Privacy Policy

Privacy Policy

Thank you for visiting the Symbio website. We place great importance on the secure and confidential processing of your data, especially in compliance with the General Data Protection Regulation (GDPR), the Telecommunications Telemedia Data Protection Act (TTDSG), and other data protection regulations. To meet these requirements, we have implemented technical and organizational measures to ensure these regulations are followed.

You can generally visit this website without providing personal data, however, certain browser settings may be required. Any data collected on this website is processed for the stated purposes. Your data will not be shared with third parties unless necessary for the stated purpose or you have given your consent.

1. Personal Data

According to Article 4, Paragraph 1 of the GDPR, personal data refers to any information related to an identified or identifiable natural person; an identifiable natural person is one who can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more special features; in this case, this may include, for example, names, addresses, telephone numbers, e-mail or IP addresses.

2. Data Collection and Processing During Website Visits

When you visit our website, the browser you use automatically sends data to our server, which is stored temporarily in a log file. This log data is technically required for the display of the web page. The legal basis for storing this data is Article 6, Paragraph 1, Letter f of the GDPR. Data is deleted within 7 days of accessing the website. Until then, the following information is stored without any further action on your part:

  • Browser used
  • Requested page
  • Time of page access
  • Success or failure of the page view
  • IP address
  • Visitor’s operating system

Log files are also used for statistical purposes and to improve the website (legal basis Article 6, Paragraph 1, Letter f of GDPR). In this way, we can identify possible errors such as faulty links. While the IP address is recorded, it is only analyzed in anonymized form for statistical purposes.

3. Cookies

This website uses cookies which are stored on your computer by your web browser. These are used to enhance your experience on the website. When you visit the website, you can choose whether to consent to the use of non-essential cookies through the cookie notice.

Our website uses transient cookies, which are essential for the site’s functionality and are automatically deleted when you close your browser. Persistent cookies may also be used in connection with web analytics services and remain active for a period appropriate to their purpose. The legal basis for using cookies is Article 6, Paragraph 1, Letter f of GDPR.

You can manage cookie settings through your browser, including disabling cookies if desired. However, this may affect website functionality.

Examples of cookies used on this website may include, but are not limited to: Borlabs Cookie, Google Analytics, Google Tag Manager, Accessibility Widget, Google Fonts, Google Maps, Google reCAPTCHA, and YouTube. Further information on some of these is provided below.

4. Google Analytics

We use Google Analytics, a web analytics service provided by Google Inc., to analyze your use of the website. Google Analytics uses cookies to collect this data, which is transmitted to Google servers in the USA. However, IP anonymization is enabled on this website, so your IP address will be shortened within the EU or EEA. Google uses this information on our behalf to evaluate website activity.

The legal basis for using Google Analytics is your consent in accordance with Article 6, Paragraph 1, Letter a of GDPR, which is given through the cookie notice. If you do not consent, Google Analytics will not be used. Data collected via cookies is deleted after 14 months.

For more details, visit Google’s Terms of Use and Privacy Policy at:

http://www.google.com/analytics/terms/de.html

https://marketingplatform.google.com/about/analytics/terms/us

https://www.google.de/intl/de/policies

https://policies.google.com/?hl=us

5. Google DoubleClick

This website uses Google DoubleClick to track conversions and determine whether users arrived via a Google ad. The cookie used for this does not contain personal data but may include a campaign identifier. The legal basis for using Google DoubleClick is your consent under Article 6, Paragraph 1, Letter a of GDPR.

For more details, see Google’s DoubleClick Privacy Policy at: https://policies.google.com/privacy

6. Google Tag Manager

Google Tag Manager allows us to manage website tags without collecting personal data. The tool may trigger other tags that could collect data, but it does not access that data directly. The legal basis for using Google Tag Manager is your consent in accordance with Article 6, Paragraph 1, Letter a of GDPR.

