Disclaimer and privacy policy



Disclaimer

  1. Liability for contents

    The contents of our web pages and services have been created with the utmost care. However, we cannot guarantee the accuracy, completeness and up-to-dateness of the content.

    As a service provider, we are responsible for our own content on these pages in accordance with the general laws pursuant to § 7 (1) TMG. According to §§ 8 to 10 TMG, however, we are not obligated as a service provider to monitor transmitted or stored third-party information or to investigate circumstances that indicate illegal activity.

    Obligations to remove or block the use of information under the general laws remain unaffected. However, liability in this regard is only possible from the time of knowledge of a specific infringement. If we become aware of any such infringements, we will remove the relevant content immediately.

  2. Liability for links

    Our online presence contains links to external websites of third parties, on whose contents we have no influence. Therefore, we cannot assume any liability for these external contents. The respective provider or operator of the pages is always responsible for the content of the linked pages. The linked pages were reviewed for possible legal violations at the time of linking. Illegal contents were not recognizable at the time of linking. However, a permanent control of the contents of the linked pages is not reasonable without specific evidence of a violation of the law. If we become aware of any infringements, we will remove such links immediately.

  3. Copyright

    The contents and works created by the site operators on these pages are subject to German copyright law.

    Duplication, processing, distribution, or any form of commercialization of such material beyond the scope of the copyright law shall require the prior written consent of its respective author or creator. Downloads and copies of this site are only permitted for private, non-commercial use. As As far as the content on this site was not created by the operator, the copyrights of third parties are respected.

    In particular, third-party content is identified as such. Should you nevertheless become aware of a copyright infringement, please inform us accordingly. If we become aware of any infringements, we will remove such content immediately.

  4. Data protection

    As far as personal data (e.g. first and last name, addresses, e-mail addresses) is collected on our pages, this is always done on a voluntary basis as far as possible. As far as possible, the use of the offers and services is always possible without providing personal data.

    The use of contact data published in the imprint by third parties for sending unsolicited advertisements and information materials is hereby expressly prohibited. We expressly reserve the right to take legal action in the event of unsolicited sending.

    The use of our company websites is generally possible without providing personal data. As far as personal data is collected on our pages (e.g. first and last name, e-mail addresses, etc.), this is always done, as far as possible, on a voluntary basis. The data will not be passed on to third parties without your consent.

    We point out that data transmission over the Internet (e.g., communication by e-mail) might be subject to security gaps. Complete protection of data against access by third parties is not possible.



Privacy policy

  1. Name and address of the responsible person

    The responsible party within the meaning of the General Data Protection Regulation (GDPR) and other data protection regulations is:

    innoscripta GmbH
    Arnulfstraße 60
    80335 München
    Germany
    Tel.: +49 89 2555 53568
    datenschutz@innoscripta.com
    www.innoscripta.com

  2. Contact details of the data protection officer

    The data protection officer of the responsible party is:

    DataCo GmbH
    Dachauer Street 65
    80335 München
    Germany
    Tel.: +49 89 7400 45840
    www.dataguard.de

  3. General information on data processing

    We place great importance on data protection. The collection and processing of your personal data is carried out in compliance with the applicable data protection regulations, in particular the EU General Data Protection Regulation (GDPR). The following data protection declaration applies to the collection of data required for our services (establishing contact between potential project partners, writing grant applications, and supervising during grant projects), for the use of our company websites and administration portals, as well as data related to our customers and personal data, in order to be able to offer you our services and advise you in accordance with our range of services. This statement describes how and for what purpose your data is collected and used and what choices you have in connection with personal data.

    By your use of the above websites and by using our service, you consent to the collection, use and transfer of your data in accordance with this privacy policy.

    1. Scope of the processing of personal data

      As a matter of principle, we process personal data of our users only to the extent necessary to provide a functional website and our content and services. The processing of personal data of our users is regularly carried out only with the consent of the user. An exception applies in those cases where obtaining prior consent is not possible for reasons of fact and the processing of the data is required by legal regulations.

    2. Legal basis for the processing of personal data

      As far as we obtain the consent of the data subject for processing operations involving personal data, Article 6 (1) sentence 1 lit. a of the EU General Data Protection Regulation (GDPR) serves as the legal basis.

      When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) p. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.

      As far as processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Art. 6 (1) p. 1 lit. c GDPR serves as the legal basis.

      In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Art. 6 (1) p. 1 lit. d GDPR serves as the legal basis.

      If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 (1) p. 1 lit. f GDPR serves as the legal basis for the processing.

    3. Data deletion and storage period

      The personal data of the data subject will be deleted or blocked as soon as the purpose of storage ceases to apply. Storage may take place beyond this if this has been provided for by the European or national legislator in European Union regulations, laws or other provisions to which the responsible party is subject. Data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or performance of a contract.

