Data privacy policy

Below we inform you about the processing of your personal data in the context of using our online services.

Responsible

Digital Life Sciences GmbH

Am Campus 13
48712 Gescher

Phone: +49 2542 20201–0
Fax: +49 2542 20201–19
Mail: info[at]digital-ls.com

Contact person

If you have any questions regarding data protection, please use the contact details specified above.

Data protection officer

Johannes Meibers
meibers.datenschutz GmbH
Haus Sentmaring 9
48151 Münster

Tel: +49 (0)251 203197–0
Fax: +49 (0)251 203197–99
Mail: info[at]meibers-datenschutz.de

Storage duration

As a matter of principle, we will delete the personal data when they are no longer necessary in relation to the purposes for which they were collected or otherwise processed.

If we have asked you for your consent and you have given it, we will delete your personal data if you revoke your consent and there is no other legal basis for the processing.

We will delete your personal data if you file an objection to the processing and there are no legitimate overriding reasons for the processing or if you object to the processing for the purpose of direct marketing or related profiling.

If deletion is not possible because processing is still necessary to fulfil a legal obligation (legal retention periods, etc.) to which we are subject or to assert, exercise or defend legal claims, we will restrict the processing of your personal data.

Further information on the storage period can also be found in the following passages.

Your rights

You have the following rights towards us regarding your personal data:

Right to information
Right to rectification
Right to erasure
Right to restriction the processing
Right to object to the processing
Right to data portability

You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on point (e) or (f) of Article 6(1) EU-GDPR, including profiling based on those provisions. We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defense of legal claims.

Where your personal data are processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing; this includes profiling to the extent that it is related to such direct marketing. We will then no longer process your personal data for these purposes.

You have the right to withdraw your consent to the processing of your personal data at any time if you have given us such consent. The withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.

You have the right to complain to a supervisory authority about the processing of your personal data by us.

Provision of your personal data

The provision of your personal data is neither legally nor contractually required and not required for the conclusion of a contract. You are not obliged to provide your personal data. Should this nevertheless be the case, we will point this out separately when collecting your personal data (for example by marking the mandatory fields on input forms).

Not providing your personal data regularly means that we will not process your personal data for one of the purposes described below and that you will not be able to take advantage of any service related to the respective processing (example: without providing your e‑mail address you will not receive our newsletter).

Web hosting

We are using external services for web hosting. These services may have access to personal data that is processed in the course of using our online services.

Web server log files

We process your personal data to be able to provide our online services to you and to guarantee the stability and security of our online services. Information (e.g. element requested, URL called up, operating system, date and time of the request, browser type and the version used, IP address, protocol used, amount of data transferred, user agent, referrer URL, time zone difference to Greenwich Mean Time (GMT) and/or HTTP status code) is stored in so-called log files (access log, error log etc.).

Security

For security reasons and to protect the transfer of your personal data and other confidential contents we use an encryption in our domain. You will recognise this by the string “https://” and the lock icon in the browser bar.

We use firewalls and malware scanners from external services to ensure the security of our online offering.

When using the external services, this can also lead to profiling (for advertising purposes, personalised information, etc.). Profiling can also be applied across services and devices. Further information on the services used, the scope of data processing and the technologies and procedures when using the respective services and whether profiling takes place when using the respective services and, if applicable, information on the logic involved and the scope and intended effects of such processing for you can be found in the further information on the services used by us at the end of this passage and under the links provided there.

Contact

If you contact us, we will process your personal data in order to process your contact.

If we have asked you for your consent and you have given it, the legal basis for the processing is Art. 6 para. 1 letter a of the EU-GDPR. If we have not asked you for your consent and you have given it, the legal basis for the processing is Art. 6 para. 1 letter a of the EU-GDPR. Our legitimate interest is the processing of your contact. Moreover, if the processing is necessary for the performance of a contract with you or for the implementation of pre-contractual measures on the basis of your request, the legal basis for the processing is Art. 6 para. 1 letter b of the EU-GDPR.

We are using external services for the provision and management of our e‑mail mailboxes. Services may have access to personal data that is processed in the course of contacting us.

