Privacy policy

Thank you for your interest in KAP1 and our privacy policy. The security of your personal data and the protection of your privacy have the highest priority for us. The following information will inform you about the processing of your personal data by KAP1 Consulting Marcus de Heus e.K. (hereinafter referred to as "KAP1") and the rights to which you are entitled under data protection law. Personal data are all data with which you can be personally identified.

Legal changes or changes to our internal company processes may result in an adaptation of this data protection declaration. We therefore ask you to read this data protection declaration regularly.

Data Processor responsible for data processing

KAP1 Consulting
Marcus de Heus e.K.
Königsallee 14
D-40212 Düsseldorf, Germany

Phone: +49 211 13866-436

Whose data is collected?

The persons affected by the data processing can be divided into the following categories: Business partners, customers, applicants, interested parties and other visitors to our online service. The persons concerned are hereinafter referred to as "users", whereby the terms used, e.g. "users", are always to be understood gender-neutrally.

What data is collected from us?

  1. Log files
    As everywhere on the Internet, data traces of your use remain on the servers of our web hosting service providers when you call up our pages for technical reasons. The following data is transmitted by your Internet browser and recorded in so-called log files:
    • Date and time of access
    • IP address of the client
    • Port number
    • Command method
    • URI star and URI query
    • Protocol status
    • Win32 status
    • time lapse
    • Browser type/version
    • Operating system used
    • Error message including e-mail address.

We or our web hosting service provider collect and store these log files (log files) exclusively for statistical purposes and for troubleshooting. These data in this form do not allow any conclusions about your person. A personal evaluation does not take place.

  1. Master data
    Personal data processed in the course of our business activities includes master data (e.g. names, addresses).
  2. contractual data (e.g. subject matter of contract, duration).
  3. payment data (e.g. bank details, payment history)
  4. contact data (e.g. telephone numbers, e-mail addresses)
  5. content data (e.g. text input in the contact form)
  6. application data (e.g. curriculum vitae, references, certificates, letters of application, other information on occupational qualifications, occupational wishes and preferences, actual salary and salary expectations, willingness to move and travel, time availability, blocking notices)
  7. correspondence and conversation data (e.g. e-mails, faxes, letters, notes on telephone contacts)
  8. other usage data (e.g. websites visited on our website, interest in our services), meta/communication data (e.g. device information, IP addresses).

How do we collect your data?

We primarily collect data by you communicating it to us. This may involve data that you enter in a contact form, send by e-mail or transmit to us by telephone. Other data is automatically collected by our IT systems when you visit our website. These are mainly technical data (e.g. Internet browser, operating system or time of the page call). This data is collected automatically as soon as you enter our website. Other data (e.g. contact information of business partners) come from publicly accessible sources such as the company website.

Contact us

When you contact us (e.g. by telephone, contact form or e-mail), your details including your contact data will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We do not pass on this data without your consent.

The processing of the data transmitted to us will therefore take place exclusively on the basis of your consent in accordance with Art. 6 Para. 1 a) DSGVO. You can revoke this consent at any time. For this purpose, an informal notification by e-mail to us is sufficient. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.

The data you transmit to us will remain with us until you request deletion, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions - in particular retention periods - remain unaffected.

What is your data used for?

A part of the personal data is collected to ensure an error-free provision of our online offer. Other personal data is required for answering contact enquiries and for communication with users of our online and service offerings. We need other data for the qualified consultation of clients and candidates as well as for the filling of vacant positions with our clients with suitable candidates. In addition, we collect personal data for the purpose of providing contractual services, customer care and service, marketing, advertising and market research.

Disclosure to third parties

Data will only be passed on to third parties within the framework of legal requirements. We only pass on user data to third parties if this is done, for example, on the basis of Art. 6 para. 1 lit. b. DSGVO is necessary for contractual purposes or on the basis of legitimate interests pursuant to Art. 6 Para. 1 lit. f. DSGVO in the economic and effective operation of our business.

Application data will generally only be forwarded to the internal departments of our company responsible for the application procedure. Application data will only be passed on to external recipients or other third parties if the applicant has expressly given his prior consent to the passing on of his data. Personal data will not be passed on to third parties beyond this.

If we use subcontractors to provide our services, we take appropriate legal precautions as well as appropriate technical and organizational measures to ensure the protection of personal data in accordance with the relevant statutory provisions.

We only transmit personal data to service providers and other third parties outside the European Economic Area (EEA) under certain conditions: The user has expressly given his consent to the transfer of data to a third country, or the EU Commission must confirm an appropriate level of data protection to the third country in question, or other appropriate data protection guarantees (e.g. binding internal company data protection regulations of the EU standard contract clauses) must be in place.


As on most websites, we also use cookies to make your visit to our website as comfortable as possible and to enable you to use certain functions. These are small text files that are stored on your computer. Most of the cookies we use are deleted from your hard drive at the end of the browser session (so-called session cookies). Other cookies remain on your computer and enable us to recognize your computer during your next visit (so-called long-term cookies).

You have the option of accepting or rejecting the use of cookies when you visit the website. Cookies are only stored if you click on "Understood". If you no longer wish our cookies to be stored on your computer, please delete the previously stored cookies via the browser settings and deactivate the storage of cookies in your browser for our website or set your browser so that cookies are generally not stored on your computer.