  4. Rights of the data subject

    If your personal data are processed, you are a data subject within the meaning of the GDPR and you are entitled to the following rights against the responsible party:

    1. Right to information

      You may request confirmation from the responsible party as to whether personal data concerning you are being processed. If such processing is taking place, you may request information from the responsible party about the following:

      1. The purposes for which the personal data are processed;
      2. the categories of personal data which are processed;
      3. the recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed;
      4. the planned duration of the storage of the personal data concerning you or, if concrete information on this is not possible, criteria for determining the storage period;
      5. the existence of a right to rectification or erasure of the personal data concerning you, a right to restriction of processing by the responsible party or a right to object to such processing;
      6. the existence of a right of appeal to a supervisory authority;
      7. any available information on the origin of the data, if the personal data are not collected from the data subject;
      8. the existence of automated decision-making, including profiling, pursuant to Article 22(1) and (4) of the GDPR and, at least in these cases - meaningful information about the logic involved and the scope and intended effects of such processing for the data subject.


      You have the right to request information about whether the personal data concerning you are transferred to a third country or to an international organization. In this context, you may request to be informed about the appropriate safeguards pursuant to Art. 46 GDPR in connection with the transfer.

    2. Right to rectification

      You have a right to rectification and/or completion vis-à-vis the responsible party if the personal data processed concerning you are inaccurate or incomplete. The responsible party shall carry out the rectification without undue delay.

    3. Right to restriction of processing

      Under the following conditions, you may request the restriction of the processing of personal data concerning you:

      • if you contest the accuracy of the personal data concerning you for a period enabling the responsible party to verify the accuracy of the personal data;
      • the processing is unlawful and you object to the erasure of the personal data and request instead the restriction of the use of the personal data;
      • the responsible party no longer needs the personal data for the purposes of processing, but you need them for the establishment, exercise or defense of legal claims; or
      • if you have objected to the processing pursuant to Article 21 (1) GDPR and it is not yet clear whether the proper reasons of the responsible party outweigh your proper reasons.


      If the processing of personal data concerning you has been restricted, such data may - apart from being stored - only be processed with your consent or for the assertion, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State. If the restriction of processing has been restricted in accordance with the above conditions, you will be informed by the responsible party before the restriction is lifted.
    4. Right to erasure

      1. Obligation to erase

        You may request the responsible party to erase the personal data concerning you without undue delay, and the responsible party is obliged to erase such data without undue delay, if one of the following reasons applies:
        • The personal data concerning you is no longer necessary for the purposes for which it was collected or otherwise processed.
        • You revoke your consent on which the processing was based pursuant to Art. 6 (1) sentence 1 lit. a or Art. 9 (2) lit. a GDPR and there is no other legal basis for the processing.
        • You object to the processing pursuant to Art. 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 (2) GDPR.
        • The personal data concerning you has been processed unlawfully.
        • The erasure of the personal data concerning you is necessary for compliance with a legal obligation under European Union or Member State law to which the responsible party is subject.
        • The personal data concerning you has been collected in relation to information society services offered pursuant to Article 8(1) of the GDPR.


      2. Information to third parties

        If the responsible party has made public the personal data concerning you and is obliged to erase it pursuant to Article 17(1) of the GDPR, it shall take reasonable measures, including technical measures, taking into account the available technology and the cost of implementation, to inform responsible parties which process your personal data that you, as the data subject, have requested to erase all links to these personal data or copies or replications of such personal data.

      3. Exceptions

        The right to erasure does not exist to the extent that the processing is necessary

        • For the exercise of the right to freedom of expression and information;
        • for compliance with a legal obligation which requires processing under European Union or Member State law to which the responsible party is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the responsible party;
        • for reasons of public interest in the area of public health pursuant to Art. 9(2)(h) and (i) and Art. 9(3) GDPR;
        • for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes pursuant to Article 89(1) GDPR, as far as the right referred to in section a) is likely to render impossible or seriously prejudice the achievement of the purposes of such processing; or
        • for the assertion, exercise or defense of legal claims.


    5. Right to information

      If you have asserted the right to rectification, erasure or restriction of processing against the responsible party, the responsible party is obliged to inform all recipients to whom the personal data concerning you have been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort.

      You have the right vis-à-vis the responsible party to be informed about these recipients.

    6. Right to data portability

      You have the right to receive the personal data concerning you that you have provided to the responsible party in a structured, common and machine-readable format. You also have the right to transfer these data to another responsible party without hindrance from the responsible party to whom the personal data was provided, provided that

      • the processing is based on consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR or on a contract pursuant to Art. 6 para. 1 sentence 1 lit. b GDPR and
      • the processing is carried out with the help of automated procedures.


      In exercising this right, you also have the right to have the personal data concerning you transferred directly from one responsible party to another responsible party, as far as this is technically feasible. Freedoms and rights of other persons must not be affected by this.

      The right to data portability does not apply to processing of personal data which are necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the responsible party.

    7. Right to object

      You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6 (1) sentence 1 lit. e or f GDPR; this also applies to profiling based on these provisions.

      The responsible party shall no longer process the personal data concerning you unless it can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims.

      If the personal data concerning you is processed for the purposes of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purposes of such marketing; this also applies to profiling, as far as it is related to such direct marketing.

      If you object to the processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.

