1. Privacy at a Glance
General information
The following notes provide a simple overview of what happens to your personal data when you visit this website. Personal data are all data with which you can be personally identified. For detailed information on data protection, please refer to the full privacy policy below this text.
Data collection on this website
Who is responsible for data collection on this website?
The data processing on this website is carried out by the website operator. Contact details can be found in the section “Contact / Controller” below.
How do we collect your data?
Some data are collected because you provide them to us (e.g. via a contact form). Other data are automatically collected by our IT systems when you visit the website — in particular technical data (e.g. web browser, operating system, or time of page view). This data collection happens automatically as soon as you access the website.
What do we use your data for?
Some of the data are collected to ensure the website is provided without errors. Other data may be used to analyze your user behaviour. If contracts are concluded or initiated via the website, transmitted data will also be processed for contract offers, orders or other service enquiries.
What rights do you have regarding your data?
You have the right at any time to request information free of charge about the origin, recipient and purpose of your stored personal data. You also have the right to demand correction or deletion of these data. If you have given your consent to data processing, you may revoke this consent at any time for the future. Under certain circumstances you can request restriction of processing of your personal data. You also have the right to lodge a complaint with the competent supervisory authority. For questions on data protection you can contact us at any time (see “Contact / Controller” below).
Analytics tools and third-party tools
When you visit this website, your surfing behaviour can be statistically evaluated. This is mainly done using analytics programs. Detailed information on these analysis programs is provided in the privacy policy below.
2. Hosting
External hosting
This website is hosted externally. The personal data collected on this website are stored on the servers of the hosting provider(s). These may include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses and other data generated during the operation of a website.
The external hosting is performed for the purpose of fulfilling a contract with our prospective and existing customers (Art. 6(1)(b) GDPR) and in the interest of a secure, fast and efficient provision of our online offering by a professional provider (Art. 6(1)(f) GDPR). Where an appropriate consent has been obtained, processing will be carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25(1) TDDDG, insofar as the consent includes storage of cookies or access to information on the user’s terminal device (e.g. device fingerprinting). Consent can be revoked at any time.
Our host(s) will only process your data to the extent necessary to fulfil its service obligations and will follow our instructions regarding this data.
Hosting provider used:
HOSTINGER operations, UAB
Svitrigailos str. 34, Vilnius 03230, Lithuania
3. General information and mandatory disclosures
Data protection
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with statutory data protection regulations and this privacy policy. When you use this website, various personal data will be collected. Personal data are data with which you can be personally identified. This privacy policy explains which data we collect and why we use them. It also explains how and for what purpose this happens.
Please note that data transmission over the Internet (e.g. when communicating by email) may have security vulnerabilities. Complete protection of data from access by third parties is not possible.
Contact / Controller
The controller for data processing on this website is:
Max Storm
c/o IP-Management #3436
Ludwig-Erhard-Str. 18
20459 Hamburg
Germany
Telephone: +49 40 696328495 (Mon – Fri 09:00 – 17:00 CET)
E-mail: lucidlabcontact@gmail.com
Impressum-Privatschutz (IP-Management)
For the administration of postal mail addressed to us we use the services of IMPRESSUM-PRIVATSCHUTZ GmbH, Ludwig-Erhard-Str. 18, 20459 Hamburg. This service provides a secure and reliable postal address for our project (e.g. imprint, privacy policy, cancellation policy and possibly other areas). This constitutes our legitimate interest within the meaning of Art. 6(1)(f) GDPR. We have concluded a data processing agreement with Impressum-Privatschutz and fully comply with the strict requirements of the German data protection authorities when using this service. More information on privacy at Impressum-Privatschutz GmbH is available here: impressum-privatschutz.de/datenschutzerklaerung/
Storage period
Unless a more specific storage period is stated in this privacy policy, your personal data will remain with us until the purpose for data processing has ceased. If you assert a justified request for deletion or revoke consent to data processing, your data will be deleted unless we have other legally permissible reasons to retain them (e.g. statutory retention periods); in such cases the data will be deleted after those reasons have ceased to apply.
