Website morphais.com, last update: May 2022
1. Contact person
The website www.morphais.com is provided by Morphais HSTL Technologies GmbH, Torstraße 164 c/o mc-quadrat oHG, 10115 Berlin (hereinafter referred to as “Morphais” or “we”). Morphais is also the controller within the meaning of the EU General Data Protection Regulation (DSGVO) for the collection, processing and use of personal data of website visitors (hereinafter referred to as “you”). Should you have any questions or suggestions regarding data protection, please do not hesitate to contact us. You are welcome to direct your data protection concerns to our data protection team by sending an email to email@example.com.
2. Data processing when you use our website
2.1 Visiting the site. In principle, it is possible to visit our website without providing personal data. Personal data is only collected if this is necessary for technical reasons to use our website or if you use certain functions or services offered on our website, e.g. the application form.
The following access data are automatically recorded every time our website is accessed:
It is necessary to process this data to make it possible to visit the website and to guarantee the long-term functionality, availability and security of our systems. The legal basis for this data processing is Art. 6(1) lit b DSGVO.
For the purposes described above, the access data specified is also temporarily stored in internal log files in order to generate statistical data on the use of our website, to further develop our website with regard to the usage habits of our visitors (e.g. if the proportion of mobile devices with which the pages are accessed increases) and for the general administrative maintenance of our website. The legal basis for this data processing is Art. 6(1) lit. f DSGVO, based on our legitimate interest in appropriately optimising our website.
The information stored in the log files does not allow any conclusions about your person and we only store IP addresses in the log files in shortened, anonymised form.
2.2. Applying to Morphais. You have the possibility to use our online application form to apply for funding.
On the basis of consent pursuant to Art. 6 (1) lit. b. and Art. 7 DSGVO, we offer applicants the opportunity to be included in our "applicant pool" for the statutory period of two years.
The application documents will be processed solely in the context of future projects and will be destroyed at the latest after the expiry of the above-mentioned period. Inclusion in the applicant pool is voluntary and dependent on the consent of the applicants. Consent can be revoked at any time and, of course, everyone also has the right to object.
Data protection information in the application process
Your applicant data will only be used for the purpose of and within the scope of the application procedure in accordance with the legal requirements. The data is processed to fulfill our (pre)contractual obligations within the scope of the application procedure in accordance with Art. 6 Para. 1 lit. b. DSGVO Art. 6 para. 1 lit. f. DSGVO insofar as data processing becomes necessary for us, e.g. within the scope of legal procedures.
Applicants provide us with their data as part of the application process. The necessary applicant data results from the application forms or from the advertisements. In order to receive and process your application, we collect the following applicant data: First and last name, e-mail address, telephone number, details of your company, personal details and application documents (e.g. pitch deck). You can also voluntarily provide us with additional information that we should consider in your application (e.g. your business plan).
Insofar as special categories of personal data within the meaning of Art. 9 (1) DSGVO are voluntarily provided within the scope of the application procedure, their processing is additionally carried out in accordance with Art. 9 (2) lit. b DSGVO . Insofar as special categories of personal data within the meaning of Art. 9 (1) DSGVO are requested from applicants as part of the application process, their processing is additionally carried out in accordance with Art. 9 (2) a DSGVO, namely if they are required for the position. If the data is transmitted online via a form, it is transmitted to us in an appropriately encrypted form. This is not guaranteed in the case of transmission by email. The applicant must initiate the corresponding encryption himself/herself if he/she wishes to avoid third parties being able to access this data. We therefore recommend sending it by online form.
The data provided by applicants can and will be further processed.
2.3 Morphais newsletter You have the opportunity to subscribe to our Morphais newsletter, which informs you regularly about news from Morphais and our ventures, insights, new investments, milestones and events.
When registering for the Morphais newsletter, we ask you to provide your email address so that we can send you the respective newsletter. In addition, you have the opportunity to tell us your name.
