Data Privacy Statement

Thank you for your visit and for your interest in our website and its web pages. As your privacy is of great importance to us, we are committed to protecting your data so that you can feel secure when visiting our website. HENSOLDT AG and its subsidiaries (referred to as ‘HENSOLDT’ or ‘HENSOLDT Group’) greatly appreciate your interest in our products and services and your visit to our website.

1 Controller responsible for data collection

If you have any questions, requests for information, applications, complaints or criticism with regard to our data protection measures, please contact:

Hensoldt Holding Germany GmbH
Willy-Messerschmitt-Strasse 1
82024 Taufkirchen

We have appointed a data protection officer in order to ensure compliance with data protection requirements. You have the option of contacting this officer directly if you have any questions regarding the processing of your personal data.

E-Mail: dataprotection (at) 

2 Collection, processing and storage of personal data by HENSOLDT

HENSOLDT collects, processes and stores your personal data solely if this is permitted by law or if you consent to it. We obtain these data in two ways: either you provide them to us or we collect them when our services are used.

2.1 Data, you share with us
Generally, you will be able to make use of our website, without sharing any personal data and/or information with us. In principle, the active use of the whistle-blower-system is possible without any personal data as well. However, you can accompany your notification with various documents, images, or the like – whereby you might be made identifiable. Provided you have permitted to receive a reply onto your hint or request we will generate personal login information for you – which are formally addressed to you, although we will not know your identity. The login information is created solely so you can access the responses to your submitted issue. Detailled information to our whistleblower-system can be found under “4 Use of the whistleblower-system”.

2.2 Data that we obtain through your use of our services
Some data are automatically collected for technical reasons when you visit our website. These data are stored temporarily in a log file.

The following information is collected as part of this, without any action on your part, and stored until automatic erasure:

  • IP address of the requesting computer
  • Date and time of access
  • Name and URL of the retrieved file
  • Website from which access is made (referrer URL)
  • Browser used and, where applicable, your computer’s operating system as well as the name of your access provider

We process the aforementioned data for the following purposes:

  • To ensure the straightforward establishment of a connection to the website
  • To ensure the ease of use of our website
  • To evaluate system security and stability

The legal basis for the data processing is Art. 6(1)(1)(f) GDPR. Our legitimate interest is derived from the processing purposes listed above. We never use the collected data to draw conclusions about you. The aforementioned data are erased as soon as they are no longer necessary for achieving the purpose for which they were collected. We also use cookies when our website is visited. For more information on these, please refer to Section 4 of this Privacy Policy.

2.3 Disclosure of data
In principle, we do not transfer personal data to third parties. If, in individual cases, data are transferred to a third party, you will find the relevant information in this Privacy Policy. We take appropriate measures and carry out regular checks to ensure that the data we collect cannot be viewed or accessed by unauthorised external parties.

3 Use of cookies

3.1 Definition
‘Cookies’ are small files automatically created by your browser and stored on your end device (laptop, tablet, smartphone, etc.). Cookies are used to store information that arises in connection with the specific end device used. This does not mean that we can thereby identify you directly. Cookies are used to make our website more user-friendly for you. A distinction is made between the types of cookies below.

3.2 Types of cookies
On this page we solely use technically necessary cookies, which are required to identify your browser-session. In this cookie a distinct identifier is placed, to make the whistleblower-system available throughout the various sites within. These cookies will be deleted automatically when closing the browser window (session-cookie).

3.3 Use of cookies on our website
The data processed by the cookies required to operate a website are necessary for the purposes of our legitimate interests pursuant to Art. 6(1)(1)(f) GDPR.

Cookie “cookieconsent_status“:
This cookie is set and receives the content “dismiss“ if you confirm the cookie banner with “OK“. It is used to ensure that the cookie notive is no longer displayed. This cookie is valid for one year.

A session ID is stored in this cookie in order to recognize your browser within a session. It is created as soon as you click on “Give notice“ or “Get answer” or “Login”. For this purpose, the cookie contains a 32-character string and thus enables your information to be viewed or edited over several pages. This cookie is automatically deleted when the browser is closed.

