Privacy Policy

Data protection is very important to us!

Protecting your personal data is taken very seriously when any use is made of these websites. Below, you will be informed how your personal data is collected, processed and used if you visit these websites and use the offerings and services offered there.

1. Information on Personal Data

(1) Personal data are any particulars that relate to an individual or are suitable for establishing a link to an individual, for ex. the name, the postal address, a phone number, an e-mail address, the bank details, etc. Personal data can thus be used, in some circumstances, to draw conclusions as to the identity of an individual.

(2) Service provider acc. to Section 13 German Telemedia Act (TMG) and controller acc. to the German Federal Data Protection Act (BDSG) and the General Data Protection Regulation (GDPR) is:

Hans Lehmann KG
Seelandstraße 15
23569 Lübeck

Telephone: +49 (451) 59910 - 0

2. Data Protection Officer

In case of questions regarding data protection, please do not hesitate to contact our data protection officer at

Vater Solution GmbH
Mr Malte Burgmann
Liebigstraße 26
24145 Kiel

 or by e-mail to: E-Mail

3. Rights of Data Subjects

You have the following rights in connection with our processing of your data:

(1) Right of access acc. to Art. 15 GDPR to information about the processing of your personal data by us for purpose of processing; categories of data concerned; recipients or categories of recipient; period of retention or criteria used to determine that period; right to retention, erasure, restriction of processing or to object against the processing or to lodge a complaint with the supervisory authority; as appropriate, to information as to the source of the data and the existence of automated decision-making and, as appropriate, the existence of safeguards acc. to Art. 46 GDPR in case of any transfer to a third country or international organisations.

(2) Right to obtain without undue delay the rectification of inaccurate or the completion of incomplete personal data acc. to Art. 16 GDPR.

(3) Right to erasure of the personal data retained acc. to Art. 17 GDPR where the data is no longer necessary in relation to the purposes for which it was collected or otherwise processed; where a consent given was withdrawn and where there is no other legal ground; where an objection was lodged against the processing or the data must no longer be processed acc. to Art. 21(1) or (2) GDPR; where the data was processed unlawfully; where erasure is necessary to comply with a legal obligation or where the data was collected in relation to the offer of information society services acc. to Art. 8(1) GDPR. This does not apply where the processing is required in order to exercise the right to freedom of expression and information, to comply with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims.

(4) Right to restriction of processing acc. to Art. 18 GDPR, where the accuracy of the data is contested by you (i.e. for the period required to verify accuracy); where the processing is unlawful, but you oppose the erasure and request the restriction of use instead; where we no longer need the data for the purposes of the processing, but it is required by you for the establishment, exercise or defence of legal claims; or where you objected against the processing acc. to Art. 21(1) GDPR pending the verification whether our legitimate grounds of override those of you.

(5) Right to object against the processing of your personal data acc. to Art. 21(2) GDPR (where the data is processed for direct marketing purposes) or acc. to Art. 21(1) GDPR (where the processing is made acc. to Art. 6(1) S. 1 Point (e) or (f) GDPR on grounds relating to your particular situation, unless we have compelling legitimate grounds for the processing which override your interests; or the processing is necessary for the establishment, exercise or defence of legal claims). More detailed information on the right to object can also be found under clause 17. below.

(6) Right to data portability acc. to Art. 20 GDPR, i.e. to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format, but also to transmission to another controller.

(7) Right to withdraw at any time a consent given acc. to Art. 7(3) GDPR. As a result of such withdrawal, we must no longer process data for the future as from the time of withdrawal. Regarding this, see also clause 24. below.

(8) Right to lodge a complaint with a supervisory authority acc. to Art. 77 GDPR. The supervisory authority in charge for us is specified under clause 4. above. The right to lodge a complaint applies without prejudice to other administrative or judicial remedies.

(9) Please address all requests for information, enquiries regarding access or objections to data processing by e-mail to:

4. Automate Decision-Making

Automated decision-making is not applied here.

5. Supervisory Authority

The address of the supervisory authority in charge for us is:
Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein, Holstenstraße 98, 24103 Kiel,
Tel.: +49 431 988-1200, Fax: +49 431 988-1223

6. Retention of Access Data

(1) Upon any access to our Internet presence, access data are retained in a log file on the server of our provider.

(2) This data set comprises, e.g., your IP address, date and time of the request, the name of the requested file, the transferred data volume and the access status, a description of the web browser and operating system used, and the name of your Internet service provider.

(3) This data is collected for technical reasons. It is evaluated only for statistical purposes and without any personal reference (visitor numbers and website popularity). It is erased automatically after 14 days at the latest.

(4) The legal basis for the data handling is Article 6 (1) S.1  GDPR. Our justified interest is accounted for by the above mentioned purposes for  data acquisition. 

7. Collection of Personal Data when Used for Imformation Purposes

(1) If the website is solely used for information purposes, i.e. if you do not log in, register or provide us otherwise with any information to use the website, we will not collect any personal data, except for any data specified under 5.2 that is transmitted by your browser to technically enable you to visit the website.

