Privacy policy

1. Content of the online offering

apollon GmbH+Co. KG (hereinafter referred to as apollon) assumes no responsibility for the up-to-date nature, correctness, completeness or quality of the information provided. Liability claims against apollon relating to damages of a material or immaterial nature caused by the use or non-use of the information provided or by the use of incorrect and incomplete information are expressly excluded, provided that there is no evidence of wilful intent or gross negligence on the part of the apollon. All offers are non-binding and without obligation. apollon expressly reserves the right to amend, supplement or delete parts of the site or the entire offering without special notice, or to discontinue publication temporarily or permanently.

2. References and links

apollon is only liable for direct or indirect references to external websites (“links”) that are beyond the responsibility of apollon if apollon is aware of their content and it is technically possible and reasonable for it to prevent use in the case of illegal content. apollon expressly declares that at the time of linking the respective linked pages were free from illegal content. apollon therefore expressly declares that, at the time the links were inserted, there was no illegal content on the linked pages. apollon has no influence whatsoever on the current and future design and the contents of the linked pages.

apollon therefore hereby expressly distances itself from all content of all linked sites which may have been changed after the link was inserted. This statement applies to all links and references within its own Internet offering as well as for entries by third parties in guest-books, discussion forums and mailing lists organised by apollon. The provider of the site that is referred to is alone liable for illegal, incorrect or incomplete content, and in particular for damages resulting from the use or non-use of such information presented, and not the party who merely makes the reference to the publication in question via the links.

3. Copyright and trademark law

apollon strives, in all publications, to observe copyright laws for graphics, audio documents, video sequences and texts used, to use graphics, audio documents, video sequences and texts created by apollon itself, or to make use of license-free graphics, audio documents, video sequences and texts. All brand names and trademarks mentioned within the Internet offering that are possibly protected by third parties are without limitation subject to the provisions of the applicable law on trademarks and related signs in each case and the

property rights of the registered owners in question. A mere mention does not imply that trademarks are not protected by third party rights! The copyright for published items created by apollon itself remains the sole property of the creator of the site pages. Reproduction of such graphics, sound documents, video sequences and texts in other electronic or printed publications is not permitted without the express consent of the apollon.

Data Protection

The protection of users’ privacy is important to apollon. It therefore wants to inform its users in detail, in what follows, about how their data is handled.

I. Name and address of the data controller

apollon GmbH+Co. KG
Maximilianstraße 104
75172 Pforzheim
Germany

Telephone: 07231 – 941 – 0
E-Mail: info@apollon.de
Website: www.apollon.de

is the data controller within the meaning of the EU General Data Protection Regulation (GDPR) and other national data protection laws.

II. You can reach our data protection officer at:

datenschutz@apollon.de

III. General information on data processing

Status 05.2021

1. Scope of the processing of personal data

In principle, we collect and use personal data of the users of our homepage only insofar as this is necessary to provide a functional website, our content and services.

In principle, we only collect and use personal data of our users after they have given their consent. An exception to this principle applies in cases where the processing of the data is permitted by law or where it is not possible to obtain prior consent for practical reasons.

2. Legal basis for the processing of personal data

The legal basis for the processing of personal data in principle results from:

• Art. 6 para. 1 a GDPR upon obtaining the consent of the data subject.
• Art. 6 para. 1 b GDPR for processing operations that serve to fulfil a contract to which the data subject is a party. Included here are processing operations that are required to carry out pre-contractual actions.
• Art. 6 para. 1 c GDPR for processing required to fulfil a legal obligation.
• Art. 6 para. 1 d GDPR, if vital interests of the data subject or another natural person make processing of personal data necessary.
• Art. 6 para. 1 f GDPR, if the processing is necessary to protect a legitimate interest of our company or of a third party and the interests and fundamental rights and freedoms of the data subject do not outweigh the former interest.

3. Data deletion and period of retention

The user’s personal data will be deleted or blocked as soon as the purpose for storing it no longer applies. Data may be stored beyond this if this has been provided for by European or national legislation in EU regulations, laws or other provisions to which the data controller is subject. We will block or delete data once the prescribed retention period has expired, unless continued storage of the data is necessary for entering into or fulfilling a contractual relationship.

IV. Use of our website, general information

1. Description and scope of data processing

Every time our website is accessed, our system automatically collects data and information from the user’s computer system. The following information is collected:

(1) The user’s IP address
(2) The date and time of access

The data described are stored in the log files of our system. This data is not stored together with other personal data of the user.

The following data is used in the CRM system (SugarCRM) in case of contact. This personal data is stored by apollon GmbH+Co.KG and used exclusively for acquisition or the approved purpose of the service ordered by the customer:

1) Company address
2) Contact name
3) Telephone
4) E-Mail

2. Purpose and legal basis for data processing

Temporary storage of the IP address by our system is necessary to enable delivery of the website to the user’s computer. In order for this to be possible, the user’s IP address must remain stored for the duration of the session.

