Privacy policy

DATA PROTECTION STATEMENT

(Valid from: 2024–04–23)

Data protection is very important to us (hereinafter referred to as “INNOQ”, “we”).

As the responsible party within the meaning of the applicable data protection laws, we take all measures required by the applicable data protection laws to ensure the protection of your personal data.

For all questions regarding data processing at INNOQ (both innoQ Deutschland GmbH and innoQ Schweiz GmbH) and the exercise of your rights, you can also contact our data protection officer free of charge.

INNOQ Data protection officer 2B Advice GmbH Joseph Schumpeter Allee 25 53227 Bonn GERMANY Tel: +49 (228) 926165 120 [email protected]

SCOPE OF THE DATA PROTECTION STATEMENT

With the processing of personal data the legislator means activities such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of personal data.

Personal data is all the information that relates to an identified or identifiable natural person.

This data protection statement concerns the personal data of customers, interested parties, applicants or visitors.

This data protection statement applies to our website www.innoq.com, as well as for the website:

WHICH PERSONAL DATA DO WE PROCESS

When you contact us e.g. as an interested party or customer, we collect your personal data. This may happen, for example, if you are interested in our products, register for our online services, contact us via our communication channels or if you use our products or services in the context of existing business relationships.

We process the following types of personal data:

In some cases, we retrieve and include personal data from public sources (such as LinkedIn, Xing and other publicly available sources on the Internet), also in order to complete or correct your data (first names, company, country, etc.). We store this data in our CRM system. The legal basis for this is Art. 6 para. 1 lit. f) GDPR.

SENSITIVE DATA

Sensitive data and special categories of personal data such as information on religious or trade union membership, are not collected in this way.

USE OF COOKIES

The Internet pages partly use so-called cookies. Cookies do not damage your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, effective and safer. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are so-called “session cookies”. They are automatically deleted at the end of your visit. Other cookies remain stored on your end device until you delete them. These cookies enable us to recognize your browser on your next visit.

You can set your browser to inform you about the setting of cookies and to allow cookies only in individual cases, to exclude the acceptance of cookies for certain cases or in general, and to activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited.

You can learn more about cookies for example at allaboutcookies.org

Certain social media features of our website are provided by third parties. These features can only be used if you have previously agreed to the use of cookies.

WHAT DO WE PROCESS YOUR PERSONAL DATA FOR - AND ON WHAT LEGAL BASIS?)

PERFORMANCE OF THE CONTRACT**]

We process your data in order to fulfil our contracts. This also applies to information that you provide to us in the context of pre-contractual correspondence. The specific purposes of the data processing depend on the respective product and the submitted request and can also be used to analyse your needs and to check which products and services are suitable for you.

PERFORMANCE OF THE CONTRACTUAL RELATIONSHIP

For the execution of the contractual relationship we need your name, your address, your telephone number or your e-mail address so that we can contact you.

OFFERING GOODS AND SERVICES

We also need your personal data to be able to check whether and which products and services we can and may offer you.

Details on the respective purposes of data processing can be found in the contractual documents and our General Terms and Conditions of Business.

CARRYING OUT THE APPLICATION PROCESS

We process your data that you have sent us as part of your application to check whether your professional qualifications are suitable for the advertised position. We only use your information for the application process and transfer it to your personnel file when a contract is concluded. If no agreement is reached, your information will be deleted or destroyed. We will not use your application information for any other purpose than to conduct the application process.

INNOQ NEWSLETTER

You have the opportunity to register for our INNOQ newsletter via our website. For sending it we only need your e-mail address, all other information is voluntary.

We use rapidmail to send our newsletter. Your data will therefore be transmitted to rapidmail GmbH. In doing so, rapidmail GmbH is prohibited from using your data for purposes other than sending the newsletter. rapidmail GmbH is not permitted to pass on or sell your data. rapidmail is a German, certified newsletter software provider that has been carefully selected in accordance with the requirements of the GDPR and the BDSG.

