In principle, you can use our website without providing any personal data. In individual cases, however, the collection and processing of your personal data may be necessary in order to use certain functions of our website. In addition, we collect and process personal data in order to optimise our website and services, which we process in accordance with REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of individuals with regard to the processing of personal data. April 2016 on the protection of individuals with regard to the processing of personal data, on the free movement of such data and repealing Directive 95/46/EC (GDPR) (Official Journal of the European Union L 119, 4.5.2016) and the Federal Data Protection Act of 30 June 2017 (Federal Law Gazette I p. 2097), as amended by Article 10 of the Act of 23 June 2021 (Federal Law Gazette I p. 1858).
We take the protection of your personal data very seriously and would therefore like to inform you below about your rights and the type and scope of the respective data collection.
At a glance:
1. Contact details of the responsible person
2. Contact details of the data protection officers
1. Personal data (Article 4 No. 1 DS-GVO)
2. Data subject (Article 4(1) of the GDPR)
3. Processing (Article 4 No. 2 DS-GVO)
4. Pseudonymisation (Article 4(5) of the GDPR)
5. Controller (Article 4(7) of the GDPR)
6. Processor (Article 4 No. 8 of the GDPR)
7. Recipient (Article 4(9) of the GDPR)
8. Consent (Article 4(11) of the GDPR)
9. Personal data breach (Article 4(12) of the GDPR)
10. Supervisory authority (Article 4 No. 21 GDPR)
4. General information on data processing, including scope, purpose and legal basis
1. Scope of data processing
2. Legal basis of data processing
3. Purpose of data processing
4. Disclosure of your data
5. Duration of storage and deletion of data
5. Processing of personal data by visiting our website
1. Visiting our website
2. Use of preclinics-discovery
6. Data processing when contacting us via the contact form and by e-mail
2. Web analytics
3. Contact Form 7
8. External links
1. Integration of YouTube videos
2. Presence in social networks (LinkedIn)
9. Transmission to third countries
11. Your rights
12. Adaptation of the data protection declaration
I. Contact details of the responsible person
Person responsible for processing within the meaning of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG):
CEO: Jonas Füner
CFO: Sonia Weese
Local court Potsdam HRB 32106P
Tax office Potsdam
Tax number: 046/116/08654
Tax ID: DE323539033
Wetzlarer Str. 20
II. Contact details of the data protection officer
Wetzlarer Str. 20
1. Personal data (Article 4 No. 1 DS-GVO)
Personal data means any information relating to an identified or identifiable natural person (hereinafter “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
2. Data subject (Article 4 No. 1 GDPR)
A data subject is a person whose personal data are processed by the controller.
3. Processing (Article 4 No. 2 DS-GVO)
Processing is any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
4. pseudonymization (Article 4 No. 5 DS-GVO)
Pseudonymization is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures which ensure that the personal data are not attributed to an identified or identifiable natural person.
5. Controller (Article 4 No. 7 DS-GVO)
The controller is the person, natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data.
6. Processor (Article 4 No. 8 DS-GVO)
The processor is another natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller.
7. Recipient (Article 4 No. 9 DS-GVO)
The recipient is a natural or legal person, public authority, institution or other body to whom personal data are disclosed.
8. Consent (Article 4 No. 11 GDPR)
Consent of the data subject shall mean any freely given specific, informed and unambiguous indication of his or her wishes in the form of a statement or other unambiguous affirmative act by which the data subject signifies his or her agreement to the processing of personal data relating to him or her.
9. Personal data breach (Article 4 No. 12 GDPR)
A personal data breach is a breach of security which, whether accidental or unlawful, results in the destruction, loss, alteration of, or unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed.
10. Supervisory authority (Article 4 No. 21 DS-GVO)
The supervisory authority is an independent governmental body established by a Member State pursuant to Article 51 of the GDPR, which is responsible for monitoring compliance with data protection laws and regulations.