We use the so-called double opt-in procedure, which means that we will only send you information by email if you click on a link in our notification email to confirm that you are the owner of the email address provided. If you confirm your email address, we will store your email address, the time of registration and the IP address assigned to you when registering until you unsubscribe from the newsletter. The sole purpose of storing this information is to send you the newsletters and to be able to prove that you registered. You can unsubscribe from the newsletter at any time. A corresponding unsubscribe link can be found in every email. It is of course also sufficient if you notify us using the contact details provided above or in each email (e.g. by email or letter). The legal basis of the data processing in connection with registering for the Morphais newsletter is your consent pursuant to Art. 6(1) lit. a DSGVO.
We use the US provider “MailChimp” for sending and managing our newsletters. MailChimp is provided by The Rocket Science Group, LLC, 512 Means Street, Suite 404 Atlanta, GA 30318 (“MailChimp”). MailChimp offers a well-thought-out and technically convincing software solution and the provider is reliable as a security-conscious and responsible company. Since personal data is transferred to the USA in the course of processing by MailChimp, MailChimp has contractually assured us of compliance with the European Data Protection Principles. However, we inform you, that in the case of data processing outside of Europe, it may in individual cases be the case that the rights of EU citizens cannot or cannot fully be enforced, e.g. if US security authorities store and analyse data. We will transmit the data concerning your registration for the newsletter to MailChimp, which will store it for as long as you remain registered for the newsletter.
In our newsletters, we use market-standard technologies to allow us to measure interactions with the email (e.g. opening of the email, which links are clicked on). We use this data for general statistical evaluations as well as to optimize and further develop our content and customer communication. This is done with the help of small graphics (pixels) embedded in the emails. The data is collected in pseudonymous form only and not linked to your other personal data. The legal basis for this is our aforementioned legitimate interest pursuant to Art. 6(1) lit. f DSGVO. With our newsletters, our aim is to share content that is as relevant as possible for our users and to better understand what the readers are actually interested in. If you do not want your usage behaviour to be analysed in this way, you can unsubscribe from the newsletter at any time or disable the display of graphics in your email client by default. The data about how you interact with our newsletters is stored in pseudonymous form for 30 days before being completely anonymised.
3. Cookies and usage analysis
The primary purpose of our own cookies is rather to make using our service as time-saving and user-friendly as possible.
The legal basis for the described data processing is Art. 6 (1) lit. a DSGVO, based on your consent, which you have given via our cookie banner. If you have not given your consent to the use of the analysis cookies, your data will not be collected within the context of Google Analytics. The data collected with Google Analytics is stored for a period of 14 months and then completely deleted.
You can prevent the collection of data generated by the cookie and relating to your use of our website and the processing of this data by Google on all websites and revoke any consent you may have given by downloading and installing a browser add-on provided by Google (the add-on does not work in conjunction with mobile devices).
You also have the option of changing the settings in Google ad personalisation settings in general.
You can also disable the Google cookie at any time by going to our cookie settings linked above and changing the appropriate choice.
For further details, please see the ‘about Hotjar’ section of Hotjar’s support site.
4. Links to other websites and online content
Our website may contain links to websites and online content of other providers not affiliated with us. If you activate these links, we no longer have any influence on which data is collected by the respective providers and which data they record. For more detailed information on data collection and use, please refer to the privacy policies of the respective providers.
5. Features from social networks
Social plug-ins from various social networks are integrated into our website:
Social plug-ins can be recognised by the logos of the individual providers.
If you retrieve an article or a subpage on our website that contains these social plug-ins, a direct connection is established with the servers of the respective social networks, and from there the visible image of the plug-in and the functions behind it are transmitted directly to your browser, which then integrates them into the presentation of our site. If you are logged in to the respective social network at that moment with your username and password, the information that you are visiting our site will be transferred to the social network and the respective provider may assign this information to your user account. If you interact with the social plug-ins, for example by using the Instagram “like” or Twitter “Tweet This” function, the content of our pages will be linked to your Instagram or Twitter profile.
If you are not a member of the respective social networks or have logged out of the providers’ websites before visiting our website, it is still possible that at least your IP address will be transmitted and stored there.
