisdiction of the following supervisory authority:
Die Landesbeauftragte für den Datenschutz Niedersachsen
Prinzenstraße 5
30159 Hannover
Phone: +49 511 120 4500
E-mail: poststelle@lfd.niedersachsen.de

If at any stage you feel that our processing of your personal data does not comply with the applicable data protection legislation, please contact us at datenschutz@media-hannover.de.

In addition, you are welcome to discuss these or any other matters relating to personal data with us. You will find our contact details in the “Imprint” section of our webpage.