The safety of your personal data, including your address, phone number or email, and the protection of your privacy are of the highest priority for us. For this reason, we conduct all of our web-based services in accordance with current privacy and data protection regulations. We will not collect any personal data via our website without your consent. You decide whether to disclose such data to us in the course of registering, ordering products etc. Your data will only be used, stored and processed to the extent required or permitted by your consent, by federal data protection regulations and/or any additional legal requirements.


All rights reserved. All contents, images, illustrations and texts contained on these websites remains the property of KAP1 Consulting Marcus de Heus e.K. They represent the newest information available to us at the time of publication. We do not provide consultancy services on this website, nor does accessing this website constitute a consultancy relationship. We disclaim any liability or warranty for the accuracy, completeness and up-to-dateness of the data and information published on this website. This also applies to all other websites accessed via links on this website. Neither KAP1 Consulting Marcus de Heus e.K. nor any subsidiaries shall be liable for the content of such websites. These hyperlinked websites contain external content, which we have neither selected nor redacted.

The information contained on this website shall in no way constitute any legal or actual commitments. KAP1 Consulting Marcus de Heus e.K. and any subsidiaries reserve the right to amend, delete or add to the information or data already published here at any time. No legal claims can be derived from the material published here. All offers (or parts thereof) are not binding and without obligation. Neither KAP1 Consulting Marcus de Heus e.K. and any subsidiaries shall be held liable for direct or indirect damages resulting from the use of the information or data published on this website. No rights and obligations shall exist between KAP1 Consulting Marcus de Heus e.K. and the user of this website or any third parties. If you request our consultancy or any other services from us, please approach us personally.

The contents of KAP1 Consulting Marcus de Heus e.K. are protected by copyright. The use of these contents or parts thereof for purposes of reproduction, disclosure or publication, storage in an information retrieval system or further distribution requires prior written authorization.

© 2018 by KAP1 Consulting Marcus de Heus e.K.


Thank you for your interest in KAP1 and our privacy policy. The security of your personal data and the protection of your privacy have the highest priority for us. The following information will inform you about the processing of your personal data by KAP1 Consulting Marcus de Heus e.K. (hereinafter referred to as "KAP1") and the rights to which you are entitled under data protection law. Personal data are all data with which you can be personally identified.

Legal changes or changes to our internal company processes may result in an adaptation of this data protection declaration. We therefore ask you to read this data protection declaration regularly.

DATA PROCESSOR responsible for data processing

KAP1 Consulting Marcus de Heus e.K.
Königsallee 14
D-40212 Düsseldorf, Germany
Phone: +49 211 13866-444

WHOSE data is collected

The persons affected by the data processing can be divided into the following categories: Business partners, customers, applicants, interested parties and other visitors to our online service. The persons concerned are hereinafter referred to as "users", whereby the terms used, e.g. "users", are always to be understood gender-neutrally.

WHAT data is collected

Log files
As everywhere on the Internet, data traces of your use remain on the servers of our web hosting service providers when you call up our pages for technical reasons. The following data is transmitted by your Internet browser and recorded in so-called log files:
* Date and time of access
* IP address of the client
* Port number
* Command method
* URI star and URI query
* Protocol status
* Win32 status
* time lapse
* Browser type/version
* Operating system used
* Error message including e-mail address.
We or our web hosting service provider collect and store these log files (log files) exclusively for statistical purposes and for troubleshooting. These data in this form do not allow any conclusions about your person. A personal evaluation does not take place.

Master data
Personal data processed in the course of our business activities includes master data (e.g. names, addresses).
contractual data (e.g. subject matter of contract, duration).
payment data (e.g. bank details, payment history)
contact data (e.g. telephone numbers, e-mail addresses)
content data (e.g. text input in the contact form)
application data (e.g. curriculum vitae, references, certificates, letters of application, other information on occupational qualifications, occupational wishes and preferences, actual salary and salary expectations, willingness to move and travel, time availability, blocking notices)
correspondence and conversation data (e.g. e-mails, faxes, letters, notes on telephone contacts)
other usage data (e.g. websites visited on our website, interest in our services), meta/communication data (e.g. device information, IP addresses).

HOW do we collect data?
We primarily collect data by you communicating it to us. This may involve data that you enter in a contact form, send by e-mail or transmit to us by telephone. Other data is automatically collected by our IT systems when you visit our website. These are mainly technical data (e.g. Internet browser, operating system or time of the page call). This data is collected automatically as soon as you enter our website. Other data (e.g. contact information of business partners) come from publicly accessible sources such as the company website.