For more information, visit the Google Tag Manager Policy at:

https://marketingplatform.google.com/about/analytics/tag-manager/use-policy

7. Google Ads Conversion Tracking

We use Google Ads Conversion Tracking to monitor the success of our ads. Cookies for this purpose expire after 30 days and do not store personal information. The legal basis for this is your consent under Article 6, Paragraph 1, Letter a of GDPR.

For more information, see Google’s AdWords Privacy Policy at: https://www.google.com/policies/privacy/partners/

8. Google Ad Services

This site uses Google Ad Services. This tool is used to measure the success of advertisements. It can be used to analyze what happens after clicking on an advertisement, e.g., whether the user bought the product or whether the user viewed the ad from a mobile phone. Google also uses cookies for this purpose, which you can prevent by setting your browser accordingly.

The legal basis for the use of Google Ad Services is Article 6 Paragraph 1 Clause 1 Letter a of GDPR. When you visit the website, you give us your consent to run Google Ad Services by confirming the corresponding function in the cookie notice. If you do not consent to the use of the tool, it will not be run. The data we send and collect with cookies is automatically deleted after 14 months. According to Google, data whose retention period has been reached is deleted monthly.

Further information and the applicable data protection provisions of Ad Services can be found at:

https://policies.google.com/?hl=de

https://policies.google.com/?hl=us

9. Google Fonts

This site uses so-called web fonts provided by Google for the uniform display of fonts. The Google Fonts are installed locally. There is no connection to Google servers. 

10. YouTube

We use YouTube on our website. With the help of the video portal YouTube.com Inc., videos from the video platform are displayed on this website.

When you visit a page that contains a YouTube video, your browser connects to YouTube’s servers. This results in data being transferred to YouTube, regardless of whether you have a YouTube account. YouTube may store the following data and other data for analysis purposes:

  • IP address
  • Technical browser information
  • Operating system
  • Basic device information
  • Web activities
  • Session duration
  • Bounce rate

YouTube may collect your user data using cookies or other technical solutions.

The storage period for your data depends on the economic benefit. The data will be deleted by YouTube as soon as it no longer represents an economic benefit for the company.

The legal basis for the use of YouTube videos is Article 6 Paragraph 1 Clause 1 Letter a of GDPR. When you visit the website, you give us your consent to unblock YouTube content by confirming the corresponding function in the cookie notice. If you do not consent to the use of YouTube in the cookie notice, YouTube content will be automatically blocked for the time being. You would only agree to the use of YouTube by activating the playback function.

Further information on the purpose and scope of data collection and processing by the plug-in provider can be found in the privacy policy of the provider. There you will also find further information on your rights in this regard and setting options for protecting your privacy.

https://policies.google.com/privacy?hl=en

https://support.google.com/youtube/answer/10364219?hl=en

11. Social Media / Social Networks

a) General

We use various social media providers. What these services have in common is that they collect data about visitors to their websites and save it in the form of profiles. This usually means that when you visit the social media provider’s website, your IP address is collected and cookies are placed on your computer. This may allow your user behavior to be analyzed, which may provide information about your interests. In this context, access times may be recorded.

The social media provider can assign this information to your device via your IP address and the cookies set.

If you log in to a user account with the social media provider before or after accessing the pages, this information can be assigned to you personally.

The profiles created are used for advertising and market research purposes. You may receive advertising on and outside of social media platforms that is associated with your interests.

Most of the social media providers we use are based in the USA. When you access the respective website, it cannot be ruled out that personal data such as the IP address will be transmitted to the USA. Since the USA is an unsafe third country from the perspective of the GDPR, we would like to point out that you cannot control or exercise your rights as a data subject and other rights under European data protection law in connection with the collection and processing of your data by the social media providers, or only to a limited extent.

If you do not want the respective social media providers to collect data about you, please do not access the websites. If necessary, you can restrict the data collection via settings in your browser. If necessary, you can change the data processing in your user account with the respective social media provider.

The best way to assert requests for information and data subject rights is to contact the social media providers directly. This is particularly useful because the social media providers themselves have the data and can take the appropriate measures.

