Data Privacy Statement

Thank you for visiting our website and for your interest in our company and services. The protection of your privacy when using our website is important to us. We,

trenzyme GmbH
Byk-Gulden-Str. 2
78467 Konstanz
(Imprint)

(hereinafter also referred to as “we” or “trenzyme”),

would like to inform you below concerning the processing of your personal data and concerning your rights as a data subject in the context of using our website

trenzyme.com
(hereinafter also referred to as “website”)

as the data controller and also service provider.

The processing of your personal data will take place exclusively in the context of the legal provisions of data protection law in the European Union, in particular the EU General Data Protection Regulation (hereinafter “GDPR”) and in addition to the Federal Data Protection Act (hereinafter “BDSG”) and additional legal provisions on data protection (collectively “data protection laws”).
If you would like to take a look at the GDPR yourself, you can find it on the internet at: https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679.
This data privacy statement applies only to the website accessible by the domain trenzyme.com. The following notes do not relate to other websites of trenzyme or third party websites of other providers to which the website is linked. The terms used such as e.g. “personal data” or its “processing” correspond to the definitions in Art. 4 GDPR.

1. Subject matter of the data protection, legal bases and sources

Subject matter of the data protection is personal data. Personal data are all information that relates to an identified or identifiable natural person (so-called data subject). Your personal data therefore includes all data that allows your person to be identified, such as e.g. your name, your address, your telephone number or your email address. Personal data also includes information necessarily arising through use of our website such as e.g. beginning, end and scope of the use or your IP address.
Personal data are also collected, insofar as you provide them to us by performing a contract (contractual data).
We process your data only when an applicable legal regulation permits this. We will base the processing of your data, inter alia, on the following legal bases:

  • Consent (Art. 6 Paragraph 1 Clause 1 a GDPR): We will process determined data only on the basis of your previously granted, express and voluntary consent. You have the right to revoke your consent at any time with effect for the future.
  • Fulfillment of a contract or performance of pre-contractual measures (Art. 6 Paragraph 1 Clause 1 b GDPR): We require determined data from you in particular to enter into or perform a contractual relationship with trenzyme.
  • Compliance with a legal obligation (Art. 6 Paragraph 1 Clause 1 c GDPR): We also process your personal data to comply with legal obligations such as e.g. supervisory regulations or retention duties under commercial and tax law.
  • Safeguarding legitimate interests (Art. 6 Paragraph 1 Clause 1 f GDPR): trenzyme will process determined data to safeguard its interests or the interests of third parties. However, this only applies when your interests do not overridden in the specific case.

Please note that this is not a complete or exhaustive list of the possible legal bases, but these are merely examples that should make the legal bases under data protection law more transparent. These personal data originate from the following sources:
Largely from you yourself, in particular by your use of our website, from your contact enquiries and possibly information upon conclusion of a contract.

Further information on the legal bases of the individual data processing processes on our website and on the sources of the underlying data can be found in the statements under the following points.

2. Server log data

You can visit our website without providing information about your person. By visiting our website, the following information concerning the access may be stored:

  • The IP address of the requesting end device,
  • accessed pages and files,
  • the http response code,
  • the number of accessed pages and files in bites,
  • the previous website from which you visit the website (referrer URL),
  • date, time and time zone of the server request,
  • browser type and version,
  • operating system of the requesting end device that was used.

We process these data based on Art. 6 Paragraph 1 Clause 1 f GDPR to provide the website, to ensure the technical operation and the security of our IT systems. We pursue the interest of enabling the use of our website and its technical functionality and to permanently maintain this. These data are automatically processed upon accessing our website. You cannot use our website without providing this data. We do not use this data for the purpose of drawing conclusions about your identity.
The automatically collected data are generally deleted after 7 days, unless we require them for the above-mentioned purposes for exceptionally longer periods. In such a case, we will delete the data without delay when there is no longer a purpose for it.
You cannot object to the collection and storage of your server log data since these data are necessarily required for seamless operation of the website.