(2) When using the website, cookies are stored on your computer. Cookies are small text files which are assigned to the browser used by you and stored on your hard drive and provide the party placing the cookie (thus, in this case, us) with certain information. Cookies cannot run programmes or transmit viruses to your computer. Their only purpose here is to make the web offering more user-friendly and effective overall.

(3) Data processed by cookies are necessary for the protection of  justified interests of our company and any third parties according to Article 6 (1) S. 1  GDPR. 

8. Use of Functions on Our Website

(1) Besides the use of our website for mere information purposes, we offer different services that you can use in case of interest. To this end, you usually need to specify further personal data, which will be used by us to provide the respective service. Where additional voluntary particulars can be furnished, they are marked accordingly.

(2) If you contact the service provider by e-mail or via the contact form, we will retain your e-mail address and, if specified by you, your name and phone number to answer your questions.

(3) Data handling  for the purposes of contacting us is based on your voluntary consent as laid down in Article 6 (1) S. 1 GDPR.

9. Plugins und Tools


Some of the websites use cookies. Cookies do not harm your computer and do not contain viruses. Cookies serve the purpose of making our website more user-friendly, effective and secure. Cookies are small text files that are placed on your computer and stored by your browser.

Most of the cookies used by us are “session cookies”. These are deleted automatically at the end of your visit. Other cookies are stored on your end device until you delete them. These cookies allow us to recognise your browser during your next visit to our site.

You can set your browser to inform you when cookies are being placed and to only allow cookies on a case-by-case basis, to refuse cookies in certain cases or in general, and to activate the automatic deletion of cookies when you close the browser. Deactivating cookies may limit the full functionality of this website.

Cookies that are required for execution of the electronic communication process or for provision of certain features requested by you (e.g. shopping basked feature) are retained based on Art. 6(1) Point (f) GDPR. The website operator has a legitimate interest in the storage of cookies for the technically smooth and optimised provision of their services. Where other cookies (e.g. cookies for analysis of your browsing behaviour) are stored, these are addressed separately in this Privacy Policy.

Server Log Files

Server Log Files

The website provider automatically collects and stores information in server log files which your browser automatically sends to us. This information includes the following:

  • browser type and version
  • operating system used
  • referrer URL
  • host name of the computer used for access
  • time of the server query
  • IP address


Our website uses plug-ins of the YouTube website operated by Google. The operator of the websites is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

If you visit one of our websites that features a YouTube plug-in, a connection with the YouTube servers is established. In this context, the YouTube server is informed about which of our websites you have visited.

If you are logged in to your YouTube account, YouTube allows you to associate your browsing behaviour directly with your personal profile. You can prevent this by logging out of your YouTube account.

YouTube is used to ensure uniform and appealing representation of our online offers. This is a legitimate interest in the sense of Art. 6(1) Point (f) GDPR.

For more information on how we handle user data, please refer to the YouTube Privacy Policy at:

Google Web Fonts

For the uniform representation of fonts, this website uses so-called web fonts provided by Google. When accessing a website, your browser will load the necessary web fonts into your browser cache in order to display texts and fonts correctly.

For this purpose, the browser used by you must establish a connection to the Google servers. Thus, Google learns that our website was called by your IP address. Google web fonts are used to ensure uniform and appealing representation of our online offers. This is a legitimate interest in the sense of Art. 6(1) Point (f) GDPR.

If your browser does not support web fonts, one of your computer's standard fonts will be used.

For more information regarding Google web fonts, please refer to and the Google data privacy policy:

Google Maps

This website uses the map service Google Maps via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Your IP address has to be saved in order to be able to use the features of Google Maps. This information will usually be transferred to a Google server in the US, where it will be saved. The provider of this website has no influence on this transfer of data.

Google Maps is used to ensure an appealing representation of our online offers and easy finding of the places specified by us on the website. This is a legitimate interest in the sense of Art. 6(1) Point (f) GDPR.

Please see the privacy notice of Google for more information regarding the handling of user data:

This data is not combined with other data sources.

The data processing is based on Art. 6(1) Point (f) GDPR, which allows the processing of data for the performance of a contract or pre-contractual measures.

SSL and/or TLS Encryption

For security reasons and in order to protect confidential content such as orders or enquiries you send to us as website operator, this website uses SSL and/or TLS encryption. You can recognise an encrypted connection by the address line in the browser changing from “http://” to “https://” and by the lock symbol in the browser line.

If the SSL- and/or TLS encryption is enabled, the data you transmit to us cannot be accessed by third parties.

10. Contact Form

Our website offers you the possibility to send an encrypted e-mail with your request to us using the “Contact” form. This enables you, e.g., to ask questions about our company, our products or our services.

In order to process your request, please specify personal data in our input mask. This includes your name as well as your e-mail address and further information, such as the subject of your request and the text of your message. Besides the mandatory fields, you can also indicate additional information. Optionally, address and/or phone number can be provided.

This queried information enables us to comprehensively respond to your request. The data specified by you in this context is expressly communicated on a voluntary basis.

