We welcome you to our website and are happy that you are interested in our company. So that we can reassure you with regard to the handling of your personal data, in this policy we offer you full disclosure concerning what happens to the data gathered and which security measures we take. Personal data are all data that can be related to you personally, e.g. your name, e-mail address or user behaviour.

We also offer you information on your statutory rights in connection with the processing of these data.


The “Controller” for data processing purposes within the meaning of Art. 13 GDPR is:

LUTZ Aufzüge GmbH
Gutenbergstraße 19
D-21465 Reinbek/Hamburg
Telephone: 040-72769-0
E-mail address: info@ lutz-aufzuege.de
Our Data Protection Officer, FIDES IT Consultants GmbH, can be reached at the e-mail address datenschutz@lutz-aufzuege.de.

Visiting the website

If you use the website for purely informational purposes, i.e. if you only visit our website and do not provide us with any information, we will only collect the data that your browser transmits to the web server. The following information will automatically be recorded:
(1)        Information about the browser type and version used
(2)        The user's operating system
(3)        The user’s Internet service provider
(4)        The user’s IP address
(5)        Date and time of access
(6)        Websites from which the user's system accesses our website 
(7)        Websites accessed by the user’s system via our website
(8)       Status-code-based notification of whether the access was successful
(9)       Volume of data transferred

The legal basis for the processing of the data is Art. 6 (1) (1) (f) GDPR (legitimate interest). For our part, we have a legitimate interest in being able to guarantee the sustainable operation of the website. The technical use of the data on the web server is limited in time to the duration of the use of the website.

Contact form/contacting us by e-mail, telephone or fax
When you contact us via the contact forms or by direct e-mail, telephone or fax, the data/information you provide (title, first and last name, e-mail address, postal address/zip code and city, telephone, company, function, reason for contact and content of the message as well as the desired period of time for us to contact you) is transmitted to us and processed by us. 
If you contact us via the "contact route" on our website, we enable you to specify your request in detail. In this way, you enable us to provide you with a quotation if you wish or to advise you better and more specifically when you contact us. For this purpose, we optionally collect the following categories of information from you: 
•    Type of inquiry (e.g. quotation, consulting inquiry), 
•    Type of inquiry (e.g. new construction, modernization)
•    Type of transport (e.g. persons, goods, cars, etc.)
•    Elevator type (land / building or marine / ship)
•    Postal address of the location for the elevator (if possible/relevant)
•    Location for installation, if applicable
•    Number of floors 
•    Number of entrances to the elevator
•    Desired equipment variant
•    Cabin size or available space for installation (width and depth)
•    Existence of a shaft
•    Planned period of the building project
•    Special features
•    Building permit available
The processing of your data is solely for the purpose of answering your questions or processing your request.
The legal basis for the processing of personal data is Art. 6 par. 1 lit. b GDPR (pre-contractual measures / fulfillment of a contract), if you contact us as a private person or sole proprietor / partnership and wish to receive an offer or offer advice. The legal basis is Art. 6 par. 1 lit. f GDPR (legitimate interest) if you have general questions or contact us as a contact person of a business customer or other business partner. We have a legitimate interest in processing and answering your request from the contact or inquiries. For the purpose of processing your request, the information provided may be forwarded to the relevant departments within our company.
Any further use or forwarding of your data will take place insofar as this is necessary on the basis of Art. 6 par. 1 lit. c GDPR (legal obligation) for the fulfillment of legal obligations.
The contact is made expressly on a voluntary basis. Failure to provide your data will have no effect on you.
We will only store your personal data for as long as it is necessary for the intended purpose of processing your inquiry or request for quotation or is required to comply with statutory retention periods.

Applications/job offers

You have the opportunity to apply for jobs at companies of the Lutz Group via our website. As part of the application process, personal data from you will be processed on the basis of Art. 88 DSGVO, § 26 BDSG. These are in particular name, address, date of birth, marital status, telephone number and e-mail address as well as application documents essential for the selection decision (letter of application, curriculum vitae, references, proof of training, certificates, etc.). This data is processed exclusively for the purpose of processing and reviewing your application (application management). In order to simplify the collection of application data via our website, there is the option of indirect access to the XING platform as part of the application data entry. If desired by you, the transfer of application data stored within your XING profile takes place after authorization on the platform. The link to the platform is provided solely for the purpose of simplified data collection as part of your application process. Use of the portal is voluntary and the responsibility of the respective applicant. We have no influence on the data processing procedures of this platform. For further information on the purpose and scope of data collection and its processing by XING, please refer to the provider's privacy policy.

XING: https://privacy.xing.com/de/datenschutzerklaerung

Supplementary information on the processing of personal data as part of the application process can be found in the data protection notice within the meaning of Art. 13 DSGVO, which can be accessed via the application form on the website, among other places.