3. Communication via contact form or email

If you communicate with us via contact form or email, your voluntarily disclosed contact data (such as e.g. name, email address) are only purposefully collected, processed and used, either to receive and answer your request(s) and for technical administration. The data disclosed by you via our contact forms are encrypted upon transmission by Transport Layer Security (TLS), widely-known under the former name Secure Socket Layer (SSL).
The processing of data that are transmitted in the context of communication via contact form or via email takes place based on Art. 6 Paragraph 1 Clause 1 b GDPR when it concerns entering into a contractual relationship or based on Art Paragraph 1 Clause 1 f GDPR. In the latter case, we have a legitimate interest in processing contact requests voluntarily sent to us.
We delete the data indicated by you as soon as the purpose of the collection is completely unnecessary, subject to compliance with continuing legal retention duties.

Insofar as your data are processed based on legitimate interests, you may object to the storage of your personal data at any time. In this case, we will no longer process your data, provided we cannot prove any legitimate interest in doing so or are otherwise legally required to store it. To exercise your right to object in relation to storage, please contact us in writing, by fax or email.

But please note that upon communication via contact form, complete data security cannot be guaranteed by us and communication via email does not take place via a secured data connection. Accordingly, please refrain from sending any confidential information such as bank or credit card details, etc., via these methods. We recommend that you use a secure transmission route such as the mail to send confidential information.

4. Online application and application via email

You have the option of sending us applications for open positions or speculative applications via the online application contact form on our website or via email. We process the data that you have sent to us in connection with your application in order to check your suitability for the position (or other open positions) and to carry out the application process. This includes in particular your information about your person, your submitted address, your resume and your submitted references or other supporting documents submitted by you.
The data disclosed by you via our online application contact forms are encrypted upon transmission by Transport Layer Security (TLS), widely-known under the former name Secure Socket Layer (SSL). The legal basis for the processing of your personal data in this application process is in particular Section 26 BDSG in connection with Art. 6 Paragraph 1 Clause 1 b GDPR. According to this, the processing of data is permissible insofar as it is required in connection with the decision concerning the establishment of an employment relationship.
Your application to us is of course completely voluntary. However, if you decide to apply, you should indicate the personal data that are required for the establishment of an employment relationship. We will disclose to you in a suitable manner what data we consider necessary (e.g. by marking mandatory fields in the forms). Without these data, we cannot consider you in the application process.

The storage of any voluntarily indicated additional information from the applicant takes place based on Art. 6 Paragraph 1 Clause 1 f GDPR since we have a legitimate interest in also processing the additional information indicated voluntarily by you for the purposes of carrying out the application process. You can object to the processing of voluntarily indicated data at any time with effect for the future without providing reasons. In this case, we will no longer process your data, provided we cannot prove any legitimate interest in doing so or are otherwise legally required to store it.

If you consented to the continued storage of your personal data, we are entitled, based on your consent (Art. 6 Paragraph 1 Clause 1 a GDPR) to include your data in our applicant pool and to process it in connection with application processes for future open positions at trenzyme. This also includes making contacting with you, if you are considered in such an application process. You may revoke your granted consent at any time with effect for the future without providing reasons.

If the data are required for prosecution following conclusion of the application process, data processing can take place to safeguard legitimate interests according to Art. 6 Paragraph 1 Clause 1 f GDPR. Our interest in this case is the assertion or defending of claims.
Data from applicants are regularly deleted after four months in the case of rejection. For the case where you have consented to continued storage of your personal data, we will include your data in our applicant pool. The data will be deleted from there after two years.
If you are selected for a position in the context of the application process, the data from the online application process will be included in our personnel information system and processed there, insofar as they are required for establishing and carrying out the employment relationship.
Your applicant data will be viewed by us internally after receiving your application from the HR department and the department heads. Essentially, the individuals with access to your data in the company are only those who require it for the proper running of the application process.