At any time, you have the right to view your declaration of consent or to unsubscribe from the newsletter. Corresponding links are implemented in every cover letter to our newsletter. If you unsubscribe from our newsletter, we will immediately delete your contact details from our newsletter distribution list.

The effectiveness of an electronic consent, as it is used for the registration for the newsletter, is subject to certain requirements by law. This also includes recording your declaration of consent. We therefore log the date and time of consent, the text of the declaration of consent, the fact whether the checkbox was selected, your e-mail address and all other voluntary information. We also log the date and time of the click on the confirmation link and on the link in the confirmation e-mail. We collect this information exclusively in order to comply with legal obligations.

NEWSLETTER: TECHNOLOGY BRIEFING

You have the opportunity to register for our “Technology Briefing” via our website. For sending it we only need your e-mail address, all other information is voluntary.

We use rapidmail to send our newsletter. Your data will therefore be transmitted to rapidmail GmbH. In doing so, rapidmail GmbH is prohibited from using your data for purposes other than sending the newsletter. rapidmail GmbH is not permitted to pass on or sell your data. rapidmail is a German, certified newsletter software provider that has been carefully selected in accordance with the requirements of the GDPR and the BDSG.

At any time, you have the right to view your declaration of consent or to unsubscribe from the newsletter. Corresponding links are implemented in every cover letter to our newsletter. If you unsubscribe from our newsletter, we will immediately delete your contact details from our newsletter distribution list.

The effectiveness of an electronic consent, as it is used for the registration for the newsletter, is subject to certain requirements by law. This also includes recording your declaration of consent. We therefore log the date and time of consent, the text of the declaration of consent, the fact whether the checkbox was selected, your e-mail address and all other voluntary information. We also log the date and time of the click on the confirmation link and on the link in the confirmation e-mail. We collect this information exclusively in order to comply with legal obligations.

NEWSLETTER: DAS DIGITALE RAUCHZEICHEN

You have the opportunity to register for „Digitale Rauchzeichen“ via our website, a newsletter of the INNOQ Schweiz GmbH. For sending it we only need your e-mail address, all other information is voluntary.

For the newsletter management and distribution we use the “NetMailer” service of PAWECO GmbH, Bösch 63, 6331 Hünenberg. You can find the privacy policy of PAWECO here.

Your data will be transferred to Switzerland upon registration. Switzerland offers an adequate level of data protection, which corresponds to that of the EU.

At any time, you have the right to view your declaration of consent or to unsubscribe from the newsletter. Corresponding links are implemented in every cover letter to our newsletter. If you unsubscribe from our newsletter, we will immediately delete your contact details from our newsletter distribution list.

The effectiveness of an electronic consent, as it is used for the registration for the newsletter, is subject to certain requirements by law. This also includes recording your declaration of consent. We therefore log the date and time of consent, the text of the declaration of consent, the fact whether the checkbox was selected, your e-mail address and all other voluntary information. We also log the date and time of the click on the confirmation link and on the link in the confirmation e-mail. We collect this information exclusively in order to comply with legal obligations.

NEWSLETTER: The Tech Stack Canvas

You have the opportunity to register for our “The Tech Stack Canvas Newsletter” via our website. For sending it we only need your e-mail address, all other information is voluntary.

We use rapidmail to send our newsletter. Your data will therefore be transmitted to rapidmail GmbH. In doing so, rapidmail GmbH is prohibited from using your data for purposes other than sending the newsletter. rapidmail GmbH is not permitted to pass on or sell your data. rapidmail is a German, certified newsletter software provider that has been carefully selected in accordance with the requirements of the GDPR and the BDSG.

At any time, you have the right to view your declaration of consent or to unsubscribe from the newsletter. Corresponding links are implemented in every cover letter to our newsletter. If you unsubscribe from our newsletter, we will immediately delete your contact details from our newsletter distribution list.