IV. General information on data processing, including scope, purpose and legal basis
1. Scope of data processing
We process the personal data provided by you so that our company offers of company name insert can be used by you and the offers can be processed by us. In doing so, only the personal data that is actually required is collected. The scope depends on whether you merely visit our website or actively contact us. For further details on data processing, please refer to the corresponding explanations under V. to VII. of this data protection declaration.
Some of the data is also collected to ensure error-free provision of the website. Other data may be used to analyze your user behavior. For further details on data processing in this regard, please refer to the corresponding explanations under VIII. to X. of this data protection declaration.
2. Legal basis of the data processing
No data processing is possible without a corresponding legal basis. We take this so-called prohibition with reservation of permission very seriously.
The DS-GVO provides for the following legal bases:
• Consent by the data subject (Article 6(1) p. 1 lit. a DS-GVO),
• Performance of a contract and pre-contractual measures (Article 6 (1) p. 1 lit. b DS-GVO),
• Fulfillment of a legal obligation of the responsible person (Article 6 paragraph 1 p. 1 lit. c DS-GVO),
• Safeguarding vital interests of the data subject or another natural person (Article 6(1) p. 1 lit. d DS-GVO),
• Performance of a task in the public interest or for the exercise of official authority (Article 6 (1) p. 1 lit. e DS-GVO),
• Safeguarding legitimate interests of the controller or a third party (Article 6(1) p. 1 lit. f DS-GVO).
3. Purpose of the data processing
If the legal basis is not shown separately in the data protection declaration, the processing is carried out for one or more of the following purposes on the basis of the respective legal regulations mentioned:
• Implementation of pre-contractual and contractual measures, which takes place upon request (Article 6 (1) p. 1 lit. b DS-GVO).
• Safeguarding our legitimate interests or the legitimate interests of a third party (Article 6(1) p. 1 lit. f DS-GVO).
• Data processing for the performance of a task in the public interest or in the exercise of official authority (Article 6 (1) p. 1 lit. e DS-GVO).
• If you have given us your consent, on the basis of this consent (Article 6 (1) S. 1 lit. a and Article 7 DS-GVO).
A detailed description of the processing purposes can be found in the explanations of the respective data processing below.
4. Transfer of your data
We only transfer your data to external service providers insofar as this is necessary and permissible for the fulfillment of our contractual and legal obligations or for the provision of our offer. If we therefore cooperate with order processors, we bind them contractually in accordance with the legal requirements under Article 28 DS-GVO (contract on order processing). This ensures an appropriate level of data protection and data security. Insofar as the service providers are located outside the European Economic Area in individual cases, it is ensured that the necessary legal basis for this exists. We select these service providers carefully and check whether the transfer of data is necessary for the processing of the contractual relationship with you and the processing meets the legal requirements.
Duration of storage and deletion of data
We process and store your personal data as long as it is necessary for the fulfillment of our legal and contractual obligations. This includes the storage of your personal data for the entire period of the contractual relationship with you.
After expiration of the retention periods, your personal data will be deleted by us.
The retention periods under commercial and tax law (including from the German Commercial Code, the German Fiscal Code and social security regulations) are two to ten years and serve retention and documentation purposes.
Further details on the storage period and data deletion can be found in the explanations below on the respective data processing.
V. Processing of personal data by visiting our website
We process your personal data through various technical means and, if necessary, also with the help of additional service providers. We would like to inform you about the specific details of the processing in the following points.
1. Visit our website
1. When you visit our website, i.e. if you do not transmit information to us in any other way, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security:
• IP address and service provider
• Date and time of the request
• Content of the request (specific page)
• access status/HTTP status code
• Amount of data transferred in each case
• Website from which the request comes
• Browser incl. language and software version
• Operating system and its interface
2. The data listed in paragraph 1 are also automatically stored in the log files (log file) of our server. The log data is stored separately from other data and can only be viewed by the hoster. As a matter of principle, we only store your data for as long as is necessary for the respective purpose of processing. Your personal data will be deleted or blocked as soon as the purpose of storage ceases to apply. The legal basis for the processing of your data when visiting our website is Article 6 paragraph 1 sentence 1 lit. f and, if applicable, lit e DS-GVO, § 15 Telemediengesetz (TMG).
