osk logo

Privacy Policy

When you access this website, it automatically gathers information of a generic nature. This information includes, e.g. the type of web browser, the operating system used, the domain of your internet service provider and similar. None of this information enables any conclusions to be drawn relating to you as an individual and is the same type of data generated on accessing any other website on the internet. The information is compiled by us on an entirely anonymous basis and statistically analyzed. The reason for doing so is that the better we understand your wishes, the faster you are able to access the information you are seeking on our website.

The protection of personal data is of the utmost importance to us. Absolutely no personal data (e.g. names, addresses, phone numbers or email addresses) are gathered by our website, other than when you freely and knowingly provide us with such data (e.g. through registration for our free newsletter) and where permitted by the associated laws in respect of protecting your data. Data gathered in this way will not be passed to third parties without your express permission.

We advise you that transferring data via the internet (e.g. in email communication) can result in security breaches. It is not possible to keep data completely safe from access by third parties.

We hereby expressly veto third-party use of contact data published in accordance with statutory editorial requirements (Impressum) for the purposes of sending advertising material and information not specifically requested. The website operators expressly reserve the right to take legal action in the event of unsolicited sending of advertising information by means of spam emails or similar.


Cookies are small text files that are stored on the hard disk of your computer. The technically necessary session cookies we use are temporary cookies that expire and are automatically deleted when you close your browser. Most internet browsers allow you to block the storage of cookies. If you do not agree to our use of cookies, please deactivate the acceptance of these cookies in the settings of your browser. However, if you do not accept cookies, the functionality of our website may be limited.

Disqus comment system

The Disqus comment function is a service provided by Big Head Labs, Inc., San Francisco, USA. Disqus is an interactive comment system that, with a single registration, enables users to comment on all websites that use the Disqus comment system. Users can also register via existing accounts with Facebook (via Facebook Connect), Twitter, Yahoo, Google and OpenID. Comments can also be posted without registration (as a guest). Visit www.disqus.com to find out more about Disqus and its functions. Your data are processed by Disqus and saved on their system. The gathering, processing and use of the data in question are subject to the conditions of use and data protection statements published by Disqus, which can be found at http://docs.disqus.com/help/30/ and http://docs.disqus.com/help/29/. If you register via your Facebook, Twitter, Yahoo, Google or OpenID account, data may also be gathered, saved and used by these providers. Please refer to the respective provider for their data protection provisions.


For the statistical evaluation of our websites, instead of the usual external service providers we use Matomo – which is operated by us and is therefore more data-protection friendly – in order to create statistical evaluations of site usage without cookies. We use the collected information to evaluate the acceptance of our website and to compile reports about the website activities. This information is not shared with third parties or passed on in any form.

By using our websites, you consent to the processing of data about you by us in the manner and for the purposes set out above. If you would like to switch off the analysis by Matomo, you can do it with this link: to the opt-out page. This will set a so-called “opt-out cookie” called “piwik_ignore,” which lets Matomo know that it should not analyze your behavior on our website.


When you subscribe to the OSK Weekly Newsletter, you are consenting to receive our newsletter. OSK uses the information you provide for the purpose of distributing the newsletter. This newsletter is sent to the email address provided by you on registration. Responsibility for ensuring that your personal data, including our email address, is kept up to date rests with you. Should you no longer wish to receive the newsletter, you can cancel your subscription at any time by using the corresponding link in the newsletter. Your email address and all other personal information will under no circumstances be passed to third parties.

Whistleblower system

Our internal whistleblowing system gives employees, suppliers and business partners the opportunity to point out grievances without having to come forward themselves. This concerns in particular the following issues within the company:  

  • Crimes or misconduct. 
  • Serious and flagrant violations of applicable law and/or international agreements. 
  • Serious threats or endangerments to the public interest of which the whistleblowers have personal knowledge. 
  • Breach of any code of conduct or policy of the Company. 
  • Dangers to the health of employees. 

You do not have to provide any personal data about yourself. However, depending on the content of your contribution, your report may contain personal data of third parties. Data that is irrelevant or immaterial to the report will not be processed in the subsequent investigation of the incident. You can remain anonymous if you do not disclose any personal data about yourself. 


Legal basis for the processing 

The processing of the data serves the fulfilment of a legal obligation, Art. 6 (1) sentence 1 lit. c DSGVO, which follows from the so-called Whistleblower Directive (Directive (EU) 2019/1937 on the protection of persons who report infringements of Union law) and national laws of the EU Member States based on this. The data processing is also carried out in the legitimate interest of the company to be informed about unlawful and reportable events and to be able to clarify them internally, Art. 6 para. 1 p. 1 lit. f DSGVO.
The reports are checked and answered within the legally specified deadlines. The deletion of the data takes place no later than 3 years after the conclusion of the proceedings, provided that there are no retention obligations as a result of any subsequent legal proceedings. 


Data recipient 

The data collected is forwarded to persons in the company responsible for processing reports and may also be made available to other third parties (lawyers, experts and auditors) for analysis and investigation purposes. If necessary, authorities and courts may also be involved.   

The management receives an annual summary report on the number and type of reports for inclusion in the report pursuant to the Supply Chain Due Diligence Act. CONFDNT ensures that the protection of the person making the report is guaranteed. 

In addition, your data is transferred to the service company CONFDNT, which supports the operation of the website and the associated processes, within the scope of order processing pursuant to Art. 28 DSGVO. The service company works strictly according to instructions and has been contractually obligated accordingly. 


Transfer of data to countries outside the European Union 

The data collected may be made available to recipients outside the European Union on a case-by-case basis to the extent that this is strictly necessary to process the notifications received, in particular to determine the materiality of the infringements. Prior to the transfer of personal data, all measures necessary to ensure that the level of protection of natural persons guaranteed by the GDPR is not undermined shall be taken.