Privacy Policy

Data protection information according to Art. 13, 14 and 21 DSGVO for the websites and external pages of pi-lar GmbH.

General

Person Responsible

We, pi-lar GmbH, take the protection of your personal data and the legal obligations serving this protection very seriously. The legal requirements demand comprehensive transparency about the processing of personal data. Only if you are sufficiently informed about the purpose, nature and scope of processing, the processing is comprehensible for you as a data subject.

Our data protection declaration therefore explains in detail what personal data is processed by us when you use our websites (www.pi-lar.net, www.neuropil.io, www.neuropil.com, www.neuropil.org and www.neuropil.net), all other websites that refer to them and in the other cases explained here where applicable.

The responsible party within the meaning of the General Data Protection Regulation (DSGVO), the Federal Data Protection Act (BDSG) and other data protection regulations is

pi-lar GmbH

Kreuzgasse 2-4

50667 Cologne

Phone: (+49)221/16531700

E-mail: info@pi-lar.net

Hereinafter referred to as the "responsible party" or "we".

A data protection officer has not yet been appointed.

Please note that links on our website may take you to other websites that are not operated by us but by third parties. Such links are either clearly marked by us or are recognizable by a change in the address line of your browser. We are not responsible for compliance with data protection regulations and secure handling of your personal data on these websites operated by third parties.

Definitions

From the DSGVO

This privacy policy uses the terms of the legal text of the DSGVO. You can view the definitions (Art. 4 DSGVO), for example, at https://eur-lex.europa.eu/legal-content/DE/TXT/?uri=CELEX:32016R0679

Cookies and similar technologies

Cookies are text files that are stored by a website on your terminal device or read there. They contain combinations of letters and numbers in order, for example, to recognize the user and his settings when he reconnects to the website that set the cookie, to enable him to remain logged in to a customer account or to statistically analyze specific usage behavior.

The WebStorage technology makes it possible to store variables and values locally in the user's browser cache. The technique includes both so-called "sessionStorage", which remains stored until the browser tab is closed, and "localStorage", which is stored in the browser cache until the cache is cleared by the user. The localStorage technique makes it possible, among other things, to recognize the user and his or her settings when our website is called up.

Data categories

When we specify the categories of data processed, we are referring in particular to the following data: master data (e.g. names, addresses, dates of birth), contact data (e.g. e-mail addresses, telephone numbers, messenger services), content data (e.g. text entries, photographs, videos, contents of documents/files), contract data (e.g. subject matter of contract, terms, customer category), payment data (e.g.. e.g. bank details, payment history, use of other payment service providers), usage data (e.g. history on our website, use of certain content, access times, contact or order history), connection data (e.g. device information, IP addresses, URL referrers),location data (e.g. GPS data, IP geolocation, access points).

Information on Data Processing

We process personal data only to the extent permitted by law. A transfer of personal data takes place exclusively in the cases described below. Personal data is protected by appropriate technical and organizational measures (e.g. pseudonymization, encryption).

Unless we are required by law to store or disclose personal data to third parties (in particular law enforcement agencies), the decision as to which personal data we process and for how long, and the extent to which we disclose it, depends on which website functions you use in each individual case.

Storage Period

The personal data will be deleted as soon as the purpose of processing ceases to apply or a prescribed storage period expires, unless there is a necessity for the continued storage of the personal data for the conclusion or performance of a contract. Insofar as we have to inform about the storage period of cookies and similar technologies, you will find the details at the end of this privacy policy.

Personal data that we process as part of an application (see below) will be stored for a period of six months after completion of the application process.

Automated decisions in individual cases including profiling

Automated decisions in individual cases including profiling do not take place.

Rights of Data Subjects

As a data subject, you have the right to information under Article 15 of the GDPR, the right to rectification under Article 16 of the GDPR, the right to erasure under Article 17 of the GDPR, the right to restriction of processing under Article 18 of the GDPR and the right to data portability under Article 20 of the GDPR. With regard to the right to information and the right to erasure, the restrictions from §§ 34, 35 BDSG apply.

