Privacy Statement



We take the protection of your personal data very seriously and treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy statement.

Contact Data Protection Officer

You can contact the company data protection officer directly via the following email address:

Collection of Data

Generally, the use of our webpage is possible without providing personal information. As far as personal information (e.g. name, address or e-mail address) are collected in our pages, this is done, as far as possible, always voluntarily.

The data we collect through our contact form is exclusively used for individual communication.

Any use of your personal data takes place only for the stated purposes and to the extent necessary to achieve these purposes. These data are not forwarded to third parties without your express approval or legal basis.

Cookie Policy

The internet pages partly use so-called cookies. These serve to make our service more user-friendly, effective and secure. Cookies are small text files that are stored on your computer by your browser. Most of the cookies we use are so-called “session cookies”. They are automatically deleted after your visit. Cookies do not harm your computer and do not contain viruses.

Google Analytics

This website uses Google Analytics, a web analysis service of Google Inc. (Google). Google Analytics uses cookies, i.e. text files stored on your computer to enable analysis of website usage by you. Information generated by the cookie about your use of this website is usually transmitted to a Google server in the United States and stored there. For further information on the handling of user data at Google analytics see the Googles privacy statement:

In case of activated IP anonymization on this website, however, your IP address is previously truncated by Google within member states of the European Union or in other states which are party to the agreement on the European Economic Area. Only in exceptional cases is a full IP address transmitted to a Google server in the United States and truncated there. On behalf this website’s owner, Google will use this information to evaluate your use of the website, compile reports about website activities, and provide the website’s operator with further services related to website and Internet usage. The IP address sent from your browser as part of Google Analytics is not merged with other data by Google. You can prevent storage of cookies by appropriately setting your browser software; in this case, however, please note that you might not be able to fully use all functions offered by this website. In addition, you can prevent data generated by the cookie and relating to your use of the website (including your IP address) from being collected and processed by Google, by downloading and installing a browser plug-in from the following link:

You can prevent Google Analytics from collecting your data by clicking on the following link. An opt-out cookie is set which prevents the collection of your data on future visits to this website: Deactivate Google Analytics

Google Firebase


Our services use Google Firebase technology from Google Inc. and its various functionalities such as push notifications. Firebase Analytics make it possible to analyze the usage of our services. This means that entirely anonymous data regarding the usage of our service is collected and subsequently transmitted to and stored by Google. Google utilizes the advertising ID of the end device for this purpose. You can restrict the use of the advertising ID in your device settings (iOS: Privacy > Advertising > No Ad Tracking / Android: Account > Google > Ads). Furthermore, we use Firebase Remote Config, which allows us to perform A/B testing and customize the behavior and appearance of the app without requiring users to download a new version. The legal basis for the data analysis and the use of Firebase is a legitimate interest (i.e. interest in the analysis, optimization and efficient operation of our services) as provided for in Art. 6 (1) lit. f GDPR.


Google Privacy Policy

Google Firebase Info

Google Firebase Subprocessors


Privacy policy for the use of facebook-plugins (Like-Button)

On our pages plugins of the social network Facebook (Facebook Inc., 1601 Willow Road, Menlo Park, California, 94025, USA) are integrated. The Facebook plugins can be recognized by the Facebook logo or the “Like-Button” (“Like”) on our site. An overview of the Facebook plugins can be found here:

When you visit our pages, the plugin establishes a direct connection between your browser and the Facebook server. Facebook receives information that you have visited our site with your IP address. If you click on the Facebook “Like-Button” while you are logged into your Facebook account, you can link the contents of our pages to your Facebook profile. As a result, Facebook can assign the visit to our pages to your user account. We point out that we as the provider of the pages are not aware of the content of the data transmitted and their use by Facebook. Further information can be found in the facebook privacy policy at

If you do not wish Facebook to associate your visit to our pages with your Facebook user account, please log out of your Facebook user account.

Privacy Policy for the use of Twitter

On our pages we have integrated functions of the service Twitter. These functions are provided by Twitter Inc., Twitter, Inc. 1355 Market St, Suite 900, San Francisco, CA 94103, USA.