The effectiveness of an electronic consent, as it is used for the registration for the newsletter, is subject to certain requirements by law. This also includes recording your declaration of consent. We therefore log the date and time of consent, the text of the declaration of consent, the fact whether the checkbox was selected, your e-mail address and all other voluntary information. We also log the date and time of the click on the confirmation link and on the link in the confirmation e-mail. We collect this information exclusively in order to comply with legal obligations.

Inside Technology (formerly known as Published)

At inside-technology.innoq.com you can sign up for a free subscription to our book Inside Technology. You can choose between the variants “print and digital version” or “digital version”. Inside Technology is released twice a year. After publication, we will send you the digital version of Inside Technology by e-mail. If you choose, you will also receive the printed version of Inside Technology by mail to the address you provide.

We use rapidmail to send you the digital version. Your data will therefore be transmitted to rapidmail GmbH. In doing so, rapidmail GmbH is prohibited from using your data for purposes other than sending Inside Technology. rapidmail GmbH is not permitted to pass on or sell your data. rapidmail is a German, certified newsletter software provider that has been carefully selected in accordance with the requirements of the GDPR and the BDSG.

Only after successful completion of a double opt-in process will you receive Inside Technology. You have the right to view your declaration of consent or unsubscribe from the subscription at any time. Corresponding links are included in every Inside Technology e-mail. In case of cancellation, we will immediately delete your contact details from our list.

The effectiveness of an electronic consent, as it is used for the registration for the subscription, is subject to certain requirements by law. This also includes recording your declaration of consent. We therefore log the date and time of consent, the text of the declaration of consent, the fact whether the checkbox was selected, your e-mail address and all other voluntary information. We also log the date and time of the click on the confirmation link and on the link in the confirmation e-mail. We collect this information exclusively in order to comply with legal obligations.

We cooperate with mediaprint solutions GmbH for the shipment of the print version. Your data will therefore be transmitted to mediaprint solutions GmbH. In doing so, mediaprint solutions GmbH is prohibited from using your data for any other purpose than for sending Inside Technology. mediaprint Solutions GmbH is not permitted to pass on or sell your data.

Technology Day

We would like to inform you below about the processing of personal data in connection with our online conference “Technology Day”.

Description and scope of data processing

If you would like to participate in one of our events, we require personal data from you in order to register for it:

In order to make the event accessible to you we use the digital events platform Zoom Events. The company Zoom Video Communications, Inc. is committed to maintaining a high standard of data protection in accordance with the GDPR. You can find Zoom’s privacy notices here. By signing up for our events, the following data may be processed by this platform:

This is necessary to allow you to access and participate in our event. After signing up at https://technologyday.innoq.com/anmelden, you will receive a brief e-mail confirmation of your registration (ticket). At a later date, you will receive an e-mail invitation to our digital event platform.

We use both the digital event platform and rapidmail to provide you with conference info via email. In individual sessions we use service providers such as Miro and Spatial.chat to enable interactive participation. Detailed information about these tools can be found in the section WHERE WE TRANSMIT DATA AND WHY.

For the Training Bites, socreatory’s privacy policy also applies.

AI Chatbot “Limey”

When using our chatbot “Limey” at trade shows and conferences, your inputs and the corresponding responses of the chatbot are stored and processed in the background. AWS, through their Bedrock service, utilizes an embedding model from Cohere to structure messages for search. The search results are then processed by the Large Language Model “Claude 3 Sonnet” from Anthropic, also within Bedrock. In addition, Langfuse.com analyzes and stores this data for quality assurance and analysis purposes. Please do not enter any sensitive or personal data. More details and information about your data protection rights can be found in our privacy policy. By using the chatbot, you agree to this processing, but you can withdraw your consent at any time.