It is stored in log files to ensure functionality of the website. The data are also used to optimise the website and to ensure the security of our information technology systems. The data is not evaluated for marketing purposes in connection with this.

The collection of your personal data in order to be able to make our internet presence available and the storage of the data in log files is absolutely essential for the operation of the website. It is therefore not possible for the user to object.

The legal basis for the temporary storage of the data and the log files is Art. 6 para. (1) (a) GDPR.

3. Duration of retention

Your data will be deleted as soon as they are no longer needed to achieve the purpose for which they were collected. If your data are collected to ensure provision of the website, the data are deleted once the current session is finished.

If your data are stored in log files, they are deleted after seven days at the latest. Storage beyond this point is possible, although in this case, the IP addresses of the users are deleted or anonymised. It is therefore no longer possible to attribute the calling client.

V. Your rights (rights of the data subject)

As data subject, you have the following rights under the EU General Data Protection Regulation:

1. Right of access

You have the right to receive the information from us, as data controller, as to whether we process personal data that concern you.

In addition, you would be able to demand access to the following information:

(1) the purpose of the data processing;

(2) the categories of the personal data processed;

(3) the recipients or categories of recipients to whom your personal data was disclosed or will be disclosed;

(4) the planned period of retention of your personal data or, if it is not possible to specify this, criteria for determining the duration of retention;

(5) the existence of a right to correction or deletion of your personal data, a right to restrict processing by the data controller or a right to object to this processing;

(6) the existence of a right of appeal at a supervisory authority;

(7) all available information about the origin of the data, if the personal data was not collected from the data subject;

(8) the existence of automated decision-making including profiling, in accordance with Art. 22 paras 1 and 4 GDPR and – at least in these cases – meaningful information about the logic involved as well as the scope and the intended effects of such processing for the data subject.

Finally, you also have the right to demand information about whether your personal data are transmitted to a third country or to an international organisation. In this case, you can obtain information about the appropriate guarantees pursuant to Art. 46 GDPR in connection with the transfer.

You can make your claim for information at: datenschutz@apollon.de

2. Right to rectification

If the personal data that we process concerning you is inaccurate or incomplete, you have the right to have it rectified and/or completed by us. The correction shall be made immediately.

3. Right to restriction of processing

You have the right to obtain restriction of processing of personal data concerning you in the following cases:

(1) the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data;

(2) the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;

(3) the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims;

(4) the data subject has objected to processing pursuant to Article 21 para. 1 GDPR pending the verification of whether the legitimate grounds of the controller override those of the data subject.

If the processing of personal data concerning you has been restricted, such personal data may – with the exception of storage – only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.

If processing has been restricted in accordance with the outlined principles, you will be informed by us before the restriction of processing is lifted.

4. Right to erasure

Where one of the following grounds applies, you shall have the right to demand the immediate erasure of personal data concerning you. The controller is obliged to delete this data immediately. The grounds are:

(1) The personal data concerning you are no longer necessary in relation to the purposes for which they were collected or otherwise processed;.

(2) Processing is subject to consent in accordance with Art. 6 para. 1 a or Art. 9 para. 2 a GDPR and you revoke that consent. Another prerequisite is that there is no other legal ground for the processing.

(3) You object to the processingArticle 21 para. 1 GDPR) and there are no overriding legitimate grounds for the processing. Another possibility is that you object to the processing pursuant to Article 21 para. 2 GPDR .

(4) The personal data concerning have been unlawfully processed.

(5) The personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.

(6) The personal data concerning you have been collected in relation to the offer of information society services referred to in Art. 8 para. 1 GDPR .

Where we have made the personal data concerning you public and are obliged pursuant to Art. 17 para. 1 GDPR to erase them, we, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you, as data subject, have requested the erasure of any links to, or copies or replications of, those personal data.

We draw your attention to the fact that the right of erasure does not exist to the extent that processing is necessary

(1) for exercising the right of freedom of expression and information;

(2) for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;

(3) for reasons of public interest in the area of public health in accordance with points (h) and (i) of Art. 9 para. 2 as well as Art. 9 para. 3 GDPR;

(4) or archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89 para. 1 GDPR in so far as the right referred to in section a) is likely to render impossible or seriously impair the achievement of the objectives of that processing; or

(5) for the establishment, exercise or defence of legal claims.

5. Right to instruction

If you have exercised your right to obtain rectification, erasure or restriction of processing, we are obliged to inform all recipients to whom the personal data that concerns you has been disclosed of this rectification or erasure of the data or restriction on processing, unless this proves impossible or involves a disproportionate effort. You furthermore have the right to be informed of these recipients.