      You have the possibility, in connection with the use of information society services - notwithstanding Directive 2002/58/EC - to exercise your right to object by means of automated procedures using technical specifications.

    8. Right to revoke your declaration of consent under data protection law

      You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

    9. Automated decision in individual cases including profiling

      You have the right not to be subject to a decision based solely on automated processing - including profiling - which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision

      • is necessary for the conclusion or performance of a contract between you and the responsible party,
      • is permitted by legal provisions of the European Union or the Member States to which the responsible party is subject and these legal provisions contain appropriate measures to protect your rights and freedoms as well as your legitimate interests, or
      • is carried out with your explicit consent.


      However, these decisions may not be based on special categories of personal data pursuant to Article 9(1) of the GDPR, unless Article 9(2)(a) or (b) of the GDPR applies and appropriate measures have been taken to protect the rights and freedoms and your legitimate interests.

      With regard to the cases referred to in 1. and 3. above, the responsible party shall take reasonable steps to safeguard the rights and freedoms as well as your legitimate interests, including at least the right to obtain the intervention of a person belonging to the responsible party, to express his or her point of view and to contest the decision.

    10. Right to complain to a supervisory authority

      Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, workplace or the place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR.

      The supervisory authority to which the complaint has been submitted will inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 GDPR.

  5. Provision of the website and creation of log files

    1. Description and scope of data processing

      Each time our website is called up, our system automatically collects data and information from the computer system of the calling computer.
      The following data is collected in this context:
      • Information about the browser type and the version used.
      • The operating system of the user
      • The user's Internet service provider
      • The IP address of the user
      • Date and time of access
      • Websites from which the user's system accesses our website
      • Web pages that are accessed by the user's system via our website, and
      • Location
        This data is stored in the log files of our system. This data is not stored together with other personal data of the user.
    2. Purpose of data processing

      The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer. For this purpose, the user's IP address must remain stored for the duration of the session.

      The storage in log files is done to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.

      These purposes are also our legitimate interest in data processing according to Art. 6 (1) p. 1 lit. f GDPR.

    3. Legal basis for data processing

      The legal basis for the temporary storage of the data and the log files is Art. 6 (1) p. 1 lit. f GDPR.

    4. Duration of storage

      The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.

      In the case of storage of data in log files, this is the case after seven days at the latest. Storage beyond this period is possible. In this case, the IP addresses of the users are deleted or alienated, so that an assignment of the calling client is no longer possible.

    5. Possibility of objection and removal

      The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user.


  6. Use of cookies

    1. Description and scope of data processing

      Our websites use cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user's computer system. When a user calls up a website, a cookie may be stored on the user's operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again.
      We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can be identified even after a website change.

      1.1 Use of cookies on company website



      The following data are stored and transmitted in the cookies:
      • Language settings as well as
      • Log-in information


      We also use cookies on our website that enable an analysis of the user's surfing behavior.

      In this way, the following data can be transmitted:

      • Frequency of page views
      • Use of website functions


      The user data collected in this way is pseudonymized by technical precautions. Therefore, an assignment of the data to the calling user is no longer possible. The data is not stored together with other personal data of the users.

    2. Purpose of data processing

      The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For maintaining these functions, it is necessary that the browser is recognized even after a website change.

      We require cookies for the following applications:

      • Acceptance of language settings
      • Remembering search terms


      The user data collected by technically necessary cookies are not used to create user profiles.

      The analysis cookies are used for the purpose of improving the quality of our website and its content. Through the analysis cookies, we learn how the website is used and can thus constantly optimize our online presence. The use of analysis cookies is for the purpose of improving the quality of our website and its content. Through the analyze cookies, we learn how the website is used and can thus constantly optimize our online presence.

    3. Legal basis for data processing

      The legal basis for the processing of personal data using cookies is Art. 6 (1) p. 1 lit. a GDPR.

      The legal basis for the processing of personal data using technically necessary cookies is Art. 6 ( 1) p. 1 lit. f GDPR.

    4. Duration of storage, possibility of objection and removal

      Cookies are stored on the user's computer and transmitted from it to our website. Therefore, you as a user also have full control over the use of cookies. By changing the settings in your Internet browser, you can disable or restrict the transmission of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website in full.

      If you use a Safari browser from version 12.1, cookies are automatically deleted after seven days. This also applies to opt-out cookies, which are set to prevent tracking measures.

  7. Contact

    1. Description and scope of data processing

      When contacting us via a provided e-mail address, telephone number as well as the contact form, the transmitted personal data of the user will be stored.

      The data is used exclusively for processing the conversation.

    2. Purpose of data processing

      In the event of contact being made via one of the selected contact options, this also constitutes the necessary legitimate interest in the processing of the data.

    3. Legal basis for data processing

      The legal basis for the processing of the data, if the user has given his consent, is Art. 6 (1) lit. a GDPR.

      The legal basis for the processing of data transmitted in the course of a transmission via one of the selected contact options is Art. 6 (1) lit. f GDPR. If the contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

    4. Duration of storage

      The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For personal data sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is ended when the circumstances indicate that the matter in question has been conclusively clarified.