5. Cookies

This website uses cookies and similar technologies such as for example HTML5 Storage (hereinafter referred to as “cookies” as a whole) in order to be able to optimally design the website. This allows, inter alia, the navigation to be simplified and a high degree of user friendliness.

Cookies are small identification markers which our webserver sends to your browser and which your end device stores in the case of corresponding standard setting. They can be used to determine whether communication with us from your end device already existed. As a result, they serve the purpose of making the usage more comfortable for you and optimizing our service. In this case, we distinguish whether the cookie is technically necessary, whether it is set by our website itself or by a third party. Please read the following provisions for detailed information on the type, function, purposes, legal bases and objection options to the data processing in the case of cookies.

If you use our website, you will be informed by us concerning the use of cookies. The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission. You can change your cookie preference settings on our website at any time.

Furthermore you can object to the storage of cookies at any time by selecting “do not accept cookies” in your browser settings. Please use the help function of your browser for the processes for administration and deletion of cookies in the settings of your browser. You can also deactivate all cookies by means of free browser add-ons such as e.g. “Adblock Plus” (adblockplus.org/en) in combination with the “EasyPrivacy” list (easylist.to) or “Ghostery” (ghostery.com). If you do not accept cookies, this may, however, lead to functional limitations of the website.

1. a) Cookies that are absolutely necessary
We use the following cookies on our website that are absolutely necessary for the functioning of our website, to the storage of which we have a legitimate interest since we could not otherwise provide our website with determined underlying functionalities (e.g. you would have to log in again each time you changed the page):

Session The data processing takes place to safeguard our legitimate interests on the basis of Art. 6 Paragraph 1 Clause 1 f GDPR. Our legitimate interest emerges in this respect from the outlined usage purposes.

1. b) Additional first party cookies
Additional first party cookies, which are not absolutely necessary to be able to use the website, fulfill important tasks. They allow comfortable surfing on our website, such as for example pre-filled forms. We can also respond to you with individually tailored offers. We use the following additional first party cookies on our website:

The data processing takes place to safeguard our legitimate interests on the basis of Art. 6 Paragraph 1 Clause 1 f GDPR. Our legitimate interest emerges in this respect from the outlined usage purposes.

1. c) Cookies from third party providers
To integrate content and functions of third party providers (see following points), we set cookies of third party providers (also called third party cookies) which for example allow them to obtain the information that you have accessed this website. Please visit the websites of the third party providers to obtain additional information on their use of cookies. We use the following cookies from third party providers:

The data processing takes place to safeguard our legitimate interests on the basis of Art. 6 Paragraph 1 Clause 1 f GDPR. Our legitimate interest emerges in this respect from the outlined usage purposes.

You can find additional details and options to object to data processing in the case of cookies from third party providers in the following descriptions of the individual functions that relate to the use of such cookies or technologies similar to cookies.

change cookie preference settings

6. Social media

Facebook

We have integrated elements of the social network Facebook on this website. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook’s statement the collected data will be transferred to the USA and other third-party countries too.

An overview of the Facebook social media elements is available under the following link: https://developers.facebook.com/docs/plugins/.

If the social media element has been activated, a direct connection between your device and the Facebook server will be established. As a result, Facebook will receive information confirming your visit to this website with your IP address. If you click on the Facebook Like button while you are logged into your Facebook account, you can link content of this website to your Facebook profile. Consequently, Facebook will be able to allocate your visit to this website to your user account. We have to emphasize that we as the provider of the website do not receive any information on the content of the transferred data and its use by Facebook. For more information, please consult the Data Privacy Policy of Facebook at: https://de-de.facebook.com/privacy/explanation.

If your approval (consent) has been obtained the use of the abovementioned service shall occur on the basis of Art. 6 Sect. 1 lit. a GDPR and § 25 TTDSG (German Telecommunications Act). Such consent may be revoked at any time. If your consent was not obtained, the use of the service will occur on the basis of our legitimate interest in making our information as comprehensively visible as possible on social media.

Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 DSGVO). The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook. The processing by Facebook that takes place after the onward transfer is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in a joint processing agreement. The wording of the agreement can be found under: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the privacy information when using the Facebook tool and for the privacy-secure implementation of the tool on our website. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g., requests for information) regarding data processed by Facebook directly with Facebook. If you assert the data subject rights with us, we are obliged to forward them to Facebook.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://de-de.facebook.com/help/566994660333381 and https://www.facebook.com/policy.php.

Twitter

We have integrated functions of the social media platform Twitter into this website. These functions are provided by Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland.

If the social media element has been activated, a direct connection between your device and Twitter’s server will be established. As a result, Twitter will receive information on your visit to this website. While you use Twitter and the “Re-Tweet” function, websites you visit are linked to your Twitter account and disclosed to other users. We must point out, that we, the providers of the website and its pages do not know anything about the content of the data transferred and the use of this information by Twitter. For more details, please consult Twitter’s Data Privacy Declaration at: https://twitter.com/en/privacy.

If your approval (consent) has been obtained the use of the abovementioned service shall occur on the basis of Art. 6(1)(a) GDPR and § 25 TTDSG (German Telecommunications Act). Such consent may be revoked at any time. If your consent was not obtained, the use of the service will occur on the basis of our legitimate interest in making our information as comprehensively visible as possible on social media.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://gdpr.twitter.com/en/controller-to-controller-transfers.html.

You have the option to reset your data protection settings on Twitter under the account settings at https://twitter.com/account/settings.

LinkedIn

This website uses elements of the LinkedIn network. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

Any time you access a page of this website that contains elements of LinkedIn, a connection to LinkedIn’s servers is established. LinkedIn is notified that you have visited this website with your IP address. If you click on LinkedIn’s “Recommend” button and are logged into your LinkedIn account at the time, LinkedIn will be in a position to allocate your visit to this website to your user account. We have to point out that we as the provider of the websites do not have any knowledge of the content of the transferred data and its use by LinkedIn.

If your approval (consent) has been obtained the use of the abovementioned service shall occur on the basis of Art. 6 (1)(a) GDPR and § 25 TTDSG (German Telecommunications Act). Such consent may be revoked at any time. If your consent was not obtained, the use of the service will occur on the basis of our legitimate interest in making our information as comprehensively visible as possible on social media.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.linkedin.com/help/linkedin/answer/62538/datenubertragung-aus-der-eu-dem-ewr-und-der-schweiz?lang=en.

For further information on this subject, please consult LinkedIn’s Data Privacy Declaration at: https://www.linkedin.com/legal/privacy-policy.

7. Web analysis

Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider of this service is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyze the behavior patterns of website visitors. To that end, the website operator receives a variety of user data, such as pages accessed, time spent on the page, the utilized operating system and the user’s origin. This data is assigned to the respective end device of the user. An assignment to a user-ID does not take place.

Furthermore, Google Analytics allows us to record your mouse and scroll movements and clicks, among other things. Google Analytics uses various modeling approaches to augment the collected data sets and uses machine learning technologies in data analysis.

Google Analytics uses technologies that make the recognition of the user for the purpose of analyzing the user behavior patterns (e.g., cookies or device fingerprinting). The website use information recorded by Google is, as a rule transferred to a Google server in the United States, where it is stored.

The use of these services occurs on the basis of your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TTDSG. You may revoke your consent at any time.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

Google Tag Manager

We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create any user profiles, does not store cookies, and does not carry out any independent analyses. It only manages and runs the tools integrated via it. However, the Google Tag Manager does collect your IP address, which may also be transferred to Google’s parent company in the United States.

The Google Tag Manager is used on the basis of Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the quick and uncomplicated integration and administration of various tools on his website. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.

