Privacy statement according to GDPR

1. Name and address of the person responsible

The person responsible within the framework of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is the:

QuoScient GmbH
Radilostraße 43
60489 Frankfurt am Main
Phone: +49 69 33997938
E-Mail: curious@quoscient.io
Website: www.quoscient.io

We will inform you below about the processing of your personal data in the context of the use of our website.

If you have any questions about privacy in connection with our website or the services offered, please use the following e-mail: dataprotection@quoscient.io.

2. Scope, purpose and legal basis for the processing of personal data

We collect and use personal data of our users only to the extent necessary for the provision of a functional website as well as our content and services. The collection and use of personal data of our users takes place regularly only with the consent of the user. An exception applies to cases in which prior consent cannot be obtained and the processing of the data is permitted by law.

2.1 Creation of log files

Every time our website is accessed, our system automatically collects data and information from the computer system of the calling computer.

The following data (“technical information”) are collected here:

  1. Information about the browser type and version used
  2. The IP address of the user
  3. Date and time of access
  4. Websites from which the system of the user comes to our website

The data is also stored in the log files of our system. A storage of this data together with other personal data of the user does not take place.

In doing so, we process this technical information for network security purposes, e.g. to combat attacks, for marketing purposes, to better understand the needs of our users and to improve our website offerings.

This explains our legitimate interest in the processing of data according to Art. 6 para. 1 lit. f GDPR. The collection of data for the provision of the website and the storage of the data in log files is essential for the operation of the website. There is consequently no objection possibility by the user.

2.2 Use of cookies

Our website uses cookies. Cookies are text files that are stored in the Internet browser respectively by the Internet browser of the user’s computer system. When a user visits a website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string that allows the browser to be uniquely identified when the website is reopened.

We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser be identified even after a page break.

The user data collected through technically necessary cookies will not be used to create user profiles.

The use of the analysis cookies is for improving the quality of our website and its contents. Through the analysis, we learn how the website is used and so we can constantly optimize our offer.

This explains our legitimate interest in the processing of data according to Art. 6 para. 1 lit. f GDPR.

Cookies are stored on the computer of the user and are transmitted by this on our side. Therefore, as a user, you have full control over the use of cookies. By changing the settings in your internet browser, you can disable or restrict the transmission of cookies. Already saved cookies can be deleted at any time. This can also be done automatically. If cookies are disabled for our website, it may not be possible to use all the functions of the website.

2.3 Contact form

On our website is a contact form available, which can be used to get in touch. The data entered in the input mask will be transmitted and stored. These data are:

  1. Company
  2. Position
  3. First name
  4. Surname
  5. E-mail
  6. Phone
  7. Message.

At the time of sending the message, the following data will also be stored:

  1. The IP address of the user
  2. Date and time of registration.

Before processing the data in the contact form consent is obtained and it is referred to this privacy statement.

Alternatively, contact via the provided e-mail address is possible. In this case, the user’s personal data transmitted by e-mail will be stored.

In this context, there is no disclosure of the data to third parties. The data is used exclusively for processing the conversation.

Additional personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

Legal basis for processing of the data is Art. 6 para. 1 lit. a GDPR.

The legal basis for the processing of the data transmitted during sending an e-mail is Article 6 (1) lit. f GDPR. If the e-mail contact aims to conclude a contract, then additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

The data will be deleted as soon as they are no longer necessary for its collection. For the personal data from the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the relevant facts have been finally clarified.

The user has the opportunity at any time to revoke his/her consent to the processing of personal data with immediate effect. If the user contacts us by e-mail, he/she may object to the storage of his personal data at any time. In such a case, the conversation cannot continue.

All personal data stored will be deleted in this case.

2.4 Tracking Tools

On our website we use Google Analytics:

The purpose is to increase the efficiency of our website and direct marketing. These tools are operated by third parties and require the transfer of data via the website visitors.

The legal basis for the use of the website analysis is Art. 6 para. 1 lit. f GDPR.

2.5 Terms of use Client Portal

We provide the service for our clients in our client portal according to our terms and conditions.

The basic provision of the client portal takes place for reasons of contract fulfilment in accordance with Article 6 para. 1 lit. b GDPR.

3. Legal principle for the processing of personal data

If we obtain consent from the data subject for personal data processing operations, article 6 (1) lit. a EU General Data Protection Regulation (GDPR) serves as the legal principle for the processing of personal data.