      The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

    5. Possibility of objection and removal

      The user has the possibility to revoke his consent to the processing of personal data at any time. If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.

      In order to object to the storage of the data, the user can submit his objection via e-mail.

      All personal data stored in the course of the contact will be deleted in this case.

      In order to object to the storage of the data, the user can submit his objection via an e-mail.

  8. Application by e-mail

    1. Scope of the processing of personal data

      You can send us your application by e-mail. In doing so, we collect your e-mail address and the data you provide in the e-mail.

      • Salutation
      • First name
      • Name
      • Address
      • Telephone / mobile phone number
      • Email address
      • Salary requirement
      • Information about education and schooling
      • Language skills
      • Curriculum vitae
      • Testimonials
      • Photo and
      • references, letters of recommendation
    2. Purpose of data processing

      The processing of personal data from your application e-mail serves us solely to process your application.

    3. Legal basis for data processing

      The legal basis for the processing of your data is the contract initiation which takes place at the request of the data subject, Art. 6 (1) p.1 lit. b Alt. 1 GDPR and § 26 para. 1 p. 1 BDSG.

    4. Duration of storage

      After completion of the application process, the data will be stored for up to three months. At the latest, your data will be deleted after the expiration of the three months. In the event of a legal obligation, the data will be stored within the framework of the applicable provisions.

    5. Possibility of objection and removal

      The applicant has the option to object to the processing of personal data at any time. In such a case, the application can no longer be considered.

      By sending a message in text form by e-mail to datenschutz@innoscripta.com , the applicant can subsequently have his/her data changed or deleted.

      All personal data stored in the course of electronic applications will be deleted in this case.

  9. Corporate presence

    Use of corporate presences in social networks

    Instagram:

    Instagram, Part of Facebook Ireland Ltd, 4 Grand Canal Square Grand Canal Harbour, Dublin 2 Ireland.

    On our company page, we provide information and offer Instagram - users the opportunity to communicate. If you carry out an action on our Instagram company page (e.g., comments, posts, likes, etc.), you may make personal data (e.g., real name or photo of your user profile) public. However, since we generally or to a large extent have no influence on the processing of your personal data by Instagram, which is jointly responsible for the innoscripta GmbH corporate presence, we cannot provide any binding information on the purpose and scope of the processing of your data.

    Our corporate presence in social networks is used for communication and information exchange with (potential) customers. In particular, we use the corporate presence for:

    The corporate data disclosed in social networks serve brand presentation of the company.

    In this context, the publications via the corporate presence may contain the following content:

    • Information about products
    • Information about services
    • Advertising and
    • Customer contact


    In this context, each user is free to publish personal data through activities.

    The legal basis for data processing is Art. 6 (1) p.1 lit. a GDPR.

    The data generated by the company presence is not stored in our own systems.

    You can object at any time to the processing of your personal data that we collect in the course of your use of our Instagram - company presence and assert your data subject rights as stated under IV. of this data protection declaration. To do so, send us an informal email to datenschutz@innoscripta.com. For the processing of your personal data by Instagram and the corresponding objection options, you can find more information here:

    Instagram: https://help.instagram.com/519522125107875

  10. Use of company presences in career-oriented networks

    1. Scope of data processing

      We use the possibility of corporate presence on profession-oriented networks. We maintain a company presence on the following profession-oriented networks:

      LinkedIn:

      LinkedIn, Unlimited Company Wilton Place, Dublin 2, Ireland

      XING:

      XING SE, Dammtorstraße 30, 20354 Hamburg, Germany

      On our website, we provide information and offer users the opportunity to communicate.

      The company website is used for job applications, information/PR and active sourcing.

      We do not have any information on the processing of your personal data by the companies jointly responsible for the corporate presence. For more information, please refer to the privacy policy of:

      LinkedIn:

      https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv

      XING:

      https://privacy.xing.com/de/datenschutzerklaerung

      If you carry out an action on our company website (e.g., comments, posts, likes, etc.), you may make personal data (e.g., real name or photo of your user profile) public.

    2. Legal basis for data processing

      The legal basis for processing your data in connection with the use of our corporate presence is Art.6 (1) p.1 lit.f GDPR.

    3. Purpose of data processing

      Our corporate presence serves us to inform users about our services. In doing so, every user is free to publish personal data through activities.

    4. Duration of storage

      We store your activities and personal data published via our corporate presence until you revoke your consent. In addition, we comply with the statutory retention periods.

    5. Possibility of objection and removal

      You can object at any time to the processing of your personal data that we collect in the course of your use of our corporate presence and assert your data subject rights as stated under IV. of this data protection declaration. To do so, send us an informal e-mail to the e-mail address stated in this data protection declaration.

      You can find more information on objection and removal options here:

      LinkedIn:

      https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv

      XING:

      https://privacy.xing.com/de/datenschutzerklaerung

  11. Hosting

    The company websites as well as our services are hosted on servers of service providers contracted by us.