When you contact us (e.g. by telephone, contact form or e-mail), your details including your contact data will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We do not pass on this data without your consent.
The processing of the data transmitted to us will therefore take place exclusively on the basis of your consent in accordance with Art. 6 Para. 1 a) DSGVO. You can revoke this consent at any time. For this purpose, an informal notification by e-mail to us is sufficient. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.
The data you transmit to us will remain with us until you request deletion, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions - in particular retention periods - remain unaffected.

WHAT is data used for?
A part of the personal data is collected to ensure an error-free provision of our online offer. Other personal data is required for answering contact enquiries and for communication with users of our online and service offerings. We need other data for the qualified consultation of clients and candidates as well as for the filling of vacant positions with our clients with suitable candidates. In addition, we collect personal data for the purpose of providing contractual services, customer care and service, marketing, advertising and market research.

MICROSOFT (MICROSOFT 365, MICROSOFT TEAMS)We use Microsoft 365 and Microsoft Teams to conduct our usual office communications and for conference calls, online meetings and/or video conferences.
Microsoft 365 and Microsoft Teams are a service provided by Microsoft Ireland Operations, Ltd. for which we have concluded a data processing agreement with the provider.
Various types of data are processed when using "Microsoft Teams". The scope of the data also depends on the data you provide before or when participating in an "online meeting".
The following personal data is processed:
User details: display name, e-mail address, profile picture (optional), preferred languageMeeting metadata: e.g. date, time, meeting ID, telephone number, locationText, audio and video data: You may have the option of using the chat function in an online meeting. In this case, the text entries you make will be processed in order to display them in the online meeting.
In order to enable the display of video and the playback of audio, the data from the microphone of your end device and from a video camera of the end device will be processed for the duration of the meeting. You can switch off or mute the camera or microphone yourself at any time via the "Microsoft Teams" applications.
If there is no contractual relationship with you, the legal basis for the processing of your personal data is Art. 6 para. 1 lit. f) GDPR. Our interest here is in the effective conduct of online meetings.

Data will only be passed on to third parties within the framework of legal requirements. We only pass on user data to third parties if this is done, for example, on the basis of Art. 6 para. 1 lit. b. DSGVO is necessary for contractual purposes or on the basis of legitimate interests pursuant to Art. 6 Para. 1 lit. f. DSGVO in the economic and effective operation of our business.
Application data will generally only be forwarded to the internal departments of our company responsible for the application procedure. Application data will only be passed on to external recipients or other third parties if the applicant has expressly given his prior consent to the passing on of his data. Personal data will not be passed on to third parties beyond this.
If we use subcontractors to provide our services, we take appropriate legal precautions as well as appropriate technical and organizational measures to ensure the protection of personal data in accordance with the relevant statutory provisions.
We only transmit personal data to service providers and other third parties outside the European Economic Area (EEA) under certain conditions: The user has expressly given his consent to the transfer of data to a third country, or the EU Commission must confirm an appropriate level of data protection to the third country in question, or other appropriate data protection guarantees (e.g. binding internal company data protection regulations of the EU standard contract clauses) must be in place.

The protection of personal data is very important to us. Our highest priority is dealing with it in a trustworthy and transparent way. Cookies that are technically required enable the website's basic functionality and usability. Among other things, these cookies ensure smooth navigation on the site. Cookies store, for instance, the language you have selected. The legal basis for the use of these cookies is Art. 6 para. 1 of the European Union's General Data Protection Regulation (GDPR). We require this information in order to provide you with these online services.

Some of our websites contain hyperlinks to websites of other providers. When activated, you will be redirected from our website directly to the website of other providers. You will recognize this by the change of URL, among other things. We cannot assume any responsibility for the handling of your data on these external websites, since we have no influence on the data processing of those companies. Please inform yourself directly on the websites of the companies about the use of your data.