6. Right to data portability

You also have the right under the GDPR to receive the personal data concerning you and provided to us in a structured, common and machine-readable format. Furthermore, you have the right to transmit these data to another controller without hindrance from the controller to whom the personal data was provided,

• provided the processing is based on consent in accordance with Art. 6 para. 1 a GDPR or Art. 9 para. 2 GDPR or a contract in accordance with Art. 6 para. 1 b GDPR and
• the processing is carried out with the aid of automated procedures.

Finally, within the scope of exercising your right to data portability, you have the right to effect that personal data concerning you be transmitted directly from one controller to another controller, as far as this is technically feasible and the freedoms and rights of other persons are not impaired in the process.

The right to data portability does not apply to the processing of personal data necessary to perform a task in the public interest or that is carried out in the exercise of official authority conferred on the controller.

7. Right to revoke consent with regard to data privacy

You have the right to revoke your declaration of consent with regard to data privacy at any time. We would like to draw your attention to the fact that revocation of consent does not affect the legality of processing carried out on the basis of that consent up until the point of revocation.

8. Right to object

Furthermore you have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Art. 6 para. 1 GDPR. The right to object also applies to profiling based on those provisions.

The controller shall no longer process the personal data concerning you unless it demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

Where personal data concerning you are processed for direct marketing purposes, you shall have the right to object at any time to processing of personal data concerning you for such marketing. This also applies to any profiling connected with such direct marketing. Where you object to processing for direct marketing purposes, the personal data concerning you shall no longer be processed for such purposes.

Furthermore, in the context of the use of information society services (and notwithstanding Directive 2002/58/EC), you have the option to exercise your right to object by automated means using technical specifications.

9. Automated decision-making on a case-by-case basis, including profiling

The EU General Data Protection Regulation also gives you the right not to be subject to a decision based solely on automated processing – including profiling – that will have legal effect on you or will affect you in a similar manner. However, an exception to this principle is made if the decision

(1) is necessary for the entry into or performance of a contract between you and the controller,

(2) is authorised by Union or Member state law applicable to the controller and these legal provisions contain appropriate measures to preserve your rights and freedoms as well as your legitimate interests

(3) is based on your explicit consent.

If the processing is carried out under the circumstances set out in (1) and (3), the controller shall take appropriate measures to uphold your rights and freedoms as well as your legitimate interests. This includes at least the right to obtain intervention from a person on the part of the controller, to state one’s own position and to challenge the decision.

The decision under (1) – (3) shall not apply to particular categories of personal data pursuant to Art. 9 para. 1 GDPR unless Art. 9 para. 2 (a) or (g) applies and reasonable measures have been taken to protect rights and freedoms as well as your legitimate interests.

10. Right to complain to a supervisory authority

If you believe that the processing of personal data concerning you violates the GDPR, you ultimately have the right to complain to a supervisory authority, in particular in the Member State of your residence, your place of work or of the location of the alleged infringement.

11. Cookies

In order to make our website user-friendly for you and to optimally adapt it to your needs, we use cookies in some areas. A cookie is a small file that is stored locally on your computer when you visit a website. Cookies also allow us to analyze the use of our website. You determine yourself which cookies you allow or reject. You can change your decision at any time.

Cookie settings

12. Social media presence

We maintain fan pages within various social networks and platforms with the aim of communicating with our customers, interested parties and users who are active there and informing them about our services.

We would like to draw your attention to the fact that during this process, your personal information may be processed outside the European Union, which may give rise to risks for you (such as concerning enforcement of your rights under European/German law).

Users’ data is typically processed for market research and promotional purposes. For example, user profiles can be created from user behaviour and associated user interests. These user profiles can in turn be used, for example, to display advertisements that presumably correspond to the interests of the users both within and outside of the platforms. For these purposes, cookies are usually stored on the user’s computer, in which the user’s user behaviour and interests are stored. Furthermore, data can also be stored in these user profiles regardless of the equipment used by the users (especially if the users are members of the platforms in question and are logged in there).

The processing of users’ personal data is based on our legitimate interests in effective user information and communication with users in accordance with Art. 6 par. 1 (f) GDPR. If users are asked by the providers in question for consent to the data processing (i.e., declaring their agreement to this, e.g. by ticking a check box or confirming by clicking a button), the legal basis for the processing is Art. 6 para. 1 (a.), Art. 7 GDPR.

Further information on the processing of your personal data and on your options for objecting can be found at the links of the providers in question, listed below. Rights to access and further rights of data subjects can also be asserted to the providers, who then only have direct access to the data of the users and appropriate information available to them. Of course, we are available to answer your questions and provide support, if you need help.