We use social media to open communication channels, promote our products and brands, raise awareness of us as an employer and attract interest from potential employees.

Please note that the use of the respective social network is generally subject to the terms of use and data protection of that company, over which we have no influence.

The legal basis for the processing is Article 6 Paragraph 1 Clause 1 Letter f GDPR.

b) Social Media Icons

LinkedIn on our website is only available via a link. If you click on the corresponding symbol, you will leave our website and go to the social media provider.

c) LinkedIn

Our account on LinkedIn can be found at: https://www.linkedin.com/company/symbioresearch.

Further information on data protection and the processing of personal data when using Instagram can be found at: https://www.linkedin.com/legal/privacy-policy.

You can object to tracking for advertising purposes (opt-out) at: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

If you are not a member of LinkedIn, you can opt out of LinkedIn and its service providers tracking your visits to LinkedIn for advertising purposes at: https://www.linkedin.com/psettings/guest-controls. This opt-out is tied to cookies, meaning it is browser-specific and will be overridden by deleting or blocking cookies.

Please note that the non-member setting is not intended for use by members and only applies to www.linkedin.com and only when you are logged out of LinkedIn.

You can find LinkedIn’s data processing agreement for the transfer of European data (standard contractual clauses) at: https://de.linkedin.com/legal/l/dpa?.

12. Contact Forms

On our website you can use contact forms to contact us, e.g., to order informational material or to request a meeting. Only the fields marked as mandatory must be filled in. This mandatory information is your name, email address, phone and interests. Any other information you provide is voluntary.

The data you enter in the forms is sent to us and stored using SSL encryption. The following data (metadata) is also stored when the form is sent:

  • Date and time of transmission

As an alternative to using our contact forms, you can also write to us at information@symbioresearch.com. In this case, the data transmitted with the email will be saved.

We will not pass on the data you provide to third parties unless you expressly request this. We use your information to answer your inquiry and to send you information about our services. The additional metadata is used to prevent misuse of the contact form and to ensure the security of our information technology systems.

The legal basis for the processing of the data you submit is Article 6 Paragraph 1 Clause 1 Letter f GDPR, or if your request is aimed at concluding a contract, Article 6 Paragraph 1 Clause 1 Letter b GDPR. The legitimate interest in storing your information lies in the implementation of direct advertising.

We will retain the personal data you provide for 3 years. If your inquiry results in an order confirmation, we will retain the communication and the associated personal data for 10 years in order to meet our tax-related proof obligations. The additional metadata generated with the transmission will be deleted after a period of 10 days at the latest.

You can object to the storage of your personal data at any time under the conditions of Article 21 GDPR. In such a case, your request cannot be processed further. You can submit your objection by email to information@symbioresearch.com, stating the mandatory information you have entered to verify your authorization. In the event of your objection, we will no longer process the personal data unless there are compelling legitimate reasons that outweigh your interests, rights and freedoms, or to assert, exercise or defend legal claims.

13. Application Procedure

If you use the Personio application form for online application, we collect the following personal data from you: first name, last name, email address, CV and your desired start date. Optionally, you can upload your certificates and employment references and provide information about your salary expectations.

If you apply to us by email, we will collect the personal data that you send us. We will use the data you enter exclusively to fill positions within our company. It will not be passed on to third parties without your express consent.

Your personal data will be deleted 180 days after completion of the application process. This does not apply if legal provisions prevent deletion, if further storage is necessary for the purpose of providing evidence or if you have expressly consented to longer storage.

If we are unable to offer you a position that is currently vacant, but believe, based on your profile, that your application may be of interest for future job offers, we will – provided you consent to this – store your personal application data for twelve months.

The legal basis for processing your application is Article 88 Paragraph 1 GDPR in conjunction with Section 26 Paragraph 8 Sentence 2, 1st case, Paragraph 1 Sentence 1 BDSG. In the case of your consent to further storage after a possible rejection, Article 6 Paragraph 1 Sentence 1 lit. a) GDPR applies.

