Privacy protection

Knowledge, expertise, and trust are crucial pillars of the services provided by Utrecht University in connection with the NanoMedNL project.
We are committed to giving you clarity on how we handle your personal data.
In this Privacy Statement, we inform you about our approach to handling and processing personal data.

1. Contact details / Data controller

Utrecht University (hereinafter: “Utrecht University”) is the controller responsible for the processing of personal data in connection with this website and the NanoMedNL project.

Controller:

Utrecht University
Heidelberglaan 8
3584 CS Utrecht
The Netherlands

Phone: +49 (0) 89 248 83 03 0
E-mail:

Service providers / data processors (including PNO)

NanoMedNL uses external service providers for certain processing activities, such as hosting, IT support, website maintenance, newsletter distribution and other digital or project-related services.
These service providers act as data processors within the meaning of the GDPR and process personal data exclusively on the basis of documented instructions from NanoMedNL.

In particular, NanoMedNL works with the following data processor:

PNO Innovation GmbH

Oskar-von-Miller-Ring 29
80333 München
Germany
pnoinnovation.com

(acting as data processor for website maintenance, technical support, digital communication services and related activities)

NanoMedNL has concluded data processing agreements with PNO Innovation GmbH in accordance with Article 28 of the General Data Protection Regulation (GDPR), ensuring that personal data is processed securely and exclusively under NanoMedNL’s instructions.

2. To whom does this Privacy Statement apply?

This Privacy Statement applies to all persons whose personal data NanoMedNL processes in the context of the NanoMedNL project and this website.
Personal data means any data that contains information about identified or identifiable natural persons.

This Privacy Statement applies to:

  • clients of NanoMedNL in the context of the NanoMedNL project,
  • potential clients with whom NanoMedNL has made or wishes to make contact,
  • visitors to the NanoMedNL website,
  • recipients of newsletters and commercial e-mails sent in relation to NanoMedNL, and
  • any other person who contacts NanoMedNL in relation to NanoMedNL or whose personal data is processed by NanoMedNL in this context.

This Privacy Statement does not apply to employees, temporary workers, student trainees, and applicants of NanoMedNL.

3. Which personal data do we process?

By processing personal data we mean: collecting, recording, organizing, storing, updating, modifying, retrieving, consulting, using, providing by means of forwarding, distribution, or any other form of making available, combining, linking, as well as protecting, erasing or destroying your personal data.

We process personal data that you have provided to us, personal data generated during your visit to our website and reading newsletters, and personal data that we have derived from other sources, such as business social media platforms.

Personal information provided by you:

  • contact details and other personal data needed to enable collaboration,
  • contact details and other personal data entered on contact forms or other web forms, and
  • contact information provided during introductory talks, events, seminars, etc..

4. For what purposes do we use your personal data?

We use your personal data for different purposes. These are listed and elaborated on below:

  • Execution of agreements and projects.Depending on the nature of the project, further personal data may be necessary in order to perform our tasks and obligations.
  • Compliance with legal obligations.In some cases we are legally obliged to process or provide certain personal data, for example to authorities or funding bodies.
  • Maintaining contact with you.Your contact details are kept in an EU-based relationship management system and may be used for sending newsletters, updates, invitations to events and seminars, and for sending information you requested from us regarding NanoMedNL.
  • Improving and securing our website.We use usage data to improve the functioning, security and stability of our website www.nanomednl.com.
  • Creating user statistics.User statistics enable us to track, for example, the number of visitors, the duration of visits, which parts of the website are viewed and click behaviour.
    It concerns aggregated reports without information about identifiable individuals.
    We use this information to improve the website.

5. Security of personal data

We protect personal data through technical and organisational security measures to minimise the risk of loss, misuse, unauthorised access, disclosure, and alteration.
Examples include security software such as virus scanners and firewalls, secure connections, encryption, and physical and administrative access controls to data and servers.

6. Storage of personal data

We do not store your personal data longer than is necessary for the purposes described in this Privacy Statement, unless a longer retention period is required or permitted by law.
If legal retention periods apply, the personal data will not be kept longer than prescribed by law.

7. Legal basis of the processing

We process personal data on the basis of one of the following legal grounds:

  • your consent,
  • performance of a contract or steps prior to entering into a contract,
  • compliance with a legal obligation, or
  • legitimate interests of NanoMedNL or a third party, provided that your interests or fundamental rights and freedoms do not override those interests.

