1. Notice concerning the party responsible
The party responsible for processing data is:
represented by Dr. Roland Thar
Tel.: +49 241 518322-10
The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).
2. General information on data processing
2.1. Scope of the processing of personal data
We are collecting and using personal data of our users in principle only as far as it is necessary to provide a functional website as well as our contents and services. Collection and use of our users’ personal data is carried out regularly only after the users’ approval. There is one exception for such cases where it is impossible to ask the user previously for his approval for factual reasons and where processing the data is allowed by legal stipulations.
2.2. Legal basis for processing of personal data
As far as we are asking for the consent of the respective person to the processing of personal data, Art. 6 para. 1 lit. a of the EU General Data Protection Regulation (GDPR) serves as legal basis.
With the processing of personal data which are necessary to fulfil a contract where the respective person is a contractual party, Art. 6 para. 1 lit. b GDPR serves as legal basis. This also applies to procedures which are required for carrying out pre-contractual measures.
As far as the processing of personal data is necessary to fulfil a legal obligation which our company is subject to, Art. 6 para. 1 lit. c GDPR serves as legal basis.
In case of vital interests of a person involved or another natural person require processing of the personal data, Art. 6 para. 1 lit. d GDPR serves as legal basis.
If processing of the data is necessary to meet rightful interests of our company or a third party and if the interests, basic rights and fundamental freedoms of the involved person are not affected by the interests mentioned before, Art. 6 para. 1 lit. f GDPR are the legal basis for processing the data.
2.3. Deleting of data and duration of storage
The personal data of the respective person are deleted or blocked as soon as the purpose of the storage lapses. Moreover, storage can be necessary when this was stipulated by European or national legislators in Union regulations, laws, or other provisions the person responsible is subject to. Blocking or deleting of the data is also done if a storage period stipulated by the aforementioned standards expires, unless there is a necessity to further store the data for the purpose of concluding a contract or fulfilment of a contract.
2.4. SSL or TLS encryption
The website of PyroScience GmbH uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser's address line when it changes from "http://" to "https://" and the lock icon is displayed in your browser's address bar.
If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.
3. Data collection on our website
Please note that data transmitted via the internet (e.g. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.
3.1.1. Description and scope of data processing
The website provider automatically collects and stores information that your browser automatically transmits to us in so called server log files. These are:
- Browser type and browser version
- Operating system used
- Referrer URL
- Anonymized Host name of the accessing computer
- Time of the server request
- Anonymized IP address
These data will not be combined with data from other sources.
3.1.2. Legal basis for data processing
The basis for data processing is Art. 6 (1) (b) GDPR, which allows the processing of data to fulfill a contract or for measures preliminary to a contract
3.1.3. Purpose of data processing
Storage in log files is done to ensure functionality of the web page. In addition, the data serve to maintain safety of our information technological systems. There is no evaluation of the data for marketing purposes in this context. These purposes are also our rightful interest in data processing according to Art. 6 para. 1 lit. f GDPR.
3.1.4. Duration of storage
Data of the Server-Log-Files are stored temporarily and will be deleted automatically after a few weeks.
3.2. Contact form and Email contact
3.2.1. Scope of the processing of personal data
On our website, a contact form is available that can be used for electronic contacting. If a user takes this opportunity, his data entered in the input mask are being transmitted to us and stored.
These data are:
- Institution (optional)
- Your message
As an alternative, it is possible to enter into contact by the provided email address. In this case, personal data of the user transmitted with the email are stored. In this context, there is no transfer of the data to a third party. The data are only used to process the conversation.
3.2.2. Legal basis for data processing
Provided the user gave his consent, legal basis for processing of the data is Art. 6 para. 1 lit. a GDPR.
Legal basis for the processing of data transmitted whilst sending an email is Art. 6 para. 1 lit. f GDPR. In case the email contact is made with the intention to conclude a contract, in addition Art. 6 para. 1 lit b GDPR is legal basis for processing of the data.
3.2.3. Purpose of data processing
Processing the personal data from the input mask serves only to handle the contact request. In case of entering into contact by email, herein is also the necessary justified interest in processing the data.
3.2.4. Duration of storage
The data are deleted as soon as they are no longer necessary to serve the purpose of their storage. For the personal data from the input mask of the contact form and those sent by email this is the case as soon as the respective conversation with the user has ended. The conversation has ended at that point when it can be gathered from the circumstances that the respective state of affairs was cleared up completely.
Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.
3.2.5. Possibility of lodging an objection and of elimination
There is always the possibility for the user to revoke his consent to the processing of his personal data. In case the user takes up contact with us by email, he can object to the storage of his personal data any time. In such case, the conversation cannot be continued. In this case, all personal data stored during entering into contact are eliminated.
To receive our newsletter, we require a valid email address. Verification of the specified email address is necessary and the receipt of the newsletter has to be agreed. We will not collect any other data. The data thereby collected is used solely for the purpose of receiving our newsletter.
Data processing is based on Art. 6 (1) (a) GDPR. You may revoke your consent at any time. You may cancel your subscription to the newsletter at any time. You will find additional details in the email confirming your subscription as well as in each newsletter. The data processed before we receive your request may still be legally processed. The data provided when registering for the newsletter will be used to distribute the newsletter until you cancel your subscription when said data will be deleted. Data we have stored for other purposes remains unaffected.
4. Rights of the person concerned
In case your personal data are being processed, you are a person concerned according to GDPR and you have the following rights against the responsible:
4.1 Revocation of your consent to the processing of your data
Some data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The legality of the already completed data processing operations remains unaffected by the revocation
4.2 Right to file complaint with regulatory authorities
If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities. The competent regulatory authority for matters related to data protection legislation is the data protection officer of the German state in which our company is headquartered. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
4.3 Right to data portability
You have the right to have data which we process based on your consent or in fulfilment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.
4.4 Information, blocking, deletion
As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal data.