On the basis of Art. 28 GDPR (contract data processing), we use external service providers to support internal administrative and IT processes, e.g. for hosting, administration and maintenance of IT systems.

The service providers have been carefully selected by us, are obliged to maintain confidentiality and may only use your personal data strictly for a specific purpose as part of the performance of the contract concluded between you and us.



Cookies are occasionally used on our website. Cookies are small text files which, provided that the storage of cookies is activated in your browser, are placed on your computer and stored by your browser. Cookies cannot be directly assigned to specific persons and do not contain any personal data. Cookies do not cause any damage to your computer and do not contain viruses. You can configure your browser settings as you wish, for instance, if you do not want cookies to be stored on your computer, to refuse the acceptance of cookies, in whole or in part. Previously stored cookies can also be deleted by making changes to your browser’s system settings. We would point out that the deactivation or deletion of cookies may mean that you will not be able to use all the functions of this website.


For the purpose of obtaining effective consent from website visitors, we use the consent tool/the consent management service of Usercentrics GmbH.
Further information on the use and purpose of the consent tool can be accessed directly via the consent tool, which is made accessible to you when you first call up the website and can then be accessed at any time via the fingerprint icon displayed on the website.

The legal basis for the data processing carried out in the context of the use of the consent tool is Art. 6 (1) (1) (f) GDPR (legitimate interest). The processing serves our legitimate interest in displaying our site in a legally compliant manner and is therefore necessary for the operation of the website.


If you have declared your consent, we use the web analytics service Google Analytics 4 to optimally tailor the content of the website to the needs of our visitors. The legal basis for the processing of personal data is Art. 6 par. 1 lit. a GDPR (consent). 
Google Analytics is a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). We have concluded an order processing agreement with Google Ireland Limited for the use of Google Analytics. In the event that personal data is transferred from Google Ireland Limited to the USA, Google Ireland Limited and Google LLC have concluded standard contractual clauses pursuant to Art. 46 par. 2 lit. c GDPR. 
Google Analytics uses cookies, which are stored on your device and which enable an analysis of your use of the website. The information generated by the cookies about your use of this website will be transmitted to Google. According to the information provided by Google at https://support.google.com/analytics/answer/2763052?hl=de, no logging and storage of IP addresses takes place.
As part of the evaluation, Google Analytics also uses artificial intelligence for automated analysis and enrichment of the data. For example, Google Analytics models conversions if not enough data is available to optimize the evaluation and reports. Data evaluations are automated using artificial intelligence or based on specific individually defined criteria.
Information on this can be found in documentation published by Google, which can be accessed via the following links:
The data processing is essentially carried out by Google. The transmitted information is used by Google to evaluate your use of the website, to compile reports on website activity and to provide us with other services related to website and internet usage. Google further uses the collected data for profiling purposes and combines it with other data of the user such as search history, personal accounts, usage data of other devices and any other data Google has on this user. 
A transfer to Google contractual partners as well as a data transfer to Google servers in the USA cannot be excluded on our part.
In the case of data processing taking place in the USA, there is a risk that an appropriate level of protection for the processing of personal data in accordance with European law pursuant to the GDPR cannot be consistently ensured. Furthermore, it cannot be ruled out that, due to laws applicable in the USA, access to personal data processed by the service provider may also be granted to US government agencies.
Name oft he cookie    Time    Details
_ga    2 years    Used to distinguish users
_ga_<container-id>    2 years    Usesd to ensure session

The data transferred to Google is automatically deleted after xx months. The deletion of data whose retention period has been reached takes place automatically xxx a month.

Cookies and comparable technical tools of Google Analytics:
Google Analytics Terms of use: https://marketingplatform.google.com/about/analytics/terms/de/
Google Analytics help page: https://support.google.com/analytics/answer/6004245?hl=de
Google Privacy Policy: https://policies.google.com/privacy

4.3 Use of Google Tag Manager

For reasons of transparency, we would point out that we use Google Tag Manager on our website. Google Tag Manager is a service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).
Google Tag Manager is a solution with which operators of websites can integrate and manage website tags via a uniform interface. Tags are small sections of code that, for example, record the activities of visitors on our website (tracking) and can originate both from Google internal services, such as Google Analytics, and from comparable services of other companies. Google Tag Manager itself, which implements the website tags, does not place any cookies or collect or process personal data.
Even if Google Tag Manager is used, the processing of website tags of the tracking services implemented on our website only takes place if the user has consented to the processing.
Third-party information:
Additional Terms of Use for the Google Tag Manager: https://www.google.com/intl/de/tagmanager/use-policy.html
Google Tag Manager Help: https://support.google.com/tagmanager/?hl=en#topic=3441530
Google Privacy Policy: https://policies.google.com/privacy

