pop up privacy policy reminder

Privacy settings

Data Protection Statement - website

As of: June 2026

§ 1 Controller

The controller within the meaning of Art. 4 No. 7 GDPR is:
Messer SE & Co. KGaA
Messer-Platz 1
65812 Bad Soden am Taunus
Germany

Phone: +49 6196 7760-0
E-mail: corporate.office@messergroup.com

Further information can be found in our imprint.

§ 2 Data Protection Officer

You can contact our data protection officer at:

Messer SE & Co. KGaA
Datenschutzbeauftragter
Messer-Platz 1
65812 Bad Soden am Taunus

E-mail: datenschutz.mg@messergroup.com

§ 3 General information on data processing

We process personal data exclusively in compliance with the applicable data protection regulations, in particular the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) and the Telecommunications-Digital-Services-Data Protection Act (TDDDG).

Personal data is any information relating to an identified or identifiable natural person.

Insofar as we process personal data, this is done exclusively for the purposes described in this data protection notice.

§ 4 Categories of recipients

In the course of providing our website and services, personal data may be transferred to the following categories of recipients:

•    IT & Hosting Service Providers
•    Cloud and infrastructure service providers
•    Communication and CRM service providers
•    Analysis and marketing service providers
•    Applicant management service provider
•    Affiliated companies of the Messer Group
•    Authorities and public bodies in case of legal obligation
•    Consultants, auditors and lawyers

Insofar as external service providers process personal data on our behalf, this is done on the basis of order processing agreements in accordance with Art. 28 GDPR.

§ 5 Your rights

You have the following rights vis-à-vis us:

•    Right to information pursuant to Art. 15 GDPR
•    Right to rectification in accordance with Art. 16 GDPR
•    Right to erasure in accordance with Art. 17 GDPR
•    Right to restriction of processing in accordance with Art. 18 GDPR
•    Right to data portability in accordance with Art. 20 GDPR
•    Right to object according to Art. 21 GDPR
•    Right to revoke consent given in accordance with Art. 7 (3) GDPR
•    Right to lodge a complaint with a data protection supervisory authority pursuant to Art. 77 GDPR

To exercise your rights, simply send a message to:

datenschutz.mg@messergroup.com

§ 6 Automated Decisions

Automated decision-making, including profiling, within the meaning of Art. 22 GDPR does not take place.

§ 7 Visiting our website

When you visit our website, the following data is automatically processed:

•    IP address
•    Date and time of access
•    Browser type and version
•    Operating System
•    Referrer URL
•    Pages viewed
•    Amount of data transferred
•    HTTP Status Code

Purposes

•    Provision of the website
•    Ensuring IT security
•    Attack detection and abuse prevention
•    Error analysis
•    System Stability

Legal basis

Art. 6 para. 1 lit. f GDPR.

Our legitimate interest is to ensure that our website is provided in a secure, stable and functional manner.

Storage period

Server log data is generally deleted after 30 days, provided that there are no security incidents or legal retention obligations to the contrary.

§ 8 Hosting and technical infrastructure

In particular, we use the following service providers to provide our website:

•    IBM Cloud
•    Kyndryl Deutschland GmbH
•    Microsoft Ireland Operations Limited
•    Cloudflare Inc.

Purposes

•    Hosting
•    Operation of the website
•    Load balancing
•    IT Security
•    DDoS protection

Legal basis

Art. 6 para. 1 lit. f GDPR.

Storage period

The storage period depends on the respective log and security concepts of the systems used and is usually a maximum of 30 days.

§ 9 Contacting Us

If you contact us by e-mail, telephone, contact form or other means of communication, we will process your information to process your request.

Processed data

•    Name
•    Company
•    E-mail address
•    Phone number
•    Content of the inquiry

Legal basis

•    Art. 6 (1) (b) GDPR
•    Art. 6 (1) (f) GDPR

Legitimate interest

Efficient communication with prospects, customers, suppliers and business partners.

Storage period

Enquiries will generally be deleted after processing has been completed, provided that there are no statutory retention obligations.

§ 10 Consent Management

We use HubSpot Consent Management to manage and document your consents.

Processed data

•    Consent status
•    Time of consent
•    Browsing data
•    Device Information
•    IP address

Legal basis

•    Art. 6 (1) (c) GDPR
•    Art. 6 (1) (f) GDPR

Storage period

Consent logs are stored for up to three years.

Revocation

You can revoke or change your consent at any time via the link "Cookie settings" in the footer of our website.

§ 11 Cookies and similar technologies

Our website uses cookies, local storage and similar technologies.

Technically required technologies

These include, in particular:

•    Session cookies
•    Load balancing cookies
•    Security cookies
•    Consent cookies
•    Authentication cookies

Legal basis

Section 25 (2) TDDDG and Art. 6 (1) (f) GDPR.

Unnecessary technologies
Analytics, marketing, and personalization technologies are used solely on the basis of your consent.

Legal basis

Section 25 (1) TDDDG and Art. 6 (1) (a) GDPR.

§ 12 HubSpot CRM, Analytics, Forms, and Live Chat

We use services provided by HubSpot Ireland Limited, Dublin, Ireland.

HubSpot is used in particular for:

•    Customer Relationship Management (CRM)
•    Contact management
•    Marketing Automation
•    Website analytics
•    Forms
•    Live Chat

Processed data

•    Contact Information
•    Communication data
•    Usage Data
•    Site interactions
•    IP address
•    Device Information

Legal basis

•    Art. 6 (1) (a) GDPR
•    Art. 6 (1) (b) GDPR
•    Art. 6 (1) (f) GDPR

Legitimate interest

Efficient customer communication, optimisation of our online offers and processing of enquiries.