You have the right to complain to a data protection supervisory authority (Art. 77 DSGVO in conjunction with § 19 BDSG).

The data protection supervisory authority responsible for us/ for our head office is:

State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia

Kavalleriestrasse 2-4

40213 Düsseldorf

However, you are free to complain to another data protection supervisory authority.

You can find a list of supervisory authorities at: https://www.bfdi.bund.de/ (under Infothek/Addresses and Links).

Notification obligations of the data controller

We will notify all recipients to whom your personal data has been disclosed of any rectification or erasure of your personal data or restriction of processing pursuant to Art. 16, Art. 17(1) and Art. 18 of the GDPR, unless such notification is impossible or involves a disproportionate effort. We will inform you of the recipients if you request this.

Obligation to provide

Unless otherwise explained below in the information on the legal basis, you are not obliged to provide personal data. However, in the cases of Art. 6 (1) (b) DSGVO, the personal data is necessary for the performance of a contract or for the conclusion of a contract. If you do not provide the personal data concerned, the performance or conclusion of the contract is not possible. If you do not provide the data in the cases of Art. 6 (1) a, f DSGVO, it is not possible to use the affected parts of our website.

Right of objection and revocation of consent

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Art. 6(1)(f) DSGVO. If personal data are processed for the purposes of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purposes of such marketing.

In accordance with Art. 7 (3) p. 1 DSGVO, you have the right to revoke your consent at any time with effect for the future informally by mail or e-mail. The lawfulness of the processing carried out on the basis of the consent until the revocation is not affected by this. Upon your revocation, we will delete the personal data processed on the basis of the consent if there is no other legal basis for its processing.

Objection and revocation can be made form-free and should be addressed to:

pi-lar GmbH

Kreuzgasse 2-4

50667 Cologne

info@pi-lar.net

Data processing in connection with the use of our website

The use of the website and its functions regularly requires the processing of personal data. Unless otherwise stated, the explanations apply to the above-mentioned websites.

Provision of the website

Purpose of processing: functionality and optimization of the website, as well as ensuring the security of our information technology systems in the case of purely informational use (without the use of additional functions such as contact forms or social media plugins) of our website.

Legal basis: Art. 6 para. 1 letter f DSGVO.

Data categories: Connection data

Recipients of the data: Data is only passed on to third parties if this is necessary for the operation of our website. For this purpose, personal data is transferred to the following recipients: [...]

Intended third country transfer: None

Do we store or read out personal data on your end device based on your consent? No

Subscription to our newsletter

Purpose of processing: subscription to our newsletter about our news and offers; proof of your consent; ensuring the security of our information technology systems.

Legal basis: Art. 6 para. 1 lit. a, f DSGVO.

Data categories: Master data, contact data, content data and connection data.

Recipients of the data: None

Intended third country transfer: None

Do we store or read personal data on your terminal device based on your consent?: No

Applications

Purpose of processing: processing of your application and implementation of the application procedure; consideration of your application in future application procedures provided that explicit consent has been given.

Legal basis: Art. 88 para. 1 DSGVO in conjunction with. § Section 26 (1) p. 1 BDSG; for storage for future application procedures Art. 6 (1) a DSGVO in conjunction with Art. 7 DSGVO, Section 26 (2) BDSG.

Data categories: Master data, contact data, content data, contract data, usage data, connection data and Special Categories of Personal Data as defined by Art. 9 (1) DSGVO (depending on the specific job advertisement; only the data relating to your application that you provide to us and that we are permitted to process in the context of job applications will be stored).

Recipients of the data: None

Intended third country transfer: None

Do we store or read out personal data on your end device based on your consent?: No

Registration on www.neuropil.org

Purpose of processing: registration for collaboration and joint development on neuropil.org; ensuring data and information security.