Purpose and legal basis of processing

Data processing is carried out to enable you to register and thus participate in our event, in accordance with Art. 6 (1) p. 1 lit. b) GDPR. Our service provider Hopin processes the data to enable you to participate in the event, pursuant to Art. 6 para. 1 p. 1 lit. b) GPDR.

For communication regarding the conference process, we use Hopin and Rapidmail. A possible contact via email regarding the event is based on our legitimate interest according to Art. 6 para. 1 p. 1 lit. f) GDPR to thank you for your participation in our event and to ask you about suggestions for improvement.

innoq.social (Mastodon instance)

INNOQ uses the open, non-commercial microblogging service Mastodon as part of its press and public relations work and operates its own privacy-friendly instance for its employees in its decentralized architecture. INNOQ has set up a corporate social media account on this.

The following information applies to the processing of personal data under the data protection responsibility of INNOQ as the owner of a corporate social media account on the Mastodon microblogging service, which it also operates. In addition, reference is made to the privacy policy of the instance.

The purpose of the account’s operation (maintenance) is its use as a communication medium in the context of press and public relations work. The processing necessarily associated with the operation is derived from this.

Legal basis for the processing of personal data

The data processing associated with calling up and further use and necessary in this respect is carried out in the context of the use of an offer by INNOQ as part of its press and public relations work on the basis of Article 6 (1) e) GDPR. This includes processing to fulfill required technical and organizational protection measures.

If, in the context of the use of the Mastodon instance, communication is made with INNOQ by e-mail, the associated data (e-mail addresses and content) will also be processed to the extent necessary for the duration of the processing of the request and in accordance with the relevant provisions for record keeping on the basis of Article 6 (1) (e) GDPR and deleted thereafter.

Data processing of the account

People who follow the account are publicly displayed. In addition, when you submit a message, the date and time will be stored together with the information about which application you used to do so. Such messages may include media attachments, such as images and videos.

Direct posts (direct messages) are not end-to-end encrypted and are therefore generally viewable by the administrators of the instance of INNOQ as well as the recipient instance. Sensitive information should therefore be shared depending on the trustworthiness of the recipient instance and on other communication channels.

All interactions with the account (sharing, boosting or quoting posts) are also publicly displayed. This applies both to actions of third parties in relation to amounts of the INNOQ account and to those of the INNOQ account on contributions of third parties.

Scope of use of the offer

The availability of the account is subject to change; INNOQ reserves the right to temporarily or completely discontinue the maintenance and operation of the account at any time.

INNOQ restricts the use of its account - also for the protection of personal data - to content within the scope of the press and public relations work of INNOQ. Other requests or communication beyond the aforementioned purpose of use will not be offered, processed or answered via the service. Corresponding concerns can be addressed to INNOQ via the usual contact channels. The existing contact options can be found on the INNOQ website.

Social media rules of conduct

Notwithstanding compliance with general terms of use as well as legal regulations in other respects, posts that do not comply with the following principles will be hidden/deleted or persons permanently excluded from the discussion (blocked), if necessary also without giving reasons. The aim of the offer INNOQ is a lively dialogue with a responsible and respectful interaction with each other. The Berlin Code of Conduct applies.

MEASURES TO SERVE YOUR PROTECTION

Among others, we use your personal data in the following cases:

In order to be able to record and prove facts in the event of possible legal disputes

ON THE BASIS OF YOUR CONSENT

If you have consented to the processing of your personal data for one or more specific purposes, we may process your data. You can withdraw this consent at any time for the future without incurring any costs other than the transmission costs according to the basic tariffs (costs of your Internet connection). However, the withdrawal of consent does not affect the legality of the processing up to the withdrawal.

DUE TO LEGAL REQUIREMENTS OR IN THE PUBLIC INTEREST

As a company, we are subject to a wide variety of legal requirements (e.g. from tax legislation). In order to comply with our legal obligations, we process your personal data.

WHERE WE TRANSMIT DATA AND WHY

USE OF DATA WITHIN INNOQ

Within INNOQ only those entities that need your personal information in order to fulfil our contractual or legal obligation or to protect our legitimate interest will have access to them.