Hotjar

This website utilizes Hotjar. The provider is Hotjar Ltd., Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe (website: https://www.hotjar.com).

Hotjar is a tool used to analyze your user patterns on this website. Hotjar allows us to for instance record your mouse and scroll movements as well as your click. During this process, Hotjar also has the capability to determine how long your cursor remained in a certain position. Based on this information, Hotjar compiles so-called Heatmaps, that make possible to determine which parts of the website the website visitor reviews with preference.

We are also able to determine how long you have stayed on a page of this website and when you left. We can also determine at which point you suspended making entries into a contact form (so-called conversion funnels).

Furthermore, Hotjar can be deployed to obtain direct feedback from website visitors. This function aims at the improvement of the website offerings of the website operator.

Hotjar uses technologies that make it possible to recognize the user for the purpose of analyzing the user patterns (e.g., cookies or the deployment of device fingerprinting).

If your approval (consent) has been obtained the use of the abovementioned service shall occur on the basis of Art. 6(1)(a) GDPR and § 25 TTDSG (German Telecommunications Act). Such consent may be revoked at any time. If your consent was not obtained, the use of the service will occur on the basis of Art. 6(1)(f) GDPR; the website operator has a legitimate interest in the analysis of user patterns to optimize both, the web presentation and the operator’s advertising activities.

Deactivation of Hotjar

If you would like to deactivate the recording of data by Hotjar, please click on the link below and follow the instructions provided under the link:  https://www.hotjar.com/policies/do-not-track/.

Please keep in mind that you will have to separately deactivate Hotjar for every browser and every device.

For more detailed information about Hotjar and the data to be recorded, please consult the Data Privacy Declaration of Hotjar under the following link:  https://www.hotjar.com/privacy.

Data processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.

8. Newsletter

Newsletter data

If you would like to subscribe to the newsletter offered on this website, we will need from you an e-mail address as well as information that allow us to verify that you are the owner of the e-mail address provided and consent to the receipt of the newsletter. No further data shall be collected or shall be collected only on a voluntary basis. We shall use such data only for the sending of the requested information and shall not share such data with any third parties.

The processing of the information entered into the newsletter subscription form shall occur exclusively on the basis of your consent (Art. 6(1)(a) GDPR). You may revoke the consent you have given to the archiving of data, the e-mail address, and the use of this information for the sending of the newsletter at any time, for instance by clicking on the “Unsubscribe” link in the newsletter. This shall be without prejudice to the lawfulness of any data processing transactions that have taken place to date.

The data deposited with us for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter or the newsletter service provider and deleted from the newsletter distribution list after you unsubscribe from the newsletter or after the purpose has ceased to apply. We reserve the right to delete or block e-mail addresses from our newsletter distribution list at our own discretion within the scope of our legitimate interest in accordance with Art. 6(1)(f) GDPR.

Data stored for other purposes with us remain unaffected.

After you unsubscribe from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist, if such action is necessary to prevent future mailings. The data from the blacklist is used only for this purpose and not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6(1)(f) GDPR). The storage in the blacklist is indefinite. You may object to the storage if your interests outweigh our legitimate interest.

9. Plug-ins and Tools

Tidio

We use Tidio (hereinafter referred to as “Tidio”) for the processing of user inquiries via our support channels or live chat systems. The provider is Tidio LLC, 180 Steuart St, CA 94119, San Francisco, California, USA.

Messages you send to us, can be stored in the Tidio ticket system or our employees respond to them in the live chat system. If you communicate with us via Tidio, all data you have entered from the start of the chat (i.e., name or chat ID, address, and phone number) as well as your IP address, your country of origin, the utilized browser and device, the accessed website and the exchanges messages are consolidated in a profile and saved on Tidio’s servers.

Messages that are addressed to us remain in our possession until you ask us to delete them or the reason for the data storage is no longer effective (e. g. after your inquiry has been processed). This shall be without prejudice to any statutory provisions – especially statutory mandatory retention obligations.

