Privacy Policy


Personal data is any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more specific characteristics expressing the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person (Article 4.1 General Data Protection (GDPR)).

Processing means any operation or set of operations which is carried out with or without the aid of automated processes and which relates to personal data, such as collection, recording, organisation, sorting, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or any other form of provision, alignment or association, limitation, erasure or destruction (Article 4.2 of the GDPR).

The use of our website is generally possible without providing personal data, but you leave technical traces by accessing the website. Insofar as personal data (e.g. name, address or e-mail address) is collected on our pages, this is always done on a contractual basis (in the form of a registration on our platform). You can only use all features of the platform by registering. With the registration you choose a role on our platform. When using the platform, it may be necessary to provide further case-related data. Without registration you can only use our platform to a very limited extent.

The personal data that is processed during registration and usage, will only be used within the scope of the business relationship with you or in accordance with your consent. This data will not be disclosed to third parties without your express consent. We only pass on the stored data to third parties if we are ordered to do so by the police or public prosecutor's office. Insofar as we pass on data to recipients bound by instructions, these are not third parties. We have contracts with these recipients that ensure the confidentiality of your personal data.

You can view your personal data at any time via your profile.

We also respect the rights of opponents or others involved in a case. Through our processes, the support of the disputes published on our platform by lawyers and our users' obligation to reduce personal data in cases to what is necessary for publication on our platform, we create a balance of all necessary interests.

 

Privacy policy - Information on data processing and data protection

Last update: 06/04/2020
Privacy policy (All versions)


The AEQUIFIN GmbH & Co. KGaA (hereinafter "AEQUIFIN" or "we" or "us") takes the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.

The use of our website is generally possible without providing personal data. Insofar as personal data is collected on our pages (e.g. name, address or e-mail address), this is always done on a voluntary basis (in the form of registration on our Internet platform). You can only use all features of the platform by registering. Without registration you can only use our platform to a very limited extent.

The personal data that is processed during registration will only be used within the scope of the business relationship with you. This data will not be disclosed to third parties without your express consent. We only pass on the stored data to third parties if we are lawfully ordered to do so by the police or public prosecutor's office.

Our employees are obliged to maintain confidentiality. We have taken technical and organisational measures in the sense of the legal data protection regulations to protect your data and also ensure that our partners take the appropriate measures for the protection of data security.
 

1. Encryption


This site uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content, such as requests you send to us as a site operator. You can recognize an encrypted connection in many browsers by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

If our SSL/TLS encryption is activated, the contents of the communication you transmit to us cannot be read by third parties.
 

2. General communication


If you contact us about a request via a contact form, by e-mail or post, telephone or fax or by contacting us directly, the information you provide or the notes we take will be evaluated for the purpose of processing the request and for possible follow-up questions and, if necessary, forwarded to the people responsible. This is done on the basis of your consent pursuant to Art. 6.11 a GDPR or to fulfill the contract pursuant to Art. 6.1 b GDPR. Bound by instruction within the scope of a contract for order processing, our IT service providers are recipients of personal data from communications.

Mail, fax, e-mails and social media contributions and messages that you have not publicly transmitted to us, as well as our notes on telephone calls, are examined every two years at the latest to determine whether it is still necessary to store your enquiries for follow-up questions. If your data is no longer needed, its processing will be limited and it will still be stored in accordance with the statutory storage obligations.
 

3. Newsletter


We would like to inform you with your consent on the basis of Art. 6.1 a GDPR with personal address about our services and partner offers and current developments of our platform.

If you use our case collection, we process your personal data for the purposes of e-mail direct marketing, which is also in our legitimate interest, on the basis of Art. 6.1 f GDPR and § 7.2.3, 7.3.1 Act against UNfair Competition.

In order to receive the newsletter, you must enter a valid e-mail address or select the option in your profile. You will then receive an e-mail with a confirmation link to confirm your registration.

Our newsletter service providers are the recipients of personal data and process personal data based on our instructions within the data processing agreements. For this purpose we rely on service providers based in the European Economic Area.

We process your information until you withdraw the consent given to us or object to the processing by us. Your e-mail address will be kept in a blacklist for each revocation and objection in order to technically ensure that it is complied with.

Information on cases corresponding to your choice of platform use is provided on the basis of Art. 6.1 b GDPR. Further details can be found in the section "Our AEQUIFIN platform".
 