We use support systems (appointment booking systems, live chats, ticket systems or helpdesks etc.) and external services to support the processing of your contact. These services may have access to personal data that is processed in the course of contacting us. Further information on the services used, the scope of data processing and the technologies and procedures for using the respective services can be found below in the additional information on the services we use and under the links provided there:

Salesforce
Provider: salesforce.com Germany GmbH, Germany. Your personal data may also be processed by Salesforce, Inc., United States of America.
Website: https://www.salesforce.com/de/?ir=1 Further information & Data protection: https://www.salesforce.com/company/legal/ and https://www.salesforce.com/de/company/privacy/
Guarantee: EU standard contractual clauses. You can request a copy of the EU standard contractual clauses from us. The provider has signed up to the EU-US Data Privacy Framework(https://www.dataprivacyframework.gov), which guarantees compliance with an appropriate level of data protection on the basis of a decision by the European Commission.

Tidio
Provider: Tidio LLC, United States of America.
Website: https://www.tidio.com
Further information & data protection: https://policies.google.com/?hl=en
Guarantee: EU standard contractual clauses. You can request a copy of the EU standard contractual clauses from us. The provider has signed up to the EU-US Data Privacy Framework(https://www.dataprivacyframework.gov), which guarantees compliance with an appropriate level of data protection on the basis of a decision by the European Commission.

Typeform
We have integrated Typeform in this website. The provider is TYPEFORM S.L., Carrer Bac de Roda, 163, 08018 Barcelona, Spain (hereinafter reffered to as Typeform).

Typeform enables us to create online forms and to integrate them into our website. The data you enter in our Typeform forms will be stored on Typeform’s servers until you request us to delete it, revoke any consent you have given to store it or the purpose for storing the data no longer applies (e.g. after we have completed processing your enquiry). Mandatory legal requirements — in particular retention periods — remain unaffected.

The use of Typeform is based on Article 6 Section 1(f) of the EU General Data Protection Regulation (EU-GDPR). The website owner has a legitimate interest in functioning online forms. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Article 6 Section 1(a) EU-GDPR and § 25(1) of the German Telecommunications Telemedia Data Protection Act (ger. “TTDSG”), insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) as defined by the TTDSG. The consent can be revoked at any time.

Cookies & similar technologies

Cookies are used. Cookies are text information that is stored on your end device. A distinction is made between session cookies, which are deleted immediately after closing your browser, and permanent cookies, which are deleted only after a certain time.

In addition to cookies, similar technologies (tracking pixels, web beacons, etc.) may also be used. The following statements on cookies also apply to similar technologies. The same applies to further processing in connection with cookies and similar technologies (analysis & marketing etc.). This also applies in particular to any consent you may have given for the use of cookies. This also extends to other technologies and to further processing in connection with cookies and similar technologies.

Cookies can be used to enable the use of certain functions. Cookies can also be used to measure the reach of our online services, to make it demand-oriented and interest-based and thus to optimise our online services and our marketing. Cookies can be used by us and by external services.

We use a consent tool to manage the cookies used and the related consents. Details on the cookies used (purpose, storage duration, external service if applicable, etc.) and the consent tool can be found in the following passages and in the consent tool we use.

If we have asked you for your consent and you have given it, the legal basis for the processing is Art. 6 para. 1 letter a of the EU-GDPR. If we have not asked you for your consent and you have given it, the legal basis for the processing is Art. 6 para. 1 letter a of the EU-GDPR. Our legitimate interest is the management of the cookies used and the consent given to them. Depending on the purpose of the processing, our legitimate interests can be taken from the following passages.

You can prevent the storage of cookies by adjusting your browser settings accordingly. Below, we provide you with links for typical browsers, where you can find more detailed information on the management of cookie settings:
– Firefox: https://support.mozilla.org/en-US/kb/block-websites-storing-cookies-site-data-firefox
- Chrome: https://support.google.com/chrome/answer/95647?hl=de& hlrm=en
- Internet Explorer / Edge: https://support.microsoft.com/de-de/windows/löschen-und-verwalten-von-cookies-168dab11-0753–043d-7c16-ede5947fc64d
– Safari: https://support.apple.com/en-us/guide/safari/sfri11471/mac
– Opera: https://help.opera.com/en/latest/web-preferences/#cookies
– Yandex: https://browser.yandex.com/help/personal-data-protection/cookies.html

You will find further objection options under the following links https://www.youronlinechoices.eu/, https://youradchoices.ca/en/tools, https://optout.aboutads.infoand https://optout.networkadvertising.org/?c=1.

If you prevent cookies from being saved, this may impair the proper functioning of our online service. If you delete all cookies, the above settings are also lost and must be applied again.

