Information according to § 5 TMG
Circunomics GmbH
Große Bleiche 15
55116 Mainz
Represented by: Felix Wagner, Jan Born
E-mail: hello@circunomics.com
Court of registration: Amtsgericht Mainz 14, Registernummer: HRB 49006
VAT ID according to the German Value Added Tax Act (UStG) §27a: DE 325339590
Privacy Policy
Thank you for visiting our website https://www.circunomics.com/ (“website”) and for your interest in our company. On the occasion of your visit to our website, we also process personal data within the meaning of Art. 4 (1) GDPR (“data”) from you. We are aware of the importance of the data entrusted to us. The protection of your privacy when processing your data is an important concern for us, which we take into account in our business processes. The handling of your data is in accordance with the legal requirements for data protection.
1. Controller
The controller according to Art. 4 (7) GDPR for the processing of your data in connection with this website is:
Circunomics GmbH. (“Circunomics” or “we”)
Große Bleiche 15
55116 Mainz
Germany
E-mail: hello@circunomics.com
You can reach the Circunomics data protection officer as follows:
MELCHERS Rechtsanwälte Partnerschaftsgesellschaft mbB
Johannes Fischer
Solmsstraße 7160486 Frankfurt am Main
Germany
Email: j.fischer@melchers-law.com
Phone: 0049 69 653000659
2. Purpose of data processing, legal grounds, storage period, recipients, and third-country transfer
Depending on the purpose of processing, your data may be processed on different legal grounds. When operating our website, we are partly supported by processors who process your data on our behalf and our instructions and are thus recipients of your data (“service providers”).
In the following, we name the different purposes for which your data may be processed on our website, stating the relevant legal grounds as well as an indication of the storage period. We will also tell you whether your data is disclosed to service providers or other companies and whether a transfer of your data outside the European Economic Area (“EEA”) takes place.
a. Calling up our website and server logfile
To display our website on your terminal device, it is technically necessary for our web server, on which our website is hosted, to process data from you. For this purpose, we process your IP address together with information about your browser type and the version used, your operating system, your internet service provider, the date and time of your access, the website from which you accessed our website and the sub-websites you accessed in a server logfile.
The processing of your data is carried out under Art. 6 (1)(f) GDPR. The processing of your IP address is necessary to protect our legitimate interests in the retrievability and correct presentation of our website. The additional storage of your data in a server logfile serves to protect our legitimate interests in operating our website securely and error-free and to be able to detect, limit and eliminate malfunctions and errors.
Your data in our server logfile will be automatically deleted 30 days after visiting our website.
b. Contact
On our website, we give you the opportunity to contact us on various topics.
If you contact us using our contact form, the mandatory information you must provide is marked as such. This information is required to process your request. All other information is voluntary and only serves to answer your inquiry more precisely. In addition, you can contact us by telephone, e-mail, mail or fax. The data we process from you in this context may vary depending on the communication channel, but will regularly include your first and last name, address, telephone number, e-mail address and fax number.If your contact is directed towards the conclusion of a contract or is related to a contract, we process your data based on Art. 6 (1)(b) GDPR. If your contact is of a general nature, we process your data according to Art. 6 (1)(f) GDPR based on our legitimate interests in answering your inquiry about our company and/or our offers individually and as best as possible.We delete your data connected to a contractual relationship, only after the expiry of commercial or tax retention periods if necessary, which can be up to 6 years. These periods regularly begin at the end of the year in which you contacted us.
