I. Introduction

We are aware of the trust you are placing in us. Therefore, we would like to provide comprehensive information to you on how we handle your personal data, in particular, we would like to inform you on the type of data we collect when you visit and/or use our website and on how we use this data. If we have received personal data from you through other communication channels (e.g. by e-mail), the following Privacy Notice applies as well.

Given that our website and the technologies on which it is based, as well as our business processes, are subject to continuous development, the Privacy Notice may need to be changed too. All future changes will be published on this website.

II. Use of the website and data protection

1. Name and contact data of the controller of the website

We, Aquila Capital Management GmbH, represented by the managing directors Marc-Aurel Kaiser, Christian Ohl, Bernhard Bußmann und Karsten Nebe, Valentinskamp 70, 20355 Hamburg (Tel.: +49 40 875050-100 / receptionist, Fax: +49 40 87 5050-129) as the provider of this website, are the controller within the meaning of Art. 4(7) GDPR.

 2. Contact data of the data protection officer

Aquila Capital Management GmbH is part of the Aquila Group (meaning Aquila Capital Holding GmbH and its affiliated companies in the sense of 15 et seqq. of the German Stock Corporation Act (AktG)). The data protection officer of the Aquila Group can be reached as follows:

Aquila Capital Holding GmbH
c/o the data protection officer
Valentinskamp 70, 20355 Hamburg

3. Restriction of the scope of this Privacy Notice for visits to our website

Our Privacy Notice only applies to our content which is stored on our servers. It expressly does not cover any links to websites of third parties in our offerings.

 4. Collection of personal data in the context of informational use of our website

a. Description and scope of data processing

If you only use our website for informational purposes, we do not collect any personal data aside from the data transmitted by your browser to enable you to visit the website.

That data is:

  1. Date and time of your request
  2. Duration of your visit
  3. Time zone difference compared to Greenwich Mean Time (GMT)
  4. Content of the request (specific page)
  5. Access status / HTTP status code
  6. Website & provider from/by which the request is made
  7. Browser
  8. Operating system
  9. Language and version of the browser software
  10. IP address.

In addition to the aforementioned data, cookies are stored on your computer when you use our website. For more details on cookies, see II. Clause 9 of this Privacy Notice.

b. Purpose and legal basis of data processing

We store data related to the end device in order to create use statistics, for example, or to identify and trace unauthorised attempts to access our web servers. We only create profiles regarding the use of our website in anonymised form and only to improve user navigation and optimise our products and services. Our legitimate interest in data processing pursuant to Art. 6 (1) lit. f GDPR also lies in these purposes. We do not create or process behavior profiles relating to a specific person from the aforementioned information.

c. Duration of data storage

The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.

5. Collection of personal data during the use of our website features

We only store personal data, such as your e-mail address or your name, if you choose to provide this information to us, e.g. in the context of the contact form, or for the performance of a contract (principle of direct collection).

a. Contact form

The following data is collected:

  • Company,
  • Name,
  • e-mail address,
  • phone,
  • if you choose general information package or information about the container test.

Data transmitted via the contact form will be stored in order to be able to process your request or to be available for follow-up questions. These data will not be passed to third parties without your consent. As soon as your request is completed, we will delete your data.

The processing of the data entered in the contact form takes place exclusively on the basis of your consent (Art. 6 (1) lit. a GDPR). Consent is given voluntarily. A revocation of your already given consent is possible at any time. To revoke your consent, simply send an e-mail to: The legality of the data processing operations carried out until the revocation remains unaffected by the revocation. Your rights in connection with data processing can be found under III. point 7.

b. LinkedIn

Components of LinkedIN Corporation are also integrated on this website. LinkedIn is operated by LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA. For privacy matters outside the United States, LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is responsible.

Each time a LinkedIn component (LinkedIn plug-in) is installed on our website, that component causes the browser used by the individual to download an appropriate representation of the LinkedIn component. More information about the LinkedIn plug-ins can be found at As part of this technical process, LinkedIn obtains information as to which specific subpage of our website is visited by the person concerned.

If the person concerned is logged in to LinkedIn at the same time, LinkedIn recognizes which specific page of our website the person concerned is visiting each time the person visits our website and for the entire duration of that person’s stay on our website. This information is collected by the LinkedIn component and assigned by LinkedIn to the respective LinkedIn account of the person concerned. If the person concerned clicks on an integrated LinkedIn button on our website, LinkedIn assigns this information to the personal LinkedIn user account of the person concerned and saves this personal data.