You can also activate the “Do-Not-Track” function of your browser to signal that you do not wish to be tracked. Below, we provide you with links for typical browsers, where you can find further information on the “Do Not Track” setting:
– Firefox: https://support.mozilla.org/en-US/kb/block-websites-storing-cookies-site-data-firefox
- Chrome: https://support.google.com/chrome/answer/2790761?co=GENIE.Platform%3DDesktop&hl=en
- Internet Explorer/Edge: https://support.microsoft.com/de-de/windows/verwenden-von-do-not-track-in-internet-explorer-11-ad61fa73-d533-ce96-3f64-2aa3a332e792
– Opera: https://help.opera.com/en/opera36/be-safe-and-private/
- Safari no longer supports the “Do-Not-Track” feature since February 2019. You can use the following link to prevent cross-site tracking in Safari https://support.apple.com/en-us/guide/safari/sfri40732/12.0/mac
– Yandex: https://browser.yandex.com/help/personal-data-protection/do-not-follow.html

You can also revoke or manage your consent with regard to the cookies used in the consent tool we use.

Borlabs Cookie
Provider: Borlabs — Benjamin A. Bornschein, Georg-Wilhelm-Str. 17, 21107 Hamburg, Germany.
Website https://borlabs.io/borlabs-cookie/
Further information & data protection: https://borlabs.io/privacy/

If we have asked you for your consent and you have given it, we will process your e‑mail address for e‑mail marketing purposes and, if necessary, other personal data in order to address you personally. The legal basis for the processing is Art. 6 para. 1 letter a of the EU-GDPR. The contents of e‑mail marketing will be specifically described when your consent is obtained. Furthermore, e‑mail marketing contains information about us, our goods and services.

We use the so-called double opt-in procedure to prevent possible misuse of your personal data. To this end, after collecting your e‑mail address, we will send you an e‑mail to the e‑mail address you have provided, asking you to confirm that you actually wish to receive e‑mail marketing. The legal basis for the processing is Art. 6 para. 1 letter f of the EU-GDPR. Our legitimate interest is the legally compliant implementation of the e‑mail marketing.

We record the time of granting your consent and the time of your confirmation as well as your IP address and the content of your declaration of consent in order to be able to prove that your consent was obtained in accordance with the law. The legal basis for the processing is Art. 6 para. 1 letter f of the EU-GDPR. Our legitimate interest is the legally compliant implementation of the e‑mail marketing.

We are using external services for e‑mail marketing. Further information on the services used, the scope of data processing and the technologies and procedures when using the respective services and whether profiling takes place when using the respective services and, if applicable, information on the logic involved and the scope and intended effects of such processing for you can be found in the further information on the services used by us at the end of this passage and under the links provided there.

You can withdraw your consent at any time. Your withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal. To withdraw your consent, you can use the link provided for this purpose in the e‑mails or contact us using the contact details given above.

If you have withdrawn your consent, we reserve the right to process your personal data in a so-called blacklist/blocking list in order to be able to ensure that no further e‑mail marketing is carried out in connection with this personal data in the future. The legal basis for the processing is Art. 6 para. 1 letter f of the EU-GDPR. Our legitimate interest is the avoidance of unsolicited e‑mail marketing.

We process your personal data as part of the tracking or success measurements in order to measure the reach of our e‑mail marketing, to design it in line with your needs and interests and thus to optimise our e‑mail marketing. This can also lead to profiling (for advertising purposes, personalised information, etc.). Profiling can also be applied across services and devices. If we have asked you for your consent and you have given it, the legal basis for the processing is Art. 6 para. 1 letter a of the EU-GDPR. If we have not asked you for your consent and you have given it, the legal basis for the processing is Art. 6 para. 1 letter a of the EU-GDPR. Our legitimate interest is the optimization of our e‑mail marketing. A separate withdrawal of your consent or objection with regard to tracking or success measurements is unfortunately not possible. You must use the above options to withdraw your consent or object to the processing of your personal data for the purpose of e‑mail marketing in general.

Brevo
Provider: Sendinblue GmbH, Germany.
Website https://www.brevo.com/de/
Further information & data protection: https://www.sendinblue.com/gdpr/ and https://www.sendinblue.com/legal/privacypolicy/

Analysis & Marketing

We process your personal data in order to measure the range of our online offer, to design it according to your needs and interests and thus to optimise our online offer and our marketing.