With Twitter and its Retweet functions, the websites visited by you are announced to third parties and associated with your Twitter account. In this process, data is also submitted to Twitter.

We point out that we as the provider of the pages are not aware of the content of the transmitted data and their use by Twitter. For more information, see the Twitter Privacy Policy at

You can change your privacy settings on Twitter in the Account Settings at

Credit Assessment

emmy assesses the creditworthiness of its customers on a random basis and when necessary by consulting the following credit rating agencies [e.g. CRIF GmbH]. Processing is based on legitimate interests of emmy pursuant to Article 6 Section 1 lit. f GDPR. It is in emmy’s interest to assess the customer’s ability to pay in the event of advance payments.

Data Processing during usage of the emmy app

emmy is permitted to collect, process, store and use the personal data provided in the course of concluding the basic and individual rental agreement, including usage and vehicle data as well as data for determining the location of the vehicle, to the extent necessary for the execution of the basic agreement and thus the respective individual rental agreements. For exact billing of the customer’s usage, the starting point, starting time, duration of use, destination and time of arrival at destination are recorded for every individual rental transaction. This data is then used for invoicing purposes by emmy. The legal basis for the processing of this data is therefore the contractual fulfilment in accordance with Article 6 Section 1 lit. b GDPR. Moreover, no location tracking takes place when the vehicles are properly used by customers. Tracking of vehicles – irrespective of their usage –  only takes place via the usage of manual location determination, insofar as necessary for the provision of emmy’s services. The manual location determination is necessary for the carrying out of charge status queries to ensure a timely recharging and redeployment of the vehicles. Furthermore, manual location determination is necessary in order to collect vehicles as required and to park them at points dispersed within the designated area of operation, thus allowing the vehicles to again be made available for use to multiple customers. In the event of a violation of the return obligations or in other cases of behavior in breach of the contract, emmy shall also be entitled to determine the location of the vehicle in question via tracking. In the event of administrative offences or traffic violations, the customer’s personal information (surname, first name, address) shall be transmitted to the traffic and/or regulatory authorities to the extent necessary. Moreover, emmy shall be entitled to contact the customer by telephone in the event of a malfunction of the rental or usage process to determine the cause of the malfunction. Data shall only be passed on to third parties insofar as this is permitted or required by applicable law. The legal basis for the processing of personal data is the contractual fulfilment pursuant to Article 6 Section 1 lit. b GDPR as well as legitimate interests pursuant to Article 6 Section 1 lit. f GDPR. It is in emmy’s interest to protect its property as well as assert and enforce any claims.      

Emmy only stores your personal data for as long as is necessary to fulfil its contractual obligations to you. However, in line with retention obligations under applicable fiscal and commercial law, emmy retains the personal information you provide in connection with the contractual relationship for a period of 10 years after fulfilment of the contract, but for no longer than the statutory period of limitation of 30 years. 

Transmission to Third Parties

We also transfer your personal data to third parties or processors to the extent necessary:

  • to corporate affiliates;
  • to IT service providers and/or providers of data hosting, data processing or similar services;
  • to other service providers and providers of tools and software solutions who also support us in the provision of our services and act on our behalf;
  • to any third party who contributes to the fulfilment of our obligations to our customers (e.g. payment service providers for payment processing);
  • to other external third parties to the extent necessary (e.g. auditors, insurance companies in the event of a claim, legal representatives if necessary, etc.);
  • to authorities and other public bodies to the extent required by law (e.g. tax authorities, etc.).


We use technical and organizational security measures to protect your personal data managed by us against accidental or intentional manipulation, loss, destruction or access by unauthorized persons. Our security measures are continuously improved in line with technological developments.

We point out that data transmission over the Internet (e.g. when communicating via e-mail) can have security gaps. Perfect data protection against third-party access is not possible.

Right of objection and information

At any time, you have the right to free information about your stored personal data, their origin and recipients and the purpose of the data processing as well as a right to correction, blocking or deletion of this data.

If you have any questions about this, which could not be answered by this privacy policy, you can always contact us via the contact information provided in the imprint.