If we process your personal data on the basis of your consent, you may withdraw your consent at any time.
This does not affect the lawfulness of processing based on consent before its withdrawal.

8. Processors

We may use service providers (processors) for the processing of your personal data.
These processors process personal data exclusively on our behalf and on the basis of documented instructions from NanoMedNL.

We work with service providers that offer SaaS solutions (software as a service), provide hosting services, or support us in keeping our systems secure and stable.
We also use third-party services for sending newsletters and commercial e-mails.
These parties can be designated as (sub-)processors within the meaning of the GDPR.

NanoMedNL specifically works with the following data processor:

PNO Innovation GmbH

Oskar-von-Miller-Ring 29
80333 München
Germany

(acting as data processor for website maintenance, technical support, digital communication services and related activities)

9. Sharing personal data with third parties

In some cases it is necessary to share your personal data with third parties, for example where this is necessary in the context of projects, cooperation or funding schemes.
We may also be legally obliged to share data with authorities.

In the following cases personal data may be provided to third parties, for example:

  • when processing project-related matters, it may be necessary to share your personal data with partners, authorities, funding bodies or other organisations involved;
  • if a court decision obliges us to provide personal data to third parties;
  • if we organise a joint activity with another organisation, such as an event or seminar, and the exchange of contact details is necessary for this purpose; and
  • in the event of a reorganisation or merger of (part of) our organisation, where personal data may be transferred in that context.

We do not sell your personal data to third parties and do not make automated decisions that could have significant effects on you.

10. Transfer outside the European Economic Area (EEA)

Under the General Data Protection Regulation (GDPR), personal data may only be transferred to parties outside the EEA if an adequate level of protection is ensured or if a specific derogation applies.

If we transfer personal data to parties outside the EEA, we will take appropriate safeguards, such as the use of Standard Contractual Clauses or other mechanisms recognised by the European Commission.

11. Your rights

Every person has certain rights with respect to his or her personal data under the law.
You have, for example, the right to access, rectify and erase your personal data.
You may also object to the use of your data or request restriction of processing.
In certain cases, you can request your data in a structured, commonly used and machine-readable format and transmit it to another controller (data portability).

To exercise these rights, please contact us via:

Phone: +49 (0) 89 248 83 03 0

E-mail:

12. Complaints

If you have complaints about how we handle your personal data, we encourage you to contact us first using the contact details above.
We will do our best to find a solution together with you.
You also have the right to lodge a complaint with the competent data protection authority in the Netherlands.

13. Changes

Developments in our activities or in the applicable legislation may lead to changes in the way we process personal data.
In such cases, we will update this Privacy Statement.
We therefore invite you to regularly consult this Privacy Statement so that you are informed.
In the event of material changes, we may also actively inform you, for example via our website.

To whom does this privacy policy apply

This data protection declaration applies to all persons whose personal data are processed by NanoMedNL, except those who work for NanoMedNL. Personal data is any data that contains information about persons with whom these persons are identifiable. This Privacy Policy applies to:

  • Customers of NanoMedNL
  • Potential customers with whom NanoMedNL has contacted or wanted to contact
  • Visitors to the website of NanoMedNL
  • Recipients of newsletters and commercial emails from NanoMedNL
  • Any person who contacts NanoMedNL or whose personal data is processed by NanoMedNL

This Privacy Policy does not apply to employees, temporary workers, trainees and applicants.

Collection and storage of personal data and
the nature and purpose of their use
Personal information

Personally provided information includes:

  • Contact information and other personal information needed to enable collaboration with a consultant
  • Contact details provided when you typed in contact forms or web forms
  • Contact details disclosed during introductory talks, events, seminars, etc.

Personal information obtained from another source includes:

  • Personal data available on public social media, such as LinkedIn
  • Personal information to be found in the Chamber of Commerce
  • Personal information found on the NanoMedNL’s websites

When visiting the website

When you visit our website www.nanomednl.com, information is automatically sent to the server of our website by the browser used on your device. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until automated deletion:

  • IP address of the requesting computer,
  • Date and time of access,
  • the name and URL of the retrieved file,
  • Website from which access is made (referrer URL),
  • Browser and, if applicable, the operating system of your computer as well as the name of your access provider.

The above data will be processed by us for the following purposes:

  • Ensuring a smooth connection of the website,
  • Ensuring comfortable use of our website,
  • evaluation of system security and stability as well as
  • for other administrative purposes.