We are using external services for analysis and marketing. This can also lead to profiling (for advertising purposes, personalised information, etc.). Profiling can also be applied across services and devices. Further information on the services used, the scope of data processing and the technologies and procedures when using the respective services and whether profiling takes place when using the respective services and, if applicable, information on the logic involved and the scope and intended effects of such processing for you can be found in the further information on the services used by us at the end of this passage and under the links provided there.

Further information on cookies & similar technologies can be found above.

Dealfront
Provider: Dealfront Group GmbH, Germany.
Website https://www.dealfront.com/de/
Further information & data protection: https://www.dealfront.com/de/privacy-notice/

Google Ads Conversion Tracking
Provider: In the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, United States of America.
Website https://support.google.com/google-ads/answer/1722022?hl=de
Further information & data protection: https://www.sendinblue.com/gdpr/ and https://www.sendinblue.com/legal/privacypolicy/

The transfer of personal data to third countries depends on the respective Google service and is subject to the various EU standard contractual clauses, insofar as these are offered by Google. Further information on this and Google’s responsibility can be found at the following link: https://business.safety.google/gdpr/. You can view a copy of the EU standard contractual clauses there. The provider has signed up to the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which guarantees compliance with an appropriate level of data protection on the basis of a decision by the European Commission.

Google Ads Advanced Conversions
Provider: In the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, United States of America.
Website: https://support.google.com/google-ads/answer/9888656?hl=de
Further information & data protection: https://www.sendinblue.com/gdpr/ and https://www.sendinblue.com/legal/privacypolicy/

Google Analytics
Provider: In the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, United States of America.
Website https://marketingplatform.google.com/intl/en/about/analytics/
Further information & Data protection: https://support.google.com/analytics/answer/6004245?hl=de, https://policies.google.com/?hl=de and https://business.safety.google/privacy/

Google Analytics 4
Provider: In the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, United States of America.
Website https://support.google.com/analytics/answer/10089681?hl=de
Further information & Data protection: https://support.google.com/analytics/answer/6004245?hl=de, https://policies.google.com/?hl=de and https://business.safety.google/privacy/

Google Remarketing
Provider: In the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, United States of America.
Website https://support.google.com/google-ads/answer/2453998
Further information & data protection: https://www.sendinblue.com/gdpr/ and https://www.sendinblue.com/legal/privacypolicy/

Google Tag Manager
Provider: In the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, United States of America.
Website: https://support.google.com/tagmanager/answer/6102821?hl=de
Further information & data protection: https://www.sendinblue.com/gdpr/ and https://www.sendinblue.com/legal/privacypolicy/

LeadRebel
Provider: Pulserio AG, Switzerland.
Website: https://leadrebel.io/de/
Further information & Data protection: https://leadrebel.io/de/privacy
Adequate level of data protection for transfers of personal data to Switzerland: Adequacy decision of the EU Commission

Social media presences

We maintain social media presences at external services in order to be able to communicate with users there and thus optimise our online services and our marketing.

This privacy policy also applies to the following social media presences:
https://www.youtube.com/channel/UCcIY0NeDnjlDLfWuw4qad‑w/
https://www.linkedin.com/company/digital-life-sciences-gmbh/
https://www.xing.com/pages/digital-life-sciences-gmbh

LinkedIn
Provider: If you are located in the EU, the European Economic Area (EEA) or Switzerland, this service is provided by LinkedIn Ireland Unlimited Company, Ireland. If you are located outside the EU, the European Economic Area (EEA) or Switzerland, this service is provided by LinkedIn Corporation, United States of America.
Website: https://www.linkedin.com
Further information & data protection: https://www.sendinblue.com/gdpr/ and https://www.sendinblue.com/legal/privacypolicy/
Guarantee: EU standard contractual clauses. You can request a copy of the EU standard contractual clauses from us.

Xing
Provider: New Work SE, Germany.
Website https://www.xing.de
Further information & Data protection: https://privacy.xing.com/de and https://privacy.xing.com/d e/datenschutzerklaerung

YouTube
Provider: In the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, United States of America.
Website: https://www.youtube.com
Further information & data protection: https://www.sendinblue.com/gdpr/ and https://www.sendinblue.com/legal/privacypolicy/

Social media content / plug-ins

We use social media content/plug-ins from external services in order to display content and provide functions of the external services to you and thus optimise our online offer and our marketing.

