Data protection statement

1.  General

KIRCHHOFF Automotive/the KIRCHHOFF Group appreciates your interest in our Company. We take the protection of your personal data very seriously and hereby inform you of the type and scope of personal data that we collect when you visit our website. The following data protection statement applies to these websites and their subdomains: and
It is generally possible to use our website without entering personal data. If personal data (e.g. name, address, or e-mail address) is collected, this is always done wherever possible on a voluntary basis. This data is not transmitted to third parties without your explicit consent.
We would like to point out that the transfer of data on the Internet (e.g. during e-mail communication) can have security gaps. It is not possible to fully protect the data from third-party access.
It is hereby expressly prohibited for the contact data published within the scope of the imprint obligation to be used by third parties for sending unsolicited advertising and information material. The operators of the websites expressly reserve the right to take legal action in the event of unsolicited information being sent, for example via spam e-mail.
All personal data will be collected, processed, and used in accordance with the applicable regulations for the protection of personal data.


2.  Name and address of the controller

The controller in the sense of the General Data Protection Regulation (GDPR), of other valid data protection laws in the Member States of the European Union, and of other provisions of a data protection nature is KIRCHHOFF Automotive GmbH. Contact details and other information can be found in the Imprint.


3. Name and address of the data protection officer

The data protection officer of the controller is:

VIA Consult GmbH, Mr Kunde
Martinstraße 25
57462 Olpe, Germany
+49 2761 8375-0

Any data subject can contact our data protection officer directly at any time with all questions or suggestions regarding data protection.


4. Cookies

The websites of KIRCHHOFF Automotive/the KIRCHHOFF Group use cookies. Cookies are text files that are stored on a computer system via an Internet browser.
By using cookies, websites and servers can differentiate between the individual browsers of the people that visit them.
The use of cookies enables KIRCHHOFF Automotive/the KIRCHHOFF Group to make this website more user-friendly and provide services that would not have been possible without cookies. For example, visitors to a website that uses cookies do not have to enter their access data each time they visit the website because this data is transferred from the website to the cookie stored on the user’s computer system.
A change to the settings on the respective Internet browser prevents cookies being stored for any websites. Cookies that are already stored can be deleted. This is possible in all common Internet browsers, but in some cases the functionality of the website is restricted.

5. Purpose of data collection and data transmission if applicable

We only collect personal data if you provide it to us as part of an enquiry, for example. Data is entered in the following areas:

Contact forms 

The contact form enables interested parties to send enquiries directly to KIRCHHOFF Automotive. In accordance with legal regulations, the website also contains information (e.g. in the Imprint) that enables rapid direct contact with our Company (e.g. via e-mail). If a person contacts us via e-mail or a contact form, the personal data transmitted by the person is automatically stored. Data that is transmitted during this contact process is stored for the purposes of processing or for contacting the data subject. In most cases, the e-mails that are sent are delivered to general departmental mailboxes or to those of representatives of or assistants to senior managers. If it is not required for processing purposes, this personal data is not transmitted to third parties outside the Group companies.


For the processing of personal data as part of the application process, an additional data protection statement has been created, which can be viewed prior to submitting the data.


6. Use of Google Analytics

This website uses Google Analytics, a web analytics service offered by Google Inc. (“Google”). Google Analytics uses cookies (text files), which are stored on your computer and used to analyse the way you use the website. The information generated by the cookie about the way you use this website is generally transmitted to and stored on a Google server in the USA. If IP anonymisation is activated on this website, however, Google will shorten your IP address in advance within Member States of the European Union or in other Contracting Parties to the Agreement on the European Economic Area.
Only in exceptional cases shall the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity, and to provide the website operator with other services relating to the use of the website and the Internet. The IP address transmitted in the context of Google Analytics from your browser shall not be combined with other data from Google.
You can prevent the storage of cookies by activating the appropriate setting in your browser. Please note, however, that this may prevent you from using the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) as well as from processing this data by downloading and installing the browser plug-in available at:
You can find out more at: and (general information about Google Analytics and data protection). We would like to make you aware that the code “gat._anonymizeIp();” has been added to Google Analytics on this website to ensure the anonymous collection of IP addresses (IP masking).