The legal basis for data processing is Art. 6 para. 1 sentence 1 letter f GDPR. Our legitimate interest follows from the above-mentioned purposes for data collection. Under no circumstances do we use the data collected for the purpose of drawing conclusions about your person.

Furthermore, we use cookies and analysis services when you visit our website. You will find more detailed explanations in sections 6 and 7 of this data protection declaration.

When registering for our newsletter

Provided that you have expressly consented in accordance with Art. 6 para. 1 sentence 1 letter a GDPR, we will use your e-mail address to send you our newsletter on a regular basis. To receive the newsletter, it is sufficient to provide an e-mail address.

You can cancel your subscription at any time by sending an informal message (subject: cancellation) to:

(by post) NanoMedNL
Utrecht University
Heidelberglaan 8
3584 CS Utrecht
The Netherlands

(by e-mail)

Unsubscribe.

Use of your data

We use your personal data for various purposes. The following is a list:

For the implementation of an agreement in which you have commissioned us to provide innovation and financing advice from our consultants. If you place an order with a consultant, at least your contact details will be requested. Depending on the nature of the assignment, other personal data may also be required to process the assignment. In addition, the data is used to invoice the services provided.

  • Compliance with legal obligations
  • The collection of fees.
  • Recruitment and selection (application)
  • Maintaining contact with you

In order to carry out marketing campaigns more efficiently and to improve product and service information, your contact details are stored in EU CRM systems and can be used to send newsletters, updates, event and seminar invitations and to send you information you have requested from NanoMedNL.

We think it is important to address you with relevant information. To do this, we combine and analyse the personal data we hold about you. On this basis, we determine which information and channels are relevant and which moments are most appropriate for providing information or contacting you. We do not process any specific personal data or confidential data in marketing campaigns. If we wish to create a personal, individual customer profile, we ask for your prior consent. If you wish to withdraw this consent later, this is always possible.

To analyse data, in the following we distinguish between interaction and behaviour data.

Interaction data: Personal data, which are obtained through the contact between you and NanoMedNL. For example, about your use of our website or supported applications. This also applies to offline interactions, e.g. how often and when there is contact between NanoMedNL and you.

Behavioural data: Personal data which NanoMedNL processes about your behaviour, such as your preferences, opinions, wishes and needs. We can derive this data from your surfing behaviour on our website, from our newsletters or from your request for information. But also, through contact, incoming telephone calls and e-mail contact with our employees. We only collect and use information that we obtain by tracking cookies with your permission, which you can revoke at any time. See our cookie declaration.

To improve user statistics. The user statistics of the website allow us to get an image of the number of visitors, the duration of the visit, the parts viewed of the website and the click behavior. These are generic reports with no information about individuals. We use the information obtained to improve the website.

To ensure access control and enterprise security. If you visit our office, we will note your name on arrival. In addition, camera images may be taken outside the office, at reception and at the entrance to the meeting rooms. We do this to prevent unauthorised persons from entering the office in the event of an accident and to ensure that no unauthorised persons have access to the office. Camera recordings are generally destroyed after ten days.

Disclosure of data

Your personal data will not be transferred to third parties for purposes other than the ones listed below.

We will only share your personal information with third parties if:

  • you have given your express consent in accordance with Art. 6 Para. 1 p. 1 letter a GDPR
  • the disclosure pursuant to Art. 6 Para. 1 p. 1 letter f GDPR is necessary for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,
  • if there is a legal obligation to pass on the data pursuant to Art. 6 Para. 1 p. 1 letter c GDPR, and
  • this is legally permissible and is required under Art. 6 Para. 1 p. 1 letter b GDPR for the processing of contractual relationships with you.

Social Media Plug-ins

We use our website on the basis of Article 6(0). 1 p. 1 letter f GDPR social plug-ins of the social networks Facebook, Linkedin, Twitter, Vimeo, Xing and Youtube as well as Google Maps to make our company better known about this. The underlying commercial purpose is to be regarded as a legitimate interest within the meaning of the GDPR. The responsibility for the data protection-compliant operation is to be guaranteed by their respective providers. The integration of these plug-ins by us takes place by means of the so-called two-click method in order to protect visitors to our website in the best possible way.

Facebook

On our website, social media plugins from Facebook are used to make their use more personal. For this we use the “LIKE” or “SHARE” button. It is an offer from Facebook.