LinkedIn always receives information through the LinkedIn component that the person concerned has visited our website if the person concerned is logged in to LinkedIn at the same time as accessing our website; this occurs regardless of whether the person concerned clicks on the LinkedIn component or not. If the data subject does not want LinkedIn to receive such information, he or she can prevent the transmission by logging out of his or her LinkedIn account before accessing our website.

At LinkedIn offers the possibility to unsubscribe from e-mail messages, SMS messages and targeted ads as well as to manage ad settings. LinkedIn also uses partners such as Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua and Lotame who can set cookies. Such cookies may be declined at LinkedIn’s current privacy policy can be found at LinkedIn’s cookie policy is available at

Notes on legal bases:

If we ask you for your consent to the use of LinkedIn, the legal basis for the processing of data is the consent in accordance with Art. 6 (1) lit. a. GDPR. In other cases, your data will be processed on the basis of our legitimate interests (i.e. interest in an attractive presentation of our online services) pursuant to Art. 6 (1) lit. f. GDPR.

c. Xing

Our website uses features of the XING network. The provider is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. Each time one of our pages containing XING functions is called up, a connection to XING servers is established. To the best of our knowledge, no personal data is stored. In particular, no IP addresses are stored or the usage behavior is evaluated.

Further information on data protection and the XING Share button can be found in the XING privacy statement at:

6. Disclosure to third parties

To facilitate the purposes described we may exchange your data with third parties we use to process orders and inquiries. In this context we may provide access to your information to third parties that support our provision of services to you. Examples are third parties used to manage our web servers and to analyse data who may be able to access your data in this context. A data processing agreement is concluded in this case.

If you make your personal data available to us for the purpose of potential future cooperation, potential investments and/or to enable us to contact you, we may disclose this data to affiliated companies (as defined in Sections 15 et seqq. of the German Stock Corporation Act), if there is a legitimate interest on our part and your interests, fundamental rights and freedoms do not outweigh.

Otherwise we only provide your personal data to third parties if we are obligated to do so by compulsory legal regulations, if you ask us to do so or have consented to the disclosure, or after the data has been anonymised or pseudonymised.

We only transfer data to third parties established in a third country with your consent or to fulfil our contractual obligations pursuant to Art. 44 GDPR et seqq.

7. Data security, TLS encryption with https

Aquila Capital Management GmbH take diligent precautions to protect your data against manipulations, loss, destruction and against access by unauthorised persons. We continuously improve our security measures in accordance with the development of technology. The employees of the Aquila Group are obligated to maintain data confidentiality in accordance with the provisions of the GDPR.

We use https to transmit data in a tap-proof manner on the internet (data protection through technology design Article 25 (1) GDPR). Through the use of TLS (Transport Layer Security), an encryption protocol for secure data transmission on the internet, we can ensure the protection of confidential data. You can recognize the use of this data transmission security by the small lock symbol in the upper left corner of the browser and the use of the https scheme (instead of http) as part of our Internet address.

8. Technologies used

Parts of this website may use technologies that are widely used on the internet, such as JavaScript, Java, Flash or ActiveX, to allow us to present the information requested in a form that is more convenient for you. We do not use these technologies in any way to spy out personal data or manipulate data on your computer.

9. Cookies

a. Description and scope of data processing

We need certain information to enable us to design our websites based on user needs. For the collection of this information we also use cookies. Cookies are meant to facilitate the use of the internet and communication. Cookies are stored on your PC or another end device to anonymously identify the device and to support the application when you return to our websites.

If you want to, you can suppress the storage of cookies in general through your web browser or you can decide if you want to be asked if a cookie should be stored or not. However, if you do not accept cookies, some pages may not be displayed correctly any more.

We use cookies on our website to store the following parameters, for example:

  1. Language and country
  2. Browser settings and installed plug-ins
  3. Data on the use of our website.

This website uses the following cookies:

Transient cookies (temporary use)

Persistent cookies (use for a limited time)

Transient cookies are deleted automatically when you close your browser. They specifically include session cookies. Session cookies store a “session ID” which allows to allocate various requests from your browser to a joint session. This allows the website to recognize your computer when you return to the website. Session cookies are deleted when you log out or close your browser.

Persistent cookies are deleted automatically after a specified period which may vary depending on the type of the cookie. You can delete the cookies at any time in the security settings of your browser.

The user data collected in this way is pseudonymised by technical precautions. Therefore, it is no longer possible to assign the data to the calling user. The data will not be stored together with other personal data of the users.

More information on how cookies work can be found on the following website:

b. Purpose and legal basis of data processing

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For this it is necessary that the browser is recognized even after a page change.

The user data collected by technically necessary cookies are not used to create user profiles.

