+352 288 376 272 info@ittm-solutions.com

Privacy Policy General Notice


Welcome to the ITTM website. We are pleased about your visit.


As a rule, it is possible to use our Internet page (website) without providing personal data. When using individual service offers on our Internet page (website), different regulations may apply to the use, which we would like to explain to you separately below.


Personal data is all information that can be directly or indirectly assigned to a specific natural person (e.g. name, address, e-mail address, special characteristics, etc…). The legal basis and further information on data protection can be found in the Luxembourg law of 1 August 2018, the law of 5 May 2005 and the General Data Protection Regulation (EU) 2016/679 (GDPR). Your personal data will only be processed by us in accordance with the provisions of the Luxembourg and European data protection laws. Personal data is only stored insofar as this is necessary for the provision of a service, for the provision of the website, for compliance with legal requirements or for one of the stated purposes.


The following statements inform you about the type, scope and purpose, as well as the use and processing of personal data by the provider/responsible party.

Person responsible (§ 4 No. 7 GDPR)

27, Rue Henri Koch (House of BioHealth)
L-4354 Esch-sur-Alzette
Phone: +352 288376272

E-mail: info|at|ittm-solutions.com


Data Protection Officer
Ka Communications S. à r. l. / Ka Data Protection
50, Rue des Remparts
L-6477 Echternach
E-mail: dpo|at|ittm-solutions.com
Website: https://datenschutzberater.lu



1.0 Provision of the website/server log files

As a rule, it is possible to use our website without providing personal data. However, when you visit our website, certain anonymised data is automatically stored which is necessary for the provision of the website. This data is not personal data and does not fall under the legal regulations of the GDPR or the Luxembourg data protection law. The data are so-called server log files that your internet browser transmits to us or to our web space provider, where they are recorded and stored.
    • Your browser type and version
    • The operating system used by the user your internet protocol address (IP address)
    • Date and time
    • Websites from which you visit us (referrer URL)
    • Websites and content (images, files, etc…) accessed on our website

This data is stored separately from your personal data if you have provided it. This ensures that no specific person can be identified.


1.1 Purpose of processing personal data

The temporary storage of the IP address is necessary to enable delivery of the website to the user. The IP address is stored for the duration of the session. Furthermore, log files are stored to ensure the functionality of the website and to eliminate misuse and malfunctions. The data is also used to optimise and ensure the security of our information technology systems. The data is not evaluated for marketing purposes in this context. These purposes are also the basis of our legitimate interest in data processing according to § 6 (1) lit. f GDPR.


1.2 Duration of storage/deletion
The deletion of the data mentioned in the point “Provision of the website/server log files” takes place as soon as the purpose for the storage ceases to apply. At the latest, however, after the expiry of 3 months after calling up our website.


2.0 Contact option (e-mail, contact form)

On our website, you have the option of sending us messages by e-mail and/or via a contact form. The following mandatory details are required for contacting us.
    • First name and surname
    • E-mail address

2.1 Purpose of data processing For the purpose of processing the contact, the information voluntarily provided by the user is stored. The data is stored on the legal basis of § 6 (1) lit. a GDPR.

 2.2 Duration of storage/deletion

The data collected under point 2.0 Contact option will be deleted as soon as the purpose for storing it no longer applies.

3.0 Data security and data protection, communication by e-mail

Your personal data are protected by technical and organisational measures during collection, storage and processing so that they are not accessible to third parties. In the case of unencrypted communication by e-mail, we cannot guarantee complete data security on the transmission path to our IT systems, so that we recommend encrypted communication or the postal service for information requiring a high level of confidentiality.

4.0 Right to information and correction requests – Deletion & blocking of data – Revocation of consent – Right of objection

4.1 Right to information

You have the right to request confirmation as to whether we are processing your personal data. If this is the case, you have the right to be informed about the information named in § 15 (1) GDPR, insofar as the rights and freedoms of other persons are not affected (§ 15 (4) GDPR).


4.2 Right to rectification

In accordance with § 16 of the GDPR, you have the right to have any incorrect personal data stored with us corrected at any time.

 4.3 Right to erasure

Pursuant to § 17 (1) of the GDPR, you have the right to request that we erase the personal data we have collected about you if the data is either no longer required, the legal basis has ceased to exist without substitution due to the revocation of your consent, you have objected to the processing and there are no legitimate grounds for processing, your data is being processed unlawfully, a legal obligation requires this or a collection pursuant to § 8 (1) of the GDPR has taken place.

Pursuant to § 17 (3) of the GDPR, the right does not exist if the processing is necessary for the exercise of the right to freedom of expression and information. Furthermore, it does not exist if it has been collected on the basis of a legal obligation or the data serve the assertion, exercise or defence of legal claims.

 4.4 Right to restriction of processing

Pursuant to § 18 (1) GDPR, you have the right in individual cases to request the restriction of the processing of your personal data.
This is the case if
    • The accuracy of the personal data is disputed
    • The processing is unlawful
    • The data is no longer required for the purpose of processing but is used for the assertion, exercise or defence of legal claims.
    • An objection to the processing pursuant to § 21 (1) GDPR has been lodged and it is still unclear which interests prevail.
4.5 Right to revoke consent

If you have given us express consent to process your personal data pursuant to § 6 (1) lit. a GDPR or § 9 (2) lit. a GDPR, you may revoke this consent at any time. Please note that the lawfulness of the processing carried out on the basis of the consent up to the revocation is not affected by this.


4.6 Right to object to data processing
You may object to the processing of your personal data at any time in accordance with § 21 of the GDPR, insofar as the processing is carried out on the basis of § 6 (1) lit. e or lit. f of the GDPR.


5.0 Right to data portability

You have the right to request that we provide you with the personal data that you have transmitted to us in a structured, common and machine-readable format. You may also request that we transmit this data to a third party immediately upon your first instruction, provided that the processing is based on consent pursuant to § 6 (1) lit. a GDPR or § 9 (2) lit. a GDPR or a contract pursuant to § 6 (1) lit. b GDPR and the processing is carried out by us within the framework of automated data processing. The freedoms and rights of other persons must not be affected by this.
The right to data portability does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

6.0 How to exercise your above rights

You can exercise your rights at any time by contacting the contact listed below.
27 Rue Henri Koch (House of BioHealth)
L-4354 Esch-sur-Alzette
Phone: +352 288376272
E-mail: info|at|ittm-solutions.com

7.0 Right to lodge a complaint with the CNPD or another competent supervisory authority

If you suspect that your data is being processed unlawfully, you can seek judicial clarification at any time. Irrespective of this, you have the option of contacting the CNPD (Commission Nationale pour la Protection des Données, www.cnpd.lu) or another competent supervisory authority. You have the right to lodge a complaint in the EU member state of your place of residence, your place of work and/or the place of the alleged infringement, i.e. you can choose the supervisory authority you contact in the above-mentioned places. The supervisory authority to which the complaint has been lodged will then inform you of the status and outcome of your submission, including the possibility of a judicial remedy under § 78 of the GDPR.




Design and Realisation: Lisa Blum, Grafikbüro