4. Website

 

4.1. General information from server logs and the use of CSS


Information is automatically collected and stored in so-called server log files, which your browser automatically transmits to us. This includes the technically required information from CSS (Cascading Style Sheets), which serve as format templates for websites. The information we receive is among other things:
 
  • IP address
  • Host name of the accessing computer
  • Date and time of the request
  • Time zone difference to Greenwich Mean Time (GMT)
  • Contents of the request (specific page)
  • Access status/HTTP status code
  • Amount of data transferred in each case
  • Website from which the request originates
  • Browser type and browser version
  • Operating system and its interface
  • Language and version of the browser software

The data is in any case partially assignable to identifiable persons. This data will not be merged with other data sources.

We process this data in accordance with Art. 6.1 f GDPR for analysis, for the security of our service and to combat fraud and misuse of our services.
 

4.2. Cookies, graphics, scripts and embedded content


Legal basis is our legitimate interest to offer you our service, to ensure the security of the service and to analyze its performance and use according to Art. 6.1 f GDPR.

For our analyses (number or use of resources on our website) and for security purposes, we use the usage and traffic data collected during your visit.

We sometimes use so-called cookies. Cookies do not damage your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, more effective and safer. Cookies are small text files that are stored on your computer by your browser.

Most of the cookies we use are so-called "session cookies". They are automatically deleted at the end of your visit. Other cookies remain stored on your terminal until you delete them. These cookies enable us to recognize your browser during your next visit.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, accept cookies for certain cases or generally exclude them and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.
 

4.2.1. Videos


We respect data sovereignty. Therefore, we do not include our videos on our own website as active content. When the videos are played, statistics are created for us and links to our other marketing activities are made possible. At the same time, our service provider Vimeo also pursues its own purposes, such as advertising or the creation of user profiles. Therefore, we let you decide whether you wish this data processing in accordance with Art. 6.1 a and Art. 7 GDPR.

You can withdraw your consent at any time for the future by closing your browser session without affecting the lawfulness of processing based on consent before its withdrawal.

Our videos are delivered by Vimeo Inc. at 555 West 18th Street, New York, New York 10011, United States of America. The provider's EU-US Privacy Shield certification ensures a legally appropriate level of data protection.

Vimeo informs you about its own data processing and the use of cookies.
 

4.3. Categories of recipients


Our IT service providers are the recipients of personal data and process personal data based on our instructions within the data processing agreements.
 

4.4. International data transfer


Insofar as our IT service providers, who process personal data based on our instructions, are based outside the European Economic Area, we ensure, in addition to our data processing agreements, that the providers are based in a country for which the EU Commission has determined an appropriate level of data protection, or we use standard data protection clauses. The information is available at European Commission - Data transfers outside the EU.
 

4.5. Criteria for the storage period of personal data


As a rule, we keep the data from this processing in individual-related form for a maximum of 30 days. We will pseudonymise or anonymise IP addresses and technically required data arising from the use of the website as soon as and to the extent permitted by the purposes of our processing.
 

4.6. Photographs


As part of our events, we take photographs on the basis of Art. 6.11 f GDPR. Justified interest is to increase our visibility and to document our events. The photos serve us on the one hand for internal documentation and on the other hand for our public relations work in social and professional networks.
 

4.7. Processing of contact information


If we receive contact information from you directly or via third parties, we process it in order to establish and maintain the best possible contact with our customers and partners. Legal basis is as legitimate interest our business activity according to Art. 6.1 f GDPR.

If there is no contractual relationship with you, we will check at the end of every second year whether we still need your contact data to contact you, otherwise we will delete your personal data as far as no storage periods preclude this.

For this purpose, we have concluded a data processing agreement with our CRM service provider. The international data transfer associated with this contract is legally protected by EU standard contract clauses.

4.8. Case collection


We would like to give you the opportunity to tell us your case before you register completely. If you complete the registration, we will publish your case as contractually agreed. If you do not complete the registration and do not confirm the e-mail address for your user account, we will delete your personal data after 30 days.
 

5. Direct Advertising


As part of our sector-specific direct advertising based on Art. 6 para. 1 lit. f DSGVO, we process publicly published information (company, published company figures, industry sector, legal form, management, contact information) which we receive from wer-zu-wem GmbH, Bergedorfer Schloßstr. 9, 21029 Hamburg with the help of dispatch service providers. You can object to the receipt of direct advertising from us at any time without giving reasons. If you object, your contact information will be stored in a restricted list in order to comply with your request in the best possible and conscientious manner.
 

6. Social media


With our profiles and pages at social media providers, we aim to strengthen our public relations work and increase the visibility of our services. We optimize our marketing activities through the statistics provided to us by the providers. At the same time, we would like to give you another opportunity to communicate with us.

