Privacy Policy


Kuppinger Cole Ltd. (hereinafter referred to as "KuppingerCole", you can obtain information about KuppingerCole here) is delighted that you are visiting our website. Data privacy and data security when using our website are very important to us. We would therefore like to inform you at this point about the type of personal data captured by us when you visit our website and for what purpose this data is used.

As changes in legislation or our internal processes may make it necessary to modify this data privacy statement, we would ask you to read its contents regularly. The data privacy statement can be retrieved, saved and printed out at any time by accessing "data privacy statement".

§ 1 Details of the controller and the data protection officer

Our details as controller are:
Kuppinger Cole Ltd.
- a part of KuppingerCole Analysts AG -
Wilhelmstr. 20-22
65185 Wiesbaden

Our external data protection officers` details are:
Dr. Karsten Kinast, LLM
KINAST Rechtsanwaltsgesellschaft mbH
Hohenzollernring 54
D-50672 Köln
Telefon: +49 (0)221 – 222 183 – 0
Telefax: +49 (0)221 – 222 183 – 10

§ 2 Scope of application

This data privacy statement shall apply to the KuppingerCole website content, which is available at the domain as well as the various subdomains (hereinafter referred to as "our website").

§ 3 What is personal data?

Personal data is information that can be used to find out about your personal or factual circumstances (for example, name, address, telephone number, date of birth or email address). Information that does not allow us to make a connection to you (or only with a disproportionate amount of effort), for example by rendering the information anonymous, is not personal data.

§ 4 Which personal data is collected/processed and used by us?

You can use a large part of our website without disclosing your personal data. Access data is stored which is not personally identifiable, for example, the name of your internet service provider, the website from which you are visiting us, the names of the requested data files and the date that they are retrieved. This data is only analysed in order to improve our website and does not allow us to deduce information concerning you as a person.
If you want to use the services offered by us on our website, such as ordering a newsletter, you will however need to disclose additional information. This involves data that is required for processing purposes, for example, your email address when ordering a newsletter.

We use the data collected by us via yourself for providing the products and services offered by us, for answering your questions and for operating and improving our web pages and applications.

We only use your personal data so that we can offer you an extensive service via our website or, if you use our contact form or our email service, so that we can provide the requested service. No other use is made of your personal data. Transmission of your personal data to third parties or using your data for advertising purposes without your consent does not, except in the cases described below, happen unless we are obliged by law to release data (information to law enforcement authorities and courts; information to public bodies that receive data on the basis of statutory regulations, for example, social insurance institutions, tax offices etc.) or if, for the purposes of enforcing our claims, we use the services of third parties who are bound by professional secrecy.

Personal data is in particular used as follows:

  • Registration/user account
    If you register with KuppingerCole, your email address is stored by us first of all so that we can send you new login data if you ever forget this. In addition, we store your user name and password to enable you to log in conveniently and easily to your account and we also store the mandatory data which includes your first and last name (mandatory fields are marked with a *; any additional data is voluntary). This data is used by us for the purposes described above so that we can offer you this service. The legal basis for processing the mandatory personal data is based on Art. 6 (1) (b) GDPR[1]. Any additional data is processed upon Art. 6 (1) (a) GDPR.
  • Purchase
    We use the data that you send us when ordering products without your separate consent solely to process and execute your order. When the order has been fully processed and the purchase price has been paid in full, your data is blocked for further use and, following expiry of the retention periods required under the tax and commercial laws, it will be deleted unless you have expressly consented to the further use of your data.
    Your data is passed on to forwarding agencies who have been instructed to deliver the products if this is required for delivery of the products. In order to process payments, we pass on your payment data to the bank that has been appointed to deal with payments. These organisations may only use your data to process the order and not for any other purpose. The legal basis for processing your personal data is based on Art. 6 (1) (b) GDPR.
  • Forum/social platform
    The user has the opportunity to post voluntary impressions, statements, photos and videos in the forum or on the notice board. Each user decides independently, at his/her own discretion, what data he/she would like to disclose about himself/herself and which data should not be disclosed.
    KuppingerCole reserves the right to delete a publication at any time without stating reasons. There is no entitlement to publication. The legal basis for processing your personal data is based on Art. 6 (1) (a) GDPR.
  • Newsletter
    In order to be able to register for our email newsletter service, in addition to your consent we need, as a minimum, your email address to which the newsletter should be sent. Any other data is given voluntarily and will be used so that you can be contacted personally, the content of the newsletter can be personalised and any queries about the email address can be clarified. You have the choice of whether or not to disclose this data to us. However without this data we cannot send our newsletter to you.
    As a rule we use the so-called double opt-in process for sending the newsletter, that is, we will only send you the newsletter if you confirm your registration beforehand via a confirmation email sent to you for this purpose using the link contained therein. Thus we can ensure that only you yourself, as the owner of the email address, can register for the newsletter. Your confirmation relating to this must follow promptly after receiving the email confirmation as otherwise your newsletter registration is automatically deleted from our database.
    When registering for the newsletter, your email address is used for in-house advertising purposes until you unsubscribe from the newsletter. In order to unsubscribe you can either send an informal email to or cancel the registration via the link at the end of the newsletter. The legal basis for processing your personal data is Art. 6 (1) (a) GDPR.
  • Contact form
    If you opt to send enquiries to us using our contact form, we will ask you for your first names and surname and your email address. In addition you can submit your individual message to us using the message box.
    You have the choice of whether or not to disclose this data to us. However without this data we cannot comply with your contact request. The legal basis for processing your personal data is Art. 6 (1) (a) GDPR.

