EN

Cyber Valley Privacy Notice in accordance with the GDPR 

 

Cyber Valley GmbH takes the protection of your personal data very seriously. We process personal data collected when you visit our websites, as well as other personal data, in compliance with the applicable data protection regulations.    

This privacy notice provides you with information about how we process your personal data.  

 

1. Name of the responsible body   

Cyber Valley GmbH   

Heisenbergstraße 3        

70569 Stuttgart   

0711 – 689 1844   

Contact@cyber-valley.de 

 

2. Data protection coordinator  

The data protection coordinator of the responsible body is:  

Priyanka Pattanaik  

Cyber Valley GmbH   

Heisenbergstraße 3        

70569 Stuttgart   

pdp@cyber-valley.de  

 

3. Scope, legal basis, and purpose of personal data processing 

3A: General information 

Cyber Valley GmbH promotes research, development, application, and acceptance of methods and technologies in the field of intelligent systems. Cyber Valley GmbH collects and processes data in order tofulfill these tasks.   

For our website, we collect and use personal user data only to the extent necessary to provide a functional website and our content and services. The collection and use of our users' personal data is regularly based on the users' consent. An exception applies in cases where the processing of data is permitted by law.  

In addition, we collect participant data from events and programs offered by Cyber Valley GmbH, personal data for recruiting purposes, and data from members of committees. 

Data collection and processing is based on Section 4 LDSG in conjunction with Art. 6 (1) (e) GDPR.   

 

3B: Provision of the website and creation of log files 

Each time our website is accessed, our servers and applications automatically collect data and information from the computer system of the accessing computer. 

The following data is collected temporarily: 

  • Your IP address 

  • Date and time of your access to the site 

  • Address of the accessed page 

  • Address of the previously visited website (referrer) 

  • Name and version of your browser/operating system (if transmitted) 

The data is stored in the log files of our systems. This data is not stored together with other personal data of the user. 

The legal basis for the temporary storage of data and log files is Art. 6 (1) lit. f GDPR. The data is stored in log files to ensure the functionality of the website. In addition, the data helps us to optimize the website, troubleshoot problems, and ensure the security of our information technology systems. These purposes also constitute our legitimate interest in data processing pursuant to Art. 6 (1) lit. f GDPR.  

The data will be deleted as soon as it is no longer required for the purpose for which it was collected. In the case of data collection for the provision of the website, this is the case when the respective session has ended. In the case of data storage in log files, this is the case after seven days at the latest. Storage beyond this is possible. In this case, the IP addresses of the users are deleted or alienated so that an assignment of the calling client is no longer possible.  

The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility for the user to object. 

 

3C: Web analytics 

 We use the Matomo web analytics program to collect statistical data on usage behavior. This program uses cookies and JavaScript to collect various information on your computer and automatically transmitsit to us. Each time you visit our website, our system collects the following data and information from the computer system of the visiting computer: 

  • IP address, anonymized by truncation 

  • Two cookies to distinguish between different visitors 

  • Previously visited URL (referrer), if transmitted by the browser 

  • Name and version of the operating system 

  • Name, version, and language setting of the browser  

  

Additionally, if JavaScript is enabled: 

  • URLs visited on this website 

  • Times of page views 

  • Type of HTML requests 

  • Screen resolution and color depth 

  • Technologies and formats supported by the browser (e.g., cookies, Java, Flash, PDF, WindowsMedia, QuickTime, Realplayer, Director, SilverLight, Google Gears) 

The legal basis for processing users' personal data is Art. 6 (1) (f) GDPR. Processing users' personal data enables us to analyze our users' usage behavior. By evaluating the data obtained, we are able to compile information about the use of the individual components of our websites. This helps us to continuously improve our websites and their user-friendliness. These purposes also constitute our legitimate interest in processing the data in accordance with Art. 6 (1) lit. f GDPR. By anonymizing the IP address, user behavior can no longer be attributed to a specific person.  

The data is deleted after the final annual totals for the access statistics have been compiled. 

1. Deactivation of data collection (opt-out) 

Of course, you have the option to object to data collection. You have the following independent options for objecting to data collection: 

  • Activate the Do Not Track setting in your browser. As long as this setting is active, our central server will not store any data about you. Important: The Do Not Track instruction usually only applies to the device and browser in which you activate the setting. If you use multiple devices/browsers, you must activate Do Not Track separately on each one.  

  • Use the opt-out function.  

Important: For the opt-out, we need to store a special recognition cookie in your browser. If you delete this cookie or use a different PC/browser, you will need to opt out of data collection again on this page. 

 

3D: Use of cookies 

Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user's computer system. When a user accesses a website, a cookie may be stored on the user's operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is accessed again.  

We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can be identified even after a page change. The following data is stored and transmitted in the cookies:  

  • Language settings (localization) of the browser: Session cookie i18next  

  • Session data (click path, pages accessed, current language, and any error messages for forms): Session cookie mpg_session_r  

  • Form security (secures communication via web forms): Session cookie csrf_token  

The legal basis for the processing of personal data using cookies is Art. 6 (1) lit. f GDPR and § 25 (2) No. 2 TTDSG. Some functions of our website cannot be offered without the use of cookies. For these, it is essential that the browser is recognized even after a page change.  

We need cookies for the following applications: 

  • Function of the language switch 

  • Automatic adoption of the browser's language setting 

  • Remembering form data entered: terms used in the internal page search, entries in the contact form (section F)  

The user data collected by technically necessary cookies is not used to create user profiles. These purposes also constitute our legitimate interest in processing personal data in accordance with Art. 6 (1) lit. fGDPR. 

Cookies are stored on the user's computer and transmitted to our site by the user. Therefore, as a user, you have full control over the use of cookies. By changing the settings in your Internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all of the website's functions to their full extent.  

