Data protection declaration

This data protection declaration shall apply for the website www.advinno.eu (hereinafter all together also “website”).

With the data protection declaration, we explain, which of your personal data we acquire, process, store and protect, when you use our website, what we need this data for and to whom we disclose this data, and also point out your rights with regard to your data and state the contact persons, whom you can contact for further information or inquiries.

According to Art. 4 No. 1 of the General Data Protection Regulation (GDPR), personal data is any information relating to an identified or identifiable natural person.

I. Information (name and contact details) about the entity responsible for processing

As joint administrators of the website, AdvInno GmbH and AdvInno Patent- & Rechtsanwaltspartnerschaft mbB – Heinemeyer & Joachim (hereinafter also “we” and “us”) are responsible for data processing; in order to preserve your rights, a message from you to one of us shall be sufficient:

a) AdvInno GmbH

• Name and legal form: AdvInno GmbH, a limited liability company
• Managing Directors: Karsten Heinemeyer, Björn Joachim, Dr. Christian Manthey
• Headquarters: Lübeck (Sandstraße 17-23, 23552 Lübeck / Germany)
• Court of registry: Lübeck District Court, HRB 14947HL
• Address and contact:

◦ Headquarters Lübeck:

AdvInno GmbH
Sandstraße 17-23
23552 Lübeck / Germany
Telephone: +49 451 305 098 280
Fax: +49 451 305 098 289
E-Mail: unternehmensberatung@advinno.de

◦ Office Munich:

AdvInno GmbH
Nymphenburger Straße 78
80636 München / Germany
Telephone: +49 89 215 466 69
Fax: +49 89 215 466 74
E-Mail: unternehmensberatung@advinno.de

b) AdvInno Patent- & Rechtsanwaltspartnerschaft mbB – Heinemeyer & Joachim

• Name and legal form: AdvInno Patent- & Rechtsanwaltspartnerschaft mbB – Heinemeyer & Joachim, a partnership of a patent attorney and an attorney at law with limited professional liability
• Authorized partners: patent attorney Karsten Heinemeyer & attorney at law Björn Joachim
• Headquarters of the partnership: Lübeck (Sandstraße 17-23, 23552 Lübeck / Germany)
• Court of registry: Kiel District Court, PR 631 KI.
• Address and contact:

◦ Headquarters Lübeck:

AdvInno Patent- & Rechtsanwaltspartnerschaft mbB – Heinemeyer & Joachim
Sandstraße 17-23
23552 Lübeck / Germany
Telephone: +49 451 305 098 280
Fax: +49 451 305 098 289
E-Mail: anwaltspartnerschaft@advinno.de

◦ Office Munich:

AdvInno Patent- & Rechtsanwaltspartnerschaft mbB – Heinemeyer & Joachim
Nymphenburger Straße 78
80636 München / Germany
Telephone: +49 89 215 466 69
Fax: +49 89 215 466 74
E-Mail: anwaltspartnerschaft@advinno.de

II. Collection and storage of personal data as well as type and purpose of its use

a) Upon visiting the website

Upon accessing our website, the browser used on your terminal device automatically sends information to the server of our website. This information is temporarily stored in a so-called log-file. In that, the following information is acquired without any action on your part and stored until its automated deletion:

• IP address of the inquiring computer,
• date and time of access,
• name and URL of the file retrieved,
• website, from which the access is undertaken (referrer URL),
• the browser used and, if applicable, the operating system of your computer as well as the name of your access provider.

We process the data stated for the following purposes:

• to guarantee the smooth establishment of a connection to the website,
• to guarantee comfortable utilization of our website,
• to evaluate system security and stability, as well as
• for further administrative purposes.

The legal basis for the data processing is Art. 6 Sect. 1 p. 1 lit. f of the GDPR. Our legitimate interest results from the purposes for data collection listed above. Under no circumstances shall we use the collected data for the purpose of drawing conclusions to you as a person. For further explanations on that, see Nos. IV. and VI. of this data protection declaration.

b) Upon using our contact form

In case of questions of any kind, we offer you the opportunity to contact us via a form provided on the website. In that, entering a valid E-mail address and a name is required, so that we know from whom the inquiry originates and in order to be able to reply. Further details are optional. Data processing for the purpose of contacting us shall be undertaken according to Art. 6 Sect. 1 p. 1 lit. a of the GDPR on the basis of your consent given voluntarily. The personal data collected by us for using the contact form will be automatically deleted following completion of your inquiry.

c) Newsletter

Provided that you explicitly consented according to Art. 6 Para. 1 p. 1 lit. a DSGVO, we will use your E-mail address to send you our newsletter with information and offers on a regular basis. Stating an E-mail address is sufficient for receiving the newsletter.