When you visit a page of our website that contains such a plugin, your browser establishes a direct connection to the Facebook servers. The content of the plugin is transmitted by Facebook directly to your browser and integrated by it into the website.

By integrating the plugins, Facebook receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook account or are not currently logged in to Facebook. This information (including your IP address) is transmitted by your browser directly to a Facebook server in the USA and stored there.

If you are logged in to Facebook, Facebook can assign the visit to our website directly to your Facebook account. If you interact with the plugins, for example by pressing the “LIKE” or “SHARE” button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information is also posted to Facebook and displayed to your Facebook friends.

Facebook may use this information for the purpose of advertising, market research and the needs of the Facebook pages. For this purpose, Facebook creates usage, interest and relationship profiles, e.g. to evaluate your use of our website with regard to the advertisements displayed to you on Facebook, to inform other Facebook users about your activities on our website and to provide other services related to the use of Facebook.

If you do not want Facebook to assign the data collected via our website to your Facebook account, you must log out of Facebook before visiting our website.

The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as your rights in this regard and setting options for the protection of your privacy can be found in Facebook’s privacy policy.

Linkedin

We use components of the LinkedIn network on our website. LinkedIn is a service of LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Every time you access our website that is equipped with such a component, this component causes the browser you are using to download a corresponding representation of the LinkedIn component.

This process informs LinkedIn which specific page of our website is currently being visited. If you click on the LinkedIn “Recommend” button while you are logged into your LinkedIn account, you can link the contents of our pages to your LinkedIn profile. As a result, LinkedIn is able to associate the visit to our pages with your LinkedIn user account.

We have no influence on the data that LinkedIn collects as a matter of this, nor on the extent of this data collected by LinkedIn. We are also unaware of the content of the data transmitted to LinkedIn. Details of LinkedIn’s data collection, rights and settings can be found in LinkedIn’s privacy policy.

Twitter

Plugins of the short message network of Twitter Inc. are on our website. (Twitter). You can recognize the Twitter plugins (tweet button) by the Twitter logo on our site. An overview of tweet buttons can be found here.

When you visit a page of our website that contains such a plugin, a direct connection is established between your browser and the Twitter server. Twitter receives the information that you have visited our site with your IP address. If you click on the Twitter “tweet” button while you are logged into your Twitter account, you can link the contents of our pages to your Twitter profile. This allows Twitter to assign the visit to our pages to your user account. We would like to point out that we, as the provider of the pages, do not receive any knowledge of the content of the transmitted data as well as their use by Twitter.

If you do not want Twitter to be able to associate the visit to our pages, please log out of your Twitter account.

For more information, see Twitter’s Privacy Policy.

Vimeo

We use components from the supplier Vimeo on our website. Vimeo is a service of Vimeo LCC, 555 West 18th Street, New York, New York 10011, USA. Every time you access our website that is equipped with such a component, this component causes the browser you are using to download a corresponding representation of the Vimeo component. When you visit our site and are logged in to Vimeo, Vimeo recognizes which specific page you are visiting through the information collected by the component and assigns this information to your personal account at Vimeo. For example, if you click on the “Play” button or make comments, this information will be transmitted to your personal user account at Vimeo and stored there. In addition, the information that you have visited our site will be passed on to Vimeo. This happens regardless of whether you click/comment on the component, for example, or not.

If you wish to prevent vimeo from transmitting and storing your data about you and your behaviour on our website, you must log out of Vimeo before visiting our website. Vimeo’s privacy policy provides more detailed information on this, in particular on the collection and use of the data by Vimeo.

Xing

We use components of the network XING.com on our website. These components are a service of XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany.

Every time you access our website that is equipped with such a component, this component causes the browser you are using to download a corresponding representation of the component of XING.

To our knowledge, XING does not store any personal data of the user via the access to our website. XING also does not store IP addresses. In addition, there is no evaluation of the usage behaviour via the use of cookies in connection with the “XING Share button”. Further information can be found in the privacy policy for the XING Share button.

Youtube

On our website we use components (videos) of youTube, LLC 901 Cherry Ave., 94066 San Bruno, CA, USA, a company of Google Inc., Amphitheatre Parkway, Mountain View, CA 94043, USA.

We use the option provided by YouTube – extended privacy mode. According to YouTube, in ” extended data protection mode” only data is transmitted to the YouTube server, in particular which of our websites you have visited when you watch the video. If you are logged in to YouTube at the same time, this information will be associated with your YouTube account. You can prevent this by logging out of your account before visiting our website.