7. Legal basis of processing

If we obtain consent for certain processing operations, it is based on Art. 6(1)(a) GDPR. If the processing of personal data is necessary for the performance of a contract, for example for the delivery of goods or for pre-contractual measures such as enquiries, this processing is based on Art. 6(1)(b) GDPR. If our Company is subject to a legal obligation that requires the processing of personal data, for example to fulfil tax obligations, the processing is based on Art. 6(1)(c) GDPR. If the processing of personal data is not based on any of the aforementioned legal bases, we process data to protect a legitimate interest of our Company (improvement in performance of business activities). We always make sure that this does not conflict with a legitimate interest of the data subject that outweighs our legitimate interest.


8. Period for which the personal data is stored

If you send applications to KIRCHHOFF Automotive, please refer to the additional data protection statement for applications in the Careers area of the website for information about the duration of storage.
If you send us an e-mail via the contact form, your e-mails are delivered to the relevant mailboxes and archived there for an unlimited period.


9. Right of access and right of revocation, right to lodge a complaint and right to data portability, right to restriction of processing, right to rectification, and right to erasure

You have the right at any time to receive information about your data stored by us and about the purpose of storage. You are able to revoke your consent to the storage or use of your personal data in writing at any time. In addition to the right of revocation, you have the right to demand the correction, the restriction of the processing, and the blocking or erasure of your data.
In the event of any complaints, you have the right to contact the relevant supervisory authority (for North Rhine-Westphalia: the German Federal Commissioner for Data Protection and Freedom of Information in Düsseldorf). You also have the right to receive any data transmitted by you in a machine-readable transmission format.
If you have any questions about the processing of your personal data, please contact us directly (controller: see Imprint). If you have any questions, requests for information, proposals, or complaints, you can also contact our external data protection officer directly.


10. Security

KIRCHHOFF Automotive/the KIRCHHOFF Group uses technical and organisational security measures to protect your data provided to us from accidental or deliberate manipulation, loss, destruction, or access by unauthorised persons.
Our security measures are not only continuously improved in line with technological developments, but also protected by an integrated information security management system (ISMS).


11. Security

KIRCHHOFF Automotive / the KIRCHHOFF Group uses technical and organizational security measures to protect the data you have made available from accidental or intentional manipulation, loss, destruction or access by unauthorized persons.

Our security measures are not only continuously improved in line with technological developments, but are also protected by an integrated information security management system (ISMS).


12. Whistleblowing

On our homepage under “Corporate Governance” > “Code of Conduct”, it is described and outlined how violations can be reported. The reports are made by phone or email. Anonymous reporting is also possible. However, the whistleblower can voluntarily provide their identity, in order to receive feedback. The report is sent directly to a KIRCHHOFF Automotive authorized representative (Global Compliance Expert, Compliance Delegate, Managing Director, responsible manager) or to an ombudsman (external lawyer).

Reports usually include the identity of person(s) concerned by the reported event, as well as data of the whistleblower for non-anonymous reports. Other personal data is only collected if necessary to fulfill the purpose and is therefore legally permissible.

The processing of the personal data of both the (non-anonymous) whistleblower and the person(s) concerned by the reported event, serves the purpose of preventing violations of the law and of investigating violations in the interests of the injured party.

The processing of personal data takes place to protect legitimate interests in accordance with Art. 6 Para. 1 f) GDPR. The sincere interest here is to maintain compliance: compliant processes at KIRCHHOFF Automotive and equal and fair opportunity to conduct investigations.

If the whistleblowing is confirmed, the responsible manager and/or the HR Manager are informed. Possibly, personal data will then also be sent to government authorities, e.g. Prosecutor or courts. In the event of a breach affecting the global organization, the personal data will be transmitted to the Global Compliance Expert in Germany or to the countries where KIRCHHOFF Automotive operates and where investigations can take place. In all other cases, no personal data is shared to a third-party country. Any recipients only have access to the information necessary for their respective task(s).

The duration of the storage of the personal data of the person(s) concerned by the whistleblowing depends on the specific circumstances: personal data will be deleted if there is no initial suspicion or if the whistleblowing is deemed unfounded as soon as the corresponding determination has been made. If the internal investigation has confirmed the notification, the personal data will be deleted at the time when all legal measures have been completed. The endorsements in the personnel file resulting from confirmatory examinations, are subject to the deletion periods applicable to personal files.

The storage duration of personal data for a (non-anonymous) whistleblower corresponds to the storage duration of the relevant process according to the previous paragraph.

In the event of deliberately incorrect or defamatory notices by whistleblowers, deletion periods apply accordingly with regard to the investigations into the misconduct of the whistleblower.

Natural persons from whom we process personal data, are affected in the sense of General data protection regulation (GDPR). The rights of the data subject apply (Art 15-21 GDPR).