In order to prevent misuse, following your subscription, you will receive an E-mail, with which we ask for confirmation of your subscription within the scope of a double opt-in process. For verification of the subscription process in conformity with the law, your subscription will be recorded with the time of subscription and confirmation as well as your IP address.

Your consent according to Art. 6 Para. 1 p. 1 lit. a DSGVO is the legal basis for sending the newsletter. Data processing in connection with the transmission of the confirmation E-mail for your subscription and the associated recording of data are undertaken due to our legitimate interest in the verification of your proper subscription according to Art. 6 Para. 1 p. 1 lit. f DSGVO.

Unsubscribing from the newsletter is possible anytime, for example, via a link at the end of each newsletter. Alternatively, you may also send us your unsubscribe request via E-mail to datenschutz@advinno.eu anytime.

The following data is processed for administration purposes and sending the newsletter:

• Your E-mail address
• Your first name (optional)
• Your last name (optional)
• Your company (optional)
• Your position (optional)
• Date/time of registration, place of registration, if applicable, source URL of the form, IP address
• Opening and click rates in E-mails, if applicable.

We use service providers for sending the newsletter, to whom we transmit the data designated; in that, data processing is undertaken in a third country, as stated in the following.

We process your personal data for the duration of your newsletter subscription.

Tracking of opening and click rates

We track opening and click rates. It may also happen that we track clicks on links.

Advertisement

There is no passing on of personal data to third parties for purposes of advertisement, market research or opinion polling.

Data processing in a third country

For sending our newsletter, we use Mailchimp of The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE Suite 5000, Atlanta, GA 30308 USA (Mailchimp). This enables us to directly contact subscribers. In addition, we analyze your usage behavior in order to optimize our offer.

For that, we pass the following personal data on to Mailchimp:

• Your E-mail address
• Your first name (insofar as voluntarily provided by you)
• Your last name (insofar as voluntarily provided by you)
• Your company (insofar as voluntarily provided by you)
• Your position (insofar as voluntarily provided by you).

Mailchimp is the receiver of your personal data and working for us as a processing partner, insofar as sending our newsletter is concerned. Processing of the data indicated under this section is neither required by law nor by contract. Without your consent and the transmission of your personal data, we cannot send out a newsletter to you.

In addition, Mailchimp collects the following personal data using cookies and other tracking methods: information about your user equipment (IP address, device information, operating system, browser ID, information about the application you are reading your E-mails with, and further information about hardware and Internet connection. Furthermore, usage data is collected, such as date and time, when you opened the E-mail / campaign and browser activities (e.g., which E-mails / websites were opened). Mailchimp requires this data in order to guarantee security and reliability of the systems, compliance with the usage conditions and avoidance of misuse. This corresponds to the legitimate interest of Mailchimp (acc. to Art. 6 Para. 1 lit. f DSGVO) and serves contract implementation (acc. to Art. 6 Para. 1 lit. b DSGVO). Furthermore, performance data is analyzed by Mailchimp, such as delivery statistics of E-mails and further communication data. This information is used to create usage and performance statistics of the services.

Mailchimp collects additional information about you from other sources. Personal data is collected via social media and further third-party providers of data in an unspecified period of time and to an unspecified extent. We have no influence on this process.

Further information on opt-out and elimination options towards Mailchimp can be found under: https://mailchimp.com/legal/privacy/#3._Privacy_for_Contacts

The legal basis for this processing is your consent according to Art. 6 Para. 1 lit. a DSGVO. You may revoke consent to the processing of your personal data anytime. You will find a respective link in all mailings. Furthermore, the revocation may also be undertaken via the contact details stated. The declaration of revocation does not affect the legality of the processing undertaken until then.

Your data will be processed as long as a respective consent is present. Apart from that, it will be deleted following termination of the contract between us and Mailchimp, unless legal provisions require further storage.

Mailchimp implemented compliance measures for international data transmissions. These apply to all worldwide activities, in which Mailchimp processes personal data of natural persons in the EU. These measures are based on the Standard Contractual Clauses (SCCs) of the EU. Further information can be found under: https://mailchimp.com/legal/data-processing-addendum/

Please observe:

Currently, there is no adequate level of data privacy in the USA, and it cannot be excluded that national security authorities give respective orders towards the newsletter provider in order to gain access to data. Judicial remedies, too, are currently restricted.

