Thank you for your interest in our website. The protection of your privacy when processing personal data as well as the security of all business data is an important concern to which we pay special attention in our business processes. Here we inform you in detail about how we handle your data.
§ 1 Information about the collection of personal data
(1) In the following we inform you about the collection of personal data when using our website. Personal data are all data that can be related to you personally, e.g. name, postal address, e-mail address, user behaviour.
(2) The data controller in accordance with EU General Data Protection Regulation (GDPR) Art. 4 (7) is
BioSpring Gesellschaft für Biotechnologie mbH
60386 Frankfurt am Main
Phone: +49 69 6605500 0
You can reach our data protection officer at
(3) If we use service providers for individual functions of our offer, use your data for advertising or other purposes or wish to pass them on to third parties, we will inform you about this in detail below.
§ 2 Your rights
(1) In the following, we will inform you about your rights as a data subject in accordance with GDPR Art. 15. You can exercise these rights at any time and therefore contact us directly. If you demand these rights from us, we will examine them in detail, taking into account the legal requirements and conditions associated with them. For this purpose, we may ask you for further information. We will explain the results of our examination and our procedure for fulfilling your request in detail. It is possible that we will not be able to fully comply with your wishes in the way you have requested. This should not prevent you from asserting your rights against us or from asking us about them. We will gladly answer all your questions.
(2) Right of access
You have the right to request information from us at any time as to whether and which personal data relating to you are being processed by us. This also includes information on the purposes of processing, if applicable on recipients to whom we have disclosed data about you, the planned storage period and, if applicable, information on the origin of this data, unless we have collected it directly from you. Furthermore, you have the right to receive a one-time copy of your personal data stored with us free of charge. We reserve the right to charge a reasonable administration fee for making subsequent copies.
(3) Right to rectification
You have the right to demand that we correct incorrect data that we have stored about you. This also includes the right to have incomplete personal data completed.
(4) Right to erasure
You have the right to demand that we delete any data we have stored about you. If we have published data about you, this also includes our obligation, within the framework of the "right to be forgotten" in accordance with GDPR Art. 17 (2), to forward your request for deletion, taking into account available technology and implementation costs, all links to this data as well as copies or replications of this data concerning other persons responsible for processing this published personal data.
(5) Right to restriction of processing
You have the right to demand that we restrict the processing of data that we have stored about you. After that, processing of this data is only possible with your consent or for a few legally defined purposes.
(6) Right to object of processing
Insofar as we base the processing of your personal data on the weighing of interests, you can object to the processing. This is the case if the processing is in particular not necessary for the fulfilment of a contract with you, which is described by us in the following description of the functions. In the event of such an objection, we request that you explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will examine the facts of the case and will either stop or adapt the data processing or show you our compelling reasons worthy of protection on the basis of which we will continue the processing.
(7) Right of withdraw a consent
If you have given your consent to process your data, you can withdraw it at any time. Such a withdrawal influences the permissibility of processing your personal data after you have given it to us.
(8) Right to data portability
You have the right to receive from us personal data relating to you which you have provided to us in a structured, common and machine-readable format for the purpose of transfer to another responsible party. At your request and taking into account the available technical possibilities, this also includes the direct transfer from us to the other responsible party.
(9) Right to lodge a complaint with a supervisory authority
You have the right to complain at any time to a data protection authority about our processing of your data.
§ 3 Collection of personal data when visiting our website
(1) When using the website for informational purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser sends to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website and to ensure its stability and security (the legal basis for this is GDPR Art. 6 (1) (f))
- IP address
- Host name
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (page)
- Access status/HTTP status code
- Amount of data transferred in each case
- Website from which the request comes (referrer)
- The specific pages of our website that you call up
- Browser: Type, version and set language
- Operating system: type and version
- Screen resolution
- Colour depth
- Size of the browser window
- Installed Browser Plugins
Cookies are small text files that are stored on your device assigned to the browser you are using. Furthermore, websites can store so-called HTML5 storage objects on your device. In both cases, information is stored and read out again. This can be done for very different purposes, but no software applications can be executed or malware can be transmitted.
a) We have deliberately decided against the use of tracking techniques on our website that require consent and the placing of elements on your device that require consent. For this reason, you can visit our website completely undisturbed without first having to click away a so-called "cookie banner" or to give your consent or refusal to certain trackers and cookies. Nevertheless - or precisely because of this - you can be sure that we take your privacy seriously when you visit our website and that we respect data protection.