In the case of the processing of personal data that is required for the performance of a contract to which the data subject is a contractual party, article 6 (1) lit. b GDPR serves as the legal principle. This also applies for processing operations that are required for the implementation of precontractual measures.

If a processing of personal data is required for the fulfilment of a legal obligation, to which our company is subject, article 6 (1) lit. c GDPR serves as the legal principle.

In case the vital interests of the data subject or another natural person make it necessary to process personal data, article 6 (1) lit. d GDPR serves as the legal principle.

If the processing is required for the protection of our company’s or a third party‘s legitimate interest and the data subject’s interests, basic rights and basic freedoms do not outweigh the first-named interest, article 6 (1) lit. f GDPR serves as the legal principle for the processing. In this case, besides the above-mentioned purposes, our legitimate interests are:

  • Protection of the company against material or non-material damage
  • The professionalisation of our products and services
  • Cost optimisation.

Furthermore, we process personal data in order to meet retention obligations uner commercial law or tax law

For legally prescribed or contractual requirements, we have identified the respective input fields in the input masks on our website, which must imperatively be filled by you so that we can provide the service requested by you.

4. Data deletion and storage period

The data subject’s personal data will be deleted or blocked as soon as the purpose of the storage ceases to apply or is no longer required. In that regard, it may occur that personal data is retained for the time in which claims are asserted against our company (statutory limitation periods of up to thirty years may exist).

A storage for a longer time period may occur if this has been provided for or prescribed by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject.

Corresponding documentary evidence and retention obligations result among other things from the Commercial Code [Handelsgesetzbuch], the Tax Code [Abgabenordnung] and the Money Laundering Act [Geldwäschegesetz]. The storage periods accordingly are up to ten years.

A blocking or deletion of the data will also be done if a storage period prescribed by the indicated standards expires, unless a necessity of the further storage of the data for the conclusion of a contract or the performance of a contract exists.

5. Disclosure of personal data to third parties

Furthermore, we are in some cases legally obliged to provide personal data to German and international authorities. The legal basis for this is Art. 6 para. 1 lit. c GDPR in conjunction with local and international regulations and agreements.

6. Right to object under article 21 GDPR

You have the right to file an objection at any time for reasons arising from your personal situation, to the processing of the personal data concerning you under article 6 (1) lit. e or f GDPR; this also applies to profiling based on these provisions.

The data controller no longer processes the personal data concerning you, unless he can furnish documentary evidence of compelling reasons worthy of protection for the protection, which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

If the personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to the processing of the personal data concerning you for the purpose of such advertising; this also applies to profiling, insofar as it is associated with such direct marketing.

If you object to the processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.

You have the possibility to exercise your right of objection in connection with the use of information society services by means of automated procedures using technical specifications, notwithstanding Directive 2002/58/EC.

7. Data subject’s rights

For our company it is an important concern to structure our processes transparently for the processing of personal data. Therefore, we point out that besides the right to object you have further rights provided that the respective statutory requirements are met:

  1. Right to information under article 15 GDPR
  2. Right to rectification under article 16 GDPR
  3. Right to deletion (“right to be forgotten”) under article 17 GDPR
  4. Right to restriction of processing under article 18 GDPR
  5. Right to notification under article 19 GDPR
  6. Right to data portability under article 20 GDPR
  7. (No) automated decision in a particular case including profiling under article 21 GDPR

To protect your rights, you can contact us by e-mail at: dataprotection@quoscient.io

To be able to process your application as well as for identification purposes, we point out that we process your personal data under article 6 (1) lit. c GDPR.

8. Consent

You have the right to revoke your declaration of consent under data protection law at any time with effect for the future. The revocation of the consent will not affect the lawfulness that processing carried out up until the revocation based on the consent. In some cases, despite the revocation, we are entitled to continue to process your personal data based on another legal principle (for the performance of a contract).

9. Right of appeal to a supervisory authority

Without prejudice to any other administrative law or judicial remedy, you have the right of appeal to a supervisory authority, in particular in the member state of your place of residence, your workplace or the place of the presumed breach, if you believe that the processing of personal data concerning you is contrary to the GDPR.

The supervisory authority to which the complaint has been submitted shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy pursuant to Article 78 of the GDPR.

Der Hessische Datenschutzbeauftragte
Postfach 3163
65021 Wiesbaden
E-Mail: Poststelle@datenschutz.hessen.de