Privacy policy

for the use of our website

It is generally possible to visit our website without providing personal data. Out of the blue KG (hereinafter: OOTB) only collects the information provided by your internet provider (especially the IP address assigned to you). This information is only stored by OOTB for the duration of the website visit; an evaluation is only carried out for statistical purposes, whereby the individual user remains anonymous.

To enable you to make better use of our website, we use small text files known as “cookies” to track user preferences and optimise our website accordingly. Cookies are now routinely used by most websites. However, if you have any concerns in this regard, you can also set your browser not to accept cookies.

Furthermore, OOTB only collects personal data that is explicitly and voluntarily entered by the website visitor. Such input can occur, for example, when you send us an e-mail via the electronic addresses given under “Contacts”. Such information is used by us exclusively for the corresponding purpose and in compliance with the applicable legal provisions; any further use will only be made with your consent.

OOTB will not disclose any personal data to third parties unless this is permitted by law or expressly requested by the person concerned. We are aware of the value of your personal information. We therefore take all legally prescribed measures to protect the personal data entrusted to us.

When processing personal data, we naturally comply with the applicable legal provisions, in particular the German Federal Data Protection Act (BDSG) and the German Telemedia Act (TMG).

Use of Google Analytics
This website uses Google Analytics, a web analytics service provided by Google, Inc (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. In the event that IP anonymisation is activated on this website, however, your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link (http://tools.google.com/dlpage/gaoptout?hl=de).

For more information on terms of use and data protection, please visit http://www.google.com/analytics/terms/de.html or http://www.google.com/intl/de/analytics/privacyoverview.html.

We would like to point out that on this website Google Analytics has been extended by the code “gat._anonymizeIp();” to ensure anonymised collection of IP addresses (so-called IP masking).

Google Analytics


We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create any user profiles, does not store any cookies and does not carry out any independent analyses. It is only used to manage and display the tools integrated via it. However, Google Tag Manager records your IP address, which may also be transmitted to Google’s parent company in the United States.

The Google Tag Manager is used on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the fast and uncomplicated integration and management of various tools on its website. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.



Google Analytics enables the website operator to analyze the behavior of website visitors. In doing so, the website operator receives various usage data, such as page views, length of visit, operating systems used and origin of the user. This data is assigned to the user’s end device. It is not assigned to a user ID.

We can also use Google Analytics to record your mouse and scroll movements and clicks, among other things. Google Analytics also uses various modeling approaches to supplement the collected data records and uses machine learning technologies for data analysis.

Google Analytics uses technologies that enable the recognition of the user for the purpose of analyzing user behavior (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is generally transmitted to a Google server in the USA and stored there.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. Consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: 


Use of Facebook Social Plugins
This website uses social plugins of the social network “Face-book”, which is operated by Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”) (“Facebook Plugins”). The Facebook plugins are recognisable by one of the Facebook logos (white “f” on a blue background or a “thumbs up” sign) or marked in a comparable way (a list and the appearance of the Facebook plugins can be found here).

When you call up content on our website that contains such a Facebook plugin, your browser establishes a direct connection with the Facebook servers. The content of the Facebook plugin is transmitted directly to your browser by Facebook and integrated into the website by it. We therefore have no influence on the scope of the data that Facebook collects with the help of the Facebook plug-in; Facebook has published its own information on this: according to this, Facebook receives the information that you have called up the corresponding content of our website through the integration of Facebook plug-ins. If you are logged in to Facebook, Facebook can assign the visit to your Facebook account. If you interact with the Facebook plug-ins, for example by clicking the “Like” button or posting a comment, the corresponding information is transmitted from your browser directly to Facebook and stored there. If you are not a member of Facebook, there is still the possibility that Facebook will obtain and store your IP address. The purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as your rights in this regard and setting options for protecting your privacy, can be found in Facebook’s privacy policy.

If you are a Facebook member and do not want Facebook to collect data about you via our website and link it to your data stored on Facebook, you must log out of Facebook before visiting our website. It is also possible to block Facebook social plugins with add-ons for your browser, for example with the “Facebook Blocker”.

You have the right to request information free of charge about any personal data stored by us. You also have the right to correct, block and delete this data. Please send an e-mail to info@ootb.de.

