Section 1: Information on the collection of personal data
(1) The following paragraphs provide you with information on the collection of personal data when our website is used. Personal data is all data that can be linked to you personally, such as your name, address, e-mail addresses, and user behavior.
(2) The controller in accordance with Article 4 No. 7 of the EU General Data Protection Regulation (GDPR) is iOmx Therapeutics AG, represented by its CEO Dr. Apollon Papadimitriou, Fraunhoferstrasse 22, 82152 Martinsried, Germany.
(3) When you contact us by e-mail, the data you provide (your e-mail address and, if applicable, your name and phone number) are stored by us so that we can respond to your inquiry. The data we gather in this connection is erased when it no longer needs to be stored. If there are statutory obligations to retain the data, we restrict the processing of it.
(4) If we engage service providers to deliver individual functions of our offer or wish to use your data for advertising purposes, we will inform you about the relevant processing operations in detail below. We will also state the criteria used to determine the length of time for which data is stored.
Section 2: Your rights
(1) You have the following rights with respect to us as regards your personal data:
– The right to access and obtain information about it
– The right to rectification and erasure of it
– The right to restrict processing of it
– The right to object to processing of it
– The right to data portability.
(2) You also have the right to lodge a complaint with a data protection supervisory authority about our processing of your personal data.
Section 3: Collection of personal data when you visit our website
(1) If the website is used only for information purposes, we only collect the personal data your browser sends to our server. If you wish to view our website, we collect the following data that is technically necessary for us to display our website to you and ensure its stability and security (the legal basis for this is Article 6 (1) sentence 1 point (f) GDPR):
– The IP address
– The date and time of the request
– The difference between your time zone and Greenwich Mean Time (GMT)
– The content of the request (specific page)
– The access status/HTTP status code
– The volume of data transferred
– The website from which the request came
– The browser
– The operating system and its interface
– The language and version of the browser software.
(2) Whenever you use our website, cookies are stored on your computer in addition to the data referred to above. Cookies are small text files that are stored on your hard drive and assigned to the browser you use. They send specific information to the party that sets the cookie (in this case, to us). Cookies cannot execute programs or transmit viruses to your computer. They help make the Internet offer more user-friendly and efficient as a whole.
a) This website uses the following types of cookie, whose scope and mode of operation are explained as follows:
– Transient cookies (see b)
– Persistent cookies (see c).
b) Transient cookies are deleted automatically when you close your browser. In particular, they include session cookies. These store a session ID that can be used to assign various requests by your browser to the shared session. As a result, your computer can be recognized when you visit our website again. The session cookies are deleted when you log out or close your browser.
c) Persistent cookies are deleted automatically after a predefined duration, which may differ depending on the cookie. You can delete the cookies at any time in your browser’s security settings.
d) You can configure your browser setting to suit your wishes and, for example, refuse to accept third-party cookies or all cookies. We point out that in this case, you might not be able to use all the features of this website.
Section 4: Use of social media plug-ins
(1) We currently use the social media plug-in from LinkedIn.
(2) We have no influence on the data collected by the plug-in provider and the data processing procedures used and are also unaware of the full extent of the data collection activities, the purpose for which the data is processed, and the period of time for which the data is stored. We also do not have any information on the erasure of data collected by the plug-in provider.
(3) The plug-in provider stores the data collected about you as user profiles, and uses it for the purposes of advertising, market research and/or designing its website to suit needs. Such an evaluation is conducted in particular (also for users who are not logged in) in order to present advertising tailored to the user and to inform other users of the social network about your activities on our website. You have the right to object to creation of these user profiles, but must contact the respective plug-in provider in order to exercise this right. By offering the plug-ins, we enable you to interact with social networks and other users so that we can improve our offer and make it more interesting to you as a user. The legal basis for using the plug-ins is Article 6 (1) sentence 1 point (f) GDPR.
(4) The data is transferred irrespective of whether you have an account with the plug-in provider and are logged in there. If you are logged into the plug-in provider, the data we collect on you will be directly associated with your existing account with the plug-in provider. If you click on the activated button and, for example, link the site, the plug-in provider will also save this information in your user account and publicly notify your contacts of that. We advise you to log out after you use a social network, but in particular before you activate the button, in order to prevent the data from being associated with your profile at the plug-in provider.
LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; http://www.linkedin.com/legal/privacy-policy. LinkedIn is subject to the EU-US Privacy Shield (https://www.privacyshield.gov/EU-US-Framework).