USE OF DATA OUTSIDE INNOQ

We respect the protection of your personal data and we pass on information about you only if required by law, if you have given your consent or to fulfil contractual obligations.

For the following recipients, for example, there is a legal obligation to pass on your personal data:

In order to fulfil our contractual obligations, we cooperate with other companies. These include:

Our own service providers

In order to make our operations more efficient, we use the services of external service providers who may receive personal data from you for the purposes described, including IT service providers, printing and telecommunications service providers, debt collection, consulting or sales companies.

Important: We pay close attention to your personal data!

In order to ensure that the service providers comply with the same data protection standards as in our company, we have concluded appropriate contracts for order processing. These contracts regulate, among other things:

For service providers based outside the European Economic Area (EEA), we take special security measures (e.g. by using special contractual clauses) to ensure that the data is treated with the same level of caution that is exercised in the EEA. In the case of any necessary data transfer to the USA, the appropriate level of data protection is no longer guaranteed by the Privacy-Shield Agreement, but by the conclusion of the EU standard contractual clauses. We regularly check all our service providers for compliance with our specifications.

Very important: Under no circumstances do we sell your personal data to third parties!

Information on data transfer to the USA

Our website uses, in particular, tools from companies based in the USA. When these tools are active, your personal information may be transferred to the US servers of these companies. We must point out that the USA is not a safe third country within the meaning of EU data protection law. US companies are required to release personal data to security authorities without you as the data subject being able to take legal action against this. The possibility cannot therefore be excluded that US authorities (e.g. secret services) may process, evaluate and permanently store your data on US servers for monitoring purposes. We have no influence over these processing activities.

Use of Asana

For project management we use Asana. The company Asana, Inc. is committed to maintaining a high standard of data protection in accordance with GDPR. Asana’s privacy notice can be found here.

Use of Box

For collaborative file sharing, we use Box. The company Box, Inc. is committed to maintaining a high standard of data protection in accordance with the GDPR. Box’s privacy notice can be found here.

Use of Conceptboard

For collaborative editing of virtual whiteboards we use Conceptboard . The company Digital Republic Media Group GmbH has committed itself to maintaining a high standard of data protection according to GDPR. You can find the privacy policy of Conceptboard here.

Use of Confluence

As a knowledge base, both internally and for projects with external collaborators, we use Confluence. The company Atlassian Pty Ltd has committed itself to maintaining a high standard of data protection according to GDPR. You can find the privacy policy of Conceptboard here.

Use of FriendlyCaptcha

On our websites, we use the “Friendly Captcha” service to check whether a data entry on our websites (e.g. in a contact form) is made by a human or by an automated program. For this purpose, FriendlyCaptcha analyzes the behavior of the website visitor based on various characteristics. For the analysis, FriendlyCaptcha evaluates various information - this also concerns the IP address of the website visitor, which is, however, immediately anonymized by FriendlyCaptcha. The company Friendly Captcha GmbH has committed itself to maintaining a high standard of data protection according to GDPR.

The data processing that takes place in connection with the use of FriendlyCaptcha is carried out for the purpose of being able to guarantee the security of our websites. The legal basis for the data processing is Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in the fulfillment of legal requirements to ensure the security of data processing. For more information on how Friendly Captcha handles your data, please see here.

Use of Google Forms

We use Google Forms and collect feedback on our training courses. The company Google LLC has committed itself to maintaining a high standard of data protection according to GDPR. You can find the privacy policy of Google here.

Use of hosting & cloud services

Our website as well as our internal systems are generally operated by the following services:

Some websites are operated on webflow.com and netlify.com. Some static contents are operated as GitHub-Pages.

We also use Slack for internal communication.

Use of Microsoft Bookings

We offer our visitors and customers the possibility of booking appointments online with our staff. For online bookings, we use “Microsoft Bookings”, a service offered in the European Union by Microsoft Ireland Operations, Ltd, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland.