4 Use of the whistleblower-system

With our whistleblower system, you can provide anonymous information on various topics such as corruption, money laundering or fraud. You can use the system without providing any personal data. Please note, however, that it is only a matter of pseudo-anonymity if you do not use an anonymizing Internet connection or an anonymizing VPN connection. Theoretically, a link between the information and the IP address would be possible, which is why we speak of pseudo-anonymity. As described above, we will not carry out such a comparison between the information and the IP address.

For maximum anonymity, please use a public Internet connection and not a personal device or a suitable anonymization system.

We only process data that you actively and voluntarily provide to us. You do not have to provide a name or contact details - your information will still be checked and processed. You have the option of formulating your advice in several text fields. Make sure that you do not enter any personal data in the text fields that you do not want to disclose (in particular your identity).

The data you transmit will be assigned to a case supervisor and only this person and, if necessary, an ombudsman will have access to your data. For technical reasons, a carefully selected service provider may have access to the data as part of the operation and maintenance of the system. Only in justified exceptional cases and only with the involvement of several responsible persons is it technically possible for persons other than your personal case supervisor to view or process your case.

Depending on the notification, data can be passed on if public bodies are involved or have to be involved in an investigation.

If you allow queries or replies, you will receive a user ID and a password with which you can view answers or answer questions. In the context of queries or replies, we receive statistical data from the system on your first and last login to the system, the creation or modification date of the notice.

The legal basis for processing this data is either consent in accordance with Art. 6 Paragraph 1 lit. a GDPR, if you allow replies or our legitimate interest in such reports and a corresponding pursuit according to Art. 6 Paragraph 1. lit f GDPR.

5 Your rights

Of course, you retain control of all personal data that you make available to us when you visit the website and use our services. You have the following rights, which you can use free of charge. Please note, however, that in the case of anonymous reports, especially if there is no login token, it is generally not possible to exercise your rights, as we cannot verify your identity and compare it with the whistleblower. In order for us to be able to carry out an identity check effectively, it will be necessary for you to provide us with information about yourself and the information you provided in another way. In addition, it will usually not be possible to provide information on personal data about you if you are named in a notice or, if necessary, accused. The same applies to other rights such as objection, correction or deletion.

5.1 Right of access
You have the right to obtain information regarding your personal data stored by us at all times.

5.2 Right to withdraw consent given
You have the right to withdraw consent you have given to the processing of your personal data at any time with future effect. In the event of a withdrawal, we will erase the data concerned without undue delay provided there is no legal basis that would support further processing. Your withdrawal of consent does not affect the lawfulness of any processing performed on the basis of this consent before such consent was withdrawn.

5.3 Right to object
If we process your personal data in the context of a consideration of interests based on our overriding legitimate interests, you have the right to object, on grounds relating to your particular situation, at any time to this processing with future effect.

If you assert your right to object, we stop processing the data concerned. However, we reserve the right to continue processing if we can provide documentary proof of compelling legitimate grounds for the processing which override your interests, fundamental rights and freedoms or if the processing is necessary for the assertion, exercise or defence of legal claims.

5.4 Right to data portability
You have the right to request that we transfer your personal data to another entity for any data we collected on basis of your consent.

5.5 Right to rectification, erasure or restriction of processing
You have the right to have your personal data rectified or erased or to restrict the processing thereof.

5.6 Right to lodge a complaint
You have the right to lodge a complaint with a supervisory authority or our company if you have a reason for a complaint. If you wish to assert rights vis-à-vis our company, please reach out to the contacts listed at the start of this Privacy Policy.

The supervisory authority for us is
Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 18, 91522 Ansbach
Tel.: +49 (0) 981 180093-0, Fax: +49 (0) 981 180093-800
E-Mail: poststelle (at) 

6 Period of storage

We will save your information for up to two months after our investigations have been completed. Once this time has been reached, your data will be completely anonymized and only further processed in the form of statistical data. In principle, it is possible that data relating to a notification will be stored longer for example by law enforcement authorities - we do not have any influence on this matter though.

7 Automated decision-making

There is no automated decision-making based on the personal data collected.

8 Data security

We use the popular SSL (Secure Socket Layer) method in combination with the highest encryption level supported by your browser.

A whole key or closed padlock icon in your browser’s upper status bar indicates whether individual pages of our web presence are transmitted in encrypted form.

Generally, we use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction and unauthorised third-party access. We continuously improve our security measures in line with technological advancements.