VI. Data processing when contacting us via the contact form and by e-mail
1.When you contact us via the contact form on our website, the data you enter (your e-mail address and name and the other data you provide) will be stored by us at the time of sending in order to process your request.
2. As an alternative to the contact form, you can also contact us via the e-mail address provided on our website, which can be found in the contact and footer.
3. You can object to the processing of your personal data at any time by sending an e-mail to email@example.com or declaring your objection to the processing of your personal data to the person(s) listed in section. If you contact us directly by e-mail, you can object to the processing of your personal data at any time by the same means. The legal basis for this is Article 21(1) DS-GVO. From the time of your objection, no further data processing will take place.
4. We delete the data accruing in this context without delay (this is the obligation according to Article 17(1)), insofar as the storage is no longer necessary in accordance with Article 17(3) DS-GVO, or restrict the processing if there are statutory retention obligations. The legal basis is Article 17(1) and (2) DS-GVO.
5. If your contact aims at the conclusion of a contract, the additional legal basis for the processing of your personal data is Article 6 (1) sentence 1 lit. b DS-GVO. We would like to point out that in this case the previously described right of objection according to Article 21 (1) DS-GVO can only exist to a limited extent.
1. In addition to the data mentioned above, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive associated with the browser you are using and through which certain information flows to the entity that sets the cookie. Cookies cannot execute programs or transfer viruses to your computer. They are used to make the website as a whole more user-friendly and effective.
2. This website uses the following types of cookies, the scope and functionality of which are explained below:
3. Transient cookies are automatically deleted when you close the browser. These include, in particular, session cookies. These store a so-called session ID, with which various requests of your browser can be assigned to the common session. This allows your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser.
4. Persistent cookies are deleted automatically after a specified period of time, which may differ depending on the cookie. You can delete the cookies in the security settings of your browser at any time.
5. You can configure your browser setting according to your preferences and also refuse to accept third-party cookies or all cookies. We would like to point out that you may then, however, not be able to use all functions of this website.
2. Web analytics
1. This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States.
2. In case IP-anonymisation is activated on this website, your IP address will be truncated within the area of Member States of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases the whole IP address will be first transferred to a Google server in the USA and truncated there. The IP-anonymisation is active on this website.
3. Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing them other services relating to website activity and internet usage.
5. As an alternative to the browser Addon or within browsers on mobile devices, you can click this link in order to opt-out from being tracked by Google Analytics within this website in the future (the opt-out applies only for the browser in which you set it and within this domain). – See more at: https://datenschutz-generator.de/ttdsg-cookies/#sthash.jLLgpAZg.dpuf . An opt-out cookie will be stored on your device, which means that you’ll have to click this link again, if you delete your cookies.
3. Contact Form 7
2. We store your data in principle only as long as it is necessary for the respective purpose of processing. Your personal data will be deleted or blocked as soon as the purpose of storage ceases to apply or you revoke your corresponding consent.
VIII. External links
1. Integration of YouTube videos
1. We have integrated YouTube videos into our online offer, which are stored on https://www.youtube.com/ and can be played directly from our website. These are all integrated in “extended data protection mode”, i.e. no data about you as a user is transmitted to YouTube if you do not play the videos. Only when you play the videos will the data mentioned in paragraph 2 be transmitted. We have no influence on this data transmission. The legal basis for the integration of YouTube videos is Article 6 (1) p. 1 lit. f DS-GVO.
2. Presences in social networks
1. We also operate online presences within social networks and platforms and share information via social networks. Through these, we present preclinics-discovery and can communicate with you as our partners or interested parties and publish information. This data processing is separated from the data processing of the website. Through our online presence, a possible analysis of the activity on our online presence can take place with statistical data provided to us by the providers of the social networks and platforms (so-called insights data). However, data processing only takes place as soon as you interact with our online presence. The legal basis for this is Article 6 (1) page 1 lit. f DS-GVO, as the data processing is based on our legitimate interests in more effective information and communication with you. In the case of contract-relevant communication with us, Article 6 (1) page 1 lit. b DS-GVO is the legal basis.