The legal basis for the processing of personal data using technically necessary cookies is Art. 6 (1) lit. f. GDPR. Legal basis for the processing of personal data using other cookies (marketing, statistics, etc.) will be in the event that we ask you for consent based on Art. 6 (1) lit. a. GDPR.

c. Duration of storage objection and elimination options

Cookies are stored on the user’s computer and transmitted to our site. Therefore, you as a user also have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our websites, it may no longer be possible to use all functions of the website to their full extent.

d. Customize cookie settings

When calling up our website, we offer you the possibility to individually adjust the cookies via the “Settings” item in the cookie banner. This consent is voluntary, not necessary for the use of this website and can be revoked at any time. You can adjust the cookie settings here at any time.

By clicking on “accept” in the cookie banner, you also consent to your data being processed in the USA in accordance with Art. 49 Para. 1 S.1 lit a GDPR. The USA is considered by the European Court of Justice to be a country with an inadequate level of data protection according to EU standards. In particular, there is a risk that your data may be processed by US authorities, for control and monitoring purposes, possibly without the possibility of legal recourse. If you click on “accept only necessary”, the transfer described above will not take place.

10. Google Analytics

This website uses Google Analytics, a web analysis service provided by Google Inc. (“Google”). Google Analytics uses “cookies”. As mentioned above, cookies are text files that are stored on your computer and enable us to analyse your use of the website. The information on your use of this website generated by the cookie is transferred to a Google server in the USA and is stored there. Google will use this information to analyse your use of the website, prepare reports on the website activities for website operators and provide other services related to the use of the website and the internet. The legal basis for the use of Google Analytics is Art. 6 (1) a. GDPR. The data sent by us and linked with cookies, user IDs (e.g. user ID) or advertising IDs are automatically deleted after 14 months. Data whose retention period has been reached is automatically deleted once a month. Google may also transfer information to third parties if this is required by law or if this data is processed by third parties on behalf of Google. Google will not connect your IP address with other Google data under any circumstances. You can also prevent the collection of the data generated by the cookie and related to your use of the website (including your IP address) by Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available at: activating the add-on that can be downloaded through this link you effectively object to the collection, use and processing of your data by Google Analytics.

This website uses the anonymisation option provided by Google Analytics. We only collect your IP address in shortened form which means it cannot be traced back to you.

If you object to the use of cookies, we place a simple cookie which expires after your browser session and only memorises that data should not be collected about you.

11. Your rights

You have the following rights with respect to your personal data:

  • right of access,
  • right to rectification or erasure,
  • right to restriction of processing,
  • right to withdraw the consent or objects to the processing
  • right to object to processing,
  • right to data portability.

You can contact us or our data protection officer to assert your rights (for contact details see II. Clause 1 and 2).

You also have the right to complain with a data protection supervisory authority about our processing of your personal data.

III. General data processing in the Aquila Group (data protection information according to Art. 13 GDPR)

The privacy, protection and processing of your personal data is very important to Aquila Group. In the following we would like to inform you about the processing of your personal data within Aquila Group and your rights regarding personal data protection. Which specific personal data will be processed and/or use significant depends on the specific existing business relationship or other factors. In this respect, you will find in section IV and V data protection information relating to specific processing activities.

1. Name and contact data of the controller

Controller within the meaning of GDPR and/or other European data protection laws or regulations, is the legal entity within Aquila Group, with which you maintain a business relationship, that collects personal data from you or to which you provide personal data.

The responsible company of Aquila Group with legal seat in Hamburg, Germany, can be reached as follows:

Valentinskamp 70, 20355 Hamburg, Germany
Tel.: +49 40 875050-100


ABC-Straße 21, 20354 Hamburg, Germany
Tel.: +49 40 875050-200

The responsible company of Aquila Group with legal seat in Luxembourg, can be reached as follows:

Airport Center Luxembourg, 5, Heienhaff, 1736 Sennigerberg, Luxembourg
Tel.: +352 24 83 29 1

The responsible company of Aquila Group with legal seat in Spain can be reached as follows:

Paseo de la Castellana, 95, Torre Europa – planta 10ª, 28046 Madrid, Spain
Tel.: +34 91 511 90-50

The responsible company of Aquila Group with legal seat in Switzerland can be reached as follows:

Poststraße 3
8001 Zurich, Switzerland
phone: +49 40 87 5050-100

The responsible company of Aquila Group with legal seat in Norway can be reached as follows:

Haakon VIIs gate 6
0161 Olso, Norway
phone: +49 40 87 5050-100

The responsible company of Aquila Group with legal seat in the Netherlands can be reached as follows:

Schiphol Boulevard 215, WTC Schiphol
1118BH Schiphol, Netherlands
phone: +49 40 87 5050-100

The responsible company of Aquila Group with legal seat in Japan can be reached as follows:

SHINBASHI 2-11-10 7F, Shimbashi, Minato-Ku
105-004 Tokyo
phone: +49 40 87 5050-100

The responsible company of Aquila Group with legal seat in Singapore can be reached as follows:

138 Market Street #15-03 Capitagreen
048946 Singapore
phone: +49 40 87 5050-100

The responsible company of Aquila Group with legal seat in Portugal can be reached as follows:

Avenida Fontes Pereira de Melo, N14, 11
1050-121 Lisbon
phone: +34 91 511 90-50

2. Contact data of the data protection officer of the Aquila Group 

The data protection officer of the Aquila Group can be reached as follows:

Aquila Capital Holding GmbH

c/o data protection officer

Valentinskamp 70, 20355 Hamburg

In addition, a data protection officer has been appointed for the relevant Spanish Group companies, who can be contacted as follows: e-mail:

3. Purpose of personal data processing and legal basis

We process personal data in accordance with the relevant rules and regulations, in particular with GDPR.

The processing of personal data is necessary for the performance of a contract with you (Art. 6(1) lit. b. GDPR).

The processing of personal data is necessary for the purposes of the legitimate interests pursued by you or by a third party (Art. 6(1) lit. f. GDPR).

If you have declared your consent in the processing of personal data for certain purposes, we process such data on the basis of your consent (Art. 6(1) lit. a. GDPR.

In addition, we are subject to a large number of legal obligations (money- laundering act, tax law etc.) as well as regulatory regulations. For this purpose we can use and process your personal data (Art. 6(1) lit. c. GDPR).

We collect and use personal data from our customers to send important information or updates on Aquila Group products and services. This includes, in particular, important security information or significant changes to products, services or this Privacy Policy. The legal basis for processing data for these purposes is the legitimate interest of the Aquila Group to adapt and correct legal innovations or product errors, to comply with legal obligations and to offer high-quality product support. The collection and use of this data may be mandatory for compliance with existing legal regulations. Insofar as we collect or use data for purposes of advertising and customer retention, for example for performance reports, analyses and market-relevant assessments as well as invitations to specific events, following prior consent, there is a right of revocation for this consent at any time with effect for the future. The revocation can – just like the consent – be made orally, in writing or in text form.

4. Recipients or categories of recipients of the personal data

Your personal data will be transmitted within the Aquila Group to all entities, which need these data for contractual and regulatory purposes. For these purposes we also may transmit your personal data to processors (Art. 28 GDPR) if applicable. To comply with certain contractual obligations we may transmit personal data to other recipients, e.g. public authorities or organisations in case of legal obligations. A transfer of personal data to third parties with a registered office in a third country will only take place with your consent or in order to fulfil our contractual obligations pursuant to Art. 44 et seq GDPR.

5. Duration of storage

Where required, we process and store your personal data for the period of our business relation or until the revocation of your consent. The retention period of personal data within the Know Your Costumer process is 5 years. The retention period begins upon conclusion of the calendar year in which the business relationship is terminated. In all other cases, it begins upon conclusion of the calendar year in which the respective information was gathered (see Sec. 8 para 4 Money Laundering Act). Furthermore, we are subject to miscellaneous safekeeping and documentation obligations that may arise from e.g. German Commercial Code or General Fiscal Code.

Pursuant to the provisions of these laws, personal data must be retained for a period of ten years. In addition, the statutory period of limitations within the meaning of seq. 195 et German Civil Code shall apply in relation to the duration of storage period. Thus, the maximum period of limitation term is up to 30 years.

6. Automated decision-making including profiling

We do not use automated decision-making within the meaning of Art. 22 GDPR for establishing and fulfilling the business relationship with you. We do not use procedures based solely on automated processings. Your personal data will be partially processed automatically, to analyse certain personal aspects (profiling). Profiling is used in the following areas: We are subject to certain legal and regulatory requirements, e.g. anti-money laundering, terrorist financing and asset risk offenses. Concurrently, this measures are for your protection.

7. Your rights

As data subject within the meaning of GDPR you have a number of rights in relation to your data. In the following, we will inform you about your rights. You will find further details in Art. 15-21 GDPR.

  • right of access to personal data
  • right to rectification or erasure
  • right of restriction of processing
  • right to withdraw the consent or objects to the processing
  • right to data portability

Please contact us or our data protection officer (see contact details under II. Clause 1 and 2). to assert our rights.

In addition you have the right to lodge a complaint with the data protection supervisory authority.