The personal data transferred to us from your aforementioned particulars and the time of contacting are used exclusively for the purpose for which you have made them available to us upon contacting, especially to process your request. The information provided by you is exclusively used to process your request. The data is not used for other purpose or disclosed to third parties without your explicit consent. Where this is required to comply with your request, this does not apply to partner companies of Hans Lehmann KG. Such partners may include: our component suppliers, transport and logistics partners and our trading partners. Where no statutory retention obligations exist, your personal data will be erased once the request has been dealt with.

The legal basis for data processing is Art. 6(1) S. 1 Point (f) GDPR. Our legitimate interest is the fact that we need your data to process and/or respond to your message.

11. Liability for Contents

The contents on our websites were prepared with utmost care. However, we cannot assume any guarantee for the correctness, completeness and topicality of the contents. In acc. with Section 7(1) TMG (German Telemedia Act), we, as service provider, are responsible for own contents on these websites acc. to general legislation. Pursuant to Sections 8 to 10 TMG, however, we, as service provider, are not obliged to monitor transferred or retained third-party information or to search for circumstances indicating an illegal activity. Obligations to remove or block the use of information in accordance with general legislation remain unaffected hereof. However, any liability in this respect can be assumed only as from the date of knowledge of a specific infringement. Once we become aware of corresponding infringements, we will remove these contents immediately.

12. Liability for Links

Our websites contain links to external third-party websites, on the contents of which we do not have any influence. Therefore, we cannot assume any warranty for such third-party contents either. The person bearing ultimate responsibility for the contents of the linked websites is always the respective provider or operator of the websites. The linked websites were reviewed for potential legal violations at the date of linking. Any unlawful contents were not recognisable at the time of linking. However, permanent content monitoring of the linked websites is not reasonable without concrete evidence of an infringement. Once we become aware of infringements, we will remove such links immediately.

13. Data Security

We take appropriate technical and organisational measures to protect our website and other systems against loss, destruction, access, modification and dissemination of your data by unauthorised individuals. Despite regular controls, complete protection against all risks is, however, not possible.

Our website uses the SSL (Secure Sockets Layer) industry standard for encryption. This ensures the confidentiality of your personal data via the Internet. The question as to whether data is transferred in encrypted form can be seen from the closed key and/or key symbol in the display area of your browser.

14. Data Disclosure

Your personal data is disclosed to third parties only if

- you have given your explicit consent to this acc. to Art. 6(1) S. 1 Point (a) GDPR;

- such disclosure is necessary for compliance with contractual obligations acc. to Art. 6(1) S. 1 Point (b) GDPR;

- we are obliged by law to disclose the data within the meaning of Art. 6(1) S. 1 Point (c) GDPR;

- disclosure of the data is in the public interest within the meaning of Art. 6(1) Point (e) GDPR; or

- if disclosure of the data is necessary acc. to Art. 6(1) S. 1 Point (f) GDPR for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests in the protection of your data.

15. Data Categories

We process the following categories of data: master data (such as company name, point of contact, as appropriate, address), communication data, contract data, claims data, payment and default information, as appropriate. For more details, see the information above.

16. Third-Party Recipients

In order to process your request to your satisfaction, we might be required to disclose your personal data to third-party recipients. Third-party recipients may be companies of the Hans Lehmann Group of companies (MS Mai Lehmann Schifffahrts GmbH & Co KG, MS Siegfried Lehmann Schifffahrts GmbH & Co KG, MS Alessandra Lehmann Schifffahrts GmbH & Co KG, MS Lisa Lehmann Schifffahrts GmbH & Co KG, MS Ina Lehmann Schifffahrts GmbH & Co KG, MS Heike Lehmann Schifffahrts GmbH & Co KG, MS Marie Lehmann Schifffahrts GmbH & Co KG), our component suppliers, transport and logistics partners and our trading partners.

17. Right to Object

Where your personal data is processed based on legitimate interests acc. to Art. 6(1) S. 1 Point (f) GDPR, you have the right, acc. to Art. 21 GDPR, to object to the processing of your personal data on grounds relating to your particular situation or if such objection is directed against direct marketing purposes. In the latter case, you have a general right to object, which we will implement without indication of any particular situation.

If you wish to make use of your right to withdraw your consent or to object, an e-mail sent to is sufficient.

18. Objection to Advertising E-Mails

The use of contact data published by third parties to comply with privacy policy obligations for purposes of sending not expressly requested advertisement and information material is hereby expressly rejected. The operator of the websites expressly reserves all legal steps in case of unsolicited sending of advertisement information, for example spam e-mails.

19. Links to Websites of Other Companies

Our website may contain links to websites of other companies. We are not responsible for the data protection arrangements on any external websites that you can access using such links. Please obtain information on such external websites about the data protection practice pursued there.

20. Topicality of and Amendments to this Privacy Policy

This Privacy Policy is currently applicable and was last amended in May 2018. Due to our website and related services being developed further or amended legal respectively official stipulations, it may be necessary to amend this Privacy Policy. You can view and print out the currently valid Privacy Policy on the website at any time.

Please note, however, that this Privacy Policy might have to be reviewed from time to time due to actual or legal amendments.