I. General Information
The website www.innoplexus.com (“website“) is provided by the Innoplexus AG (hereinafter also “Innoplexus” or “we”/ “us”).
This Privacy Policy explains how we handle your personal data. If you use our website and the services it offers, we will process your personal data. We are committed to protecting your privacy and want you to have a clear understanding of which of your personal data we process and how.
This Privacy Policy is available for your convenience on our website at https://www.innoplexus.com/privacy-policy/
II. Contact data of the Data controller and Data Protection Officer
Innoplexus, as the operator of the website, is the controller of your personal data processed as a result of your use of this website.
Innoplexus AG
Frankfurter Strasse 27
65760 Eschborn
Phone: +49 6196-9677-311
Email: info@innoplexus.com
Should you require any assistance regarding data protection, please contact our external Data Protection Officer at compliance@innoplexus.com.
III. Data processing on the website
Your personal data will be subject to the following processing operations if you visit our website.
We process your personal data to enable you to access our website. This includes all information that you enter manually as well as technical information that is required for communication between your terminal device and our applications. Each time you access our website, usage data is transmitted via the respective Internet browser and stored in so-called server log files.
The records stored in this case contain the following data:
Any data collected on this website is processed on servers belonging to a service provider that specializes in hosting services. This service provider is located in the US, but you can rest assured that an adequate level of data protection is ensured, as the service provider is a certified participant of the EU-US Data Protection Framework.
The processing of the above data is based on Article 6 (1) sentence 1 lit. f GDPR.
We use the log data and log files to operate the website and for security reasons, especially to tackle cyber-attacks. This represents also our legitimate interest.
We delete your personal data when it is no longer required to achieve the purpose of its processing. All server log files are deleted after the end of your visit to the website.
You have the right to object to the processing of your personal data at any time in accordance with Art. 21 (1) GDPR. However, data processing will continue if we can demonstrate compelling legitimate grounds for the processing, for example because the processing of the data is absolutely necessary for the provision of the website.
Our website allows you to contact us directly via a form. You can be assured that any information you provide will be transmitted to us and processed for the purpose of handling your request.
The following data is collected at the time of your request:
If you contact us via the email address published on our website, we will process your message content and email address together.
b) Legal basis for data processing
The legal basis for the processing your data is Article 6 (1) sentence 1 lit. f GDPR.
If you are contacting us to establish a contractual relationship, we will process your data on the basis of Article 6 (1) sentence 1 lit. b GDPR.
c) Purpose of the data processing
We process your personal data only for the purpose of processing your request and contacting you. This purpose is also our legitimate interest for processing your personal data.
d) Duration of storage
We delete your personal data when it is no longer required to achieve the purpose of the processing. Once a conversation with you has ended, we delete any personal data you sent us via the contact form. This is because we no longer require it to achieve the purpose of the processing.
If we enter into a contractual relationship with you as a result of contacting us or your request is connected with an existing contract, we will store the data you provided for the duration of the limitation period. We will delete this data after the limitation period has expired, starting from the end of the year in which the contractual relationship is terminated.
f) Right to object
You have the right to object to the processing of your personal data at any time if it is done on the basis of Article 6 (1) sentence 1 lit. f GDPR.
We use cookies and similar technologies that are necessary to ensure a smooth operation of the website. Essential cookies ensure the use of the website without technical issues. We apply essential cookies on the basis of our legitimate interest, as set out in Article 6 (1) sentence 1 lit. f GDPR in conjunction with paragraph 25 (2) no. 2 TDDDG.
Furthermore, we use non-essential cookies, which are placed by us or third-party providers. We only use non-essential cookies with your consent pursuant to Article 6 (1) sentence 1 lit. a GDPR, as they are not absolutely necessary for the provision of the website. For example, non-essential cookies are used by us to access, analyze and store information such as the properties of your terminal device as well as certain personal data (IP address, usage behavior). We use non-essential cookies for marketing and analytics purposes. This allows us to understand user behavior and provide you with a relevant user experience or to personalize the content on our website.
You can withdraw your consent regarding data processing by non-essential cookies at any time by changing your preferences in the cookie settings of the consent tool we use.
We use a consent management service on our website. As part of this, the following personal data is stored:
The processing of the above data is based on Article 6 (1) sentence 1 lit. c GDPR in conjunction with paragraph 25 (1) TDDDG.
The data processing allows website visitors to give their consent regarding the use of non-essential cookies. It is necessary that such consent is documented in accordance with the accountability obligation set out in Art. 5 (2) GDPR.