Liability for links
Our website contains links to external websites of third parties over whose content we have no influence. Therefore, we cannot assume any liability for these external contents. The respective provider or operator of the pages is always responsible for the content of the linked pages. The linked pages were checked for possible legal violations at the time of linking. Illegal contents were not recognisable at the time of linking. However, permanent monitoring of the content of the linked pages is not reasonable without concrete indications of a legal violation. If we become aware of any infringements of the law, we will remove such links immediately.

The contents and works created by OOTB on these pages are subject to German copyright law. Duplication, processing, distribution and any kind of exploitation outside the limits of copyright require the written consent of the respective author or creator. Downloads and copies of this site are only permitted for private, non-commercial use. Insofar as the content on this site was not created by the operator, the copyrights of third parties are respected. Should you nevertheless become aware of a copyright infringement, please inform us accordingly. If we become aware of any infringements, we will remove such content immediately.

Privacy policy

for handling data from customers and interested parties

Information on the use of your personal data by Out of the blue KG (“Out of the blue”)

Status: 22.05.2018

This data protection notice applies to data processing in connection with the initiation and execution of customer orders as well as all marketing measures of Out of the blue KG, Beim neuen Damm 28, 28865 Lilienthal, Germany.

1. on what legal basis is personal data collected and processed by Out of the blue?
We process your personal data exclusively within the framework of the European and German data protection laws, in particular the German Data Protection Regulation (DSGVO) as well as the provisions of the German Unfair Competition Act (UWG) and the German Federal Data Protection Act (BDSG), i.e. only to the extent that and for as long as

– it is necessary for the fulfilment of a contract with you or for the implementation of pre-contractual measures, which are carried out at your request, or

– you have given your consent to the processing, or

– the processing is necessary to protect the legitimate interests of us or third parties, e.g. in the following cases: Assertion of claims, defence in legal disputes, advertising and market research, detection and elimination of misuse, prevention and investigation of criminal offences, ensuring the secure IT operation of Out of the blue or

– due to legal requirements, e.g. storage of documents for commercial and tax purposes or in the public interest.

2 What rights do you have?
You have the right

2.1 to request information on the categories of data processed, the purposes of processing, any recipients of the data, the planned storage period (Art. 14, 15 DSGVO);

2.2 to request the correction or completion of incorrect or incomplete data (Art. 16 DSGVO);

2.3 to change or revoke a given consent at any time with effect for the future (Art. 7 para. 3 DSGVO);

2.4 object to data processing which is to be carried out on the basis of a legitimate interest for reasons arising from your particular situation (Art. 21 (1) DSGVO);

2.5 to object to processing of your personal data for the purposes of advertising and market research;

2.6 in certain cases, within the framework of Art. 17 DSGVO, to demand the deletion of data – in particular insofar as the data is no longer required for the intended purpose or is being processed unlawfully, or you have revoked your consent in accordance with section 2.3 or declared an objection in accordance with section. 2.4;

2.7 under certain conditions, to demand the restriction of data, insofar as deletion is not possible or the obligation to delete is disputed (Art. 18 DSGVO);

2.8 to data portability, i.e. you can receive your data that you have provided to us in a common machine-readable format such as CSV and, if necessary, transfer it to others (Art. 20 DSGVO);

2.9 complain to the competent supervisory authority about data processing (Landesbeauftragte für den Datenschutz Niedersachsen).

How can you exercise your rights under section 2?
To exercise your rights under section 2, you can contact us directly. By email to dataprotection@ootb.de or by post to: Out of the blue KG, Data Protection, Beim neuen Damm 28, 28865 Lilienthal, Germany. In addition, you can contact the State Commissioner for Data Protection of Lower Saxony.

4 What personal data is processed by Out of the blue and for what purpose?
4.1 As we are only active in B2B trade, we only process personal data to a very limited extent. Personal data is collected, for example, when we have a personal contact person at a company and collect their personal data for this purpose. The possibly personal data includes first names, last names, titles, company names, postal addresses, email addresses, telephone numbers, mobile phone numbers, fax numbers, internet addresses or contact addresses via so-called social media platforms (e.g. Twitter, LinkedIn, Xing, FaceBook, Skype).

