Privacy policy

This privacy policy applies to data processing by Evosys Laser Services GmbH and fulfils the information obligations under Art. 13 and 14 GDPR as well as §§ 29, 32 and 33 BDSG (German Federal Data Protection Act).

1. Controller

Evosys Laser Services GmbH
Felix-Klein-Straße 75a, D-91058 Erlangen
Represented by: Thomas Eckert
E-mail: info@evosys-services.com
Phone: +49 9131 40180-0

The company data protection officer can be reached at the above address (attn. Volker Beneke) or by e-mail: datenschutz@evosys-services.com.

2. Data collected when visiting the website

When you access our website, your browser automatically transmits information to our server, which is temporarily stored in log files. The following data are collected: IP address (anonymised), date and time, pages accessed, status code, data volume, referrer and user agent.

IP addresses are stored in anonymised form (last three digits removed, e.g. 127.0.0.*). Anonymised access logs are retained for 60 days. Error logs are deleted after 7 days.

The legal basis is Art. 6 para. 1 lit. f GDPR (legitimate interest: operation and security of the website). The data are not used to identify individuals and are not merged with other sources.

For managing cookie consents, we use our own privacy-compliant consent banner without any data being shared with third-party providers.

3. Contact form

When you send us an enquiry via the contact form, your details (e-mail address, name, message and, if provided, telephone number) are stored for the purpose of processing your request. Further information is voluntary.

Processing is based on your consent (Art. 6 para. 1 lit. a GDPR). You may revoke this consent at any time by informal e-mail to datenschutz@evosys-services.com. The lawfulness of processing carried out prior to revocation remains unaffected.

The data remain with us until you request deletion, revoke your consent, or the purpose for storage no longer applies. Mandatory statutory retention obligations remain unaffected.

4. Applicant management

We only accept applications via our digital applicant management system (encrypted transmission). Applications submitted by e-mail or post cannot be considered.

The system is operated by an external processor (Art. 28 GDPR). Your applicant data are processed exclusively for recruitment purposes on the basis of Art. 6 para. 1 lit. b GDPR.

Data are not passed on to third parties unless you give optional consent to sharing within the corporate group (Evosys Laser GmbH / Evosys Laser Services GmbH). In case of rejection: deletion after 6 months. With talent pool consent: retention for up to 2 years. Consent may be revoked at any time: datenschutz@evosys-services.com.

5. Business partners & contract processing

In the context of contract initiation and fulfilment, we process the following data of contact persons at customers and suppliers: name, first name, business address, telephone number, e-mail address and contract-related information.

The legal basis is Art. 6 para. 1 lit. b GDPR. Data are shared with internal departments and, where necessary, affiliated group companies. No transfer to third countries takes place. Retention: without contract 2 years after sending the offer; with contract 10 years after contract end.

6. Data sharing

Your personal data are only shared with third parties if:

  • you have given your explicit consent (Art. 6 para. 1 lit. a GDPR),
  • sharing is necessary to assert, exercise or defend legal claims (Art. 6 para. 1 lit. f GDPR),
  • a legal obligation exists (Art. 6 para. 1 lit. c GDPR), or
  • it is necessary for the fulfilment of a contractual relationship (Art. 6 para. 1 lit. b GDPR).

7. Your rights

You have the right to:

  • Access the personal data we hold about you (Art. 15 GDPR)
  • Rectification of inaccurate data (Art. 16 GDPR)
  • Erasure of your data, unless retention obligations apply (Art. 17 GDPR)
  • Restriction of processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Withdraw consent at any time with effect for the future (Art. 7 para. 3 GDPR)
  • Lodge a complaint with a supervisory authority (Art. 77 GDPR)

Contact: datenschutz@evosys-services.com

8. Right to object

If your data are processed on the basis of legitimate interests (Art. 6 para. 1 lit. f GDPR), you have the right to object at any time on grounds relating to your particular situation, or where processing relates to direct marketing. In the case of direct marketing, no particular reason is required.

Object by e-mail: datenschutz@evosys-services.com

9. Data security

This website transmits all data encrypted via SSL/TLS (indicated by https:// and the padlock symbol in the address bar). We also apply appropriate technical and organisational security measures, which are continuously updated to reflect current technological standards.

10. Objection to advertising e-mails

The use of contact data published in the context of the imprint obligation for sending unsolicited advertising material is hereby expressly prohibited. In the event of unsolicited advertising communications such as spam e-mails, we reserve the right to take legal action.

11. Links to third-party websites

Our website contains links to external content. We accept no responsibility for the data protection practices of those third parties. When you click an external link, data including your IP address, the time of the click, the referring page, and your browser and operating system are transmitted to the destination server — potentially including countries outside the EU.

12. Social media – LinkedIn

We operate a company page on LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland). When you visit the page, LinkedIn collects your IP address and any cookies stored on your device. This data may be transferred to countries outside the EU.

To prevent LinkedIn from associating your visit with your account, log out of LinkedIn beforehand and delete the relevant cookies. More information: privacy.linkedin.com. We ourselves do not collect any personal data from your use of our LinkedIn presence.

13. Web analytics – Matomo

This website uses Matomo, a privacy-friendly open-source web analytics service. Matomo runs on our own server — no data are shared with third parties.

Matomo uses cookies to enable anonymised analysis of user behaviour. IP addresses are anonymised before storage. Analytics are only active if you have given your consent (Art. 6 para. 1 lit. a GDPR).

You can withdraw or grant consent at any time:

14. Cloudflare Turnstile

We use Cloudflare Turnstile on our contact form to prevent automated abuse and spam. The service checks whether a form submission is likely to have come from a human visitor.

PurposeProtection of the contact form against automated abuse and spam; verification that a form submission is likely from a human visitor
Data processedIP address, browser and device information (technical signals used to evaluate the request)
Legal basisArt. 6(1)(f) GDPR (legitimate interest in service security and spam prevention); Art. 25(2) GDPR in conjunction with § 25(2) TDDDG (technically necessary processing for a service explicitly requested by the user)
ProviderCloudflare, Inc., 101 Townsend St., San Francisco, CA 94107, USA
Data transferUSA; Cloudflare is certified under the EU–US Data Privacy Framework (DPF), Art. 45 GDPR (adequacy decision)
Privacy policycloudflare.com/en-ca/turnstile-privacy-policy
Provider legal noticecloudflare.com/website-terms
Storage periodCloudflare only retains the technical signals for the duration of the check; Turnstile does not set any persistent cookies on your device

You can prevent data being transmitted to Cloudflare by not using the contact form and contacting us by e-mail or telephone instead.

15. Currency of this policy

This privacy policy is current as of May 2026. Further development of the website or changes to legal requirements may necessitate updates. The current version is always available on this page.