We also use cookies on our website that enable us to analyze user behavior. For more information, please read our information under C.  

We also use cookies to analyze user behavior in the context of newsletter subscriptions. These are only set after active consent has been given. For more information, please read our information under E. 

 

3E: Newsletter 

You can subscribe to free newsletters on our website. When you register for the newsletters, the data from the input mask is transmitted to us. This usually includes your email address, surname, and first name. We will inform you about the specific processing of the data during the registration process and obtain your consent. Reference is also made to this privacy policy.  

The data will be used exclusively for sending the newsletter. 

We use tracking to tailor content to the interests of users and to measure our information activities. When registering and editing their profile, each user can decide for themselves whether to allow tracking.  

The following data is collected as part of tracking: 

  • Date and time 

  • Browser referrer 

  • User agent (the browser used) 

  • Optional context-dependent information 

Cookies with a reference to the user are also set (cookie name: ewafut). 

The legal basis for processing data after the user has subscribed to the newsletter is the user's consent (Art. 6 (1) (a) GDPR). The data is collected for the purpose of delivering the newsletter. The data will be deleted as soon as it is no longer necessary for the purpose for which it was collected. The user's email address will therefore be stored for as long as the newsletter subscription is active. The user concerned can cancel the newsletter subscription at any time. 

 

3F: Data transfer 

Your personal data is managed and stored by selected services 

  • Newsletter (section 3E) 

  • Online registration for events via MS Forms (section 3G) 

  as part of order data processing on the systems of selected providers of content management and communication software.  

Your personal data will only be transferred to government institutions and authorities in cases required by law or for criminal prosecution due to attacks on our network infrastructure. Your data will not be passed on to third parties for any other purposes. 

3G: External user privacy information 

YouTube Terms of Service 

https://cyber-valley.de embeds YouTube videos on some pages. YouTube's Terms of Service can be accessed at the following link: https://www.youtube.com/static?template=terms.   

Microsoft Forms 

https://cyber-valley.de refers to registration forms in Microsoft Forms on some event pages. The terms of use can be accessed at the following link: https://www.microsoft.com/en-us/servicesagreement

 

4. What personal data is processed? 

For website-specific data, we provide details in sections 3b-3g. 

  In addition, Cyber Valley GmbH processes the following personal data of event participants:   

  • Personal and professional contact details such as first and last name,   

  • business address and institutional affiliation,   

  • email address and, in some cases, telephone numbers.  

  • In some cases, photos and videos of events, subject to prior consent.  

  

In recruiting, all personal data provided by applicants in their resumes is processed:  

  • Email address 

  • Phone number 

  • LinkedIn profile 

  • Channel through which they found us 

Documents such as resumes, cover letters, and job references. These may contain additional information such as date and place of birth. Applicants consent to the use of their data at the beginning of the application process.   

 

5. How do we process data?   

Participant data is processed in lists on registration forms; recruitment information is processed exclusively in Personio. 

 

6. Is personal data passed on?   

All personal data processed within the scope of legal obligations is only passed on if the transfer is legally permissible. In particular, participant lists will only be made available with the prior consent of all participants. 

  

7. How long is personal data processed?   

The personal data of the data subject will be deleted or blocked as soon as the purpose of storage no longer applies. Storage may also take place if this has been provided for by European or national legislators in EU regulations, laws, or other provisions.   

The data of participants in an event or program will be attached to the invoices for the events and programs and stored in accordance with the legal obligation to retain documents until they may be destroyed. Applicant data will be deleted at the end of the process, unless they actively wish to join the Cyber Valley Talent Pool.   

 

8. What rights do users have?   

You have various rights under the GDPR. More detailed information can be found in Articles 15 to 18 and 21 of the GDPR. In some cases, the right cannot or may not be exercised. If this is not permitted by law, we will inform you of the reason for the refusal.   

 

 8A: Right of access (Article 15 GDPR)  

You have the right to access the personal data processed by the Ministry of Finance. 

 

8B: Right to rectification (Article 16 GDPR)  

You have the right to rectification if the personal data of the data subject is no longer accurate. In the case of incomplete data, completion may be requested, taking into account the purposes of the processing.   

 

8C: Right to erasure (Art. 17 (1) GDPR)  

The data subject may request the erasure of their personal data. However, this right depends, among other things, on whether the data is still required for the fulfillment of the tasks. 

 

8D: Right to restriction of processing (Art. 18 GDPR) 

The data subject has the right to request the restriction of processing. The restriction does not preclude processing if there is an important public interest in the processing.   

 

8E: Right to object (Art. 21 GDPR)  

Insofar as the personal data of the data subjects is processed on the basis of Art. 6 (1) (e) GDPR, the data subject has the right to object to the processing of data concerning him or her at any time for reasons arising from his or her particular situation, unless there is an overriding public interest or a legal provision that prevents this.  

The objection must be addressed to the responsible body (see section 1). 

 

8F: Right to lodge a complaint with the supervisory authority (Art. 77 GDPR)   

Without prejudice to any other legal remedies, any data subject may lodge a complaint with the State Commissioner for Data Protection and Freedom of Information if they believe that the body providing the information has not fulfilled its obligations or has not fulfilled them in full. 

State Commissioner for Data Protection and Freedom of Information Baden-Württemberg (LfDI BW)  

Königstraße 10 a  

70173 Stuttgart   

Phone: 0711/61 55 41 – 0  

Fax: 0711/61 55 41 – 15   

https://www.baden-wuerttemberg.datenschutz.de/  

 

You also have the right to: 

Data portability (Art. 20 GDPR) 

Withdrawal of consent (Art. 7 (3) GDPR)