Since we, however, only work with E-mail addresses and possibly with first names, last names, company, and position (on a voluntary basis), we consider the risk acceptable and the probability for actual access rather small.

We concluded an order processing contract within the meaning of Art. 28 DSGVO with Mailchimp. In addition, the new Standard Contract Clauses of the EU were concluded in order to guarantee an adequate level of data privacy.

In addition to that, we conducted our own Transfer Impact Assessment (TIA) and, in view of the protection needs of the data, consider data processing to this extent permissible.

Independent thereof, all subscribers gave their consent to data processing in the USA within the meaning of Art. 49 Para. 1 lit. a) DSGVO.

III. Disclosure of data

There is no transmission of your personal data to third parties for other purposes than those listed in the following. We only disclose your personal data to third parties, if:

• you gave your express consent to that according to Art. 6 Sect. 1 p. 1 lit. a of the GDPR,
• the disclosure according to Art. 6 Sect. 1 p. 1 lit. f of the GDPR is required for the assertion, execution or defense of legal claims and there is no reason to believe that you have an overriding interest warranting protection relating to the non-disclosure of your data,
• in such case that there is a legal obligation for disclosure according to Art. 6 Sect. 1 p. 1 lit. c of the GDPR, as well as
• this is legally admissible and according to Art. 6 Sect. 1 p. 1 lit. b of the GDPR required for the handling of contractual relationships with you.

IV. YouTube

We use YouTube, a video portal of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter “YouTube”), a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA Google (hereinafter “Google”).

YouTube is used by us to enable us to display videos to you using the “extended data protection mode” function. According to YouTube, this function ensures that data is only transmitted to YouTube’s servers when you actually call up the videos. The legal basis is Art. 6 Sect. 1 p. 1 lit. f of the GDPR due to our legitimate interest in improving the quality of our internet presence. A connection to the YouTube server is necessary so that the corresponding video can be displayed on our website. In any case, YouTube will record and process your IP address, the date and time as well as the website you visited. Furthermore, a connection is established to Google’s “DoubleClick” advertising network.

If you are logged into YouTube at the same time, YouTube will assign the connection information to your YouTube account. To prevent this, you must either log out of YouTube before visiting our website or make the relevant settings in your YouTube account.

In any case, YouTube permanently stores cookies in your end device via your browser for the purpose of functionality and analysis of user behaviour. Most browsers accept cookies automatically. However, you can configure your browser in such a way that no cookies are stored on your end device or a message always appears before a new cookie is created. You have the option of preventing cookies from being stored on your end device by making the appropriate settings in your browser, for example as follows:

| Internet Explorer: https://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies

| Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen

| Chrome: https://support.google.com/chrome/bin/answer.py?hl=de&hlrm=en&answer=95647

| Safari: https://support.apple.com/kb/ph21411?locale=de_DE

| Opera: https://help.opera.com/Windows/10.20/de/cookies.html.

If the “extended data protection mode” function is not used, a connection to the YouTube server is established at the moment when our websites with an embedded YouTube video are called up.

For detailed information on the purpose and scope of the data collection and the further processing and use of the data by Google, as well as your rights in this regard and setting options for protecting your privacy, please refer to Google’s data protection information (https://policies.google.com/privacy). At https://tools.google.com/dlpage/gaoptout?hl=de, you can use your opt-out option against Google by means of an opt-out plugin and you can make settings for the display of advertising here https://adssettings.google.com/authenticated.

V. Cookies and Tracking-Pixel

We do not use cookies on our website. We do not use tracking pixels on our website.

VI. Analyse-Tools

We do not use any analysis tools.