Fonts & Scripts

We use fonts and scripts from external services in order to be able to display our online offer to you and to always guarantee up-to-date fonts and scripts.

Font Awesome
Provider: Fonticons, Inc, United States of America.
Website: https://www.fontawesome.com
Further information & Data protection: https://fontawesome.com/privacy

Google Fonts
Provider: In the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, United States of America.
Website: https://fonts.google.com/
Further information & data protection: https://www.sendinblue.com/gdpr/ and https://www.sendinblue.com/legal/privacypolicy/

jQuery
Provider: The OpenJS Foundation, United States of America.
Website: https://openjsf.org/
Further information & Data protection: https://prismic-io.s3.amazonaws.com/openjsf/ba00b254-685f-4e54-b1ca-17984b0f3e55_OpenJS-Foundation-Privacy-Policy-2019–11-15.pdf

Maps

We use maps from external services to make it easier for you to determine our location and to enable you to use the other functions of these external services in connection with the maps.

Google Maps
Provider: In the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, United States of America.
Website: https://www.google.de/maps
Further information & data protection: https://www.sendinblue.com/gdpr/ and https://www.sendinblue.com/legal/privacypolicy/

Rating platforms

We use evaluation platforms and process your personal data in order to have our services evaluated and thus optimise our online offering and our marketing. For this purpose, we also integrate so-called widgets of the rating platforms, for example to show that we use a rating platform and how our services are rated.

If we or the review platforms we use have asked for your consent and you have given it, we or the review platforms we use will process your personal data in order to remind you to submit a review. The legal basis for the processing is Art. 6 para. 1 letter a of the EU-GDPR.

Further information on the rating platforms we use, the scope of data processing and the technologies and procedures for using the respective rating platforms can be found in the further information on the rating platforms we use at the end of this passage and under the links provided there.

Google customer reviews
Provider: In the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, United States of America.
Website https://support.google.com/merchants/answer/7124326?hl=de
Further information & data protection: https://www.sendinblue.com/gdpr/ and https://www.sendinblue.com/legal/privacypolicy/

kununu
Provider: New Work SE, Germany.
Website https://www.kununu.com
Further information & data protection: https://privacy.xing.com/de/datenschutzerklaerung

Applications

If you apply for a job with us, we process your personal data in order to carry out the application procedure and to make a decision on the establishment of an employment relationship. After completion of the application process your data will be restricted for further processing and deleted or destroyed at the latest six months after receipt of the rejection or the application forms will be returned and any copies will be deleted or destroyed, unless you have expressly consented that we may continue to use your data.

If we have asked you for your consent and you have given it, the legal basis for the processing is Art. 6 para. 1 letter a of the EU-GDPR. If we have not asked you for your consent and you have given it, the legal basis for the processing is Art. 6 para. 1 letter a of the EU-GDPR. Our legitimate interest is the proper execution of the application process and, if necessary, the defense against claims based on the rejection of an application. If the processing is necessary for the decision on the establishment of an employment relationship, the legal basis for the processing is also Section 26 (1) sentence 1 of the BDSG (Federal Data Protection Act).

Captchas

We use captchas to protect our online offering from abusive, machine and/or automated entries (e.g. in forms) and to prevent any misuse.

We use external services to provide the captchas. This can also lead to profiling. Profiling can also be applied across services and devices. Further information on the services used, the scope of data processing and the technologies and procedures when using the respective services and whether profiling takes place when using the respective services and, if applicable, information on the logic involved and the scope and intended effects of such processing for you can be found in the further information on the services used by us at the end of this passage and under the links provided there.

Friendly Captcha
Provider: Friendly Captcha GmbH, Germany.
Website https://friendlycaptcha.com/de/
Further information & data protection: https://friendlycaptcha.com/de/legal/privacy-end-users/

Customer login

If you register for our customer login, we process your personal data to provide you with the customer login.

If we have asked you for your consent and you have given it, the legal basis for the processing is Art. 6 para. 1 letter a of the EU-GDPR. If we have not asked you for your consent and you have given it, the legal basis for the processing is Art. 6 para. 1 letter a of the EU-GDPR. Our legitimate interest is the technical provision of the customer login. Moreover, if the processing is necessary for the performance of a contract with you or for the implementation of pre-contractual measures on the basis of your request, the legal basis for the processing is Art. 6 para. 1 letter b of the EU-GDPR.

This privacy policy was translated from a German original created with the configurator of getLaw.de.