The legal foundations of the processing are Art. 6.1 a and f GDPR as well as the contract you have concluded with the respective provider pursuant to Art. 6.1 b GDPR, if applicable also further advertising consents that you have given to the provider.

In the case of social media providers, you can decide on the duration of the publication yourself or ask us to erase it.
 

6.1. Right of withdrawal


You can withdraw your consent for the use of our social media pages and profiles at any time for the future, without affecting the lawfulness of processing based on consent before its withdrawal.
 

6.2. Supplementary data protection provisions of the service providers or services


Social media providers often create personalized profiles of their members and those who come into contact with their telemedia services (e.g. clicking a like button or visiting a website). These profiles are used, among other things, for the marketing of advertising. If you use our offers with the providers, they will know that you have a relationship with us. Since we are partly responsible for this data processing together with the providers, we offer here further information on data processing by the providers.

You can partially limit the scope of this data processing by general browser settings or browser extensions. Recommended information can be found at Privacy Guideline (in German). The providers also offer individual settings, e.g. to control advertisements and tracking. This sometimes requires accounts with the respective providers. Important information, as well as the essential terms of use we have listed for you here.
 

6.2.1. Google


We maintain a YouTube channel. This service is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Outside the scope of the GDPR Google LLC, 1600 Amphitheatre Pkwy, Mountain View, California 94043 offers the services. The legally appropriate level of data protection for international data transfer is guaranteed by Google through an EU-US Privacy Shield certification.
   

6.2.2. LinkedIn


We maintain a company profile on LinkedIn. This service is provided by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland and, if accessed outside Europe, may also be provided by LinkedIn Corporation, 1000 W. Maude Ave, Sunnyvale, California 94085.

The legally appropriate level of data protection for international data transfer is guaranteed by LinkedIn through an EU-US Privacy Shield certification.
   

6.2.3. Xing


We maintain a company profile on Xing. This service is provided by XING SE, Dammtorstraße 30, 20354 Hamburg, Germany.
   

7. Services of Google


We also use the services of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

The service is also subject to the provider's privacy policy and terms of use.
 

7.1. Google Analytics


In this section, we inform you about the use of Google Analytics, which we reserve the right to use for our website.

This website may use functions of the web analysis service Google Analytics together with the supplement Tagmanager as well as Double Click depending on the campaign. The basis is our legitimate interest pursuant to Art. 6.1 f GDPR to provide our interested parties and platform users with suitable information and product recommendations, insofar as profiles are created or data is disclosed to partners, the basis for processing is a consent pursuant to Art. 6.1 a GDPR. Google Analytics uses so-called "cookies". These are text files which are stored on your computer and which enable an analysis of your use of the website. The information generated by the cookie about your use of the website will generally be transmitted to and stored by Google on servers in the United States. In addition to cookies, scripts are also used, i.e. commands which are executed when the website is accessed and which establish a connection between your browser and Google.

Google Tag Manager is a solution with which we can manage website tags via an interface. The Tag Manager tool itself (which implements the tags) is a cookie-free domain. The tool triggers other tags that may themselves collect data. Google Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, it will persist for all tracking tags implemented with Google Tag Manager.

We have enabled IP anonymisation on this website when you use it, so Google has previously shortened your IP address within member states of the European Union and the other signatory states to the European Economic Area Agreement. Only in exceptional cases will the full IP address be transmitted to a Google server in the United States and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics is not combined with other data from Google.

Google Analytics cookies are automatically deleted or invalidated after a specified period of time.
 

7.2. Right to object


You may object the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address) as well as Google from processing this data by downloading and installing the browser plug-in available under the following link: Browser-Add-on for Deactivating Google Analytics.

You can easily enable or disable personalized advertising from Google using the advertising settings. These settings are stored in your Google Account (if you're signed in) or in your browser (if you're not signed in).

Alternatively, you can install a browser plug-in to disable personalized advertising: Personalized Advertising Browser-Plug-in.

If you use this browser plug-in, you will still see as many ads as before on the websites you visit. Only personalized advertising is disabled. As a result, ads are no longer tailored to your interests.
 

7.3. Google ReCaptcha


Before submitting completed online forms or completing registration, we use the "ReCaptcha" service to ensure that the fields are not filled in by machines (also called bots) without good intentions to use the platform, thereby improving the general availability of our service.

These are our legitimate interests according to Art. 6.1.1 f GPDR. With the page view, Google stores cookies on your end device. Cookies from the use of Google ReCaptcha are automatically deleted or invalid after a fixed period of time.

We load the resources of Google "ReCaptcha" only on your explicit request.

