Privacy Policy

We hereby inform you about the processing of your personal data (“Data”) when you visit our website (A.), when you contact us (B.) or our social media profiles (C.) Under (E.) we inform you about your rights, which you are entitled to in all aforementioned cases of data processing by us.

We are responsible for data processing:

Libralex
Herengracht 481
1017 BT Amsterdam

You can reach us at:

Herengracht 481
1017 BT Amsterdam
phone: +31 (0) 20 620 22 88
e-mail: [email protected]

A. Use of our Website

In this section we inform you about the processing of your data when you visit our website.

I. Scope of Data Processing
When you call up our website, the following data is transferred to our web server and stored in a log file:

  • IP address
  • date and time of the respective access to a page of the website
  • amount of data transferred to your device
  • files accessed via the homepage
  • URL of the page/homepage from which you reached our website
  • the browser you use (type and version)

II. Purposes of Data Processing
The processing of this data is necessary to display the contents of the website on your device in the best possible way. We also process this data to investigate and track attacks on our IT.

III. Legal Basis of Data Processing
This data is processed in accordance with Art. 6 Para. 1 letter f GDPR due to our legitimate interest in being able to show you the website and track attacks on our IT.

IV. Recipient of the Data
We use an external IT service provider, Velocity Design Ltd., Kintail House, Beechwood Business Park, IVTwo, Inverness IV2 3BW, United Kingdom to provide the website. This service provider processes your data exclusively in accordance with our instructions and on the basis of a contract for order processing in accordance with Art. 28 GDPR.

V. Storage Duration
The log data is stored for a period of seven days and then deleted, unless it is exceptionally necessary to keep it longer to follow up an identified attack.

B. Contact Form

You can contact us via a contact form or via e-mail. In doing so, we collect the following data:

  • Name
  • E-mail address
  • Phone number
  • Message

II. Purpose of Data Processing
We process your data for the purpose of being able to answer your inquiry to us in the best possible way.

III. Legal basis of Data Processing
We process your data on the basis of Art. 6 para. 1 letter f GDPR. Our legitimate interest lies in responding to your inquiry directed to us.

IV. Recipient of the Data
The data will only be processed by the contact persons internally responsible for the contact requests.

V. Storage Duration
The storage duration depends on the content of your contact request. In principle, the data is deleted as soon as it is no longer required to achieve the purpose for which it was collected and any statutory retention obligations have expired.

C. Social Media Profiles

No cookies from social media platform operators are integrated on our website (e. g. via plug-ins). However, we operate various social media profiles of our own in order to constantly improve our external appearance and to provide information on the respective social media platforms.

Below you will find information about the data processing by us on the individual social media platforms.

I. Scope of Data Processing
You can interact with our profile on LinkedIn by following us, leaving comments on posts, marking posts we have posted with “I like”, or sharing updates from us. In this case, we will receive a notification from LinkedIn that you have visited or interacted with our account. We can then see your profile name, your interaction and – if available – your profile picture. If you contact us through LinkedIn via direct messaging, we can see your user profile and message.

LinkedIn also provides us with information about visitors, followers, and updates to our LinkedIn site (“Page Insights”). This information is displayed on our administrator page. Both we and LinkedIn Ireland Unlimited Company (Wilton Place, Dublin 2, Ireland, “LinkedIn”) are jointly responsible for the processing of your data in connection with this function on our LinkedIn site. In particular, LinkedIn is responsible for fulfilling your privacy rights in connection with Page Insights. However, you may still contact us to assert your rights.

II. Purpose of Data Processing
We process the data in order to be able to interact with you on your initiative and to read and respond to your request or notification. We do not use the analysis function, but we cannot deactivate it, because LinkedIn does not provide this possibility.

III. Legal Basis
We process your data on the basis of our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR. Our legitimate interest consists in the interaction with you as described above.

IV. Recipient of the Data
Your data will be viewed by our employees who manage our LinkedIn account. In addition, LinkedIn processes your data in accordance with its own privacy policy. Provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland

Privacy Policy: https://www.linkedin.com/legal/privacy-policy

Opt-out on advertising: www.linkedin.com/psettings/guest-controls/retargeting-opt-out

V. Storage Duration
We cannot delete your messages or other data because we do not have the authorization to do so. We do not actively use direct messages on LinkedIn to communicate with you – we prefer encrypted communication via e-mail. If you send us direct messages, we will delete them at the latest one year after receipt of your message.

D. Transfer of Personal Data to Third Countries

We may need to transfer your personal data to countries outside the European Union or European Economic Area (known as “third countries”). This might happen, for example, if we use a service provider based in such a country. We take your privacy seriously, so we only do this when: (i)the European Commission has decided that the country has adequate data protection laws (called an “adequacy decision”), or (ii) we have put in place appropriate safeguards to protect your data. This usually means using special contracts approved by the European Commission (called “standard contractual clauses”). In all cases, we make sure that: we follow all the rules set out in the General Data Protection Regulation (GDPR) and meet the specific requirements for transferring data to countries outside the EU/EEA.

Our goal is always to ensure that your personal data is protected to the same high standards, no matter where it is processed.

E. Your rights as a Data Subject

As a data subject, you have the following rights:

I. Right of Access to Information
You have the right to obtain free information on request about whether data concerning you are being processed and, if so, what data we process about you (Art. 15 GDPR). You may re-apply within a reasonable period of time. You also have the right to receive a copy of your data that is the subject of our processing.

II. Right of Rectification
You may also request the correction of incorrect data concerning you in accordance with Art. 16 GDPR. You also have the right to request the completion of incomplete data concerning you, taking into account the purposes of the processing.

III. Right of Deletion
Under the conditions of Art. 17 GDPR, you can request the deletion of your data.

IV. Right to Limitation
You have the right to demand that we restrict processing if the requirements of Art. 18 GDPR are met. This is the case, for example, if the processing of your data is no longer necessary for our purposes, but you need it to assert, exercise or defend legal claims. If the processing of your data is restricted, these data – apart from being stored – may only be processed by us with your consent or in the special cases mentioned in Art. 18 para. 2 GDPR.

V. Right to Data Portability
Insofar as data provided by you is processed by us on the basis of Art. 6 para. 1 lit. b or lit. a GDPR (for contract initiation or fulfilment or on the basis of your consent) by means of automated procedures, you may, under the conditions of Art. 20 GDPR, request the surrender of this data in a structured, common and machine-readable format. In this case, you can also request that we transfer this data to another person responsible.

VI. Right of Withdrawal
If we process your data on the basis of your consent, you have the right to revoke your consent at any time with effect for the future (Art. 7 para. 3 GDPR).

VII. Right of Objection
If your data are processed by us on the basis of our predominant legitimate interest (Art. 6 Para. 1 letter f GDPR), you also have the right to object if your interests against data processing for reasons arising from your particular situation outweigh our interests in processing. In the event of an objection, we therefore ask you to inform us of your reasons for objecting to data processing.

VIII. Assertion of your Data Subject Rights
To assert your rights as a data subject, please contact us by e-mail or letter (contact details below).

IX. Right of Appeal to a Data Protection Supervisory Authority
If you suspect that your personal data are being processed unlawfully, you can lodge a complaint with a data protection supervisory authority, in particular in the member state where you are resident, your place of work or the place where the alleged infringement is taking place (Art. 77 GDPR).

F. Contact
If you have any questions about this privacy policy or about the processing of your personal data by us, you can contact us:

Libralex
Herengracht 481
1017 BT Amsterdam
phone: +31 (0) 20 620 22 88
e-mail: [email protected]