We delete your personal data when it is no longer required to achieve the processing purpose. This is usually the case after three years, starting with the end of the year in which the data was collected.
a) Description and scope of data processing
Our website uses Google Analytics and Tag Manager 360 . Both are web analytics services provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
We use Google Analytics for website analysis, which means that information about your use of our website is collected. By activating IP anonymization on this website, we ensure that your IP address is shortened before transmission within the Member States of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
Google Tag Manager is used to integrate tags into IT scripts for web analytics and remarketing. Google Tag Manager simplifies this integration significantly by allowing the scripts to be integrated via its user interface rather than directly in the source code. The data processing is triggered by the scripts when they are integrated via Tag Manager. If a deactivation has been made at the domain or cookie level, it will remain for all tracking tags if they are implemented using Google Tag Manager.
When using these services, the following categories of personal data are processed:
Google will process the information obtained through cookies in order to evaluate your use of the website, compile reports on website activity for website operators and provide other services relating to website activity and internet usage. As part of this, personal data is transferred to the USA. An appropriate level of data protection is ensured as Google is a certified participant of the EU-US Data Protection framework.
b) Legal basis of the data processing
The legal basis for the data processing is your consent according to Article 6 (1) sentence 1 lit. a GDPR.
c) Purpose of the data processing
We use Google Analytics with cross-device tracking enabled by a unique user ID. This allows us to link interaction data from different devices and sessions to a unique ID, providing more accurate visitor analysis. We use Google Tag Manager to manage, use and control of tracking technologies more efficiently.
d) Duration of storage
The user and event data relevant for the evaluation of website usage have a preset storage period of 14 months and will be deleted by us immediately when they are no longer required. Furthermore, you can independently uninstall the cookies installed by Google Analytics and thus delete the stored data.
e) Withdrawal
You can withdraw your consent at any time in accordance with Article 7 (3) GDPR. Your withdrawal will not affect the lawfulness of the processing carried out until then on the basis of your consent. Once you withdraw your consent, we will no longer process your personal data.
a) Description and extent of data processing
Our website uses Google reCAPTCHA, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
The purpose of reCAPTCHA is to check whether browsing through our websites (e.g. in a contact form) is being carried out by a human or by an automated program. To do this, reCAPTCHA analyses the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent on the website by the website visitor or mouse movements made by the user). The data collected during the analysis will be forwarded to Google.
As part of this, personal data is transferred to the USA. An appropriate level of data protection is ensured as Google is a certified participant of the EU-US Data Protection framework.
b) Legal basis for data processing
The legal basis for data processing is your consent in accordance with Article 6 (1) sentence 1 lit. a GDPR.
c) Purpose of data processing
We use Google reCAPTCHA to protect our website from spam and abuse.
d) Duration of storage
The relevant data is stored for 18 months.
e) Withdrawal
You can withdraw your consent at any time in accordance with Article 7 (3) GDPR. Your withdrawal will not affect the lawfulness of the processing carried out until then on the basis of your consent. Once you withdraw your consent, we will no longer process your personal data.
a) Description and extent of data processing
We use LinkedIn Pixel, a service provided by LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland. LinkedIn uses cookies to collect and process information about your user behavior on our platform in order to analyze it for us. The following data will be collected:
As part of this, personal data is transferred to the LinkedIn Corporation in the United States. Since LinkedIn is a certified participant in the EU-US data protection framework, an appropriate level of data protection is guaranteed.
b) Legal basis for data processing
The legal basis for data processing is your consent in accordance with Article 6 (1) sentence 1 lit. a GDPR.
c) Purpose of data processing
We use the services mentioned for conversion, marketing and optimization purposes, in particular to analyze the use of our website and to continuously improve individual functions as well as the user experience and to make it more interesting for you as a user.
d) Duration of storage
The relevant data is stored for as long as it is necessary to achieve the purpose. The set cookies are stored for a maximum of 24 months.
e) Withdrawal
You can withdraw your consent at any time in accordance with Article 7 (3) GDPR. Your withdrawal will not affect the lawfulness of the processing carried out until then on the basis of your consent. Once you withdraw your consent, we will no longer process your personal data.
a) Description and extent of data processing
We use Clarity’s custom tags, a service provided by Microsoft Ireland Operations Limited, South County Business Park, Leopardstown, Dublin 18 D18 P521 that allows us to analyze the user behavior of website visitors and heatmaps.
LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland. LinkedIn uses cookies to collect and process information about your user behavior on our platform in order to analyze it for us. The following data is collected:
As part of this, personal data is transferred to the Microsoft Corporation in the United States. Since Microsoft is a certified participant in the EU-US data protection framework, an appropriate level of data protection is guaranteed.
b) Legal basis for data processing
The legal basis for data processing is your consent in accordance with Article 6 (1) sentence 1 lit. a GDPR.
c) Purpose of data processing
We use the service mentioned for marketing and optimization purposes, in particular to analyze the use of our website and to continuously improve individual functions as well as the user experience and to make it more interesting for you as a user.
d) Duration of storage
The relevant data is stored for as long as it is necessary to achieve the purpose. The set cookies are stored for a maximum of 25 months.
e) Withdrawal
You can withdraw your consent at any time in accordance with Article 7 (3) GDPR. Your withdrawal will not affect the lawfulness of the processing carried out until then on the basis of your consent. Once you withdraw your consent, we will no longer process your personal data.
a) Description and extent of data processing
We have integrated social buttons as graphics on our website. The graphic contains a link to the corresponding social media platform and only establishes direct contact between the social media platform and you when you actively click on the button. If you do not click on the button, no exchange will take place between the social network and our website. However, if you click on the button, your browser will connect to the servers of the social media platform and transfer the URL of our website. If you are logged into the social media platform, it can assign your visit to your account. If you do not want social networks to collect data about you and link your visit to our websites to your membership data, you must log out before clicking on the link of the social media platform.
Information on the purpose and scope of data collection and processing by the respective social media platform, as well as your rights and privacy settings, can be found at:
b) Legal basis for data processing
The legal basis for data processing is your consent in accordance with Article 6 (1) sentence 1 lit. a GDPR.
c) Purpose of data processing
Personal data is stored for as long as is necessary to fulfil the purpose for which it was collected.
d) Duration of storage
Personal data is stored for as long as is necessary to fulfil the purpose for which it was collected.
e) Withdrawal
You can withdraw your consent at any time in accordance with Article 7 (3) GDPR. Your withdrawal will not affect the lawfulness of the processing carried out until then on the basis of your consent. Once you withdraw your consent, we will no longer process your personal data.
V. Your rights
This section informs you about your rights and how you can exercise them.
1. Right to Access
In accordance with Article 15 GDPR, you have the right to access the personal data processed by us at any time. We will provide you with an overview of the data concerning you and a copy of this data, if requested. We will provide you with your personal data in a common electronic form.
2. Right to rectification
We are obliged to correct any incorrect data in accordance with Article 16 GDPR. If you believe the data is incorrect, please let us know.
3. Right to erasure (“right to be forgotten”)
You can request the deletion of data at any time in accordance with Article 17 GDPR.
4. Right to restrict the data processing
We will restrict the processing of your data in accordance with Article 18 GDPR if we are unable to delete it for legal reasons. You also have the right to request that we restrict processing if you believe that the data we have stored is incorrect or if there is a disagreement about the lawfulness of the processing.
5. Right to data portability
You have the right to request that we transfer your personal data to you or to a third party of your choice in accordance with Article 20 GDPR. This is subject to the legal requirements being met.
6. Automated decision in individual cases including profiling
In accordance with Article 22 of the GDPR, you have the right to be exempt from any decision made solely on the basis of automated processing, including profiling, that has legal implications for you or has a similarly significant impact on you.
7. Right to object
You have the right to object to the processing of your personal data under Article 21 GDPR if this processing is based on a legitimate interest under Article 6 (1) sentence 1 lit. f GDPR.
8. Right to complain
You have the right to lodge a complaint with a data protection supervisory authority if you are of the opinion that the processing of your personal data relating to you is in breach of the General Data Protection Regulation. You can contact the supervisory authority in your place of residence or our company for this purpose. The supervisory authority responsible for us is:
The Hessian Commissioner for Data Protection and Freedom of Information
Gustav-Stresemann-Ring 1
65189 Wiesbaden
Tel.: +49 (0) 611 14080
Fax: +49 (0) 611-1408 611
E-mail: poststelle@datenschutz.hessen.de
9. Withdrawal of consent
In accordance with Art. 7 (3) GDPR, you have the right to withdraw the consent you have given us at any time. If you withdraw your consent, we will no longer process any of your personal data from the time of the withdrawal. However, this will not affect the lawfulness of any previous processing. To withdraw your consent, please send your request to: info@innoplexus.com
VI. Retention obligations
If you no longer use our services and send us a deletion request, we will delete all personal data with the exception of some categories to fulfill our legal retention obligations. This data will be deleted immediately after the deadlines have expired without you having to request deletion again.
If the retention of your personal data is necessary, it is required for the following purposes and laws:
1. Fulfillment of retention periods under commercial and tax law relating to the following laws: German Commercial Code (HGB), German Fiscal Code (AO) and German Value Added Tax Act (UStG). The statutory retention periods and documentation requirements are between six and ten years.
2. Ensuring proper disaster recovery, conducting IT audits: GDPR and BGB (German Civil Code). The legal deadlines and documentation requirements are three years.
3. Claims and evidence management: GDPR and BGB. The legal deadlines and documentation requirements are three years from the end of the year in which the event to be documented took place.
Innoplexus wins Horizon Interactive Gold Award for Curia App
Read More