Legal basis of processing
Where you have given consent to processing, we process your personal data on the basis of Art. 6(1)(a) GDPR (and Art. 9(2)(a) GDPR where special categories of data are processed). If you have given explicit consent to the transfer of personal data to third countries, processing may also be based on Art. 49(1)(a) GDPR. If the storage of cookies or access to information on your device requires consent, processing is also based on § 25(1) TDDDG. Consent can be revoked at any time. Where processing is necessary for the performance of a contract or for pre-contractual measures, we process on the basis of Art. 6(1)(b) GDPR. If data processing is necessary to comply with a legal obligation, the legal basis is Art. 6(1)(c) GDPR. Data processing can also be carried out on the basis of our legitimate interests pursuant to Art. 6(1)(f) GDPR. The specific legal basis is stated where applicable in the following sections of this privacy policy.
Recipients of personal data
In the course of our business activities we cooperate with external parties. Personal data are only forwarded to external parties where this is necessary for contract performance, if we are legally obliged to do so (e.g. disclosure to tax authorities), if we have a legitimate interest in the disclosure (Art. 6(1)(f) GDPR), or if another legal basis allows for disclosure. Where we use processors, personal data will only be shared on the basis of a valid data processing agreement. In the case of joint processing, a joint processing agreement will be concluded.
Withdrawal of consent
Many processing operations are only possible with your explicit consent. You can revoke consent at any time. The lawfulness of processing carried out on the basis of consent prior to revocation remains unaffected.
Right to object / right to object to direct marketing
WHEN DATA ARE PROCESSED ON THE BASIS OF ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS, OR THE PROCESSING SERVES THE ESTABLISHMENT, EXERCISE OR DEFENCE OF LEGAL CLAIMS (OBJECTION PURSUANT TO ART. 21(1) GDPR).
IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSES OF SUCH MARKETING AT ANY TIME; THIS ALSO APPLIES TO PROFILING IN SO FAR AS IT IS CONNECTED TO DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (OBJECTION PURSUANT TO ART. 21(2) GDPR).
Complaint to supervisory authority
If you believe that the processing of your personal data infringes applicable law you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or the place of the alleged infringement.
Right to data portability
You have the right to receive personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and to transmit those data to another controller where the processing is based on consent (Art. 6(1)(a) GDPR) or on the performance of a contract (Art. 6(1)(b) GDPR) and the processing is carried out by automated means. Transmission to another controller will only take place to the extent technically feasible.
Right of access, rectification and deletion
You have the right, within the applicable statutory provisions, at any time to obtain free information about the personal data stored about you, including their source and recipients and the purpose of the processing, and, where applicable, a right to rectification or deletion of these data. For this purpose and for further questions about personal data you may contact us at any time (see “Contact / Controller” above).
Right to restriction of processing
You have the right to request restriction of processing of your personal data. To do so, contact us at any time. Restriction of processing applies in particular in the following cases:
- If you contest the accuracy of your personal data for a period enabling us to verify the accuracy;
- If the processing is unlawful but you oppose deletion and request restriction instead;
- If we no longer need the personal data but you need them for the establishment, exercise or defence of legal claims;
- If you have objected to processing pursuant to Art. 21(1) GDPR and it is not yet determined whether our legitimate grounds override yours.
If processing is restricted, these data — apart from storage — may only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for important public interest reasons of the EU or a Member State.
SSL / TLS encryption
For security reasons and to protect the transmission of confidential content (e.g. orders or enquiries you send to the site operator), this site uses SSL/TLS encryption. You can recognise an encrypted connection by checking that the address line of the browser changes from “http://” to “https://” and by the lock icon in your browser’s address bar. When SSL/TLS is activated, the data you transmit to us cannot be read by third parties.
4. Data collection on this website
Cookies
Our websites use so-called “cookies”. Cookies are small data packages and do not harm your device. They are either stored temporarily for the duration of a session (session cookies) or persistently (persistent cookies) on your device. Session cookies are deleted at the end of your visit. Persistent cookies remain stored until you delete them or your browser automatically deletes them.