The use of this service is obligatory to send online forms or to complete the registration.
 

8. Our AEQUIFIN platform


The legal basis for data processing are the contracts concluded with you (Art. 6.1 b GPDR). We are also an intermediary (Art. 6.11 f GPDR) in order to find partners to support you in pursuing and enforcing your legal concerns.

The mode of operation, the visibility of the disputes, the purposes of data processing pursued by us as well as supplementary services to our platform result from the general terms and conditions for users of the AEQUIFIN platform. In particular, these also regulate the handling of personal data of opponents or other parties involved in disputes.

If personal data from opponents or participants is processed by us, you have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Art. 6.1 f GDPR.
 

8.1. Visibility of your profile


Your user profile is only visible to us.
 

8.2. Analysis, further development and improvement of our platform


After anonymisation, we process the data resulting from the use of the platform for the technical further development of the platform in accordance with Art. 6.1 f GPDR. This includes the technical analysis of the utilisation and use of the systems as well as the evaluation and analysis of the content of the data records.

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Art. 6.1 f GDPR.
 

8.3. Categories of recipients


Our IT service providers are the recipients of personal data and process personal data based on our instructions within the data processing agreements. Insofar as the payable service is available, the data required for processing will be disclosed to the service provider and the payment service provider.
 

8.4. International data transfer


Insofar as our IT service providers, who process personal data based on our instructions, are based outside the European Economic Area, we ensure, in addition to our data processing agreements, that the providers are based in a country for which the EU Commission has determined an appropriate level of data protection, or we use standard data protection clauses. The information is available at Data transfers outside the EU.
 

8.5. Criteria for the storage period of personal data


As a rule, we keep the data from this processing in individual-related form for a maximum of 30 days. We will pseudonymise or anonymise IP addresses and technically required data arising from the use of the website as soon as and to the extent permitted by the purposes of our processing.
 

8.6. Storage period


We process your personal data for the platform service as long as the contract for use exists or the processing is still necessary for those involved in the case concept or case. After the termination of the contractual relationship, the data will be limited in processing and will be kept until the conclusion of the statutory limitation periods for claims, unless the statutory limitation periods under commercial and tax law specify longer periods.
 

8.7. Secure and confidential file exchange


We provide you with an optional solution for secure and confidential file exchange via our platform within a data processing agreement with DRACOON GmbH, Galgenbergstrasse 2a, 93053 Regensburg, Germany, as processor.
 

9. Data protection rights of persons concerned

 

9.1. General rights


According to the General Data Protection Regulation (GDPR) you are entitled to the following rights:

If your personal data is processed, you have the right to access your personal data (Art. 15 GDPR).

Should inaccurate personal data be processed, you have the right to rectification (Art. 16 GDPR).

If the legal requirements are met, you can request the erasure or restriction of the processing and lodge an objection against the processing (Art. 17, 18 and 21 GDPR).

If you have consented to data processing or a data processing agreement is part of the performance of an contract and data processing is carried out using automated procedures, you may be entitled to data portability (Art. 20 GDPR).

If you make use of the rights mentioned above, we will check whether the legal requirements for this have been met.

You also have the right to appeal if you have any doubts about compliance with data protection regulations. As a rule, the Data Protection Authority of Bavaria for the Private Sector is the competent supervisory authority in such cases.
 

9.2. Right of withdrawal


Where we are processing your personal data based on consent, you can withdraw your consent at any time for the future. The withdrawal of your consent does not affect the lawfulness of processing based on consent before its withdrawal.
 

9.3. General right to object


You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Art. 6.1 f GDPR. We will no longer process the personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the personal data is used to exercise or defense legal claims.
 

9.4. Right to object direct marketing


You may object at any time to the processing of your personal data for the purpose of direct marketing. This also applies to profiling in so far as it is connected with such direct marketing.
 

10. Controller


AEQUIFIN GmbH & Co. KGaA

Bavariafilmplatz 7

82031 Grünwald

+49 89 2737270-0

datenschutz@aequifin.com

The AEQUIFIN GmbH & Co. KGaA is represented by AEQUIFIN Management GmbH, located at the same address, which in turn is represented by the Managing Director Mr. Kim Kardel.
 

11. Data protection office


You can reach our Data Protection Officer via the responsible office and at datenschutz@aequifin.com.
 

12. Other


The data protection declaration is dated 6 April 2020. We reserve the right to amend this data protection declaration as necessary to ensure that it always complies with current legal requirements or to implement changes to our services in the data protection declaration, e.g. when introducing new services. Your next visit will then be subject to the new data protection policy.

 

AEQUIFIN is supported by