Storage period

The data will be deleted as soon as the respective purpose no longer applies and there are no legal retention obligations. Analysis data is regularly anonymized or deleted after a maximum of 13 months.

§ 13 Google Tag Manager

We use Google Tag Manager.

Google Tag Manager is used exclusively for the technical management of website tags.

Legal basis

Art. 6 (1) (a) GDPR.

Storage period

Google Tag Manager does not store personal data independently.

§ 14 Google Ads and Conversion Tracking

We use Google Ads and Google Conversion Tracking.

Purpose

•    Measuring the success of advertising campaigns
•    Reach analysis
•    Optimizing our marketing efforts

Legal basis

Art. 6 (1) (a) GDPR.

Storage period

The storage period depends on the settings of Google services and is usually a maximum of 13 months.

§ 15 LinkedIn Insight Tag

We use LinkedIn Ireland Unlimited Company's LinkedIn Insight Tag.

Purpose

•    Campaign Analytics
•    Conversion measurement
•    Reach optimization

Legal basis

Art. 6 (1) (a) GDPR.

Storage period

The storage period is based on LinkedIn's specifications.

§ 16 Google Maps

We use Google Maps to display interactive maps.

The cards will only be loaded after your consent.

Legal basis

Art. 6 (1) (a) GDPR.

Storage period

The storage period is based on Google's specifications.

§ 17 YouTube

We embed YouTube videos.

Videos will only be loaded after your consent.

Legal basis

Art. 6 (1) (a) GDPR.

Storage period

The storage period is based on the specifications of Google/YouTube.

§ 18 Google Fonts

If fonts are loaded from servers of Google Ireland Limited, this will only take place after your consent.

Legal basis

Art. 6 (1) (a) GDPR.

Note

If fonts are hosted locally on our servers, no personal data will be transmitted to Google.

§ 19 Podcasts (Podigee)

To provide podcasts, we use Podigee.

Processed data

•    IP address
•    Usage Data
•    Device Information

Legal basis

Art. 6 (1) (a) GDPR.

Storage period

The storage period depends on the specifications of the service provider.

§ 20 Career Portal and Applications

For our career portal, we use Teamtailor AB, Sweden.

Processed data

•    Technical usage data
•    Application data
•    Communication data

Legal basis

•    Art. 6 (1) (b) GDPR
•    Section 26 BDSG
•    Art. 6 (1) (f) GDPR

Storage period

Application documents are generally deleted six months after completion of the application process, unless there are longer statutory retention obligations or consent for a talent pool has been obtained.

For the Talent Pool, storage is carried out exclusively on the basis of your consent.

For further information, please refer to the separate data protection information for applicants.


§ 21 Newsroom Subscriptions and Press Distribution Lists

You can subscribe to information from Messer via our newsroom. These include, in particular:

•    Press releases
•    Technical Articles
•    the customer magazine "Gases for Life"
•    Annual Reports

If you fill out the relevant form in the newsroom, we will process the data you provide, in particular:

•    Salutation
•    First and last name
•    Company or publisher
•    E-mail address
•    Phone number (optional)
•    selected areas of interest or subscription categories
•    optional messages in the comment field

The processing is carried out for the purpose of providing you with the information you have requested, as well as to manage your subscription.

Legal basis

The processing is carried out on the basis of your consent in accordance with Art. 6 (1) (a) GDPR.

If you make specific press, interview or publication requests in the comment field, the processing will also be carried out on the basis of Art. 6 (1) (b) GDPR or Art. 6 (1) (f) GDPR to process your request.

Revocation and cancellation

You can revoke your consent at any time with effect for the future or unsubscribe from individual categories of information.

The revocation can be made in particular via the unsubscribe options contained in the respective messages or by sending a message to the contact addresses provided.

This does not affect the lawfulness of the processing carried out until the revocation.

Storage period

Your data will be stored for as long as the respective subscription exists.
After revocation or cancellation, your data will be deleted, provided that there are no statutory retention obligations to the contrary and no further communication or business relationship exists.

Recipients

For the administration of the newsroom and the communication processes, IT, hosting and communication service providers used by us may have access to the data. Insofar as they act as processors, this is done on the basis of Art. 28 GDPR.

§ 22 Intra-Group Data Transfers

Within the Messer Group, personal data may be transmitted to other companies of the Messer Group to the extent necessary for internal administrative purposes, IT support, compliance purposes, legal advice or the processing of enquiries.

Legal basis

Art. 6 para. 1 lit. f GDPR.

Legitimate interest

Efficient and secure group-wide organization and administration.

§ 23 International Data Transfers

When using individual services, personal data may be transferred to countries outside the European Economic Area.

This applies in particular:

•    HubSpot (US)
•    Google (USA)
•    LinkedIn (USA)
•    Cloudflare (US)

The transfer will be carried out exclusively in compliance with Art. 44 et seq. GDPR.

In particular, the following guarantees are used for this purpose:

•    EU-U.S. Data Privacy Framework
•    EU Standard Contractual Clauses
•    Other suitable safeguards in accordance with the GDPR

Information on the guarantees used can be provided on request.

§ 24 Right of appeal

You have the right to complain to a data protection supervisory authority about the processing of your personal data.

§ 25 Changes to this data protection notice

We reserve the right to amend this data protection notice if this becomes necessary due to legal, technical or organisational changes.

The current version is available on our website.