§ 5 User profile / use of cookies

Apart from the cases referred to above, we do not create a personal user profile. In conjunction with the retrieval of information requested by you, data is only stored on our servers in anonymised form in order to provide our various services or for evaluation purposes. In this connection general information is recorded, for example, when and which contents are retrieved from our website or which web pages are visited the most frequently.

We use so-called "cookies" (small text files with configuration information).

Cookies are small text files which, when you visit our web pages, are sent from our web server or – as mentioned below – from a third party web server to your browser and are temporarily stored on your computer for retrieval at a later date. Apart from the use with services mentioned below. We only use so-called session cookies (also referred to as temporary cookies), that is, cookies that are only stored temporarily whilst you are using our web pages.

The cookies used serve in particular to determine the frequency of use and the number of users of our websites. They also serve to identify your computer when visiting our website and switching from one of our web pages to another of our web pages and to determine the end of your visit. Thus we learn which area of our websites and which other websites our users have visited. This usage data does not however allow conclusions to be drawn about the user. All of this usage data that has been collected in anonymised form is not merged with your personal data in accordance with § 3 of this data privacy statement and is deleted immediately once the statistical analysis has been completed. Cookies sent from our web server are deleted, once the session has ended and as soon as you have completed your browser session, whereas cookies sent from third party web servers may be stored as mentioned below.

The legal basis for processing your personal data is Art. 6 (1) (f) GDPR.

§ 6 Integration of social plug-ins

Our websites also contain plug-ins of various social networks. "Facebook" (Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA), "Google+" "YouTube" (Google Inc. 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) and "Twitter" (Twitter, Inc. 1355 Market St, Suite 900, San Francisco, CA 94103, USA).

These are operated exclusively by the respective provider. The plug-ins are, within the context of our online presence, identified by the respective button belonging to the service. When visiting a subpage on our websites that contains such a plug-in, your browser establishes a link to the servers of the respective service, whereby the content of the plug-in is transmitted once again to your browser and is integrated by this into the displayed web page. Thus the information about the visit to our website is passed on to the respective service. If, whilst visiting our website, you are at the same time registered with the respective service via your personal user account (for example, via another browser session), this can allocate the visit to our website to your account.

With the help of the plugin, users can share or post links to corresponding web pages in social networks such as Twitter, Facebook or Google +1 and can recommend the contents there. As a result of your active interaction with these plug-ins, for example by clicking on the respective button or by leaving a comment, the corresponding information is transmitted directly to the service and is stored there.

If you want to prevent such a data transmission, before visiting our web pages you must unsubscribe from your user account with the respective service. For information regarding the extent and purpose of the data collection by the respective service as well as the additional processing and use of your data there, please refer directly to the data protection notices on the website of the service (,, You will also receive further information there about your corresponding data pro-tection rights and configuration options to protect your privacy.

The legal basis for processing your data is based on Art. 6 (1) (f) GDPR.

§ 7 Google Analytics / Google Remarketing / Act-On Beacon Tracker

This website uses Google Analytics, a web analysis service provided by Google Inc. (“Google”). Google Analytics uses “cookies” (as defined above). The information generated by the cookie about your use of this website will usually be transmitted to a Google server in the USA and stored there. If need be, Google will also transfer this information to third par-ties if this is required by law or if third parties are processing this data on behalf of Google. If IP anonymization is activated on this website, your IP address will however be truncated by Google within the area of Member States of the European Union or in other countries which are party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and truncated there. We must point out that on this website Google Analytics was expanded by the code "{ anonymizeIp: true }" in order to guarantee an anonymised collection of IP addresses (so-called IP Masking).

Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing them with other services relating to website use and Internet usage. The IP address transferred by your browser during the use of Google Analytics will not be associated with any other data held by Google. You may prevent the storage of cookies by selecting the appropriate settings in your browser software, however, please note that if you do this, you may not be able to use the full functionality of this website.

Furthermore, you can prevent the collection of data generated by the cookie which relates to your usage of the website data by Google by downloading and installing the browser plugin available under the following link:

More detailed information on this can be found at or at (general information about Google Analytics and data protection).

Furthermore this website uses Google AdWords Remarketing, another web analysis service provided by Google. Google AdWords Remarketing uses cookies (as defined above) in order to serve you with tailored advertisement on websites of the Google Content Network based on past visits to this website. This allows us to market our services to those who have shown interest in them. You can prevent the collection of data generated by the cookie by Google regarding Google AdWords Remarketing on Alternatively you will find detailed information on how to deactivate the usage of cookies on

An other third party service this website uses is called Act-On Beacon Tracker. This service enable us to analyze the usage of our web service and also ensures a high quality of customer service. This tool also uses “cookies”, but only with an opt-in permission. You will be asked for permission by a pop up message of your browser in order to generate such a text file. Our service on the webpage will be provided even if you decline to create such a tracking cookie. A permission is not essential to access your service.