The use of Tidio is based on Art. 6(1)(f) GDPR. We have a legitimate interest in marketing activities that are as effective as possible. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.

For more information, please consult the data privacy declaration of Tidio: https://www.tidio.com/privacy-policy/.

Data processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.

10. Embedding of videos

YouTube videos are embedded on this website. This service is operated by YouTube LLC, 901 Cherry Avenue, San Bruno, CA 94066, USA, (“YouTube”), which is a subsidiary of Google LLC., Amphitheatre Parkway, Mountain View, CA 94043, USA.
When playing the videos, a connection is established to YouTube servers in the USA. Determined information (e.g. your IP address) will be hereby transmitted to YouTube. It may also happen that YouTube stores cookies on your end device, insofar as you have consented or not objected to the use and storage of cookies from third party providers. We do not receive any information on the type and scope of the data collected by YouTube and have no influence over its use. YouTube may also receive information through the embedding that your browser accessed the corresponding page of this website, even if you do not have a user account with YouTube or Google or are not logged into YouTube or Google. Your data are processed in order to provide you with the mentioned functions and use of determined content in the context of our website based on Article 6 Paragraph 1 f GDPR. We also have a legitimate interest in use content and services of third parties for the economic operation and optimization of our website.
You can find additional information on the purposes and scope of the data collection and the additional processing and use of the data by YouTube and your rights in this respect and the available setting options to protect your privacy in the data privacy notices of YouTube/Google:

The YouTube videos embedded on this website which are stored on https://www.youtube.com and can be played directly from this website, are embedded in the “expanded data protection mode”, i.e. so that, according to YouTube, no data about you as a user are transferred to YouTube, when you do not play the videos.

You can also prevent the storage of cookies from third party providers by deactivating them in the setting of your browser or by means of browser add-ons such as e.g. “Adblock Plus” (https://adblockplus.org/en/) in combination with the “EasyPrivacy” list (https://easylist.to/) (see above Point 5); however, please note that by doing so you may not have full use of all the functions on our website.

11. Content from third party providers / Google Fonts and Google Maps

We use services of third party providers on this website in order to embed their content such as e.g. fonts and maps (hereinafter “content”). The processing of your data takes place based on our legitimate interests (Art. 6 Paragraph 1 Clause 1 f GDPR) in the economic operation, the optimization (in particular the user friendliness) and the usage analysis of our website.
The third party providers of this content always receive information on your IP address since they could not transfer the content to your end device without the IP address. The IP address is required to display the content. It may also be that the third party providers store cookies on your end device.

We use the following content from third party providers:

  • We integrate so-called Google Fonts from the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA on our website. You can find further information on data usage by Google, settings and objection options on the Google websites from the following link: https://policies.google.com/privacy?hl=en.
  • We use the service “Google Maps” from the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA to display maps. Processed data may include in particular IP addresses and location data, which are, however, not collected without your consent (generally by corresponding device settings).

You can prevent the storage and use of cookies for the listed services by setting your browser or browser add-ons accordingly (see above Point 5).

You can find further information on data usage by Google and on settings and objection options on the Google websites from the link listed under a).

12. Recipients of personal data

Your personal data are provided by us only to external recipients insofar as this is required to handle or process your matter, we have your consent for this or there is another legal permission available.

External recipients may be in particular:

  • Order processors: These are service providers who we use to render services, for example in the areas of technical infrastructure and maintenance of our website. Such order processors are carefully selected by us and regularly checked to ensure that your privacy stays protected. These service providers may use the data exclusively for the purposes predefined by us and according to our instructions. We are authorized to use such order processors to safeguard the legal requirements of Art. 28 GDPR.
  • Public bodies: These are authorities, state institutions and other public corporations or supervisory authorities, courts, public prosecutors or finance authorities. Personal data are transmitted to such public bodies only for the legally required reasons. The legal basis of such a transmission is Art. 6 Paragraph 1 Clause 1 c GDPR.
  • Non-public bodies: Service providers and assisting individuals to whom data are transmitted based on a legal obligation or to safeguard legitimate interests, are for example tax advisers or auditors. The transmission then takes place based on Art. 6 Paragraph 1 Clause 1 c and/or f GDPR.