We delete all other data when your inquiry has finally clarified, and we are not subject to any legal obligation to retain the corresponding data.
c. Newsletter
If you register for our newsletter on our website, we process your e-mail address as the only mandatory data. We need this for sending the newsletter. The provision of further data is voluntary.The legal grounds for the data processing associated with the dispatch of the newsletter is Art. 6 (1)(a) GDPR. In addition, we analyse your reading behaviour with regard to the newsletter, therefore we need to process your IP address and information about the browser and your system. By using this specific technology, we are able to know whether you have opened the newsletter, when you opened it, and which links you clicked. The analysis of your usage behaviour of our newsletter is based on Art. 6 (f)(a) GDPR.We delete your data processed by us in connection with the sending of our newsletter upon revocation of your consent to receive the newsletter, but not before the expiry of statutory limitation periods in connection with the sending of the newsletter.In order to be able to offer you our e-mail newsletter we rely on the support of service providers who process your Data exclusively on our behalf and according to our instructions. This involves a transfer of your Data to areas outside the European Economic Area, including the USA. An adequacy decision in the sense of Art. 45 GDPR does not exist for this Data transfer. We have therefore concluded the so-called standard data protection clauses with the aforementioned service provider, which continue to be valid even after the decision of the European Court of Justice (Case C-311/18). The transfer of your Data is therefore based on Art. 46 para. 2 lit. c GDPR.
d. Technically necessary cookies
Cookies are small files that are sent by us to the browser of your terminal device during your visit to our website and stored there. We use technically necessary cookies to ensure the basic functions of our website. The cookies contain a so-called “session ID”, with which various requests of your terminal device during your visit to our website can be assigned.The legal ground for the associated processing of your data is Art. 6 (1)(f) GDPR. The use of technically necessary cookies is essential to protect our legitimate interests in the retrievability, correct display, and ensuring the full functionality of our website.Technically necessary cookies are deleted at the latest after you have closed the browser you are using.If you do not wish cookies to be set on your terminal device, you can control this centrally via the browser you use. You can also delete cookies via your browser.However, blocking or deleting cookies may result in a noticeably restricted usability of our website for you.
e. Consent management
We also use technically non-essential cookies on our website. When you first visit our website, we ask for your consent concerning the use of such cookies. To manage your consent, i.e. whether you have given or refused it, we store corresponding data in a cookie on your terminal device to recognize you when you visit our website again and not ask for consent again. In doing so, we process your IP address, the time of your visit to our website, information about your browser and your terminal device.The associated processing of your data is based on Art. 6 (1)(f) GDPR and serves our legitimate interest in enabling you to use our website as comfortably as possible.The cookie has a lifespan of 12 months unless you delete it in your browser beforehand.
f. Webflow
We use the website building system of Webflow, Inc. ("Webflow") for the purpose of hosting and displaying the website on the basis of processing on our behalf. All data collected on our website is processed on Webflow's servers. Webflow takes physical, electronic, and procedural safeguards to protect the personal data of its users and website visitors. You can find Webflow's privacy policy at https://webflow.com/legal/privacy. Webflow is a service provider, and therefore, we have concluded a data processing agreement with them. You can access this agreement at https://webflow.com/legal/dpa. The processing of Webflow takes place in the territory of the EEA, the US, or other third countries. For the transfer of your data to third countries for which there is no adequacy decision, we have concluded the so-called standard contractual clauses with Webflow
g. Google