The connection to the service is only established when you call up the online booking function via a link or button on our website, in an e-mail or in the newsletter. A reference to the connection to be established is located under this button. To make an appointment, your entries in the form are transferred to Microsoft.

The use of the Microsoft Booking service may involve a data transfer to a third country. We would like to point out that you are not obliged to use Microsoft Bookings to make an appointment. If you do not wish to use the service, please use another of the contact options offered to make an appointment.

The legal basis for the processing of your data in relation to the service ‘Microsoft Bookings’ is Art. 6 para. 1 p. 1 letter f) GDPR. The legitimate interest arises from our claim to offer you a user-friendly website with a wide range of functions and to give you the opportunity to make an appointment with our staff quickly and easily at any time. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 Para. 1 lit. a GDPR and §25 Para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. for device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.

As appropriate guarantees in the sense of Art. 44ff GDPR, a contract in accordance with the so-called standard contractual clauses in accordance with Art. 46 para. 2 lit. c) GDPR has been concluded between Microsoft Ireland and Microsoft USA.

We store your data as long as it is necessary to fulfill the purpose of use. For more information on how Microsoft handles user data, please see the Microsoft privacy policy.

Use of Miro

For collaborative editing of virtual whiteboards and provision of templates we use Miro. The company Realtimeboard, Inc. dba Miro has committed itself to maintaining a high standard of data protection according to GDPR. You can find the privacy policy of Miro here.

Use of MyFonts

We use web fonts from the provider myfonts.com. Due to the licensing terms of these font files, a request is sent to hello.myfonts.com for each request on www.innoq.com. This is a service of MyFonts Inc, 500 Unicorn Park Drive, Woburn, MA 01801, USA. Further information on data protection at MyFonts can be found here.

Use of Pitch

For presentations we use Pitch. The company Pitch Software GmbH has committed itself to maintaining a high standard of data protection in accordance with GDPR. You can find Pitch’s data protection notice here

Using the Podigee Player

For the podcasts we have embedded the podigee player.

Use of Pretix

We use Pretix for the sale of tickets. The company rami.io GmbH is committed to maintaining a high standard of data protection in accordance with GDPR. You can find the data protection notice of Pretix here.

Use of Skype

For video conferences we use Skype. The company Microsoft Corporation has committed itself to maintaining a high standard of data protection according to GDPR. You can find the privacy policy of Microsoft here.

Use of SpatialChat

For video conferences we use SpatialChat. The company SpatialChat Ltd. has committed itself to maintaining a high standard of data protection according to GDPR. You can find the privacy policy of SpatialChat here.

Use of Twitter

Functions of the Twitter service are integrated on our pages if you have consented to this. Your consent is saved in the local storage of your browser, no cookie is set and transferred to us. For the embedding, we use the do-not-track setting offered by Twitter. The functions of twitter.com are offered by Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. By using Twitter and the “Re-Tweet” function, the websites you visit are linked to your Twitter account and made known to other users. In the process, data is also transferred to Twitter. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Twitter. For more information, see the privacy policy of Twitter at http://twitter.com/privacy.

You can change your privacy settings on Twitter in the account settings at http://twitter.com/account/settings.

Use of YouTube

Our website uses plugins from the YouTube site operated by Google if you have agreed to this by clicking the OK button in the cookie notice. The website is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit one of our pages equipped with a YouTube plugin and play embedded video, a connection to YouTube’s servers is established and the Internet browser on your information technology system is automatically prompted by the respective YouTube component to download a representation of the corresponding component from YouTube and Google. As part of this technical process, YouTube and Google may insert components into your system that collect information about you, including which of our pages you have visited. We have no influence on the use of such components by YouTube and Google LLC and have not been informed about such potential use. Moreover, we have no possibility to prevent or turn off the use of such components.