    Our service providers are:

    STRATO AG and Amazon Webservices

    The servers automatically collect and store information in so-called server log files, which your browser automatically transmits when you visit the website. The information stored is:

    • Browser type and browser version
    • Operating system used
    • Referrer URL
    • Host name of the accessing computer
    • Date and time of the server request and
    • IP address


    These data are not merged with other data sources. The collection of these data is based on Art. 6 (1) lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website - for this purpose, the server log files must be collected.

    The location of the servers of the website is geographically in Germany.

  12. Geotargeting

    We use the IP address and other information provided by the user (in particular zip code in the context of registration or ordering) for regional targeting (so-called "geotargeting").

    Regional targeting is used, for example, to automatically show you regional offers or advertising that are often more relevant to users. The legal basis for the use of the IP address and, if applicable, other information provided by the user (in particular zip code) is Art. 6 (1) lit. f GDPR, based on our interest in ensuring more precise targeting and thus providing offers and advertising with higher relevance for users.

    In this context, a part of the IP address as well as the additional information provided by the user (in particular zip code) are only read and not stored separately.

    You can prevent geotargeting by using, for example, a VPN or proxy server that prevents precise localization. In addition, depending on the browser used, you can also deactivate a location localization in the corresponding browser settings (as far as the respective browser supports this).

    We use geotargeting on our website for the following purposes:

    • Customer targeting


  13. Registration on the customer and administration portals, use of our services.

    1. Description and scope of data processing

      On our customer and administration portals, we offer users the opportunity to register by providing personal data. For this purpose, the user can use a registration link or independently enter his or her data in an input mask. This data is transmitted to us and stored. The data will not be passed on to third parties. During the registration process on the customer and administration portals, the following data in particular are collected:

      • First name
      • Name
      • Address
      • Salutation and title
      • University
      • Company name
      • Website
      • Telephone / mobile number
      • E-Mail
      • Date and time of registration and
      • Basic, project-related framework data for the mediation of business-relevant relationships.


      As part of the registration process, the user's consent to the processing of data is obtained.

      In order to ensure proper registration and to prevent unauthorized registration by third parties, a registration link sent by us will only be sent to the person authorized by the partner company and to persons named separately by them.

      Furthermore, via services provided by us as well as customer and administration portals, data necessary for the provision of services within the scope of the technology transfer project will be collected by us. This includes in particular:
      • Data that are collected for a complete and correct application for subsidies to the responsible project sponsor / authority.
      • Data that are necessary for the processing of the technology transfer project after the application has been successfully submitted,
      • Contacting at regular intervals, including reminder management of upcoming project-related deadlines, upcoming calls for subsidies


    2. Purpose of data processing

      The registration as well as the use of our services are necessary for the fulfillment of a contract with the user or for the implementation of pre-contractual measures or for the fulfillment of a legal obligation.

      For the mediation of business-relevant relationships, the identification of the user is mandatory.

    3. Legal basis for data processing

      The legal basis for the processing of data is Art. 6 (1) p. 1 lit. a GDPR if the user has given his or her consent.

      If the registration as well as the use of our services serves the fulfillment of a contract to which the user is a party or the implementation of pre-contractual measures, the additional legal basis for the processing of the data is Art. 6 (1) p. 1 lit. b GDPR.

      If the registration as well as the use of our services serves the fulfillment of a legal obligation to which we are subject, the additional legal basis for the processing of the data is Art. 6 (1) p. 1 lit. c GDPR.

      If the registration as well as the use of our services serves the performance of a task which is in the public interest or is carried out in the exercise of official authority vested in us, the additional legal basis for the processing of the data is Art. 6 (1) p. 1 lit. e GDPR.

    4. Duration of storage

      The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected.

      Even beyond this, there may be a need to store personal data in order to comply with contractual or legal obligations.

    5. Possibility of objection and removal

      As a user, you have the option to cancel your registration at any time. You can have the data stored about you changed at any time.

      If the data collected in the course of registration and use of the services shall be deleted, this must be done by sending an e-mail to datenschutz@innoscripta.com.

      If the data is required to fulfill one of the purposes mentioned in the previous paragraph, early deletion of the data is only possible if there are no contractual or legal obligations that prevent deletion.

  14. Innovation Management System App

    1. Description and scope of processing

      The Innovation Management System (IMS) App for Android and iOS was developed by us and is operated by us.

      The IMS App can be used for manual work registration for project-related activities. By means of a QR code generated and sent by us, the authorized representatives of the partner companies and their employees can use the mobile app. They thus link the IMS app with an existing account on the IMS platform. There is no disclosure to third parties.

      The data collected from public users in our IMS App is stored exclusively on the end device of the respective user and is not further stored on our servers.

    2. Purpose of processing

      The processing of the data serves the purpose of collecting the working hours of the users concerned in the context of cooperation in a technology transfer project, whereby yourself or your employer are the contractual partner. In this context, proof is provided to the relevant entity for the authorization of the participants to call for funding. Users can also manually enter their working hours via the mobile app. Finally, evidence of users' working hours is kept via the mobile app.