To carry out the application process, it is necessary to process your personal data. You are not obliged to provide us with this data, but without this information we cannot consider your application when filling the position.

There is no right to object to the processing. However, if you consent to the continued storage of your application after a rejection, you can revoke your consent at any time with effect for the future. After revocation, the personal data will no longer be processed for the purposes stated in the declaration of consent. The application can then no longer be processed.

14. Security

We have implemented technical and organizational measures to protect your data from unauthorized access, destruction, or alteration. Our security measures are regularly updated to reflect technological advances.

15. Third Countries

Your data will only be transferred to countries outside the EU or EEA if you have given your explicit consent or if the European Commission’s standard data protection clauses are in use.

16. Right to Information

In accordance with Article 15 GDPR, you have the right to receive information about the data stored about you. We will be happy to comply with your request for information. Please send your request for information in writing to our data protection officer (see below).

Should you exercise your right to information, we will store your request and the response to it in order to fulfill our accountability obligations.

The legal basis for the processing of your data in the event of a data subject’s rights request is Article 5 Paragraph 2 GDPR in conjunction with Article 6 Paragraph 1 Clause 1 Letter f GDPR. Your request for information and our response will be stored for a period of 3 years.

17. Right to Rectification, Erasure, Restriction

If incorrect personal data has been processed, you have the right to rectification in accordance with Article 16 GDPR.

If the legal requirements are met, you can request the deletion or restriction of processing and object to data processing (Articles 17, 18 and 21 GDPR).

We will be happy to comply with your request for rectification, erasure and restriction. Please send your request in writing to our data protection officer (see below). If you exercise your right to rectification, erasure and restriction, we will save your request and the response to it in order to meet our accountability obligations.

The legal basis for the processing of your data in the event of a data subject’s rights request is Article 5 Paragraph 2 GDPR in conjunction with Article 6 Paragraph 1 Clause 1 Letter f) GDPR. Your data subject’s rights request and our response will be stored for a period of 3 years.

18. Right of Objection

You have the right to object at any time to the processing of personal data concerning you based on Article 6 Paragraph 1 Clause 1 Letter f GDPR (legitimate interest) for reasons related to your situation. [This also applies to profiling based on this provision within the meaning of Article 4 Number 4 GDPR, which Symbio uses to assess creditworthiness or for advertising purposes.]

If you object, Symbio will no longer process your personal data unless Symbio can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims. The objection can be made in any form and should, if possible, be addressed to:

DS Data Protection Christoph Larsen
Christoph Larsen
Nordring 35
51647 Gummersbach
Germany
Email: dataprotection@proinnovera.com

19. Contact of the Supervisory Authority

If you believe that data processing violates data protection law, you have the right to complain to a data protection supervisory authority of your choice (Article 77 DSGVO in conjunction with Section 19 BDSG). This also includes the data protection supervisory authority responsible for us, which you can reach using the following contact details:

State Commissioner for Data Protection and Freedom of Information
North Rhine-Westphalia
PO Box 20 04 44
40102 Düsseldorf
Tel.: 0211/38424-0
Fax: 0211/38424-10
E-Mail: poststelle@ldi.nrw.de

20. Amendment of the Provisions

We reserve the right to change this privacy policy. The privacy policy may be changed for technical or data protection reasons. We therefore ask you to pay attention to the latest version. 

21. Links to other Websites

Our websites contain links to third-party websites. Symbio is not responsible for the data protection measures or the content of other websites.

22. Contact Details of the Data Protection Officer

By post:
DS Datenschutz Christoph Larsen
Christoph Larsen
Nordring 35
51647 Gummersbach
Germany
Email: dataprotection@proinnovera.com
Website: 

23. Contact details of the person responsible

By post:
Symbio
Wienburgstraße 207
48159 Münster, Germany
Phone +49 (0)251 270 778-0
Fax +49 (0)251 270 778-22
E-Mail information@symbioresearch.com

This privacy policy was last updated in September 2024.