Privacy Policy

I. Name and Address of the Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of the Member States, as well as other data protection provisions, is:

INLEAP Photonics GmbH

Hans-Böckler-Allee 20
30173 Hannover
Germany

Phone: +49 511 5151 59-00

Email: info@inleap-photonics.com
Website: https://inleap-photonics.com

II. Contact Details of the Data Protection Officer

The Data Protection Officer of the controller can be contacted at:

Email: dataprivacy@inleap-photonics.com

III. General Information on Data Processing

1. Scope of the Processing of Personal Data

We generally process personal data of our users only to the extent necessary to provide a functional website as well as our content and services. The processing of personal data of our users is regularly carried out only with the user’s consent. An exception applies in cases where prior consent cannot be obtained for factual reasons and the processing of data is permitted by statutory provisions.

2. Legal Basis for the Processing of Personal Data

Insofar as we obtain the data subject’s consent for processing operations involving personal data, Article 6(1)(a) GDPR serves as the legal basis.

Where the processing of personal data is necessary for the performance of a contract to which the data subject is a party, Article 6(1)(b) GDPR serves as the legal basis. This also applies to processing operations required to carry out pre-contractual measures.

Where the processing of personal data is necessary to comply with a legal obligation to which our company is subject, Article 6(1)(c) GDPR serves as the legal basis. In the event that processing of personal data is necessary to protect the vital interests of the data subject or of another natural person, Article 6(1)(d) GDPR serves as the legal basis. Where processing is necessary for the purposes of legitimate interests pursued by our company or by a third party, and such interests are not overridden by the interests, fundamental rights, or freedoms of the data subject, Article 6(1)(f) GDPR serves as the legal basis for the processing.

3. Data Deletion and Storage Period

The personal data of the data subject shall be deleted or blocked as soon as the purpose for which it was stored no longer applies. Storage may continue beyond this point if provided for by European or national legislation in Union regulations, laws, or other provisions to which the controller is subject. Data shall also be blocked or deleted when a statutory retention period expires, unless further storage of the data is necessary for the conclusion or performance of a contract.

IV. Provision of the Website and Creation of Log Files

1. Description and Scope of Data Processing

Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing device.

The following data is collected from website visitors and anonymized directly at the time of collection:

• Referrer (previously visited website)
• Requested webpage or file
• Browser type and browser version
• Operating system used
• Device type used
• Time of access
• IP address in anonymized form (used solely to determine the location of access)
  
  

2. Legal Basis for Data Processing

The legal basis for the temporary storage of data is Article 6(1)(f) GDPR.

3. Purpose of Data Processing

The data are collected on the basis of legitimate interest in order to ensure the security and stability of the service and to provide website visitors with the highest possible level of quality.

These purposes also constitute our legitimate interest in data processing pursuant to Article 6(1)(f) GDPR.

4. Duration of Storage

The anonymized data are stored for a period of eight weeks before being deleted.

5. Right to Object and Removal

The collection of data for the provision of the website and the storage of data in log files is essential for the operation of the website. Consequently, the user has no right to object.

V. Use of Cookies

Our website uses cookies to ensure functionality and to analyze user behavior. For a complete list of all cookies used, their purpose, lifespan, and to manage your consent settings, please refer to our Cookie Policy.

VI. Contact Form and Email Contact

1. Description and Scope of Data Processing

A contact form is available on our website which can be used for electronic contact. If a user makes use of this option, the data entered into the input form is transmitted to us and stored. This data includes:

• First and Last Name
• Email address
• Phone number
• Message content
  
  

At the time the message is sent, the following data is also stored:

• The IP address of the user
• Date and time of transmission
  
  

As part of the sending process, the user’s consent to the processing of the data is obtained and reference is made to this Privacy Policy.

Alternatively, it is possible to contact us via the email address provided. In this case, the personal data transmitted with the email will be stored. In this context, the data is not passed on to third parties. The data is used exclusively for processing the communication.

2. Legal Basis for Data Processing

Where the user has given consent, the legal basis for processing the data is Article 6(1)(a) GDPR.

The legal basis for processing data transmitted in the course of sending an email is Article 6(1)(f) GDPR. If the email contact is aimed at the conclusion of a contract, the additional legal basis for processing is Article 6(1)(b) GDPR.

3. Purpose of Data Processing

The processing of personal data from the input form is carried out solely for the purpose of handling the contact request. In the case of contact via email, this also constitutes the necessary legitimate interest in processing the data.

Other personal data processed during the sending process is used to prevent misuse of the contact form and to ensure the security of our information technology systems.

4. Duration of Storage

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For personal data from the contact form and data transmitted via email, this is the case when the respective communication with the user has ended. The communication is deemed to have ended when it can be inferred from the circumstances that the matter in question has been conclusively resolved.

Any additional personal data collected during the sending process will be deleted no later than seven days after submission.

5. Right to Object and Withdrawal of Consent

The user has the right to withdraw their consent to the processing of personal data at any time. If the user contacts us by email, they may object to the storage of their personal data at any time. In such a case, the communication cannot be continued.

All personal data stored in the course of the contact request will be deleted in this case.

VII. Rights of Data Subjects

If your personal data is processed, you are considered a data subject within the meaning of the GDPR and you are entitled to the following rights vis-à-vis the controller:

1. Right of Access

You may request confirmation from the controller as to whether personal data concerning you is being processed and, if so, for what purposes such data is processed.

2. Right to Rectification, Restriction of Processing, and Erasure

You have the right to obtain from the controller the rectification and/or completion of inaccurate or incomplete personal data concerning you. The controller shall carry out the rectification without undue delay.

Under certain conditions, you may request the restriction of processing of your personal data, for example if:

• the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
• the controller no longer needs the personal data for the purposes of the processing, but you require the data for the establishment, exercise, or defence of legal claims;
• or you have objected to processing pursuant to Article 21(1) GDPR and it has not yet been determined whether the legitimate grounds of the controller override your grounds.
  
  

You may request the controller to erase personal data concerning you without undue delay, and the controller is obliged to erase such data without undue delay where one of the grounds specified in the GDPR applies.

3. Right to Object

You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on Article 6(1)(e) or (f) GDPR, including profiling based on those provisions.

The controller shall no longer process the personal data unless it demonstrates compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or for the establishment, exercise, or defence of legal claims.

Where personal data concerning you is processed for the purposes of direct marketing, you have the right to object at any time to the processing of personal data concerning you for such marketing, including profiling to the extent that it is related to such direct marketing.

If you object to processing for direct marketing purposes, the personal data will no longer be processed for such purposes.

In connection with the use of information society services, and notwithstanding Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications.

4. Right to Withdraw Consent under Data Protection Law

You have the right to withdraw your consent to the processing of personal data at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

5. Right to Lodge a Complaint with a Supervisory Authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.

The supervisory authority with which the complaint has been lodged shall inform the complainant of the progress and the outcome of the complaint, including the possibility of a judicial remedy pursuant to Article 78 GDPR.