Privacy Policy

The security and privacy of your personal data is important to us. Therefore, we operate our web services in accordance with laws on data protection and data security. You will find out below which information we collect, if applicable, and how we handle it.

Personal data

Protecting your personal data is very important to us (DEA), therefore we do not collect any personal data without your consent. You decide whether you want to make this data known to us  as part of registration, a contact enquiry or similar.

We use your personal data to answer your enquiries, process your request or to allow you access to special information or offers.

We will not forward any personal data to third parties without your express consent.

Responsible body/service provider

Responsible in terms of data protection and at the same time service provider in terms of the Telemedia Act (TMG) is DEA Deutsche Erdoel AG. Questions or comments regarding this data protection declaration or data protection in general should be sent by e-mail to or by post:

DEA German Erdoel AG

Data protection - confidential -

Überseering 40

22297 Hamburg, Germany

Collection and use of your data 

If you access our website or call up a file, data about this procedure will be stored in a log file on our web server. This data is not related to a person. Therefore, we cannot trace which user called up which data.

The following data is stored in detail:

  • The referrer URL (the website from which you came to us)
  • The status code transmitted
  • Search terms that were entered in the search form
  • The names of the files called up
  • Date and time of a call-up
  • Operating system
  • Type of browser
  • Browser version
  • The anonymous IP address of the accessing computer (network)

We use this information exclusively to identify the attractiveness of our website and to improve its content.

Additional personal information such as your name, address, telephone number or e-mail address is not collected unless you provide this information voluntarily, e.g. when filling out an online contact form, as part of a registration, a survey, for the execution of a contract or a request for information. 

The legal basis for the processing of personal data in these cases is always the consent of the data subject.

The entry and transmission of the data to our server is regarded as a declaration of consent to the use of this data for the purpose described in each case.

Data collected for marketing purposes 

In the context of our marketing, we only use data that you have transmitted to us for the purpose of sending us publications or our newsletter. All data collected on this website will be evaluated anonymously.

Application process

You do not have to provide any personal data to find out about vacancies. However, if you would like to apply for a job, this is possible via our website. After entering your data you confirm by ticking the box that you have read the data protection regulations. Without this confirmation, the application process cannot be continued. All entries are voluntary, unless the fields marked with an "*" are mandatory. If you send us your application by e-mail or postal letter, the information you submit will be collected in the same way by our employees.

Your data will be deleted at the end of the application procedure with a period of four months.

Right to information, correction and deletion

According to Art. 15 para. 1 DSGVO, you have the right to request confirmation as to whether your personal data are processed. 

Right of revocation and objection

We would like to point out that you can revoke any data protection consent given to us at any time with effect for the future. The best way to do this is to send an informal e-mail to:

Right of appeal

In addition, you have a right of appeal to a supervisory authority guaranteed by law in accordance with Art. 77 DSGVO at any time if you are of the opinion that processing of your personal data is unlawful.

Pursuant to Art. 56 DSGVO, the competence of the supervisory authority is regularly determined by the company's head office. If you have a complaint, please contact the Hamburg Commissioner for Data Protection and Freedom of Information (HmbBfDI.,

Newsletter and Consent

In order to register for our e-mail newsletter service, we require at least your e-mail address to which the newsletter is to be sent in addition to your consent under data protection law. Any further information is voluntary and will be used to address you personally and to personalize the content of the newsletter, as well as to clarify any queries regarding your e-mail address.

For the newsletter dispatch we apply Cleverreach and use the so-called double opt-in procedure, i.e. we will send you the newsletter only after you confirm your registration via a confirmation e-mail sent to you for this purpose by a link contained therein. This is to ensure that only you can subscribe to the newsletter as the owner of the e-mail address provided. Your confirmation must be sent after receiving the confirmation e-mail, otherwise your newsletter subscription will be automatically deleted from our database.

You can cancel a newsletter you have subscribed to at any time. You can either send us an informal e-mail to or use the link at the end of the newsletter to cancel your subscription. 
In order to be allowed to use your data for the dispatch of the newsletter, we need your consent, which we request separately in the context of the registration to our newsletter.

Use of Google reCAPTCHA

We use the Google service reCaptcha to establish whether a person or computer makes a certain entry in our contact or newsletter form. Google uses the following data to identify whether you are a human or a computer: the IP address of the device used, the web page you visit on our website and into which the Captcha is embedded, the date and duration of the visit in question, the identity data of the browser and operating system type used, the Google account if you are logged onto Google, mouse movements on the reCaptcha areas as well as tasks calling upon you to identify items on photographs. The legal foundations for the data processing described above are based on Art. 6 para. 1 letter f of the [EU] General Data Protection Regulation. There is a justified interest on our part to such data processing to ensure the security of our website and to protect ourselves against automated entries (attacks) being made.

IP addresses

To make it possible for you to use our website anonymously, we consciously avoid logging IP addresses. We will make your IP address pseudonymous before it is stored in our web server log file in a procedure conformant with data protection, i.e. the IP address is replaced by a tag. This storage is carried out for reasons of data security in order to guarantee the stability and operational security of our system and to prepare web statistics.


If you visit our websites, we may deposit information on your computer in the form of a "cookie", which allows us to automatically recognise you again on your next visit.

Cookies are small text files that are stored locally in the internet browser cache of visitors to the website.

We use cookies for the following purposes e.g.