reCAPTCHAWe use Google reCAPTCHA of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google Ireland") on our website.The use of Google reCAPTCHA enables us to recognize visitors to our site as natural persons and thus prevent misuse of our site by automated bots. For this purpose, your interaction with our site is analyzed automatically and in the background (e.g. mouse movements).The use of Google reCAPTCHA is based on Art. 6 para. 1 lit. f) DSGVO and serves our legitimate interests in ensuring the trouble-free operation of our website.By using Google reCAPTCHA, Google Ireland collects data about you and sets cookies on your terminal device. Further details on how Google reCAPTCHA works can be found on the following page: https://www.google.com/recaptcha/about/.We do not know how Google Ireland handles your data, in particular whether there is a transfer of your data to a country outside the EEA. General information about the processing of your data by Google Ireland can be found in the Google privacy policy: https://policies.google.com/privacy.h. YouTube with enhanced privacyOn our website, we use a YouTube iframe from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google Ireland").We have embedded the YouTube iframe to enable you to play videos on our website that we have selected and are hosted on YouTube. Your IP address is hereby also transmitted to YouTube. Each time you visit a sub-page of our website on which a YouTube iframe is used, YouTube can track you have visited this sub-page. If you are logged in to YouTube at the same time, the information collected is assigned to your Google account. You can only prevent this by logging out of YouTube.The use of YouTube is based on Art. 6 (1()(f) GDPR and serves our legitimate interests in an appropriate company presentation.We do not know how Google handles your data, in particular whether there is a transfer of your data to a country outside the EEA. General information about the processing of your data by Google can be found in the Google privacy policy: https://policies.google.com/privacy.We use the "Activate extended data protection mode" setting so that Go
i. LinkedIn
We maintain a website at www.linkedin.com.When you visit our website, various data is collected and processed. We are jointly responsible with LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland ("LinkedIn Ireland") for part of the processing of your data with regard to www.linkedin.com; for other parts, either we are or LinkedIn Ireland is solely responsible.If you contact us on LinkedIn, we will process your name and other information you provide to us. We are solely responsible for this processing of your data. The processing of this data that you provide to us is based on Art. 6 (1)(f) GDPR and pursues our legitimate interests in an appropriate and interactive company presentation.We are jointly responsible with LinkedIn Ireland for the "Page-Insights" function, through which we receive statistical evaluations of your use of and interaction with our presence in aggregated and anonymised form. You can access the joint responsibility agreement in accordance with Art. 26 GDPR under the following link:https://legal.linkedin.com/pages-joint-controller-addendum.LinkedIn Ireland is solely responsible for any further unilateral processing of your data by LinkedIn Ireland, particularly concerning a potential transfer of your data to the USA. LinkedIn Ireland uses cookies and other technologies to collect data from you. You can find out for what purposes and on what legal grounds this processing takes place in the LinkedIn Cookie Policy (https://de.linkedin.com/legal/cookie-policy?trk=homepage-basic_footer-cookie-policy) and the LinkedIn Privacy Policy (https://de.linkedin.com/legal/privacy-policy?trk=lithograph_footer-privacy-policy).Please note that LinkedIn Ireland may collect and process data about you when you visit the website www.linkedin.com even if you neither have a LinkedIn account nor are logged in to LinkedIn. However, we do not know what data LinkedIn Ireland collects from you and for what purposes it processes it.
3. Recipients of the data
The service providers and companies named above are initially the only recipients of your data when visiting our website. In addition, service providers engaged by us support us in the maintenance, care and further development of our website, who process your data only on our instructions and on our behalf. Your data may also be made available to other companies associated with us for internal administrative purposes.Beyond this, your data will only be passed on following a legal obligation, such as to authorities or for the defence, establishment, exercise or protection of legal claims.
4. Third country transfer
The involvement of the companies mentioned under 2. f) and g) may result in a transfer of your data to a third country and thus outside the EEA. Details can be found in the respective description.
5. Your rights
Under the provisions of the GDPR, you may assert the following rights against us:
Right to access (Art. 15 GDPR),
Right to rectification (Art. 16 GDPR),
Right to erasure (Art. 17 GDPR),
Right to restriction of processing (Art. 18 GDPR),
Right to data portability (Art. 20 GDPR).
You have the right to revoke any consent given to us at any time with effect for the future.
Also, you may object to the processing of your data described here to safeguard legitimate interests at any time with effect for the future under Art. 21 GDPR.
If the processing is not carried out for direct marketing purposes, the right to object only exists for reasons arising from your particular situation.
In addition, you can complain to a supervisory authority at any time.
The supervisory authority responsible for us is:
Hessische Beauftragte für Datenschutz und InformationsfreiheitPostfach 316365021
WiesbadenTel.: +49 611 1408 – 0Fax: +49 611 1408 – 900 / 901E-Mail: poststelle@datenschutz.hessen.de