VII. Social Media Plug-ins

On the basis of Art. 6 Sect. 1 p. 1 lit. f of the GDPR, we use social plug-ins of the social networks XING and LinkedIn on our website, in order to become more widely known via these. The underlying advertising purpose must be considered a legitimate interest in the sense of the GDPR. The responsibility for operation in compliance with data protection must be guaranteed by their respective provider. The inclusion of these plug-ins by us is undertaken by way of the so-called two-click method, in order to protect visitors of our website as best as possible.

a) XING
On our website, a plugin of XING is used, which is operated by XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany (“XING”). Upon clicking on the plugin button of XING, a connection to servers of XING is established. We are unaware of any storage of your personal date by XING and an evaluation of your usage behavior. For further information on that, please refer to the data protection declaration of XING (https://www.xing.com/app/share?op=data_protection).

b) LinkedIn
On our website, a plugin of the social network LinkedIn is used, which is operated by the LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Irland (“LinkedIn”). The plugin is marked with a logo of LinkedIn. When you access one of our Internet pages, which includes such a plugin, a direct connection with the servers of LinkedIn is established by clicking on the plugin. The contents of the plugin is directly transmitted from LinkedIn to your browser and included into the website by the same. By including the plugin, LinkedIn obtains the information that you accessed the respective page of our Internet presence. If you are logged in with LinkedIn, then LinkedIn can allocate the visit to your LinkedIn account. Should you not wish for LinkedIn to collect data via our Internet presence upon using the plugin, then you must log off from LinkedIn prior to visiting our Internet presence and clicking on the plugin. For further information on that, please refer to the data protection declaration of LinkedIn (https://www.linkedin.com/legal/privacy-policy). You can use your objection option (opt-out) against LinkedIn at https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

VIII. Rights of persons affected

You shall have the right:

• according to Art. 15 of the GDPR, to request information about your personal data processed by us. In particular, you shall be entitled to request information about the purposes of processing, the category of the personal data, the categories of recipients, to whom your data was or will be disclosed, the planned duration of storage, the existence of a right to correction, deletion, restriction of processing or objection, the existence of a right of appeal, the origin of your data, as far as this was not collected by us, as well as about the existence of automated decision making, including profiling and, if applicable, meaningful information on their details;

• according to Art. 16 of the GDPR, to immediately request the correction of incorrect data or completion of your personal data stored by us;

• according to Art. 17 of the GDPR, to request the deletion of your personal data stored by us, unless processing is required for execution of the right to freedom of expression and information, for fulfillment of a legal obligation, for reasons of public interest or for assertion, execution or defense of legal claims;

• according to Art. 18 of the GDPR, to request restriction of the processing of your personal data, as far as you contest the correctness of the data, the processing is illegal, but you refuse its deletion and we no longer need the data, but you need it for assertion, execution or defense of legal claims or you appealed against the processing according to Art. 21 of the GDPR;

• according to Art. 20 of the GDPR, to receive your personal data you provided us with in a structured, common and machine-readable format or to request transmission to another person in charge;

• according to Art. 7 Sect. 3 of the GDPR, to revoke your consent once given to us any time, with the result that we may no longer continue data processing, which was based on this consent, in the future; and

• according to Art. 77 of the GDPR, to complain to a supervisory authority. As a rule, you can approach the supervisory authority of your usual residence or workplace or our headquarters for that.

X. Duration of storage

We store your personal data on our systems for the longest of the following periods: (i) as long as it is required for the respective activity or the respective services; (ii) for a legally required storage period; (iii) until the end of the period, in which a legal dispute or investigations with regard to the services could arise.
In detail, we store your personal data depending on the category of the data in compliance with the respectively applicable legal storage obligations essentially as follows:

• accounting records: 10 years,
• commercial or business letters received and copies of commercial or business letters sent as well as other documents relevant for taxation: 6 years.

XI. Data security

Within the visit of our website, we use the common SSL (Secure Socket Layer) method in connection with the respectively highest encryption stage supported by your browser. Normally, this is a 256 bit encryption. Should your browser not support the 256 bit encryption, we fall back on the 128 bit v3 technology instead. You will recognize the transmission of an individual page of our Internet presence in an encrypted manner from the closed representation of the key or lock symbol, resp., in the lower status bar of your browser.

Any data personally transmitted by you shall be transferred encrypted with the generally common and secure standard TLS (Transport Layer Security). TLS is a secure and proven standard, which is also used for, e.g., online banking. You will recognize a secure TLS connection, among other things, from the “s” attached to the http (i.e. https://..) in the address bar of your browser or from the lock symbol in the lower area of your browser.
Apart from that, we use suitable technical and organizational security measures in order to protect your data from accidental or deliberate manipulations, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are continuously improved according to the technological development.

XII. Updates of and changes to this data protection declaration

This data protection declaration is currently valid and was last updated on December 31, 2021. With the further development of our website and offers provided thereby or due to altered legal or official regulations, resp., it may become necessary to alter this data protection declaration. You may retrieve and print out the respectively current data protection declaration from the website https://advinno.eu/datenschutz/ any time.