Privacy statement

for ATOSS Academy online platform

Version: v. 07-2023
We take your privacy very seriously and want you to feel comfortable when visiting and using our ATOSS academy online platform. The protection of your personal data is an important topic for us, which we take into account in all our business processes. Personal data is only collected, processed and used if there is a legal basis for permission in accordance with Art. 6 Para. 1 Sentence 1 lit. b) to f) GDPR or if you give us your consent, e.g. as part of a registration, a customer contract or explicit consent to the processing or use for other reasons. In the case of your consent, the data processing is carried out in accordance with Art. 6 para. 1 sentence 1 lit. a) DSGVO. In this Privacy Statement the following definitions apply:

“ATOSS academy online portal” means the online portal, including the software contained therein, by which a User can access online trainings, training information and user certificates provided by ATOSS.

“ATOSS” means the ATOSS Group company referred to as the provider of the App.

“User” means an identified or identifiable natural person who uses the ATOSS academy online platform, for example as an employee of a Company.

“Company” is the client or employer of the User and acquires the necessary licenses by concluding a service agreement with ATOSS in order to register the User to and train them via the ATOSS academy online portal.

Note on gender neutrality: The chosen wording applies without restriction to the other genders.


Controller for the processing of your personal data is:

ATOSS Software AG
Rosenheimer Straße 141 h
81671 Munich

Data protection officer of ATOSS is

Dr. Stefanie Hagemeier
c/o ATOSS Software AG
Rosenheimer Str. 141 h
81671 Munich

The contact details of the data protection officers of the companies affiliated with ATOSS in accordance with § 15 AktG can be found here.



The ATOSS academy online portal enables the User to participate at online trainings, access training information and acquire User certificates for completed trainings.

In particular, the following personal data is collected:

  • Name (first and last names)
  • (Business) e-mail address
  • User certificates


We collect and process personal data of Users for the purpose of scheduling, registration to and executing the online trainings at the ATOSS academy online portal.

Is access to personal data possible?

Control of access by Users:
The User decides to participate on online trainings. If the User does not want process or use this data, the User can disagree or withdraw his consent at any time with effect for the future.

Legal basis

The legal basis of the processing is Article 6 para 1 lit a GDPR.


User personal data will be stored at the ATOSS academy online portal for a period of one (1) month after last online course is completed. A de-registration and deletion is completed without further communication with or action by the User.


In general, personal data will not be passed on to third parties. Exceptions to this are companies engaged by ATOSS, which are responsible for the technical processing of the ATOSS academy online portal and associated activities, such as invitation, appointment planning, and the affiliated companies as defined in Section 15 of the German Stock Corporation Act (AktG).


With regard to the processing of personal data, data subjects, i.e. the Users, have the following rights against ATOSS as the data controller under Chapter III GDPR:

Upon request, the Company must inform a data subject in accordance with the statutory provisions whether and which personal data on the data subject, i.e. the User, are stored and, if applicable, for what purpose they are processed and/or used (Article 15 GDPR). If, despite the information stored, the information is not correct or if the data subject, i.e. the User, wishes for other reasons to have his personal data rectified (Article 16 GDPR) or erased (Article 17 GDPR) or to have the processing restricted (Article 18 GDPR) or to receive the personal data relating to him or her (Article 20 GDPR), data subject must make this request to his Company. At the same time, he can also object to the processing of personal data under the statutory provisions (Article 21 GDPR).

If the processing of personal data is based on your consent, you have the right to revoke this consent under data protection law in accordance with Art. 7 III GDPR.

Finally, without prejudice to the aforementioned rights, the data subject, i.e. the User, may lodge a complaint with a competent supervisory authority if he considers that the processing of personal information relating to him infringes the regulations of the GDPR (Article 77 GDPR).


ATOSS reserves the right to amend this Privacy Statement from time to time and to update it in the light of changes in the collection, processing or use of data. The current version of the Privacy Statement is available within the App.