Description and purpose: We use rapidmail to send e-mails and newsletters. The recipient of the data is rapidmail GmbH, Wentzingerstrasse, 21, 79106 Freiburg, Germany. Rapidmail is also used to organize and analyze the dispatch of newsletters. The data you enter in order to receive e-mails and newsletters is stored on the rapidmail servers in Germany. Should you not want any analysis by rapidmail, you can unsubscribe from e-mails and newsletters at any time. For analysis purposes, the e-mails sent with rapidmail contain a tracking pixel, which connects to the rapidmail servers once the e-mail is opened. This allows you to determine if an e-mail or newsletter message has been opened. Furthermore, with the help of rapidmail we can determine whether links are clicked on in the e-mail or newsletter message and which ones. All links in the e-mail are tracking links, with which your clicks can be counted.
Legal basis: The legal basis for data processing is your consent pursuant to Art. 6 (1) lit. a) GDPR.
Recipient: The recipient of the data is rapidmail GmbH.
Transmission to third countries: The data will not be transmitted to third countries.
Duration: We only store your data with your consent for the purpose of the newsletter until the purpose is fulfilled, until you are removed from the newsletter and after unsubscribing from the newsletter the data is deleted from our servers as well as from the rapidmail servers. Data we store for other purposes (e.g. e-mail addresses for the member area) remain unaffected by this.
Revocation option: You have the possibility of revoking your consent to data processing with effect for the future at any time.
Further data protection information: For more details, see rapidmail’s data security information at: For more details about rapidmail’s analysis functions, go to the following website:

KAP1 takes organizational, contractual and technical security measures in accordance with the state of the art to ensure that the regulations of the data protection laws are observed and to protect the data processed by us against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons.
The security measures include in particular the encrypted transmission of data between your browser and our server. Our website uses SSL or TLS encryption to protect the transmission of confidential content, such as requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" or by the lock symbol in your browser line.
However, we would like to point out that, due to the structure of the Internet, it is possible that the rules of data protection and the above-mentioned security measures may not be observed or circumvented by persons or institutions outside our area of responsibility. In particular, unencrypted data can be read by third parties - even if this is done by e-mail. We have no technical influence on this. Nowadays, it is also your responsibility to protect the data you provide against misuse by encrypting it or in any other way.
For this reason, every user is free to transmit personal data to us by alternative means, e.g. by telephone.

Right of information
You have the right to request confirmation as to whether personal data relating to you are being processed and to request information about this data and further information and a copy of the data in accordance with Art. 15 DSGVO.
The right to complete and rectify data
In accordance with Art. 16 DSGVO, you have the right to request the completion of data concerning you or the correction of incorrect data concerning you. The right to erase and block data
Pursuant to Art. 17 DSGVO, you have the right to demand that data concerning you be deleted immediately or, alternatively, to demand a restriction on the processing of the data pursuant to Art. 18 DSGVO. Right to data transferability
You have the right to demand that we receive the data concerning you that you have provided to us in accordance with Art. 20 DSGVO and to demand that it be transferred to other responsible parties. Right of appeal to the competent supervisory authority
In the event of infringements of data protection law, the data subject has the right to appeal to the competent supervisory authority pursuant to Art. 77 DSGVO. The competent supervisory authority for data protection issues is the data protection officer of the federal state in which our company is based. A list of the data protection officers and their contact details can be found at the following link: Right of revocation
Many data processing operations are only possible with your express consent. You can revoke an already given consent according to article 7 paragraph 3 DSGVO at any time with effect for the future. For this purpose, an informal e-mail notification to us is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation. Right of objection
You may object at any time to the future processing of the data concerning you in accordance with Art. 21 DSGVO. In particular, you may object to the processing of your data for the purposes of direct marketing.

The data stored with us are deleted as soon as they are no longer required for their intended purpose (e.g. conclusion of a search mandate) and the deletion does not conflict with any statutory storage obligations or other legitimate interests of KAP1 - for example, an obligation to provide evidence in proceedings under the General Equal Treatment Act (Allgemeines Gleichbehandlungsgesetz - AGG) - or the user has expressly consented to longer storage. If an applicant has declared his consent to the storage of his personal data in our contact database, this data will be deleted as soon as the applicant revokes his consent to data storage by KAP1. Mandatory legal provisions - in particular retention periods - remain unaffected. KAP1 may also delete the data, e.g. because the successful placement of an applicant is no longer to be expected. If the user's data are not deleted because they are required for other and legally permissible purposes, their processing will be restricted. This means that the data will be blocked and not processed for other purposes. This applies, for example, to user data that must be stored for commercial or tax reasons.

FURTHER country-specific information
Our website is aimed at users over the age of 18. This website does not recognize or interact with "Do Not Track" signals. We will notify you of any changes to the Privacy Policy by posting our newer Privacy Policy on this website.

Your trust is extremely important to us. Therefore we are always available to answer your questions regarding the processing of your personal data. For example, you still have questions about this data protection declaration, want to delete your data or need information? Then please do not hesitate to contact us: Peter Franken
Peter Franken QM & Datenschutz
Raderthalgürtel 9
D-50968 Köln, Germany
Phone: +49 221 3172-2605

State of the privacy policy

January 2024

By Marcus de Heus

Supporting multinational companies in attracting top talents.