2. When calling up and using our online presences, your personal data is processed by the providers of the social networks and platforms themselves for analysis and advertising purposes. As the operator of the online presence, we have no influence on this and we also do not receive any information from the respective providers about the exact scope of the data processing. The providers can thus create usage profiles, e.g. in order to place interest-based advertising. Cookies are usually stored on your devices for this purpose. Data processing may also take place outside the European Union. The respective provider of the social networks and platforms is primarily responsible for data processing via the online presences. You also have the option of asserting your data subject rights (see “No. 4 Your rights”) directly against the providers of the social networks and platforms.
3. Further information on data processing and your rights can be found in the privacy statements of the providers:
LinkedIn Ireland Unlimited Company, Wilton Place,
IX. Transmission to third countries
In some cases, your data will be transmitted by external service providers to servers outside the EU (so-called third countries). These can be, in particular, service providers in the areas of hosting and marketing, whereby we carefully select these service providers and contractually obligate them to comply with data protection in accordance with the legal requirements. Insofar as the service providers are located outside the EU, it is ensured that in these cases Binding Corporate Rules (BCR), or the standard data protection clauses within the meaning of Article 46 DS-GVO apply, or an adequacy decision within the meaning of Article 45 DS-GVO exists and thus an adequate level of data protection can be guaranteed.
The following companies receive data in third countries outside the European Union as part of our social media activities. For some social networks, you must be a user of these networks yourself:
1. LinkedIn Inc., 1000 West Maude Avenue, Sunnyvale Ca 94085; https://www.linkedin.com/legal/privacy-policy
2.Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA; https://policies.google.com/technologies/partner-sites?hl=de
As a responsible company, we do not use automatic decision-making or profiling.
XI. Your rights
You have the following rights opposite us with regard to the processing of personal data concerning you, which you can assert informally at any time opposite the contact person listed above under point 2:
Right to information (Article 15(1) and (2) DS-GVO).
Upon request, we will provide you with information about which of your personal data we have stored, for what purpose, for how long, from what source and on what legal basis, and whether we have disclosed this data to third parties.
Right to rectification (Article 16 sentence 1 DS-GVO).
If it turns out that the personal data we have about you is incorrect or incomplete, we will correct or supplement it immediately upon request.
Right to erasure (right to be forgotten) (Article 17 DS-GVO).
You have the right to have your personal data deleted without delay, unless there is a legal obligation to retain it for this purpose.
Right to restriction of processing (Article 18 DS-GVO).
You may request us to restrict the processing of your personal data.
Right to object to processing (Article 21(1) DS-GVO).
You may object to the processing of your personal data at any time. This applies in particular if the legal basis of the processing is Article 6(1) p. 1 lit. f and, if applicable, lit. e DS-GVO.
Right to data portability (Article 20 DS-GVO).
You have the right to receive the personal data we have about you in a universally readable format.
Right to withdraw consent (Article 17(3) DS-GVO).
If the data processing is based on your consent, you have the possibility to revoke your consent to the processing of your personal data for the future at any time. You can revoke your consent by sending an e-mail to firstname.lastname@example.org. Your personal data will then be deleted.
Right to lodge a complaint with a supervisory authority (Article 77 DS-GVO).
You also have the right to complain to the competent data protection supervisory authority about the processing of your personal data by us. The data protection authority of the federal state in which we have our registered office is responsible. You can find more details on this
BfDI – Startseite (bund.de).
The state data protection authority in Brandenburg is:
The State Commissioner for Data Protection and for the Right to Inspect Files
Stahnsdorfer Damm 77
We would like to point out that the exercise of your rights may be subject to certain conditions in individual cases.
Ensuring data security and data protection
To ensure the protection and security of your personal data, we implement a variety of technical and organizational security measures, the effectiveness of which we regularly review.
XII. Adaptation of the data protection declaration