Privacy policy
As of December 2022
Table of Contents
I. Name and address of the data controller
II. Contact details of the data protection officer
III. General information on data processing
IV. Rights of the data subject
V. Provision of the website and creation of log files
VI. Use of cookies
VII. Email contact
VIII. Use of company appearances in professionally oriented networks
IX. Hosting
X. Geotargeting
XI.Partnering
XII. Plugins
I. Name and address of the responsible person
Responsible within the meaning of the General Data Protection Regulation (GDPR) and other data protection regulations is:
INNOSWAN Capital Partners GmbH
Tölzer Straße 1
82031 Grünwald
Germany
+49 89 954 576 860
team@innoswan.com
https://innoswan.com/
II. Contact details of the data protection officer
The data protection officer of the responsible is:
DataCo GmbH
Dachauer Staße 65
80335 Munich
Germany
+49 89 7400 45840
www.dataguard.de
III. General information on data processing
1. Scope of processing personal data
We process personal data of our users only insofar as this is necessary for the provision of a functional website as well as our content and services. The processing of personal data of our users is regularly carried out only with the consent of the user. An exception applies in those cases where it is not possible to obtain prior consent for factual reasons and the processing of the data is required by legal obligations.
2. Legal basis for the processing of personal data
Insofar as we obtain the consent of the data subject for processing operations of personal data, Art. 6 (1) a) GDPR serves as the legal basis.
When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) b) GDPR serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.
If processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Art. 6 (1) c) GDPR serves as the legal basis.
If processing is necessary to protect a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Art. 6 (1) f) GDPR serves as the legal basis for the processing.
3. Data deletion and storage period
The personal data of the data subject will be deleted or blocked as soon as the purpose of storage ceases to apply. Storage may take place beyond this if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the controller is subject. Blocking or deletion of data also takes place when a storage period prescribed by the standards expires, unless there is a need for further storage of the data for the conclusion or performance of a contract.
IV. Rights of the data subject
If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights against the controller:
1. The right of access (Art. 15 GDPR).
You have the right to request confirmation from us as to whether personal data concerning you is being processed.
If this is the case, you have a right of access to this data and to the following information:
- Purposes of processing
- Categories of personal data
- Recipients or categories of recipients
- the planned storage period or the criteria for determining this period
- the existence of the rights of rectification, erasure or restriction or opposition
- Right to lodge a complaint with the competent supervisory authority
- If applicable, origin of the data (if collected from a third party)
- If applicable, existence of automated decision-making, including profiling, with meaningful information about the logic involved, the scope and the effects to be expected
- If applicable, transfer of personal data to a third country or international organization.
2. Right of rectification (Art. 16 GDPR).
If your personal data is inaccurate or incomplete, you have the right to request that the personal data be corrected or completed without undue delay.
3. Right to restriction of processing (Art. 18 GDPR).
If one of the following conditions is met, you have the right to request restriction of the processing of your personal data:
- You dispute the accuracy of your personal data, for a period of time that allows us to verify the accuracy of the personal data.
- In the context of unlawful processing, you object to the erasure of the personal data and instead request the restriction of the use of the personal data.
- We no longer need your personal data for the purposes of processing, but you need your personal data for the assertion, exercise or defense of your legal claims or
- after you have objected to the processing, for the duration of the examination as to whether our legitimate grounds outweigh your grounds.
4. Right to erasure (“right to be forgotten”) (Art. 17 GDPR).
If one of the following reasons applies, you have the right to request immediate erasure of your personal data:
- Your data is no longer necessary for the processing purposes for which it was originally collected.
- You withdraw your consent and there is no other legal basis for the processing.
- You object to the processing and there are no overriding legitimate grounds for the processing or you object pursuant to Art. 21 (2) GDPR.
- Your personal data is processed unlawfully.
- The erasure is necessary for compliance with a legal obligation under Union law or the law of the member state to which we are subject.
- The personal data was collected in relation to information society services offered in accordance with Article 8 (1) of the GDPR.
Please note that the above grounds do not apply insofar as the processing is necessary:
- For the exercise of the right to freedom of expression and information;
- For compliance with a legal obligation or for the performance of a task carried out in the public interest to which we are subject.
- For reasons of public interest in the area of public health.
- For archival, scientific or historical research purposes in the public interest or for statistical purposes.
- For the assertion, exercise or defense of legal claims.
5. Right to data portability (Art. 20 GDPR).
You have the right to receive your personal data, in a structured, common and machine-readable format or to request the transfer to another controller.
6. Right to object (Art. 21 GDPR)
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out on the basis of Art. 6 (1) e) or f) GDPR. This also applies to profiling based on these provisions.
If the personal data concerning you is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling, insofar as it is related to such direct marketing.
7. Right to complain to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you consider that the processing of personal data concerning you infringes the GDPR. The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 GDPR. A list, of the locally competent supervisory authorities in Germany can be found on the website of the Federal Commissioner for Data Protection at the following link:
https://www.bfdi.bund.de/DE/Service/Anschriften/Laender/Laender-node.html
V. Provision of the website and creation of log files
1. Description and scope of data processing
Each time our website is called up, our system automatically collects data and information from the computer system of the calling computer. The following data is collected in this process:
- Information about the browser type and the version used.