Cookies can be set by us (first-party cookies) or by third parties (third-party cookies). Third-party cookies enable the integration of certain third-party services on web pages (e.g. cookies for payment processing). Cookies have different functions. Many cookies are technically necessary (e.g. shopping cart function or display of videos). Other cookies can be used to evaluate user behaviour or for advertising purposes.
Cookies that are necessary for the electronic communication process, for provisioning certain requested functions or for optimizing the website (e.g. cookies to measure web audience) are stored on the basis of Art. 6(1)(f) GDPR, unless another legal basis is indicated. The site operator has a legitimate interest in the storage of necessary cookies for a technically error-free and optimized provision of its services. Where consent to the storage of cookies and similar recognition technologies has been requested, processing is carried out exclusively on the basis of that consent (Art. 6(1)(a) GDPR and § 25(1) TDDDG); consent may be revoked at any time.
You can configure your browser to be informed about the setting of cookies and to allow cookies only in individual cases, to exclude acceptance of cookies for certain cases or in general, and to enable automatic deletion of cookies when closing the browser. Disabling cookies may restrict the functionality of this website.
Which cookies and services are used on this website can be found in this privacy policy.
Server log files
The provider of the pages automatically collects and stores information in so-called server log files which your browser automatically transmits to us. These are:
- Browser type and version
- Operating system used
- Referrer URL
- Hostname of the accessing computer
- Time of the server request
- IP address
These data will not be merged with other data sources. The collection of these data is based on Art. 6(1)(f) GDPR. The site operator has a legitimate interest in the technically error-free presentation and the optimisation of its website — for this purpose server log files must be recorded.
Contact via e-mail, telephone or fax
If you contact us by e-mail, telephone or fax, your inquiry including all personal data (name, request) will be stored and processed for the purpose of handling your request. These data will not be shared without your consent.
Processing of these data is carried out on the basis of Art. 6(1)(b) GDPR if your inquiry is related to contract performance or pre-contractual measures. In all other cases processing is based on our legitimate interest in effective handling of enquiries (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR), if requested; consent can be revoked at any time.
The data you send to us via contact enquiries will remain with us until you ask us to erase them, withdraw your consent to storage, or the purpose for the data storage ceases (e.g. after your enquiry has been dealt with). Mandatory statutory provisions — in particular retention periods — remain unaffected.
Email dispatch via Omnisend
For email delivery and automated messages we use the service “Omnisend” provided by Soundest Limited, legal registered address: 22 Mare Street, London, E8 4RT, United Kingdom.
Data processing is based on your consent pursuant to Art. 6(1)(a) GDPR. We use Omnisend to send e-mails, manage subscriptions/unsubscriptions, evaluate open and click rates and optimise sending. For this purpose the following personal data are transmitted to Omnisend’s servers:
- Email address
- Name (if provided)
- Time and IP address of registration
- Interaction data (e.g. opens, clicks)
Omnisend processes these data exclusively on our behalf (so-called processor) in accordance with Art. 28 GDPR. We have concluded an appropriate data processing agreement (DPA) with Omnisend.
According to Omnisend, data are stored in data centers within the European Union. However, sub-processors may involve transfers to third countries (e.g. the USA). In such cases transfers are based on the EU Standard Contractual Clauses (Art. 46 GDPR) which provide appropriate safeguards for data protection.
You can revoke your consent to receive emails at any time — either via the unsubscribe link in any email or by contacting us directly. More information is available in Omnisend’s privacy policy: omnisend.com/privacy
Payment processing via PayPal
Payment provider: PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg.
If you choose PayPal as a payment method, your payment data will be transmitted to PayPal. This may include credit card data or data required for „Buy Later“ services depending on the payment option. Legal basis: Art. 6(1)(b) GDPR (contract performance).
PayPal may transmit data to credit agencies for credit checks. For more information, see PayPal’s privacy policy: paypal.com/privacy
Source / template
This privacy policy was created using a template from e-recht24: e-recht24.de