The following cookies are used on our website:

1st Session ID
In order to facilitate browsing on our website, we use a session identifier, which is assigned to each visitor at the beginning of each use of our website. With this session ID, our server can recognize your computer/browser as the same visitor, even if the IP address changes in the meantime. This session ID enables the allocation of several related requests of a user per session. The session ID cookie we use is only valid until the end of a session. It is automatically deleted when you close your browser.

  1. etracker and Google Analytics
    For marketing and optimization purposes, we collect and store data using cookie-based technologies from etracker GmbH and Google Analytics, a product of Google Inc. More on this under Statistical evaluation.

Statistical evaluation

We have temporarily integrated tracking pixels from the service providers etracker GmbH ( and Google Analytics ( Data is collected and stored for optimisation purposes. This data can then be used to create user profiles under a pseudonym. Cookies are also used for the same purposes. The cookies enable the recognition of the respective Internet browser. The data collected using etracker and Google Analytics technologies will not be used to personally identify visitors to our website without the express consent of the person concerned. Personal data is also not merged via the bearer of the pseudonym. You can object to the collection and storage of data at any time with effect for the future. To do this, please click on this link for etracker and/or this link for Google Analytics and simply follow the further instructions. In this case, a cookie will be stored on your computer which, as long as it is stored on your computer, signals to us that you do not wish etracker and Google Analytics to be used. If you delete this cookie, it must be downloaded again in order to maintain your objection. You can download the etracker GmbH data protection declaration here and the Google Analytics declaration here.


Some of our websites contain hyperlinks to websites of other providers. When activated, you will be redirected from our website directly to the website of other providers. You will recognize this by the change of URL, among other things. We cannot assume any responsibility for the handling of your data on these external websites, since we have no influence on the data processing of those companies. Please inform yourself directly on the websites of the companies about the use of your data.

Security measures

KAP1 takes organizational, contractual and technical security measures in accordance with the state of the art to ensure that the regulations of the data protection laws are observed and to protect the data processed by us against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons.

The security measures include in particular the encrypted transmission of data between your browser and our server. Our website uses SSL or TLS encryption to protect the transmission of confidential content, such as requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" or by the lock symbol in your browser line.

However, we would like to point out that, due to the structure of the Internet, it is possible that the rules of data protection and the above-mentioned security measures may not be observed or circumvented by persons or institutions outside our area of responsibility. In particular, unencrypted data can be read by third parties - even if this is done by e-mail. We have no technical influence on this. Nowadays, it is also your responsibility to protect the data you provide against misuse by encrypting it or in any other way.

For this reason, every user is free to transmit personal data to us by alternative means, e.g. by telephone.

What rights do you have regarding your data?

  1. Right of information
    You have the right to request confirmation as to whether personal data relating to you are being processed and to request information about this data and further information and a copy of the data in accordance with Art. 15 DSGVO.

  2. The right to complete and rectify data
    In accordance with Art. 16 DSGVO, you have the right to request the completion of data concerning you or the correction of incorrect data concerning you.

  3. The right to erase and block data
    Pursuant to Art. 17 DSGVO, you have the right to demand that data concerning you be deleted immediately or, alternatively, to demand a restriction on the processing of the data pursuant to Art. 18 DSGVO.

  4. Right to data transferability
    You have the right to demand that we receive the data concerning you that you have provided to us in accordance with Art. 20 DSGVO and to demand that it be transferred to other responsible parties.

  5. Right of appeal to the competent supervisory authority
    In the event of infringements of data protection law, the data subject has the right to appeal to the competent supervisory authority pursuant to Art. 77 DSGVO. The competent supervisory authority for data protection issues is the data protection officer of the federal state in which our company is based. A list of the data protection officers and their contact details can be found at the following link:

  6. Right of revocation
    Many data processing operations are only possible with your express consent. You can revoke an already given consent according to article 7 paragraph 3 DSGVO at any time with effect for the future. For this purpose, an informal e-mail notification to us is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

  7. Right of objection
    You may object at any time to the future processing of the data concerning you in accordance with Art. 21 DSGVO. In particular, you may object to the processing of your data for the purposes of direct marketing.

Data deletion / duration of data storage

The data stored with us are deleted as soon as they are no longer required for their intended purpose (e.g. conclusion of a search mandate) and the deletion does not conflict with any statutory storage obligations or other legitimate interests of KAP1 - for example, an obligation to provide evidence in proceedings under the General Equal Treatment Act (Allgemeines Gleichbehandlungsgesetz - AGG) - or the user has expressly consented to longer storage.

If an applicant has declared his consent to the storage of his personal data in our contact database, this data will be deleted as soon as the applicant revokes his consent to data storage by KAP1. Mandatory legal provisions - in particular retention periods - remain unaffected. KAP1 may also delete the data, e.g. because the successful placement of an applicant is no longer to be expected.

If the user's data are not deleted because they are required for other and legally permissible purposes, their processing will be restricted. This means that the data will be blocked and not processed for other purposes. This applies, for example, to user data that must be stored for commercial or tax reasons.

Further country-specific information

Our website is aimed at users over the age of 18.
This website does not recognize or interact with "Do Not Track" signals.
We will notify you of any changes to the Privacy Policy by posting our newer Privacy Policy on this website.

Privacy officer

Your trust is extremely important to us. Therefore we are always available to answer your questions regarding the processing of your personal data. For example, you still have questions about this data protection declaration, want to delete your data or need information? Then please do not hesitate to contact us:

Peter Franken
Peter Franken QM & Datenschutz
Raderthalgürtel 9
D-50968 Köln, Germany

Phone: +49 221 3172-2605

State of the privacy policy

October, 2019