The information generated by the Act-On Beacon Tracker will be exclusively stored at Amazon Web Services’ (AWS) data centers within the Amazon cloud in Ireland (Dublin) and Germany (Frankfurt) located within the European Union. Even if you have accepted to create a tracking cookie you may delete it pursuant the opportunities of your web browser. The legal basis for processing your data is based on Art. 6 (1) (f) GDPR.

§ 8 Security measures to protect the data stored by us

We undertake to protect your privacy and to treat your personal data as confidential. To prevent a loss or unauthorised use of the data stored by us, we take extensive technical and organisational security precautions that are checked regularly and are adapted to technological progress. We must however point out that, due to the structure of the Internet, it is possible that the regulations concerning data protection and the above-mentioned security measures are not complied with by other persons or institutions that are not our responsibility. In particular disclosed data that is unencrypted, even if sent by email, can also be read by third parties. From a technical point of view, we have no influence on this. It is the responsibility of the user to protect the data provided by him/her against unauthorised use by means of encryption or by some other way.

§ 9 Hyperlinks to external websites

Our website contains hyperlinks to websites of other providers. By activating these hyperlinks you are transferred directly from our website to the other provider's website. This is visible by the change of URL. We accept no responsibility for the confidential handling of your data on these external websites, because we have no control over whether these companies comply with data protection regulations. Please find out how these companies handle your personal data by accessing their websites directly.

§ 10 Information on your personal data stored by us/duration of storage/deletion

We only store your personal data if this is permissible in accordance with the law. The stored personal data is deleted if the user revokes his/her consent to its storage or if knowledge of this stored personal data is no longer required to serve the intended purpose, in particular, if the user account is deleted or if its storage is not allowed for other legal reasons. If you so request, we will be happy to inform you which data we have stored that is of a personal nature. If, despite our efforts to hold correct and up-to-date data, incorrect data is stored by us, we shall correct this immediately.

You can at any time check, amend or delete the personal data made available to us by logging in to your user account and processing the data yourself or by sending an email to us at If you delete your user account once and for all, the data stored in the user's user account is automatically totally deleted. A request for deletion is not required. If you want the stored data to be deleted, following your request this will also be deleted immediately. If, for legal reasons, deletion is not possible, the respective data will be blocked instead. Please note however that, if your data is deleted, we are no longer able to offer you the services described here.

If the user deletes his/her user account once and for all, the data record stored in the user's user account is automatically totally deleted.

§ 11 Revocation of consent

We would like to point out to you that where data processing is based on Art. 6 (1) (a) GDPR („consent“) you can revoke your consent at any time with effect for the future. To do so please contact

§ 12 Data protection rights

You shall have the right to

  • obtain from us confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, obtain access to the personal data (Art. 15 GDPR, „right of access“)
  • obtain from us the rectification of inaccurate personal data concerning you and to have incomplete personal data completed (Art. 16 GDPR, „right to rectification“)
  • obtain from us the erasure of personal data concerning you, unless processing is necessary for exercising the right of freedom of expression and information; for compliance with a legal obligation; for reasons of public interest or for the establishment, exercise or defence of legal claims (Art. 17 GDPR, „right to be forgotten“)
  • obtain from us restriction of processing where the accuracy of the personal data is contested by you; the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead; we no longer need the personal data for the purposes of the processing but they are required by you for the establishment, exercise or defence of legal claims; or you have objected to processing according to Art. 21 GDPR (Art. 18 GDPR, „right to restriction of processing“)
  • receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller (Art. 20 GDPR, „right to data portability“).

In order to exercise your aforementioned rights, please contact

§ 13 Right to object

Where data processing is based on Art. 6 (1) (e) or (f) GDPR, we hereby inform you on your right to object at any time to processing of your personal data for aforementioned legitimate interests, based on grounds relating to your particular situation. In this event, we shall no longer process your personal data, unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims. Where personal data is processed for direct marketing purposes, you shall have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.

In order to object, please contact

§ 14 Right to lodge a complaint

We shall hereby inform you about your right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR (Art. 77 GDPR, “right to lodge a complaint”).

As of May 2018

[1]  General Data Protection Regulation; REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016, repealing Directive 95/46/EC

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00

Stay Connected


Compliance, Risk & Security Learn more

Compliance, Risk & Security

Whether public, private or hybrid clouds, whether SaaS, IaaS or PaaS: All these cloud computing approaches are differing in particular with respect to the question, whether the processing sites/parties can be determined or not, and whether the user has influence on the geographical, qualitative and infrastructural conditions of the services provided. Therefore, it is difficult to meet all compliance requirements, particularly within the fields of data protection and data security. The decisive factors are transparency, controllability and influenceability of the service provider and his [...]