- The operating system of the user
- The Internet service provider of the user
- The IP address of the user
- Date and time of access
- Websites from which the user’s system accesses our website
- Web pages that are accessed by the user’s system via our website
This data is stored in the log files of our system. These data are not stored together with other personal data of the user.
2. Purpose of data processing
The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session.
The storage in log files is done to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.
These purposes are also our legitimate interest in data processing according to Art. 6 (1) f) GDPR.
3. Legal basis for data processing
The legal basis for the temporary storage of the data and the log files is Art. 6 (1) f) GDPR.
4. Duration of storage
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.
In the case of storage of data in log files, this is the case after seven days at the latest. Storage beyond this period is possible. In this case, the IP addresses of the users are deleted or alienated, so that an assignment of the calling client is no longer possible.
5. Possibility of objection
The collection of data for the provision of the website and the storage of the data in log files is mandatory for the operation of the website. The user can object to this. Whether the objection is successful is to be determined in the context of a balancing of interests.
VI. Use of cookies
1. Description and scope of data processing
When you visit our website, we use technical aids for various functions, in particular cookies, which can be stored on your terminal device. When you call up our website and at any time later, you have the choice of whether to generally allow cookies to be set or which individual additional functions you would like to select. You can make changes in your browser settings or via our Consent Manager. Cookies are text files or information in a database that are stored on your hard drive and assigned to the browser you are using so that certain information can flow to the entity that sets the cookie. Below we describe the types of cookies we use:
- Language settings
- Log-in information
- Search terms entered
- Frequency of page views
- Use of website functions
- We use cookies on our website that are not technically necessary. Text files that do not solely serve the functionality of the website but also collect other data are considered technically non-essential cookies.
2. Purpose of data processing
- Adoption of language settings
- Remembering search terms
The use of technically unnecessary cookies is for the purpose of improving the quality of our website, its content and thus our reach and profitability. By setting these cookies, we learn how the website is used and can thus constantly optimize our offer. In particular, these cookies serve the following purposes:
The use of cookies serves to make the use of our offer more pleasant.
3. Legal basis for data processing
Insofar as cookies are used that are not technically necessary, this is done on the basis of your consent, which you can give via the cookie banner. In this case, the basis for storing and accessing information is Section 25 (1) TTDSG in conjunction with. Art. 6 (1) a), Art. 7 GDPR. You can revoke your consent at any time with effect for the future or subsequently grant it again by configuring your settings for cookies accordingly. Alternatively, you can prevent the storage of cookies by making appropriate settings in your browser software. Please note that the browser settings you make only affect the browser you are using. If personal data is processed following the storage of and access to the information on your terminal equipment, the provisions of the GDPR are relevant. Information on this can be found in the following sections of this privacy policy.
VII. Email contact
1. Description and scope of data processing
On our website, it is possible to contact us via the email address provided. In this case, the user’s personal data transmitted with the email will be stored.
The data is used exclusively for processing the conversation.
2 Purpose of the data processing
In the case of contact by email, this also constitutes the necessary legitimate interest in processing the data.
3. Legal basis for data processing
The legal basis for the processing of data transmitted in the course of sending an email is Art. 6 (1) f) GDPR. Our legitimate interest is to optimally answer your inquiry that you send by e-mail.
If the e-mail contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 (1) b) GDPR.
4. Duration of storage
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For personal data sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when the circumstances indicate that the matter in question has been conclusively clarified.
The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.
5. Possibility of objection
If the user contacts us by email, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.
If you would like to make use of your right of revocation or objection, it is sufficient to send an email to: info@innoswan.com.
All personal data stored in the course of contacting us will be deleted in this case.
If you wish to exercise your right of revocation or objection, simply send an e-mail to: info@innoswan.com.
VIII. Use of company appearances in job-oriented networks
1. Scope of data processing
We use the possibility of company appearances in job-oriented networks. We maintain a company presence on the following profession-oriented networks:
LinkedIn:
LinkedIn, Unlimited Company Wilton Place, Dublin 2, Ireland.
On our site, we provide information and offer users the opportunity to communicate.
The company presence is used for job applications, information/PR and active sourcing.
We do not have any information on the processing of your personal data by the companies jointly responsible for the corporate presence. For more information, please refer to the privacy policy of:
LinkedIn: https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv
If you perform an action on our corporate presence (e.g. comments, posts, likes, etc.), you may thereby make personal data (e.g. clear name or photo of your user profile) public.
2. Legal basis for data processing
The legal basis for processing personal data for the purpose of communicating with customers and interested parties is Art. 6 (1) f) GDPR. In this context, our legitimate interest is to optimally answer your inquiry or to be able to provide the requested information. If the aim of contacting you is to conclude a contract, the additional legal basis for the processing is Art. 6 (1) b) GDPR.
3. Purpose of data processing
Our company website serves to inform users about our services. In doing so, each user is free to publish personal data through activities.