When you visit a page that has an embedded video, you connect to the YouTube servers and display the content on the website by notifying your browser.

Further information on YouTube’s privacy is provided by Google at this link.

Google Maps

We use the component “Google Maps” of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter “Google”, on our website.

Every time the “Google Maps” component is accessed, Google sets a cookie to process user settings and data when viewing the page on which the Google Maps component is integrated. This cookie is usually not deleted by closing the browser, but expires after a certain time, unless it is deleted manually by you beforehand.

If you do not agree with this processing of your data, it is possible to deactivate the service of “Google Maps” and in this way prevent the transfer of data to Google. To do this, you need to disable the Java script function in your browser. However, we would like to point out that in this case you will not be able to use the “Google Maps” or only to a limited extent.

The use of “Google Maps” and the information obtained via “Google Maps” is carried out in accordance with the Google Terms of Use and the additional terms and conditions for “Google Maps“.

Publication of job advertisements / online job applications

Your application data will be collected and processed electronically by us for the purpose of processing the application process. If your application is followed by the conclusion of an employment contract, your transmitted data may be stored in your personnel file for the purpose of the usual organisational and administrative process in compliance with the relevant legal regulations.

The deletion of the data you have submitted will automatically take place two months after notification of the rejection if your job application is rejected. This does not apply if a longer storage is necessary due to legal requirements (e.g. the obligation to provide evidence under the General Equal Treatment Act) or if you have expressly consented to a longer storage in our database of interested parties.

Affected rights

You have the right to:

  • in accordance with Art. 15 GDPR, to request information about your personal data processed by us. In particular, you may request information on the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned retention period, the existence of a right to rectification, deletion, restriction of processing or opposition, the existence of a right of appeal, the origin of their data, if not collected from us, and the existence of automated decision-making, including profiling and, where applicable, meaningful information on its details;
  • require the correction of inaccurate or complete your personal data stored by us without delay in accordance with Art. 16 GDPR;
  • require the deletion of your personal data stored by us in accordance with Art. 17 GDPR, unless processing is necessary for the exercise of the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims;
  • in accordance with Art. 18 GDPR, to request the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you refuse to delete it and we no longer need the data, but you require it to assert, exercise or defend legal claims or you have objected to the processing in accordance with Article 21 GDPR;
  • in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request the transfer to another controller;
  • in accordance with Art. 3 GDPR to revoke your consent to us at any time. As a result, we may no longer continue the processing of data based on this consent for the future and
  • to a regulatory authority in accordance with Article 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our registered office.

Legal basis of processing

We process personal data on the basis of one of the following legal reasons:

  • Get permission
  • based on a contract agreement or agreement prior to the conclusion of the contract
  • legal obligation
  • In connection with a legitimate interest.

A controller may only process personal data if this can be based on one of the restrictive legal reasons set out in the General Data Protection Regulation (GDPR). The four legal bases on which NanoMedNL rely are:

Get permission:

If we have asked for your permission to process your personal data and you have granted this permission, you also have the right to revoke this consent.

Contract agreement or agreement before conclusion of the contract:

If you order us to provide innovation or financial advice services, we will process personal data if and to the extent necessary to carry out the order.

Legal obligation:

We will only provide personal information to the superiors of investigative authorities if this is required by law. In such cases, we will take reasonable steps to ensure that your personal information is protected as much as possible.

Eligible interest:

We may also process personal data if we have a legitimate interest in it and therefore do not disproportionately violate your privacy. For example, we use your contact information to invite you to seminars and events.

Processors

We may use service providers (processors) to process your personal data, which only process personal data in our order. We enter into a processing agreement with these processors that meets the requirements of the General Data Protection Regulation (GDPR).

For example, we work with service providers who offer Software as a Service (SaaS) solutions or hosting services. There are also ICT service providers that help us keep our systems safe and stable. We also use third-party services to send newsletters and commercial emails. These are examples of parties that can be referred to as processors under the General Data Protection Regulation (GDPR).

Right to object

If your personal data is based on legitimate interests in accordance with Article 6 sec. 1 p. 1 letter f GDPR, you have the right to object to the processing of your personal data in accordance with Article 21 GDPR, insofar as there are reasons for doing so, which arise from your particular situation or if the objection is directed against direct marketing. In the latter case, you have a general right of objection, which we implement without specifying a specific situation.

