Privacy

Nosh.bio GmbH
Johann-Hittorf-Straße 8
12489 Berlin
privacy@nosh.bio

All rights reserved
©2024, noshbio.
We, Nosh.bio GmbH, operate www.nosh.bio and collect certain data from you, whereas necessary. In the following privacy policy, you will be informed what we do with your data, so-called personal data, and why we do this. We will also inform you how we protect your data, when this data is deleted and what rights you have within data protection.

Who can I contact?
Responsible for this website is:

Nosh.bio GmbH
Johann-Hittorf-Straße 8
12489 Berlin
privacy@nosh.bio

Via the contact data you can reach our Data Protection Officer or another data protection relevant contact. Don't hesitate to contact us if you have specific questions about your personal data, deletion of your personal data or similar things.

If you wish to contact our data protection officers directly regarding a confidential matter, please use the following email address: dsb@freshcompliance.de

What are my rights?
You can contact us at any time if you have any questions about your rights regarding data protection or if you wish to exercise any of the following rights:

Right to withdraw your consent in accordance with Art. 7 para. 3 GDPR (e.g. you can contact us if you wish to cancel a previously given consent to a newsletter)

Right to access your data in accordance with Art. 15 GDPR (e.g. you can contact us if you would like to know what data we have stored about you)

Right to correct your data in accordance with Art. 16 GDPR (e.g. you can contact us if your e-mail address has changed and we should replace your old e-mail address)

Right to have your data deleted in accordance with Art. 17 GDPR (e.g. you can contact us if you want us to delete certain data that we have stored about you)

Right to limit data collection in accordance with Art. 18 GDPR (e.g. you can contact us if you do not want us to delete your e-mail address, but only to send absolutely necessary e-mails)

Right to data portability in accordance with Art. 20 GDPR (e.g. you can contact us to receive your data in a zipped format, if you want to upload it to another website)

Right to object how your data is handled in accordance with Art. 21 GDPR (e.g. you can contact us if you do not agree with advertising or user analytics procedures as described within this privacy policy)

Right to send complaints to the supervisory authority in accordance with Art. 77 para. 1 f GDPR (e.g. you can contact the data protection supervisory authority directly: https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm)

Deletion of data and storage periods
Unless otherwise stated, we will delete or anonymize your data as soon as it is no longer needed, e.g. your e-mail address after you have unsubscribed from a newsletter. Your data will also be deleted or blocked automatically if the mandatory storage period expires. Such data may be needed for longer periods of time for legal reasons. You can request information about all personal data we have stored about you. Data protection inquiries and other legal matters may also be stored for a longer period of time within the scope of the legally relevant retention and statute of limitations periods.

Visiting our websiteIf you merely wish to browse our website, we do not collect any personal data, with the exception of the data that your browser sends to us, e.g.:

IP address (e.g. 82.93.116.example or 2a02:7122:99222:1112:bdb2:723f:example)


Approximate location based on IP range (e.g. "Berlin city")Internet provider (e.g. "Telecom" or „AT&T")

Internet connection speed (e.g. 120 Mbit)

Date and time of visit (e.g. 11:55 on 25.05.2023)

Last visited website (e.g. google.com)

Browser and version (e.g. Chrome or Safari)Operating system (e.g. Mac OS)

Hardware (e.g. Intel processor)

As a protective measure in favour of your privacy, we delete or anonymise the IP address after your visit to our website. This means that the other technical data can no longer be traced back to you and are only used for anonymous, statistical purposes to optimise our website. The purpose of the temporary storage of the data is, on the one hand, the technical necessity for establishing the connection and, on the other hand, the correct, error-free presentation of our website. The IP address and the technical data already mentioned are necessary to display the website, to prevent display problems for visitors and to correct error messages. The legal basis is the so-called legitimate interest, which has been examined in the context of the aforementioned protective measures as well as in accordance with the European data protection requirements from Art. 6 para. 1 lit. f GDPR.

Contact
You can contact us through the contact form or by other means. You can decide to submit the following data:

First- / Last name
Telephone
E-mail address
Message or request

As a protective measure, contact is established - just like the visit to the rest of the website - via an encrypted connection. You may also choose other means of getting into contact with us.