4.4 Use of Leadinfo

If you have opted to “Accept everything” in the privacy settings of the consent tool or have declared your consent via the individual settings of the consent tool in the “Marketing” category, we will use the lead generation service from Leadinfo. This recognizes visits to our website based on IP addresses and shows us publicly available information about the IP addresses, such as company names, telephone numbers or addresses of companies, via the Leadinfo dashboard available to us.
The legal basis for the processing of the data is Art. 6 (1) (1) (a) GDPR (consent).
You can revoke your consent to the use of the consent tool at any time with effect for the future. The consent tool can be accessed at any time via the fingerprint icon displayed on the website.
Leadinfo’s lead generation service is a service provided by Leadinfo B.V., based in the Netherlands. In addition to the recognition of the IP addresses of visitors to the website, first-party cookies are used to generate additional transparency for us about how visitors use our website. These cookies are not linked to other information.

The data processing is mainly carried out by the provider of the services, Leadinfo B.V.. Immediately after the Leadinfo systems have received an IP address, matching company data are requested and displayed in the Leadinfo dashboard. The IP addresses themselves are not displayed or stored in the Leadinfo dashboard available to us. 
If you should decide that your data are no longer to be collected via Leadinfo’s lead generation service, you can send an e-mail to info@leadinfo.com to remove your IP address from the Leadinfo database.
When the lead generation service from Leadinfo is used, the following cookies and comparable technical tools are used:
Name, Provider/access, Purpos, Storage period, Type
_li_id.xxxx, Leadinfo BV, A first party cookie to determine if the visitor is a new visitor or a returning visitor, Current session, Cookie
_li_ses.xxxx, Leadinfo BV, A first party cookie to determine which pages have been visited during their session, 2 years, Cookie
Third-party information:
Information on data processing under data protection law: https://help.leadinfo.com/en/gdpr
Leadinfo Privacy Statement: https://www.leadinfo.com/en/privacy/


Our website contains external links to the services of the following providers:

XING - New Work SE, Dammtorstrasse 30, 20354 Hamburg, Germany
LinkedIn - LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, United States
Facebook and Instagram - Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
The links are static links that take you directly from our website to the website of the service provider. You can easily track this via the address line of your browser, whose content will be displayed in a new window or tab after the link has been established. When opening the shortcuts using a device on which a service app has been installed, it may also be possible to access the desired service directly via the app.
The service provider in question is always responsible for the operation of the linked services. With the exception of the information provided by us about the services, we have no influence on the current and future design and content of the linked services. We could identify no illegal content at the time the links were placed. If we become aware of content-relevant violations of the law in the future, we will remove the corresponding link from our website.
If you have a user account with one of the services mentioned above and are logged in to the service at the time of linking, information about the use of the service can be assigned to your user account. If you do not want the service providers to collect data about you in this way, you must log out of the service concerned before visiting our website. 
Further information on the services can be found in the providers’ privacy policies:

XING - https://privacy.xing.com/en/privacy-policy
LinkedIn - https://www.linkedin.com/legal/privacy-policy
Facebook - https://www.facebook.com/about/privacy/

Instagram - https://help.instagram.com/519522125107875/?maybe_redirect_pol=0


In order to protect the personal data stored by us from accidental or intentional manipulation, loss, destruction or access by unauthorised persons, we have taken appropriate technical and organisational measures. The adequacy of the protective measures is constantly reviewed and adapted to new safety standards.
On our website we use the secure online transmission method known as Transport Layer Security (TLS) transmission. You can recognize this by the fact that an “s” is appended to the address component http:// (“https://”) or a closed lock symbol is displayed. By clicking on the icon, you will receive information about the certificate used. The way the symbol is displayed depends on the browser version you are using. TLS encryption ensures the confidential transmission of your data.


You have the right to receive information on the processing of personal data concerning your person as well as the information listed in detail in Art. 15 GDPR. If the personal data concerned are incorrect or incomplete, you can request the correction or completion thereof (Art. 16 GDPR). If one of the reasons listed in Art. 17 GDPR should apply, you will have the right to request the immediate deletion of your personal data. Under the conditions of Art. 18 GDPR, you can request the restriction of processing and, in accordance with Art. 20 GDPR, data portability.
Under the conditions of Art. 21 GDPR, you have the right to object to the processing of your personal data.
If you believe that the processing of your personal data violates the provisions of the GDPR, you can lodge a complaint with a supervisory authority, e.g. by submitting it to the independent Schleswig-Holstein Data Protection Authority (Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein) in Kiel as the competent supervisory authority (Art. 77 GDPR).