4. Duration of storage
We store your activities and personal data published via our corporate presence until you revoke your consent. In addition, we comply with the statutory retention periods.
5. Possibility of objection
You can object at any time to the processing of your personal data that we collect during your use of our corporate presence and assert your data subject rights as stated under IV. of this data protection declaration. To do so, send us an informal email to the email address stated in this data protection declaration.
You can find more information on exercising your rights here:
LinkedIn: https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv
IX. Hosting
The website is hosted on servers by a service provider contracted by us.
Our service provider is:
1&1 IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany.
The servers automatically collect and store information in so-called server log files, which your browser automatically transmits when you visit the website. The information stored is:
- Browser type and browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Date and time of the server request
- IP address
A combination of this data with other data sources is not made. The collection of this data is based on Art. 6 (1) f) GDPR. Our legitimate interest for processing this data is to display our website without errors and to optimize its functions.
The location of the website’s server is geographically in Germany.
X. Geotargeting
We use the IP address and other information provided by the user (in particular zip code in the context of registration or ordering) for regional targeting (so-called “geotargeting”).
Regional targeting is used, for example, to automatically show you regional offers or advertising that are often more relevant to users. The legal basis for the use of the IP address and, if applicable, other information provided by the user (in particular zip code) is Art. 6 (1) f) GDPR, based on our interest in ensuring more precise targeting and thus providing offers and advertising with higher relevance for users.
In this context, a part of the IP address as well as the additional information provided by the user (in particular zip code) are only read and not stored separately.
You can prevent geotargeting by using, for example, a VPN or proxy server that prevents precise localization. In addition, depending on the browser used, you can also deactivate a location localization in the corresponding browser settings (insofar as the respective browser supports this).
We use geotargeting on our website for the following purposes:
- For the purpose of the needs-based design and ongoing optimization of our website.
XI. Partner programs
Furthermore, we use the following affiliate programs: WordPress
XII. Used plugins
We use plugins for various purposes. The plugins we use are listed below:
Use of Google AdWords
1. Scope of the processing of personal data
We use Google AdWords of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and the representative in the Union Google Ireland Ltd, Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as: Google). We use this service to place advertisements. Google sets a cookie on your computer. As a result, personal data can be stored and evaluated, in particular the activity of the user (in particular which pages have been visited and on which elements have been clicked), device and browser information (in particular the IP address and the operating system), data about the advertisements displayed (in particular which advertisements were displayed and whether the user clicked on them) and also data from advertising partners (in particular pseudonymized user IDs).
Further information on the processing of data by Google can be found here:
https://policies.google.com/privacy?gl=DE&hl=de
2. Purpose of data processing
We only gain knowledge of the total number of users who have responded to our ad. No information is shared that would allow us to identify you. The use is not for tracking purposes.
3. Legal basis for the processing of personal data
The legal basis for the processing of users’ personal data is basically the user’s consent in accordance with Art. 6 (1) a) GDPR.
4. Duration of storage
Your personal information will be stored for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g. for tax and accounting purposes.
5. Revocation and removal option
You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.
You can prevent the collection as well as the processing of your personal data by Google by preventing the storage of third-party cookies on your computer, using the “Do Not Track” function of a supporting browser, disabling the execution of script code in your browser or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
You can use the following link to disable Google’s use of your personal data:
https://adssettings.google.de
For more information on objection and removal options with Google, please visit:
https://policies.google.com/privacy?gl=DE&hl=de
Use of LinkedIn
1. Scope of the processing of personal data
We use functions of the LinkedIn network. The provider is LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland /Subsequently referred to as: LinkedIn). Each time one of our pages containing LinkedIn functions is accessed, a connection to LinkedIn servers is established. LinkedIn is informed that you have visited our web pages with your IP address. If you click the “Recommend button” of LinkedIn and are logged into your account at LinkedIn, it is possible for LinkedIn to assign your visit to our website to you and your user account. Personal data can thus be stored and evaluated, especially the user’s activity (in particular, which pages have been visited and which elements have been clicked on) and device and browser information (in particular, the IP address and operating system).
We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by LinkedIn. Further information on the processing of data by LinkedIn can be found here:
https://www.linkedin.com/legal/privacy-policy
2. Purpose of data processing
The use of the LinkedIn plugin serves the user-friendliness of our online presence.
3. Legal basis for the processing of personal data
The legal basis for the processing of users’ personal data is basically the user’s consent in accordance with Art. 6 (1) a) GDPR.
4. Duration of storage
Your personal information will be stored for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g. for tax and accounting purposes.
5. Revocation and elimination options
You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.
You can prevent the collection as well as the processing of your personal data by LinkedIn by preventing the storage of third-party cookies on your computer, using the “Do Not Track” function of a supporting browser, disabling the execution of script code in your browser or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser. Furthermore, the transmission can be prevented by logging out of your LinkedIn account before calling up our website.
You can deactivate the use of your personal data by LinkedIn using the following links:
https://www.linkedin.com/psettings/guest-controls
For more information on objection and removal options vis-à-vis LinkedIn, please visit:
https://www.linkedin.com/legal/privacy-policy
This privacy policy was created with the support of DataGuard.