Provider:

Facebook / Pixel

Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland

Privacy Policy: https://www.facebook.com/about/privacy/

Opt-Out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com

Instagram

Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA

Privacy Policy/ Opt-Out: http://instagram.com/about/legal/privacy/

Twitter

Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA

Privacy Policy: https://twitter.com/de/privacy

Opt-Out: https://twitter.com/personalization

Google/ Analytics, AdWords, Maps und reCAPTCHA

Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA)

Privacy Policy: https://policies.google.com/privacy

Opt-Out: https://adssettings.google.com/authenticated

You can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google, as well as the processing of this data by Google, by downloading and installing the browser add-on, https://tools.google.com/dlpage/gaoptout?hl=en.

HubSpot CRM

Hubspot Inc. 25 Street, Cambridge, MA 02141, USA

https://legal.hubspot.com/de/privacy-policy

Pipedrive

Pipedrive OÜ, Mustamäe tee 3a, 10615 Tallinn, Estland

https://www.pipedrive.com/en/privacy

LinkedIn

LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Irland

Privacy Policy: https://www.linkedin.com/legal/privacy-policy

Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

Xing

XING AG, Dammtorstraße 29-32, 20354 Hamburg, Deutschland

Privacy Policy / Opt-Out: https://privacy.xing.com/de/datenschutzerklaerung

Vimeo

Vimeo, Inc., 555 West 18th Street, New York, New York 10011, USA

https://vimeo.com/privacy/california-privacy

Use of SalesViewer® technology:
On this website, data is collected and stored for marketing, market research and optimization purposes using the SalesViewer® technology of SalesViewer® GmbH based on the legitimate interests of the website operator (Art. 6 para.1 lit.f DSGVO).

For this purpose, a javascript-based code is used to collect company-related data and the corresponding usage. The data collected using this technology is encrypted using a non-reversible one-way function (known as hashing). The data is immediately pseudonymized and not used to personally identify the visitor to this website.

The data stored as part of Salesviewer will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations.

You can object to the collection and storage of data at any time with effect for the future by clicking on this link https://www.salesviewer.com/opt-out to prevent the collection by SalesViewer® within this website in the future. This places an opt-out cookie for this website on your device. If you delete your cookies in this browser, you must click this link again.

13. The following links and tools are used and made available for survey purposes, online meetings and appointment setting on our website.

GotoWebinar

LogMeIn Ireland Limited, Bloodstone Building Block C, 70 Sir John Rogerson’s, Quay, Dublin 2, Ireland

https://www.logmeininc.com/de/legal/privacy

Calendly

BB&T Tower, 271 17th St NW, Atlanta, GA 30363

https://calendly.com/de/pages/privacy und https://calendly.com/de/pages/security

SurveyMonkey

SurveyMonkey Europe UC, 2nd Floor, 2 Shelbourne Buildings, Shelbourne Road, Dublin, Ireland

https://www.surveymonkey.de/mp/legal/privacy/
https://www.surveymonkey.de/mp/privacy/
https://www.surveymonkey.de/mp/legal/security/

14. HubSpot

Our sign-up service allows visitors to our website to learn more about our company, download content, and provide their contact information and other demographic information. This information is stored on servers operated by our software partner HubSpot. It may be used by us to contact visitors to our website and to determine which of our company’s services are of interest to them. All information we collect is subject to this privacy policy. We use all information collected solely to optimize our marketing.

We use HubSpot for our online marketing activities. This is an integrated software solution that we use to cover various aspects of our online marketing. These include, but are not limited to:

• Content Management (Website and Blog)
• Email marketing (newsletters as well as automated mailings, e.g. to provide downloads)
• Social Media Publishing & Reporting
• Reporting (e.g. traffic sources, accesses etc. …)
• Contact management (e.g. user segmentation & CRM)
• Landing pages and contact forms

Our sign-up service allows visitors to our website to learn more about our portal, download content, and provide their contact information and other demographic information.

This information, as well as our website content, is stored on servers operated by our software partner, HubSpot. It may be used by us to contact visitors to our website and to determine which services or offers are of interest to them.

All information we collect is subject to this privacy policy. We use all information collected solely to optimize our marketing.

HubSpot is a software company based in the USA with an office in Ireland.

Contact:
HubSpot
2nd Floor, 30 North Wall Quay
Dublin 1, Ireland
Telephone: +353 1 5187500

In the course of processing via HubSpot, data may be transferred to the USA. The security of the transfer is secured via so-called standard contractual clauses, which ensure that the processing of personal data is subject to a level of security that corresponds to that of the GDPR. If the standard contractual clauses are not sufficient to establish an adequate level of security, your consent pursuant to Article 49 (1) (a) of the GDPR may serve as the legal basis for the transfer to third countries.

• More information on HubSpot’s privacy policy
• More information from HubSpot regarding the EU Privacy Policy
• More information about the cookies used by HubSpot can be found here & here