Legal basis: Art. 6 para. 1 letter b, f DSGVO.

Data categories: Contact data, connection data, usage data and master data.

Recipients of the data: IT service provider

Intended third country transfer: None

Do we store or read out personal data on your end device based on your consent?: No

References to external pages of pi-lar GmbH and www.neuropil.io

Instagram

Purpose of processing: We have set up a page about our company ("Instagram page") on the "Instagram" platform of Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook") at the address https://www.instagram.com/teampi_lar/. When you access this page, Facebook processes personal data from you.

Legal basis: Art. 6 para. 1 letter f DSGVO.

Data categories: Master data, contact data, content data, usage data, connection data, location data if applicable.

Recipients of the data: Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook") (as joint controller, Art. 26 DSGVO - the essence of the agreement can be found at https://www.facebook.com/legal/terms/page_controller_addendum).

Intended third country transfer: In individual cases, USA.

Do we store or read personal data on your end device based on your consent?: No

Data subject rights: Facebook is responsible for implementing your data subject rights. Facebook will inform you about your data subject rights at https://www.facebook.com/legal/terms/information_about_page_insights_data. You can also assert your rights against us, we will then forward your request to Facebook immediately.

LinkedIn (profile)

Purpose of the processing: We have set up a page about our company on the "LinkedIn" platform at the address https://www.linkedin.com/company/pi-lar-gmbh. When you access this page, LinkedIn processes personal data about you. We receive statistics on the use of this page derived from this data.

Legal basis: Art. 6 para. 1 letter f DSGVO.

Data categories: Master data, contact data, content data, usage data, connection data, location data if applicable.

Recipients of the data: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (as joint data controller pursuant to Art. 26 DSGVO - the essence of the agreement can be found at https://legal.linkedin.com/pages-joint-controller-addendum)

Intended third country transfer: In individual cases, USA.

Do we store or read out personal data on your end device based on your consent?: No

Data subject rights: LinkedIn is responsible for implementing your data subject rights. LinkedIn will inform you about your data subject rights at https://www.linkedin.com/legal/privacy-policy. You can also assert your rights against us, we will then forward your request to LinkedIn immediately.

Twitter

Purpose of processing: We have set up a profile on the "Twitter" platform at the addresses https://twitter.com/pi_lar_gmbh and https://twitter.com/neuropil1. When you access this page, Twitter processes personal data about you. We receive statistics about the use of this page derived from this data.

Legal basis: Art. 6 para. 1 letter f DSGVO.

Data categories: Master data, contact data, content data, usage data, connection data, location data if applicable.

Recipients of the data: Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland ("Twitter").

Intended third country transfer: In individual cases, USA

Do we store or read out personal data on your end device based on your consent?: No

XING (profile)

Purpose of processing: We have set up a page about our company on the "XING" platform of New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany ("New Work") at the address https://www.xing.com/profile/Stephan_Schwichtenberg. When you access this page, New Work processes personal data from you.

Legal basis: Art. 6 para. 1 letter f DSGVO.

Data categories: Master data, contact data, content data, usage data, connection data, location data if applicable.

Recipient of the data: New Work SE, Dammtorstraße 30, 20354 Hamburg ("XING").

Intended third country transfer: None

Do we store personal data on your end device based on your consent or read out such data?: No

cryptpad

Purpose of processing: We have set up a contact page for our company on the "cryptpad" platform of XWiki, XWiki SAS, 15 Rue des Halles, 75001 Paris, FRANCE ("XWiki") at the address https://www.cryptpad.fr/. When you access this page, XWiki processes personal data from you, but encrypts them so that only we, pi-lar can see them.

Legal basis: Art. 6 para. 1 letter f DSGVO.

Data categories: Master data, contact data, content data, usage data, connection data, location data if applicable.

Recipient of the data: pi-lar GmbH ("pi-lar").

Intended third country transfer: None

Do we store personal data on your end device based on your consent or read out such data?: No