4.2 We use personal data for the following purposes

– for the offer, conclusion and execution of contracts, including the preparation of offers, order confirmations, delivery notes, invoices, reminders;

– for the delivery of goods and their returns;

– for the addition of data;

– for address matching;

– for advertising by e-mail or post (including, where applicable, selection, advertising scoring and profiling), as well as for market research; this use can be objected to at any time by e-mail to:
or by post to: Out of the blue KG, Data Protection, Beim neuen Damm 28, 28865 Lilienthal, Germany;

– for credit checks (see section 5.).

5. does Out of the blue carry out credit checks and cooperate with credit agencies and other companies to minimise risks?

5.1 Out of the blue reserves the right to carry out credit checks in the case of high order values or orders from abroad. The purpose of this is to protect us from payment defaults. As we only sell to commercial customers and the credit check relates to the customer company, personal data is only required and used for the credit check in rare cases. The use of personal data may be necessary, for example, if the customer is a sole trader.

5.2 For the credit assessment, it may also be necessary to transmit personal data of the customer externally to a credit agency or a debt collection agency, such as data on the application, performance and termination of contractual relationships as well as data on non-contractual or fraudulent behaviour.

5.3 The credit agencies and debt collection companies commissioned by us process the data received and also use it for the purpose of scoring in order to provide their contractual partners in the European Economic Area and in Switzerland and, where applicable, other third countries (insofar as there is an adequacy decision on these by the European Commission) with information on, among other things, the assessment of the creditworthiness of companies. More detailed information on this data processing can be found in the data protection notices of the credit agencies and debt collection companies with which we cooperate:

– Creditsafe Deutschland GmbH, Schreiberhauerstr. 30, 10317 Berlin, Germany, data protection information: https://www.creditsafe.com/de/de/rechtliches/datenschutzhinweise/datenschutzhinweise-fuer-auskunfteidaten.html

– Creditreform Bremen Dahlke KG, Contrescarpe 17, 28203 Bremen, Germany, data protection information: https://www.creditreform-bremen.de/eu-dsgvo.html

– Euler Hermes Deutschland AG, Friedensallee 254,22763 Hamburg, Germany, Privacy policy: https://www.eulerhermes.de/datenschutz.html

– Dun & Bradstreet Limited, Marlow International, Parkway, Marlow, Bucks SL7 1AJ, United Kingdom, Privacy Notice: https://www.dnb.co.uk/utility-pages/privacy-policy.html

5.4 The legal basis for this data processing is Article 6 (1) b and Article 6 (1) f DSGVO.

6 Who does Out of the blue share your data with?
6.1 To so-called order processors. These are companies that we commission with the processing of data within the scope provided by law, Art. 28 DSGVO (service providers, vicarious agents). These service providers process data only in accordance with the instructions and under the control of Out of the blue and exclusively for the purposes described in this data protection notice. We commission companies in the following areas in particular: IT, sales, marketing (e.g. online dispatch or postal dispatch of marketing material), market research, finance, consulting, customer service, human resources, logistics, printing, credit assessment, debt collection. We conclude additional contracts with the processors that meet the legal requirements (Art. 28 DSGVO) and guarantee the protection of your personal data.

6.2 To cooperation partners who provide services for you or in connection with your contract on their own responsibility (e.g. logistics service providers). This is the case if you order the services of such partners from us or if you consent to the involvement of the partner or if we involve the partner on the basis of a legal permission.

6.3 Due to legal obligation: In certain cases, we are legally obliged to transfer certain data to third parties. For example, upon presentation of a court order for the provision of information.

7 Where is your data processed?
Your data is generally processed in Germany and other European countries.

If, in exceptional cases, your data is also processed in countries outside the European Union (i.e. in so-called third countries), this is done if you have expressly consented to this or if it is necessary for our provision of services to you or if it is provided for by law (Art. 49 DSGVO). In addition, your data will only be processed in third countries if certain measures ensure that an adequate level of data protection exists (e.g. adequacy decision of the EU Commission or so-called suitable guarantees, Art. 44 et seq. of the GDPR).

For how long will your data be stored?
We delete your personal data as soon as you have revoked a declared consent or exercised your right to deletion, but always only after expiry of the statutory retention obligations that we must comply with, but no later than ten (10) years after you have last corresponded with us.