    3. Legal basis for the processing of personal data

      The legal basis for the processing of data is Article 6 (1) p. 1 lit. a GDPR if the user has given his or her consent.

      The legal basis for data processing is a contract or the implementation of pre-contractual measures with the data subject in accordance with Art. 6 (1) p.1 lit. b GDPR.

      If there is a legal obligation on our part, for example to prevent the misappropriation of funding or to keep a record of the working hours of the persons involved in the project, the additional legal basis for the processing of the data is Art. 6 (1) p. 1 lit. c GDPR.

    4. Duration of storage

      The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected.

      This is the case for data collected during the registration process for the fulfillment of a contract or for the implementation of pre-contractual measures when the data is no longer required for the implementation of the contract. Even after the conclusion of the contract, there may be a need to store personal data of the contractual partner in order to fulfill contractual or legal obligations.

    5. Possibility of objection and removal

      As a user, you have the option to cancel your registration at any time. You can have the data stored about you changed at any time.

      If the data is required for the fulfillment of a contract or for the implementation of pre-contractual measures, early deletion of the data is only possible as far as contractual or legal obligations do not prevent deletion.

      If the data collected by us as part of the use of the services is to be deleted, the revocation and the order for deletion must be made via an informal e-mail to datenschutz@innoscripta.com.

    6. Authorization management in the IMS App

      The IMS App (Android/iOS) requires the following sharing permissions to use some functions:

      • Device memory
      • Camera
      • Notifications


  15. Plugins used

    We use plugins for various purposes. The plugins we use are listed below:

    Use of Google AdWords

    1. Scope of the processing of personal data

      We use Google AdWords of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and the representative in the European Union Google Ireland Ltd, Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as: Google). We use this service to place advertisements. Google sets a cookie on your computer. As a result, personal data can be stored and evaluated, in particular the activity of the user (in particular which pages have been visited and on which elements he or she has clicked), device and browser information (in particular the IP address and the operating system), data about the advertisements displayed (in particular which advertisements were displayed and whether the user clicked on them) and also data from advertising partners (in particular pseudonymized user IDs).

      Further information on the processing of data by Google can be found here: https://policies.google.com/privacy?gl=DE&hl=de

    2. Purpose of data processing

      We only gain knowledge of the total number of users who have responded to our ad. No information is shared that would allow us to identify you. The use does not serve the purpose of tracking.

    3. Legal basis for the processing of personal data

      The legal basis for the processing of users' personal data is basically the user's consent in accordance with Art. 6 (1) p.1 lit. a GDPR.

    4. Duration of storage

      Your personal information will be stored for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g., for tax and accounting purposes.

    5. Right of revocation and removal

      You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

      You can prevent the collection as well as the processing of your personal data by Google by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, disabling the execution of script code in your browser or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.

      You can deactivate the use of your personal data by Google using the following link: https://adssettings.google.de

      You can find further information on objection and removal options vis-à-vis Google at: https://policies.google.com/privacy?gl=DE&hl=de



    Use of Google Web Fonts

    1. Scope of the processing of personal data

      We use Google Web Fonts of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and the representative in the Union Google Ireland Ltd, Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as: Google). In the process, the web fonts are transferred to the browser's cache when the page is called up in order to be able to use them for the visually improved display of various information. If the browser does not support Google web fonts or prevents access, the text is displayed in a standard font. No cookies are stored on the visitor's computer when the page is accessed. Data transmitted in connection with the website call is sent to resource-specific domains such as https://fonts.googleapis.com or https://fonts.gstatic.com . As a result, personal data can be stored and evaluated, especially the user's activity (in particular, which pages have been visited and which elements have been clicked on) and device and browser information (in particular, the IP address and the operating system).

      The data is not associated with data that may be collected or used in connection with the parallel use of authenticated Google services such as Gmail.

      Further information on the processing of data by Google can be found here: https://policies.google.com/privacy?gl=DE&hl=de

    2. Purpose of data processing

      The use of Google web fonts serves an appealing presentation of our texts. If your browser does not support this function, a standard font is used by your computer for display.
    3. Legal basis for the processing of personal data

      The legal basis for the processing of users' personal data is generally the user's consent in accordance with Art. 6 (1) S.1 lit. a GDPR.
    4. Duration of storage

      Your personal information will be stored for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g., for tax and accounting purposes.
    5. Possibility of objection and elimination

      You can prevent the collection as well as the processing of your personal data by Google by preventing third-party cookies from being stored on your computer, by using the "Do Not Track" function of a supporting browser, by disabling the execution of script code in your browser or by installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.

      You can deactivate the use of your personal data by Google using the following link: https://adssettings.google.de

      You can find more information about objection and removal options vis-à-vis Google at: https://policies.google.com/privacy?gl=DE&hl=de



    Use of Hotjar

    1. Scope of the processing of personal data

      We use the web analytics service Hotjar provided by Hotjar Ltd, Level 2, St Julian's Business Centre, 3, Elia Zammit Street, St Julian's STJ 1000, Malta (hereinafter: Hotjar). Among other things, Hotjar uses cookies, i.e., small text files that are stored locally in the cache of your web browser on your terminal device and that enable an analysis of your use of our online presence. This allows personal data to be stored and analyzed, in particular the user's activity (especially which pages have been visited and which elements have been clicked on), device and browser information (especially the IP address and the operating system) and a tracking code (pseudonymized user ID). The information collected in this way is transmitted by Hotjar to a server in Ireland and stored there anonymously.