  • To recognise visitors’ system settings (e.g. font size, language setting) when they visit the website again,
  • To collect information about how visitors use our website e.g. which pages they visit and how long they stay,
  • To guarantee the desired service, for example, access to the secure areas of the website.

There are two types of cookies that are typically used. “Session cookies” und “persistent cookies” are utilised on this website.

Session cookies are only retained for the duration of the online session and are deleted from the computer when the browser is closed.

Persistent cookies are placed to identify the user’s browser. They remain in place for a period of time determined by the website server when setting the cookies.

It is also possible to use our website without cookies. You can deactivate or restrict the storage of cookies in your browser, or set your browser so that it informs you before a cookie is installed. You can also delete cookies from your computer hard disk at any time. Please note, however, that in this case you have to expect the functions of the website will be restricted.

Information about web analysis

Data is collected and stored on this website for marketing and optimisation purposes using Matomo, an open source web analysis tool ( Profiles of use can be prepared from this data under a pseudonym. The data collected by Matomo will not be used to identify visitors to this website personally without those affected giving their consent separately. This data will also not be brought together with the personal data of the person behind the pseudonym.

If you do not want data to be recorded by our Matomo system, you can deactivate it here.

Social media plug-ins 
We currently do not use social media plugins.

Contact forms

We provide forms on our website with which you can make contact with us. We collect and use the information you give voluntarily here (such as your name and your email address) exclusively to process and answer your request.

Data security

We also use technical and organizational security measures to protect personal data that is collected or collected, in particular against accidental or intentional manipulation, loss, destruction or against the attack of unauthorized persons. Our security measures are continuously improved in line with technological developments. 

Your personal data is also encrypted using SSL/TLS technology to prevent access by unauthorized third parties.

Links to other websites

DEA websites contain links to other websites. DEA is not responsible for the data protection strategies or contents of these other websites.

Video surveillance

We wish to inform you below of the EU General Data protection Regulation (GDPR) in force since 25 May 2018 concerning the processing of your personal data within the scope of video surveillance at our locations.

Purposes and legal foundations of data processing

Safeguarding of legitimate interests pursuant to Art. 6 (1) letter f GDPR

Legitimate interests pursued

  • Protection of the enterprise, in particular its of its facilities,
  • company-owned buildings and external premises
  • Protection of employees of, and visitors to, the company
  • Prevention and investigation (assertion of claims for damages) of criminal acts within the company and its plots of land

Storage duration

Video recordings are kept in storage for no more than 72 hours, after which they are automatically overwritten unless one of the purposes defined for storage is found to exist. To the extent that video recordings are stored as evidence, they will be deleted as soon as their purpose pursued has been achieved. In this case, the period for erasure is defined in the relevant regulations of the statute of limitations under civil and criminal law.

References to the rights of data subjects

The data subject is entitled to request confirmation from the controller as to whether personal data pertaining to the data subject are processed; if this is the case, then the data subject is entitled to information on such personal data as well as the items of information individually specified in Art. 15 GDPR.

The data subject has the right to demand rectification by the controller, without delay, of any inaccurate personal data concerning the data subject and, if applicable, supplementation of any incomplete personal data (Art. 16 GDPR).

The data subject is entitled to call for the controller to erase any personal data concerning the data subject without delay if one of the reasons individually specified in Art. 17 GDPR applies, e.g. if the data are no longer required for the purpose pursued (right to erasure; “right to be forgotten”).

The data subject has the right to demand a restriction of processing from the controller if one of the prerequisites listed in Art. 18 GDPR exists, e.g. if the data subject has filed an objection to processing, for the duration of the inspection by the controller.

The data subject has the right to object to the processing of personal data concerning it at any time, for reasons arising from its special situation. The controller will not process such personal data any longer unless the controller can furnish proof of mandatory reasons for processing worthy of protection that override the interests, rights and freedoms of the data subject, or if the processing serves for the assertion, exercise or defence of legal claims (Art. 21 GDPR).

Each and every data subject has the right, notwithstanding any other legal remedy under administrative law or by a court order, to file a complaint with a supervisory authority if the data subject is of the opinion that the processing of personal data concerning the data subject is in violation of GDPR (Art. 77 GDPR). The data subject may assert this right before a supervisory authority in the European member state of its place of residence, place of work or the location of the alleged violation.

The competent supervisory authority varies according to the federal German state in which the relevant data are processed:

Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein
Holstenstraße 98, 24103 Kiel
Tel.: 0431 988-1200

Hamburgischen Beauftragten für Datenschutz und Informationsfreiheit (HmbBfDI)
Ludwig-Erhard-Str 22, 7. OG, 20459 Hamburg
Tel.: 040 / 428 54 – 4040


Lower Saxony:
Die Landesbeauftragte für den Datenschutz Niedersachsen
Prinzenstraße 5, 30159 Hannover
Tel.: 0511-120 4500

Der Bayerische Landesbeauftragte für den Datenschutz
Wagmüllerstraße 18, 80538 München
Tel.: 089 212672-0

Questions and comments

If you have any questions about or comments on DEA data protection, please contact us using the keywords "data protection".

Changes to the Privacy Policy 

Our privacy policy is reviewed regularly. DEA Deutsche Erdoel AG reserves the right to change the data protection declaration at any time without prior notice. We therefore recommend that you inform yourself regularly about any changes. By using the DEA Deutsche Erdoel AG website, you agree to this privacy policy.

This declaration was last updated by the data protection officer of DEA Deutsche Erdoel AG on 10.08.2018.