If you wish to exercise your right of withdrawal or objection, please send an e-mail to NanoMedNL

Cookie Policy


This policy covers the use of information collected by PNO during your website visit.

Rijswijk, June 1st, 2019

What is a “cookie”?

A “cookie” is a text file containing small amounts of information which downloads to your personal computer or mobile device when you visit a website. Cookies are useful because they allow a website to recognise a user’s device. You can find more information about cookies at: www.allaboutcookies.org and www.youronlinechoices.com. Various types of cookies facilitate you navigate between different pages on a website efficiently, remembering preferences you gave while visiting a website, and improving overall user experience. Others are used to provide you with advertising tailored to your interests or to measure the number of site and page visits.

Session based versus Persistent cookies

Some cookies are installed only for the duration of your visit to a website; these are called session based cookies. They automatically expire when you close your browser. Another type of cookie would remain on your device for a period of time. These are known as persistent cookies. The cookies used on this site are based on the International Chamber of Commerce guide for cookie categories:

  1. Strictly necessary
  2. Performance
  3. Functionality
  4. Targeting

Types of cookies PNO uses

1. Strictly necessary cookies. These cookies enable services you have specifically asked for. For those types of cookies that are strictly necessary, no consent is required. These cookies are essential in order to enable you to move around the website and use its features, such as accessing secure areas of the website. For example these cookies will:

  • remember information you’ve entered on forms when you navigate to different pages in a single session, and
  • identify you as logged in to the website.

These cookies don’t gather any information about you that could be used for marketing or remembering where you’ve been on the internet. These cookies are not used to gather information that could be used to advertise products or services to you or remember your preferences or username beyond your current visit. Accepting these cookies is a condition of using the website, so if you disable these cookies we cannot guarantee or predict how our website will perform during your visit.

2. Performance cookies collect information about how you use our website e.g. which pages you visit, and if you experience any errors. We use them only to improve our site or measure response rates. All information collected by these cookies is anonymous and does not in any way impact your privacy. We need to use them to maintain our site’s effectiveness and ease of use and to improve how our website works, understand what interests our users or measure how effective certain features of our website are.

For example we use these to provide statistics on how our website is used. We do not pass this information to anyone. We also use performance cookies to help us improve the website by measuring any errors that occur or test different designs of our website.

In some cases, some of these cookies are managed for us by third parties. Where cookies are managed by third parties, any data may be used by such third parties but all data is collected and used in aggregated anonymised form.

Using our site indicates that you accept the use of ‘Performance’ cookies. Accepting these cookies is a condition of using the website, so if you prevent them we cannot guarantee how our site will perform for you.

3. Functionality cookies are used to provide services or to remember settings and choices you make to improve your experience during your visit. For example, these cookies will:

  • show you when you are logged into the website,
  • remember your login details,
  • remember the settings you’ve applied such as preferences,
  • remember whether we’ve already asked you if you want to fill in a survey, and
  • measure traffic received from various websites.

Functionality cookies collect non-identifiable data. No personal details are stored in this process and the information collected is only used in aggregate. We sometimes share some of the information with partners to provide a service on our website. In addition, some of these cookies are managed for us by third parties. In any case, the information shared or collected by third parties is only to be used to provide the service, product or function and not for any other purpose.

We will only collect functionality cookies based on your selection. If you accept the use of cookies we will store this information in a cookie named ‘cookiesettings’.

4. Targeting cookies are used to deliver PNO content more relevant to you and your interests. They are also used to limit the number of times you see, as well as help measure the effectiveness of, PNO marketing campaigns.

How we collect your consent

When you enter a PNO site for the first time, you will see a banner notice requesting your consent to use cookies.

Click here to change your cookie consent

 

Browser settings
Cookies can also be removed from your device using browser settings but there will still be some deterioration in the service you receive (for example you may not be able to access a page you earlier personalised).

Your browser lets you choose whether to accept, not to accept or to be warned before accepting cookies. Settings can be found in the advanced preferences.

If you delete all your cookies and when you use a different device, computer profile or browser you will have to tell us your preferences again.

This policy applies to all domains used by PNO Innovation (See . However, some PNO websites may contain policies which are different from this one.

We cannot be responsible for the policies and practices of other websites even if you:

  • accessed the third party website using links from our website, or
  • linked to our website from a third party website.

We recommend that you check the policy of each linked site you visit and contact the owner or operator of that website if you have any concerns or questions.

For more information about our policy, please contact .