      Further information on the processing of data by Hotjar can be found here: https://www.hotjar.com/legal/policies/privacy

    2. Purpose of data processing

      The use of the Hotjar plug-in serves to better understand the needs of our users and to optimize the offer on this online presence.

    3. Legal basis for the processing of personal data

      The legal basis for the processing of users' personal data is basically the user's consent in accordance with Art. 6 (1) p.1 lit. a GDPR.

    4. Duration of storage

      Your personal information will be stored for as long as necessary to fulfill the purposes described in this privacy policy or as required by law.

    5. Possibility of revocation and removal

      You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

      You can prevent the collection as well as the processing of your personal data by Hotjar by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, disabling the execution of script code in your browser or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.

      You can deactivate the use of your personal data by Hotjar using the following link: https://www.hotjar.com/legal/compliance/opt-out

      For more information on objection and removal options vis-à-vis Hotjar, please visit: https://www.hotjar.com/legal/policies/privacy



    Use of LinkedIn

    1. Scope of the processing of personal data

      We use functions of the LinkedIn network. The provider is LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland /Subsequently referred to as: LinkedIn). Each time one of our websites containing LinkedIn functions is accessed, a connection to LinkedIn servers is established. LinkedIn is informed that you have visited our web pages with your IP address. If you click the "Recommend button" of LinkedIn and are logged into your account at LinkedIn, it is possible for LinkedIn to assign your visit to our website to you and your user account. Personal data can thus be stored and evaluated, especially the user's activity (in particular, which pages have been visited and which elements have been clicked on) and device and browser information (in particular, the IP address and operating system).

      We would like to point out that we, as the provider of the websites, have no knowledge of the content of the transmitted data or its use by LinkedIn. Further information on the processing of data by LinkedIn can be found here: https://www.linkedin.com/legal/privacy-policy.

    2. Purpose of data processing

      The use of the LinkedIn plugin serves the user-friendliness of our online presence.

    3. Legal basis for the processing of personal data

      The legal basis for the processing of users' personal data is basically the user's consent in accordance with Art. 6 (1) p.1 lit. a GDPR.

    4. Duration of storage

      Your personal information will be stored for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g., for tax and accounting purposes.

    5. Right of revocation and removal

      You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

      You can prevent the collection as well as the processing of your personal data by LinkedIn by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, disabling the execution of script code in your browser or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser. Furthermore, the transmission can be prevented by logging out of your LinkedIn account before calling up our website.

      You can deactivate the use of your personal data by LinkedIn using the following links: https://www.linkedin.com/psettings/guest-controls

      https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out?trk=microsites-frontend_legal_cookie-policy

      For more information on objection and removal options vis-à-vis LinkedIn, please visit: https://www.linkedin.com/legal/privacy-policy\



    Use of Xing Share Button

    1. Scope of the processing of personal data

      Our online presence uses the XING Share button, of XING SE, Dammtorstraße 29-32, 20354 Hamburg, Germany. When you call up this website, a connection is briefly established via your browser to servers of XING SE (hereinafter referred to as: XING), with which the "XING Share Button" functions (in particular the calculation/display of the counter value) are provided. These servers are configured in a particularly data protection-friendly manner. Thus, no data about the call of visitors are stored from which a direct personal reference could be derived. In particular, XING does not store IP addresses of visitors to websites that include the XING Share button. Further information on the processing of data by XING can be found here: https://www.xing.com/app/share?op=data_protection

    2. Purpose of data processing

      The integration of the "XING Share Button" serves to improve the user-friendliness of our online presence. When you click on this button, you will be redirected to the XING homepage. If you are logged into your profile, you can recommend the link to our online presence.

    3. Legal basis for the processing of personal data

      The legal basis for the processing of users' personal data is generally the user's consent pursuant to Art. 6 (1) p.1 lit. a GDPR.

    4. Duration of storage

      Your personal information will be stored for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g., for tax and accounting purposes.

    5. Right of revocation and removal

      You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

      You can prevent the collection as well as the processing of your personal data by XING by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, deactivating the execution of script code in your browser or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.

      You can find more information on objection and removal options vis-à-vis XING at: https://www.xing.com/app/share?op=data_protection



    Use of YouTube

    1. Scope of the processing of personal data

      We use the plugin operated by Google from YouTube, YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066, USA and its representative in the Union Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as: Google). We use the plugin from YouTube to embed videos from YouTube on our online presence. When visiting our online presence, your browser establishes a connection with the servers of YouTube. As a result, personal data can be stored and evaluated, especially the user's activity (in particular, which pages have been visited and which elements have been clicked on) as well as device and browser information (in particular, the IP address and the operating system).