To the extent technically necessary, we also place a few elements on your device. Although this does not affect your data protection and does not require your consent, we are nevertheless obliged to inform you about this, which we do in the following table.
|Name||Type||Purpose / source||Lifetime|
|[unique alphanumeric string]||Cookie
|Used for the technical management of the website during the current session.. Set by biospring.de.||End of session|
|T3D, tADe, tADu, tAE, tC, tMQ, tnsApp, tPL, tTDe, tTDu, tTE, tTf||HTML5 storage objects Technically required||Used for the correct display and presentation of contents in connection with controls for scrolling through partial contents of web pages.Set by biospring.de.;||Unlimited|
b) You can configure your browser settings according to your preferences and, for example, refuse to accept third-party cookies or all cookies. We generally recommend that you delete cookies, browser history and other temporary web storage objects automatically or manually on a regular basis to increase the protection of your privacy.
§ 4 Further functions and offers of our website
(1) In addition to the purely informative use of our website, we offer various services which you can use if you are interested. For this purpose, you will generally have to provide additional personal data which we use to provide the respective service and to which the aforementioned data processing principles apply. Mandatory fields are marked with an asterisk. Information in fields not marked in this way is voluntary.
(2) When you contact us by e-mail or by contact form, we will store your e-mail address and other data provided by you in order to respond to your inquiry. If there is a business relationship between you and us or if it comes about as a result of your inquiry, we will store this data for the duration of our business relationship. Otherwise we will delete this data after the storage is no longer necessary for the complete processing of your inquiry. If legal storage obligations prevent deletion, we will limit the processing of the data for the duration of the storage and delete it afterwards. When contacting us via a contact form, please note the mandatory field markings as described under para. 1 in order to avoid transmitting personal data that you do not require. By sending the contact form or your e-mail, you declare your agreement that we may process the data you have transmitted in the above-mentioned manner (legal basis: GDPR Art. 6 (1) (a)).
(3) In some cases we use external service providers to process your data. These have been carefully selected and commissioned by us, are bound by our instructions and are checked regularly.
(4) Insofar as our service providers or partners are based in a state outside the European Economic Area (EEA), we will inform you of the consequences of this circumstance in the description of the respective service.
Special forms of use
1. Use of our application portal
(1) On our website you have the opportunity to apply online for jobs or training positions offered by us as well as on your own initiative. As part of the online application, you provide us with personal data. We are particularly concerned to handle your personal data with confidence during the application process. Therefore, it is a matter of course for us to treat all personal data that you entrust to us with strict confidentiality and responsibility in compliance with the applicable statutory data protection provisions. We use technical and organisational security measures to protect your personal data from accidental or intentional manipulation, loss, destruction or access by unauthorised persons. When personal data is collected and processed, it is transmitted in TLS-encrypted form to prevent misuse of the data by third parties.
(2) Within the scope of the application portal, we use the services of Microsoft. We have carefully selected this service provider and concluded a data processing agreement. In addition, this service provider is obliged to comply with the data protection rules and our instructions. The data you enter here and the attached documents as well as all processing steps associated with your application are stored securely on a server of this service provider within the EU. Only authorised persons have access to the data stored by the service provider. Further information on data protection at Microsoft can be found at https://www.microsoft.com/de-de/trust-center/privacy .
(3) If you wish to apply online for a job offer or a training position, this requires the entry of certain personal data marked as mandatory fields in the respective online application form, such as name and e-mail address. To make it easier for us to contact you, you can also voluntarily enter additional contact data. To enable us to better meet your application requirements, you also have the option of voluntarily sending us further data and files, e.g. a personal message, details of your professional qualifications and experience, and files containing your application documents, such as your personal covering letter, your CV, your application photo, your certificates, etc. Please note that in particular CVs, certificates or other files submitted by you for application purposes may also contain particularly sensitive data, such as information on ethnic origin, political opinions, religious or philosophical beliefs, trade union or political party memberships, physical or mental health or sex life - so-called special category personal data pursuant to Article 9 (1) GDPR. We therefore recommend that, if possible, you do not provide any information regarding such sensitive data.
(4) It cannot be ruled out, and in individual cases it may be necessary, that you provide us with special category data as listed under para. 3 as part of your application. We are prohibited by law from processing such data without your consent. Therefore, your data entered in the online application form and uploaded files will only be transmitted to us if you have declared by clicking the corresponding checkbox that you consent to the processing of this sensitive special category data in accordance with this data protection notice. Without this consent, the use of our application portal is unfortunately not possible.
(5) For further information on data protection in connection with your application, please refer to the specific data protection information for applicants, which you can also find on our website.
Social media and other third party services
1. Social media
(1) We currently do not use any plug-ins from social media providers on our website, but have only set links to our presence on the following social media providers: LinkedIn. The mere existence of these links does not result in the transmission of personal data to the respective provider. Only if you click on the link, which you can recognise by the respective social media icon, and thereby call up our page hosted by the respective provider, does the provider become aware of this.
(2) Addresses of the relevant social media providers and URL with their data protection notices:
a) LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; https://www.linkedin.com/legal/privacy-policy