Privacy Policy
We, Aleph Alpha GmbH , operate https://downloads.aleph-alpha.com ("website") and collect certain data from you, whereas necessary. In the following privacy policy, you will be informed what we do with your data, so-called personal data, and why we do this. We will also inform you how we protect your data, when this data is deleted and what rights you have within data protection.
Who can I contact?
Responsible for this website is:
Aleph Alpha GmbH
Speyerer Straße 14
69115 Heidelberg
E-mail: privacy@aleph-alpha.com
Fresh Compliance GmbH
Frank Trautwein
Schönhauser Allee 43a
10435 Berlin Germany
E-mail: dsb@freshcompliance.de
What are my rights?
You can contact us - preferably by e-mail to privacy@aleph-alpha.com -- at any time if you have any questions about your rights regarding data protection or if you wish to exercise any of the following rights:
- Right to withdraw your consent in accordance with Art. 7 para. 3 GDPR (e.g., you can contact us if you wish to cancel a previously given consent to a newsletter)
- Right to access your data in accordance with Art. 15 GDPR (e.g., you can contact us if you would like to know what data we have stored about you)
- Right to correct your data in accordance with Art. 16 GDPR (e.g., you can contact us if your e-mail address has changed and we should replace your old e-mail address)
- Right to have your data deleted in accordance with Art. 17 GDPR (e.g., you can contact us if you want us to delete certain data that we have stored about you)
- Right to limit data collection in accordance with Art. 18 GDPR (e.g., you can contact us if you do not want us to delete your e-mail address, but only to send absolutely necessary e-mails)
- Right to data portability in accordance with Art. 20 GDPR (e.g., you can contact us to receive your data in a zipped format, if you want to upload it to another website)
- Right to file complaints to the supervisory authority in Baden-Württemberg in accordance with Art. 77 para. 1 f GDPR
You also have the right to object to the processing of your data in accordance with Art. 21 GDPR (e.g., you can contact us if you do not agree with advertising or user analytics procedures as described within this privacy policy)
General information on deletion of data and storage periods
The following information describes our approach to deletion of data and storage periods in general. For further information concerning deletion of data and storage periods, please see the specific data processing activities below.
Unless otherwise stated, we will delete or anonymize your data as soon as it is no longer needed, e.g., your e-mail address after you have unsubscribed from a newsletter. Your data will also be deleted or blocked automatically if the mandatory storage period expires. Some data may be needed for longer periods of time for legal reasons. You can request information about all personal data we have stored about you. Data protection inquiries and other legal matters may also be stored for a longer period of time within the scope of the legally relevant retention and statute of limitations periods.
General information on data Receipents
The following information describes our approach to data recipients in general. For further information concerning data recipients, please see the specific data processing activities below.
We only share data with our processors within the meaning of the GDPR, i.e., entities that process your data only on our behalf, our instructions and in accordance with respective data processing agreements.
We only share data that is necessary for the performance of the mutual contract or if you have given us your consent, for example, in the context of our newsletter. If no contract exists yet, we share the data in certain cases in the context of legitimate interests. This is the case, for example, if you only want to visit our website or contact us. When you visit our website, it is in the interest of both parties to provide access to the services and to communicate with each other.
We have also entered into data processing agreements with all external recipients to comply with applicable data protection law requirements. Depending on your location, some of the above service providers - if specified - will also transfer your data to the United States. Currently, there is an adequacy decision in place between the EU and the USA. This decision confirms that certified organizations within the scope of the EU-U.S. Data Privacy Framework ensure an adequate level of protection for personal data in the USA. Additional contracts for data processing, known as Standard Contractual Clauses, are also concluded. We also check each service provider together with our data protection officer and ensure that additional security measures are available, such as strong encryption of data.
Data processing acitivities
We only process your personal data to the extent that this is necessary for the purposes outlined below and to the extent that processing is permitted by law. We may process the following personal data, depending on how you use our website:
Visiting the website
If you merely wish to browse the website, we only collect personal data that your browser sends to us ("log files"), e.g.:
- IP address (e.g. 82.93.116.example or 2a02:7122:99222:1112:bdb2:723f:example)
- Approximate location based on IP range (e.g., "Berlin city")
- Internet provider (e.g., "Telecom" or „AT&T")
- Date and time of visit (e.g., 11:55 on 25.05.2023)
- Browser and version (e.g., Chrome or Safari)
- Operating system (e.g., Mac OS)
- Hardware (e.g., Intel processor)
Purpose: The purpose of the temporary storage of the
data is, on the one hand, the technical necessity for establishing the
connection and, on the other hand, the correct, error-free presentation
of our website. The IP address and processing the technical data is
necessary to display the website, to prevent display problems for
visitors and to correct error messages.
Data recipients: Our website is hosted locally. There
are no data recipients besides Aleph Alpha GmbH.
Deletion of data and storage periods: We delete or
anonymise the IP address after your visit to the website. This means
that the other technical data can no longer be traced back to you and
are only used for anonymous, statistical purposes to optimise our
website.
Legal basis: We process this personal data based on
our legitimate interest to provide the website to our visitors, in
accordance with the European data protection requirements from Art. 6
para. 1 lit. f GDPR. Upon request, we will provide you with further
information concerning the balancing of interests.
Upload of information
If you decide to provide us with documents through the website, we may process the information you provide to us. The information provided and subsequently processed may include, for example, the following data:
- log files (please see "Visiting the website")
- First name / last name
- Message
- Information contained in the document
Purpose: We process the personal data you provide to
process your request and communicate with you.
Deletion of data and storage periods: The data you
upload is encrypted with AES (512-bit). Your personal data will
generally be deleted once your request has been fully resolved. On a
case-by-case basis, the nature or results of your request may require a
longer retention period (e.g., due to mandatory legal retention
periods), and we will inform you separately if applicable.
The data you upload will be stored in our backups for up to three years.
Data recipients: The person providing you with the
link to upload documents can decide whether the uploaded information is
only available to this person or publicly available. Information that we
request regarding Data Subject Requests will only be available to the
person that is sending the link to you.
Legal basis: We process this personal data based on
our legitimate interest to process and respond to requests, in
accordance with the European data protection requirements from Art. 6
para. 1 lit. f GDPR. Upon request, we will provide you with further
information concerning the balancing of interests. If you contact us to
initiate, implement and / or terminate a business relationship, the
legal basis for the processing is Article 6 para. 1 lit. b) GDPR. If you
contact us regarding a Data Subject Request and we request further
information, the legal basis for processing rhis information is Article
6 para. 1 it. c) GDPR.
Download of information
If you want to download documents we provide through the website, we will process log files regarding the download
Purpose: We process the personal data you provide to
process your request and communicate with you.
Deletion of data and storage periods: The data you
upload is encrypted with AES (512-bit). Your personal data will
generally be deleted once your request has been fully resolved. On a
case-by-case basis, the nature or results of your request may require a
longer retention period (e.g., due to mandatory legal retention
periods), and we will inform you separately if applicable.
The data you download will be stored in our backup for up to three years.
Data recipients: There
are no data recipients besides Aleph Alpha GmbH.
Legal basis: We process this personal data based on
our legitimate interest to process and respond to requests, in
accordance with the European data protection requirements from Art. 6
para. 1 lit. f GDPR. Upon request, we will provide you with further
information concerning the balancing of interests. If you contact us to
initiate, implement and / or terminate a business relationship, the
legal basis for the processing is Article 6 para. 1 lit. b) GDPR. If you
contact us regarding a Data Subject Request and we provide you with
information, the legal basis for processing is Article
6 para. 1 it. c) GDPR.