If you are logged in to your YouTube account, you allow YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

We embed videos from YouTube with the “enhanced privacy mode”. In this mode, the videos are embedded via www.youtube-nocookie.com.

We also use YouTube to provide live streams of events and a chat.

For more information on the handling of user data, please refer to the YouTube privacy policy at https://www.google.de/intl/en/policies/privacy

Use of Zoom

For video conferences via the domain https://innoq.zoom.us we use Zoom. The company Zoom Video Communications, Inc. has committed itself to maintaining a high standard of data protection according to GDPR. You can find the privacy policy of Zoom here.

ARE YOU OBLIGED TO PROVIDE US WITH PERSONAL DATA?

In the context of the business relationship between you and <#CONTROLLER>, we require from you the following categories of personal data:

Without these data it is not possible for us to enter into or execute contracts with you.

DELETION PERIODS

In accordance with the applicable data protection regulations, we do not store your personal data longer than we need for the purposes of the respective processing. If the data is no longer required for the fulfilment of contractual or legal obligations, it will be regularly deleted by us, unless its temporary storage is still necessary. There may be the following reasons for further storage:

YOUR RIGHTS

Within the scope of processing your personal data, you also have certain rights. More detailed information can be found in the corresponding provisions of the General Data Protection Regulation (Articles 15 to 21).

RIGHT TO INFORMATION AND CORRECTION

You have the right to obtain information from us on which of your personal data we process. If this information is not (no longer) correct, you can ask us to correct the data, or, if it is incomplete, to complete it. If we have passed on your data to third parties, we will inform the relevant third parties in the event of a corresponding legal situation.

RIGHT TO DELETION

You can request the immediate deletion of your personal data under the following circumstances:

Please note that before deleting your data we must check whether there is not a legitimate reason for processing your personal data.

RIGHT TO RESTRICTION OF PROCESSING (“RIGHT TO BLOCK”)

You may request us to restrict the processing of your personal data for one of the following reasons:

RIGHT TO OBJECT

RIGHT OF OBJECTION IN INDIVIDUAL CASES

If the processing is carried out in the public interest or on the basis of a balance of interests, you have the right to object to the processing for reasons arising from your particular situation. In the event of an objection, we will not process your personal data further, unless we can prove compelling reasons for processing your data, which outweigh your interests, rights and freedoms, or because your personal data serve to assert, exercise or defend legal claims. The objection shall not preclude the legality of the processing carried out up to the time of the objection.

OBJECT AGAINST THE USE OF DATA FOR ADVERTISING PURPOSES**](https://www.innoq.com/de/datenschutz-20200608/#werbewiderspruch)

In cases where your personal information is used for advertising purposes, you can object to this form of processing at any time. We will no longer process your personal information for these purposes.

The objection can be made form-free and should be addressed to:

innoQ Deutschland GmbH Krischerstr. 100 40789 Monheim GERMANY Email: [email protected]

RIGHT TO DATA PORTABILITY

Upon requests, you have the right to receive personal data that you have given us for processing in a transferable and machine-readable format.

RIGHT TO LODGE A COMPLAINT WITH A SUPERVISORY AUTHORITY (ART. 77 GDPR)

We try to process your requests and claims as quickly as possible in order to protect your rights appropriately. Depending on the frequency of enquiries, however, it may take up to 30 days before we can provide you with further information about your request. If it should take longer, we will inform you promptly of the reasons for the delay and discuss the further process with you.

In some cases we may not or cannot give you any information. If legally permissible, we will inform you of the reason for refusing to disclose the information.

However, should you not be satisfied with our answer and responses or should you be of the opinion that we are violating the current data protection law, you are free to file a compliant with our Data Protection Officer as well as the relevant supervisory authority. The supervisory authority responsible for us is:

Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen Postfach 20 04 44 40102 Düsseldorf GERMANY Tel.: 0211/38424–0 Fax: 0211/38424–10 E-Mail: [email protected]