After the successful contact and completed contact request, your data will be deleted. The sole purpose of the requested data is to contact you or communicate with you, which is why the data is only used for this purpose. The legal basis is the so-called legitimate interest, which has been examined in order to pursue the purpose and within the framework of the aforementioned protective measures as well as in accordance with the European data protection requirements from Art. 6 para. 1 lit. f GDPR.
Job applications
Insofar as you apply to us online or otherwise respond to one of our job ads, we collect and process the personal applicant data for the purpose of handling the application process. The processing is primarily carried out electronically. This is particularly the case if corresponding application documents are submitted electronically to us, for example by e-mail or via a web form located on the website. If we conclude an employment contract, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If we do not conclude an employment contract, the application documents will be deleted six months after notification of the rejection decision - this retention period is justified by a potential obligation to provide evidence in proceedings under the General Equal Treatment Act (AGG). If consent was given, applications may also be retained for longer than six months.As part of the job application process we also use a recruiting and applicant management software, which is provided by the service provider PLEASE ENTER SERVICE PROVIDER. This software helps us to place job advertisements and manage applications centrally. For this purpose, we have concluded a data processing agreement to ensure that the personal data of our applicants is only processed in accordance with our instructions. Further information can be found in the service provider's privacy policy: PLEASE ENTER URL TO PRIVACY POLICYThe legal basis is the establishment and performance of the employment relationship on the basis of an employment contract in accordance with Art. 6 para. 1 lit. b GDPR, Art. 88 GDPR with § 26 BDSG (Federal Data Protection Act of Germany, where applicable).

Cookies
Our website partially uses so-called cookies. Cookies are small text files that are usually stored in a folder of your browser. Cookies contain information about the current or last visit to the website:

Name of the website
Expiration date of the cookie
Any value

If cookies do not contain an exact expiration date, they are stored only temporarily and are automatically deleted as soon as you close your browser or restart your device. Cookies with an expiration date will still be stored even when you close your browser or restart your device. Such cookies will not be deleted until the specified date or if you delete them manually.

We use the following three types of cookies on our website:required cookies (cookies that are required, e.g. to display the website correctly for you and to store certain settings temporarily)

functional and performance-related cookies (cookies that help us improve our website, e.g. to evaluate technical data of your visit and avoid error messages)

advertising and analytics cookies (cookies that provide analytics and personalized ads, e.g. advertising for shoes is displayed if you have previously searched for shoes)

You can configure, block and delete cookies in your browser settings. If you delete all cookies from our website, some functions of the website may not be displayed correctly. Helpful information and instructions for the most common browsers can be found here: https://www.allaboutcookies.org/manage-cookies/stop-cookies-installed.html

Data RecipientsIn accordance with the descriptions and purposes stated above, we share your information with the following recipients that are essential to providing our services and communicating with you:

Webflow, operated by Webflow, Inc. headquartered in 398 11th Street, 2nd Floor San Francisco, CA 94103, USA. Webflow is a web design and development platform that allows users to design, build, and launch responsive websites visually, without any coding knowledge. Depending on your location, data is processed either within the European Union or the USA. For more information, please refer to the privacy policy for Webflow at: https://webflow.com/legal/privacy

We only share data that is necessary for the performance of the mutual contract or if you have given us your consent, for example in the context of our newsletter or cookie banner. If no contract exists yet, we share the data in certain cases in the context of legitimate interests. This is the case, for example, if you only want to visit our website or contact us. When you visit our website, it is in the interest of both parties to provide access to the services and to communicate with each other.

We have also entered into data processing agreements with all external recipients to comply with European legal requirements. Depending on your location, some of the above service providers - if specified - will also transfer your data to the United States. The European Court of Justice has ruled that the United States does not have an equivalent level of data protection to the EU and authorities may be able to access data without due process. Additional safeguards are therefore required to ensure a sufficient level of data protection. To meet this requirement, we have concluded additional data processing agreements called Standard Contractual Clauses. We also check each service provider together with our data protection officer and ensure that additional security measures are available, such as strong encryption of data.

Date of the privacy policy: 17.01.2024