Fostering efficiency of distributed supply chains in the Industry 4.0 often bases on IoT-data analysis and by means of lean- and shop oor-management. However, trust by preserving privacy is a precondition: Competing factories will not share data, if, e.g., the analysis of the data will reveal business relevant information to competitors. Our approach is enforcing privacy policies in Industry 4.0 supply chains. These are highly dynamic and therefore not manageable by 'traditional' rights-management approaches as we will stretch in a literature analysis. To enforce privacy, we analyze two industrial settings and derive general requirements: (1) Lean- and shop oor-management and (2) factory access control, both common in Industry 4.0 supply chains. We further propose a reference architecture for Industry 4.0 supply chains. We introduce the combination of Palladio Component Model (PCM)  and Ensembles  in order to analyze and enforce privacy policies in highly dynamic environments. Our novel approach paves way for data sharing and global data analyzes in highly dynamic Industry 4.0 supply chains. It is an important step for efficiency of these supply chains and therefore one important cornerstone for the success of Industry 4.0.