13. Data processing in third party countries

Insofar as we transmit your data to third party countries outside of the EU or the EEA in accordance with the above statements, we ensure prior to the disclosure that there is either a suitable level of data protection or you consent to the data transmission irrespective of legally permissible exceptional cases for the recipient. A suitable level of data protection is for example ensured by a EU-US Privacy Shield certification of the recipient, the conclusion of EU Standard Contractual Clauses or the existence of so-called Binding Corporate Rules (BCR).

14. Storage duration

We store your personal data only for as long as it is required to fulfill the purposes or, in the case of consent, provided the consent is not revoked. In the case of an objection, we will no longer process your personal data, unless its further processing is permitted according to the relevant legal provisions or even obligatorily prescribed (e.g. in the context of retention duties under commercial and tax law). We will also delete your personal data when we are required to do so for legal reasons. Otherwise, you can find the details on the storage duration of your personal data from the respective statements in the previously listed points.

15. Your rights

As a data subject of data processing, you have numerous rights. They are in detail:

Right of access (Art. 15 GDPR): You have the right to obtain access concerning the data stored by us about your person.

Right to rectification and erasure (Art. 16 and Art. 17 GDPR): You can request us to rectify inaccurate data and, insofar as the legal requirements are met, to delete your data.

Right to restriction of processing (Art. 18 GDPR): You can request us, insofar as the legal requirements are met, to limit the processing of your data.

Right to data portability (Art. 20 GDPR): If you have provided data to us based on a contract or consent, you can request in the presence of the legal requirements that you obtain the data provided by you in a structured and commonly used format or that we transmit this data to another controller.

Right to lodge a complaint with a supervisory authority (Art. 77 GDPR): You can also lodge a complaint with the responsible supervisory authority when you believe that the processing of your data breaches applicable law. You can also optionally contact the data protection authority who is responsible for your habitual residence, your workplace or the location of the alleged infringement or the data protection authority responsible for us. The supervisory authority for data protection responsible for us is the State Officer for Data Protection in Baden-Württemberg (LfDI), contactable at Königstraße 10a, 70173 Stuttgart, Tel: 0711 615541-0, Fax: 0711 615541-15, Email: poststelle@lfdi.bwl.de, Internet: www.baden-wuerttemberg.datenschutz.de.

For queries on the topic of processing of your personal data, your rights as a data subject and any granted consent, please do not hesitate to contact us using the methods of communication mentioned under Point 13. Please also use the below contact details directly to exercise your rights as a data subject.

16. Contact in the case of queries on data protection

In the case of queries on data protection and to exercise your rights as a data subject, please contact us as follows:

trenzyme GmbH
Byk-Gulden-Str. 2
78467 Konstanz
P: +49 (0) 75 31 / 1 22 90-0
F: +49 (0) 75 31 / 1 22 90-11
www.trenzyme.com
E-Mail: privacy@trenzyme.com

17. Security

We take technical and organizational security measures to protect your personal data from accidental or intentional manipulation, loss, destruction or from access by unauthorized persons. These security measures are adapted accordingly to the state of the art.
Your personal data transferred in the context of the use of our website are transferred to us securely through encryption. We use the encryption protocol Transport Layer Security (TLS), widely-known under the former name Secure Socket Layer (SSL). Our officers are obligated to data secrecy.

18. Changes

From time to time, it may be necessary to adapt the content of the present data privacy statement. We therefore reserve the right to change it at any time. Insofar as your consent is required for a change, we will obtain this from you. We will also publish the amended version of the data privacy statement at this point. When you revisit our website, you should therefore reread the data privacy statement.

Issued: December 2023