Last check by DPO, November 1st, 2022

Hosting IONOS
We host our website with IONOS SE. The provider is IONOS SE, Elgendorfer Str. 57, 56410 Montabaur (hereinafter: IONOS). When you visit our website, IONOS collects various log files including your IP addresses. For details, please refer to the IONOS privacy policy: https://www.ionos.de/terms-gtc/terms-privacy.

The use of IONOS is based on Art. 6 (1) lit. f DSGVO. We have a legitimate interest in the most reliable presentation of our website. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO; the consent can be revoked at any time.

Order processing
We have concluded an order processing agreement (AVV) with the above-mentioned provider. This is a contract required by data protection law, which ensures that this provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the DSGVO.

Note on the responsible body
The entity responsible for data processing on this website is:

PNO Innovation Germany (fka ARTTIC)
Oscar-von-Miller-Ring 29
80333 Munich
Telephone: +49 (0) 89 248 83 03 0
E-mail: 

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).

Note on data transfer to the USA and other third countries
Among other things, we use tools from companies based in the USA or other third countries that are not secure under data protection law. If these tools are active, your personal data may be transferred to these third countries and processed there. We would like to point out that no level of data protection comparable to that in the EU can be guaranteed in these countries. For example, US companies are obliged to hand over personal data to security authorities without you as a data subject being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g. intelligence services) process, evaluate and permanently store your data located on US servers for monitoring purposes. We have no influence on these processing activities.

Revocation of your consent to data processing
Many data processing operations are only possible with your express consent. You can revoke consent you have already given at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right of appeal to the competent supervisory authority
In the event of breaches of the GDPR, data subjects shall have a right of appeal to a supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place of the alleged breach. The right of appeal is without prejudice to other administrative or judicial remedies.

Right to data portability
You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.

SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Information, deletion and correction
Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of data processing and, if necessary, a right to correction or deletion of this data. For this purpose, as well as for further questions on the subject of personal data, you can contact us at any time.

Right to restriction of processing
You have the right to request the restriction of the processing of your personal data. For this purpose, you can contact us at any time. The right to restriction of processing exists in the following cases:

  • If you dispute the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the review, you have the right to request the restriction of the processing of your personal data.
  • If the processing of your personal data happened/is happening unlawfully, you can request the restriction of data processing instead of deletion.
  • If we no longer need your personal data, but you need it to exercise, defend or assert legal claims, you have the right to request restriction of the processing of your personal data instead of erasure.
  • If you have lodged an objection pursuant to Art. 21 (1) DSGVO, a balancing of your and our interests must be carried out. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.

If you have restricted the processing of your personal data, this data may – apart from being stored – only be processed with your consent or for the assertion, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the European Union or a Member State.

Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • browser type and browser version
  • Operating system used
  • referrer URL
  • Host name of the accessing computer
  • Time of the server request
  • IP address

This data is not merged with other data sources.

The collection of this data is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website – for this purpose, the server log files must be collected.

Contact form
If you send us inquiries via the contact form, your data from the inquiry form including the contact data you provided there will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not pass on this data without your consent.

The processing of this data is based on Art. 6 (1) lit. b DSGVO if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of requests addressed to us (Art. 6 (1) lit. f DSGVO) or on your consent (Art. 6 (1) lit. a DSGVO), if this has been obtained.

The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after completion of the processing of your request). Mandatory legal provisions – in particular retention periods – remain unaffected.

Request by e-mail, phone or fax
If you contact us by e-mail, telephone or fax, your inquiry including all resulting personal data (name, inquiry) will be stored and processed by us for the purpose of processing your request. We do not pass on this data without your consent.

The processing of this data is based on Art. 6 (1) lit. b DSGVO, if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the requests sent to us (Art. 6 (1) (f) DSGVO) or on your consent (Art. 6 (1) (a) DSGVO) if this has been requested.

The data you send to us via contact requests will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after your request has been processed). Mandatory legal provisions – in particular legal retention periods – remain unaffected.

YouTube with enhanced privacy
This website embeds videos from YouTube. The operator of the pages is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

We use YouTube in extended data protection mode. According to YouTube, this mode means that YouTube does not store any information about visitors to this website before they watch the video. However, the transfer of data to YouTube partners is not necessarily excluded by the extended data protection mode. Thus, YouTube – regardless of whether you watch a video – establishes a connection to the Google DoubleClick network.