      We have no influence on the content of the plug-in. If you are logged into your YouTube account during the visit, YouTube can assign your online presence visit to this account. By interacting with this plug-in, this corresponding information is transmitted directly to YouTube and stored there.

      You can obtain further information on the processing of data by Google here: https://policies.google.com/privacy?gl=DE&hl=de

    2. Purpose of data processing

      The use of the YouTube plug-in serves to improve user-friendliness and an appealing presentation of our online presence.

    3. Legal basis for the processing of personal data

      The legal basis for the processing of the users' personal data is basically the user's consent according to Art. 6 (1) p.1 lit. a GDPR.

    4. Duration of storage

      Your personal information will be stored for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g., for tax and accounting purposes.

    5. Right of revocation and removal

      You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

      You can prevent the collection as well as the processing of your personal data by Google by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, disabling the execution of script code in your browser or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.

      You can deactivate the use of your personal data by Google using the following link: https://adssettings.google.de

      For more information on how to object to and remove Google's use of your personal data, please visit: https://policies.google.com/privacy?gl=DE&hl=de



    Google Tag Manager

    1. Scope of the processing of personal data

      We use the Google Tag Manager (https://www.google.com/intl/de/tagmanager/) of Google Ireland Ltd, Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as: Google). With the Google Tag Manager, tags of Google's services and of third-party providers can be managed and bundled and embedded on an online presence. Tags are small code elements on an online presence that are used, among other things, to measure visitor numbers and behavior, to record the impact of online advertising and social channels, to use remarketing and targeting, and to test and optimize online presences. When a user visits the online presence, the current tag configuration is sent to the user's browser. It contains instructions on which tags to trigger. Google Tag Manager takes care of triggering other tags, which in turn may collect data. Information on this can be found in the dispositions on the use of the corresponding services in this privacy policy. Google Tag Manager does not access this data. Further information on Google Tag Manager can be found at https://www.google.com/intl/de/tagmanager/faq.html and in Google's privacy policy: https://policies.google.com/privacy?hl=de

    2. Purpose of data processing

      The purpose of the processing of personal data is the collected and clear management, as well as an efficient integration of third-party services.

    3. Legal basis for the processing of personal data

      The legal basis for the processing of the users' personal data is basically the user's consent according to Art. 6 (1) p.1 lit. a GDPR.

    4. Duration of storage

      Your personal information will be stored for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law. Advertising data in server logs is anonymized by Google deleting parts of the IP address and cookie information after 9 and 18 months, respectively, according to Google.

    5. Revocation and elimination options

      You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

      You can prevent the collection as well as the processing of your personal data by Google by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, disabling the execution of script code in your browser or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.

      You can also prevent the collection of data generated by the cookie and related to your use of the online presence (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link:

      https://tools.google.com/dlpage/gaoptout?hl=de

      You can deactivate the use of your personal data by Google using the following link: https://adssettings.google.de

      For more information on how to object to and opt-out of Google, please visit: https://policies.google.com/privacy?gl=DE&hl=de



    Use of Usercentrics Management Consent Platform

    1. Scope of the processing of personal data

      We use the Consent Manament Platform Usercentrics of Usercentrics GmbH, Rosental 4, 80331 Munich, Germany (hereinafter referred to as: Usercentrics). Usercentrics enables us to obtain and manage user consent for data processing and to document it in a legally compliant manner. Usercentrics sets cookies on the user's terminal device for this purpose. The following data is processed in the process:

      1. Date and time of the visit
      2. Device information
      3. Browser information
      4. Anonymized IP address
      5. Opt-in and opt-out data
      6. Company name
      7. Website and
      8. Telephone / mobile phone number


      The data is processed geographically in the European Union.

      For more information on the processing of data by Usercentrics, please click here: https://usercentrics.com/de/datenschutzerklaerung/
    2. Purpose of data processing

      The processing of the personal data serves to comply with the legal obligations of the GDPR and the BDSG.

    3. Legal basis for the processing of personal data

      The legal basis for the processing of the users' personal data is Art. 6 (1) p.1 lit. f GDPR. Our legitimate interest here lies in the purposes stated under 2.

    4. Duration of storage

      Your personal information will be stored for as long as necessary to fulfill the purposes described in this privacy policy, consent to storage has been revoked, or as required by law.

    5. Possibility of objection and elimination

      You can prevent the collection as well as the processing of your personal data by Usercentrics by preventing third-party cookies from being stored on your computer, by using the "Do Not Track" function of a supporting browser, by disabling the execution of script code in your browser or by installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.

      You can find more information about objection and removal options vis-à-vis Usercentrics at: https://usercentrics.com/de/datenschutzerklaerung/

  16. Links

    On our websites and services, we may link to third-party websites. You can recognize this, among other things, by the change of URL. We have no influence on the content of these websites and do not accept any liability for them. Furthermore, we cannot assume any liability for the confidential handling of your data on these websites, as the handling of your data is not within our sphere of influence. For further information on the handling of your data, please refer to the websites of the relevant third parties.