Privacy Policy

Effective

September 2024

Table of Content

1. Summary
2. Which data do we process when you use our website?
3. Which data do we process when we improve the security of our website?
4. Which data do we process when you contact us?
5. Will this privacy policy change?
6. How can you contact us and enforce your rights?

How does a Consent Agent work?

PLEASE NOTE: We intend to constantly improve this document. If you have any ideas or encounter any issue, please leave us some feedback.
‍
In this document, we describe how we process your personal information when you visit our website.

Summary

1.1. What data do we collect?

Overall, we collect the following data:

Your IP address
Information about your browser (Chrome, Safari, Firefox, etc.)
Information about your operating system (Windows 10, macOS Mojave, etc.)
Information about your screen size
The specific page you are visiting on our website

1.2. Why and how do we collect and use your data?

We process your data for the following purposes (if you’d like to learn more, please refer to the sections below):

providing our website,
improving your user experience,
maintaining IT-security of our website,
enabling you to contact us.

1.3. Who else gets access to your data?

The data we collect is only shared with our service providers for the aforementioned purposes, which are explained in more detail below.‍‍

Which data do we process when you use our website?

We need some technical information about your IP address and device to show you our website in the best manner, in particular, to provide you with the content on our website in your language and in the appropriate size for your screen.

2.1. Which data do we collect?

As you visit our website, we particularly collect the following data (as part of an HTTP request and by means of web technologies such as HTML and Java Script):

Your IP address (i.e. a label/code made of numbers that identifies your internet access point/your device on an internet network)
Information about your device, for example the type of the internet browser you use or the size of your screen.

2.2. Who else gets access to your data?

To show you our website, we rely on the web hosting service provider AWS. AWS processes your personal data for our purposes, only, and does not use your data for other purposes.

2.3. Why are we allowed to process this data?

We process this data to inform our visitors about our research and development projects in the best manner. This is our legitimate interest, according to Art. 6 sect. 1 lit. f GDPR. (We can do this, because the legitimate interest is one of the lawful basis for processing personal data (referenced in Art. 6 sect. 1 lit. f) GDPR.)

2.4. How long do we keep your data?

For showing you our website, we process your IP address and your device information until the website has finished loading. After loading, your data is deleted. (However, for security purposes your data may be stored for a longer period of time, see next chapter 3).

2.5. What are your rights?

Regarding data processed for this purpose (loading our website) some of your rights, such as concerning data access or erasure, might not apply if the data has been already deleted at the time of request. (However, see your rights in connection with the storage of your data for security purposes, see in more detail next chapter 3.5).

Which data do we process when we improve the security of our website?

We collect certain data through our service provider to maintain the technical security of our website. We analyze technical problems and attacks we may experience on our website.

3.1. Which data do we collect?

We collect the following data:

Your IP address
The web pages you visit.
Information about your internet browser and your operating system.

3.2. Who else gets access to your data?

To maintain the technical security of our website, we rely on the web hosting service provider AWS. AWS processes your personal data for our purposes, only, and does not use your data for other purposes.

3.3. Why are we allowed to process this data?

We have a legitimate interest to analyze your activity on our website to identify technical problems and attacks against our technical system.

3.4. How long do we keep your data?

However, if our website experiences a security issue, we have a legitimate interest to keep the data as long as necessary to investigate the issue. For example, we might look into the IP addresses we collected to identify the origin of an attack.

3.5. What are your rights?

We cannot grant you the exercise of your rights, according to Art. 11 GDPR, because we can’t link your IP address to your identity without your help. Only your internet access provider that gave you a certain IP address can reveal your identity.

We can ask your internet access provider to disclose us your identity only if we have a justified reason, for instance if we can prove that an attack on our website originated from your IP address. This means that if you want to exercise your right of access, modification and erasure of your personal data, you will need first to give us the link between your identity and your IP address.

Which data do we process when you contact us?

When you send us an email or when you use our contact form, we only use the information you send us to get back to you and answer your request.

4.1. Which data do we collect?

We collect and store your email address and other personal information that you may share with us, for example your name.

4.2. Who else gets access to your data?

To enable you to contact us at our email address, we rely on the AWS service provider. AWS processes your personal data for our purposes, only.

4.3. Why are we allowed to process this data?

It is also our legitimate interest to collect and process your data to answer your request.

4.4. How long do we keep your data?

We store your message and your e-mail address in our e-mail box as long as necessary to respond to your contact request.

We keep your personal data until you object to the processing, or ask the data to be deleted.

We also review the legal basis for the retention of data on a regular basis. If no legal basis is applicable anymore, data will be deleted within a reasonable period of up to three months.

4.5. What are your rights?

You have the right to know which information we hold about you (Art. 15 GDPR). However, if you have contacted us via email, you can usually access the message in your own email box. Of course, we can also send you the messages we exchanged, in particular, if you should have deleted the email or lost access to it.

Further, you have the right to have wrong information to be rectified or completed (Art. 16 GDPR). You can also ask us to limit the processing of your information (Art. 18 GDPR). As long as we store your data, you can also object to the processing (Art. 21 GDPR) and ask us to delete it (Art. 17 GDPR).

Will this privacy policy change?

Yes, the information on this page can evolve, for example when the law or the way we process data change. When this happens, we will always make it clear and publish the changes on this page.

The older versions of this document will be stored and kept accessible.

How can you contact us and enforce your rights?

If you have questions regarding the processing of your personal data, please contact us. You can send an e-mail to info@law-innovation.tech. We will do our best to address your concerns and provide you with answers.

We will review your request and do everything we can to accommodate it. If we conclude that the rights concerning your personal data do not apply, we will explain to you why. We may require an additional proof of your identity (like a document) to verify you are the one making the request.

If you are not satisfied, you have the option to issue a formal complaint with the relevant supervisory authority in the state of Berlin. You can also contact the supervisory authority of the federal state of Germany or the European Member State where you reside or work.

We have published this page following the applicable data protection legislation of the European Union (the GDPR) and of Germany (BDSG).

‍

Get notified