As soon as you start a YouTube video on this website, a connection to YouTube’s servers is established. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

Furthermore, YouTube can save various cookies on your end device after starting a video or use comparable recognition technologies (e.g. device fingerprinting). In this way, YouTube can obtain information about visitors to this website. This information is used, among other things, to collect video statistics, improve the user experience, and prevent fraud attempts.

If necessary, further data processing operations may be triggered after the start of a YouTube video, over which we have no control.

YouTube is used in the interest of an appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO; the consent can be revoked at any time.

For more information about data protection at YouTube, please see their privacy policy at:

https://policies.google.com/privacy?hl=en.

Google Web Fonts
This page uses so-called web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.

For this purpose, the browser you are using must connect to Google’s servers. This enables Google to know that this website has been accessed via your IP address. The use of Google WebFonts is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in the uniform presentation of the typeface on his website. If a corresponding consent has been requested (e.g. a consent to store cookies), the processing is carried out exclusively on the basis of Art. 6 (1) lit. a DSGVO; the consent can be revoked at any time.

If your browser does not support web fonts, a standard font from your computer will be used.

You can find more information about Google Web Fonts at https://developers.google.com/fonts/faq and in the privacy policy of Google: https://policies.google.com/privacy?hl=en.

Font Awesome
This site uses Font Awesome for uniform display of fonts and symbols. The provider is Fonticons, Inc, 6 Porter Road Apartment 3R, Cambridge, Massachusetts, USA.

When you call up a page, your browser loads the required fonts into its browser cache in order to display texts, fonts and symbols correctly. For this purpose, the browser you use must connect to Font Awesome’s servers. This enables Font Awesome to know that your IP address has been used to access this website. The use of Font Awesome is based on Art. 6 para. 1 lit. f DSGVO. We have a legitimate interest in the uniform presentation of the typeface on our website. If a corresponding consent has been requested (e.g. a consent to store cookies), the processing is carried out exclusively on the basis of Art. 6 (1) lit. a DSGVO; the consent can be revoked at any time.

If your browser does not support Font Awesome, a default font will be used by your computer.

You can find more information about Font Awesome and in Font Awesome’s privacy policy at: https://fontawesome.com/privacy.

Google Maps
This site uses the map service Google Maps. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

To use the functions of Google Maps, it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission. If Google Maps is activated, Google may use Google Web Fonts for the purpose of uniform display of fonts. When calling up Google Maps, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.

The use of Google Maps is in the interest of an appealing presentation of our online offers and an easy location of the places indicated by us on the website. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO; the consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

More information on the handling of user data can be found in Google’s privacy policy: https://policies.google.com/privacy?hl=en.

Google Analytics
For the purpose of designing and continuously optimising our pages to meet your needs, we use Google Analytics, a web analysis service of Google Inc (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter “Google”). In this context, pseudonymised user profiles are created and cookies (see section 4) are used. The information generated by the cookie about your use of this website such as

  • Browser type/version,
  • Operating system used,
  • Referrer URL (the previously visited page),
  • Host name of the accessing computer (IP address),
  • Time of the server request,

are transmitted to a Google server in the USA and stored there. The information is used to evaluate the use of the website, to compile reports on the website activities and to provide further services associated with the use of the website and the Internet for the purposes of market research and the design of these Internet pages in line with requirements. This information may also be transferred to third parties if required by law or if third parties process this data on our behalf. Under no circumstances will your IP address be merged with other Google data. The IP addresses are made anonymous, so that an assignment is not possible (IP masking).

You may refuse the use of cookies by selecting the appropriate settings on your browser, however, please note that if you do this you may not be able to use the full functionality of this website.

You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on.

As an alternative to the browser add-on, especially in the case of browsers on mobile devices, you can also prevent Google Analytics from recording the data by clicking on this link. An opt-out cookie is set to prevent the future collection of your data when you visit this website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you will have to set the opt-out cookie again.

Further information on data protection in connection with Google Analytics can be found in the Google Analytics help.

Google Tag Manager
This website uses the Google Tag Manager. Through this service, website tags can be managed through an interface. The Google Tool Manager only implements tags. This means that no cookies are used and no personal data is collected. The Google Tool Manager triggers other tags, which in turn may collect data. However, the Google Tag Manager does not access this data. If a deactivation has been made at domain or cookie level, it remains in place for all tracking tags, insofar as these are implemented with the Google Tag Manager.

Source: https://www.e-recht24.de

Last updated: 16/12/2025