We would like to point out that the content and scope of data collected directly by and transmitted to the social networks via the social plug-ins, but also the storage period of up to 250 days and the purposes for which the data is used, are determined exclusively by the respective providers. However, we receive statistics from the providers about the use of and visits to our company profiles on the social networks (e.g. information about the number of hits, interactions such as likes and comments, and summarised demographic and other information or statistics). We do not provide the respective social networks with any information about our customers, but only with certain general parameters about our company and the services offered in our company profile. The social networks use this information to compile more detailed statistics. In addition, the providers may use the data for their own purposes, over which we have no further influence. For further information, please refer to the providers’ privacy notices, links to which are provided above.
If we receive your personal data within the scope of our social media profiles (e.g. in the context of communication), you are entitled to the rights stated in this data protection declaration (see section 7 "Your rights"). You can address your enquiries regarding data processing within the scope of our company profiles to us via the contact data mentioned in section 1.
If you also want to assert your rights against the social network provider, the easiest way to do so is to contact the respective provider directly. The provider knows both the details of the technical operation of the platform and the associated data processing as well as the specific purposes of data processing and can implement appropriate measures at your request if you exercise your rights. The contact details can be found in the data protection information linked above. We are also happy to support you in asserting your rights as far as we are able to.
The legal basis for the aforementioned data processing is Art. 6 (1) lit. b DSGVO if we receive and process your data in the context of an enquiry from you via our social media profiles and the legal basis for linking and operating our company profiles in the social networks, including receiving statistics on the use of our company profiles is Art. 6 (1) lit. f DSGVO based on our legitimate interest in our corporate communications in the respective social networks. The legal basis of the data processing in the context of any social plug-ins is your consent Art. 6 (1) lit. a DSGVO if you have agreed to the use of marketing cookies via the cookie banner. If you do not give your consent, the data processing described here will not be carried on our website.
5.1 Additional information on our Instagram page
If you visit our Instagram page, your data may also be processed in countries outside the European Union where the level of data protection is lower than in the European Union (e.g. the USA). We have contractually agreed with Meta to comply with the European Data Protection Principles, in the case of data processing outside Europe. However, it may in individual cases be possible that the rights of EU citizens cannot be enforced or cannot be fully enforced, e.g. if US security authorities store and analyse data. Please therefore check carefully what personal information and messages you share on Instagram and, if in doubt, use other contact options offered by us to get in touch with us.
For more information on the type and scope of the statistics that we receive from Meta about the visits and interactions with our page (so-called insights), please also see the Instagram information on page insights. Here you will also find a detailed description of the data that is processed when you visit the fan page to create these statistics (e.g. the content accessed, likes, subscriptions, recommendations and comments as well as clicks, mouse movements and date, time, Instagram user ID and demographic data. If you want to assert your rights against Meta, you can use an online form from Meta or contact us as mentioned above.
5.2 Additional information on our Twitter profile
We are responsible for our tweets and information shared by us. Twitter provides the technical platform and infrastructure for message exchange. If you communicate with us via Twitter and respond to our tweets, your data may also be processed in countries outside the European Union where the level of data protection is lower than in the European Union (e.g. in the USA). We have contractually agreed with Twitter to respect the European data protection principles. However, when data is processed outside Europe, it may in individual cases be the case that the rights of EU citizens cannot or cannot fully be enforced, e.g. when US security authorities store and analyse data. Please check carefully what personal information and messages you share on Twitter and, if in doubt, use other contact options offered by us.
We may also receive statistics from Twitter about the reach of our social media activity (e.g. the number of hits, interactions such as retweets and aggregated demographic and other information or audience insights and other statistics about followers).
5.3 Additional information on our LinkedIn profile
We are responsible for our own content in our LinkedIn company profile and information shared by us there. LinkedIn provides the technical platform and infrastructure for the social network. If you communicate with us on LinkedIn, your data may also be processed in countries outside the European Union where the level of data protection is lower than in the European Union (e.g. the USA). We have contractually agreed with LinkedIn to respect the European Data Protection Principles. However, when data is processed outside Europe, it may in individual cases not be possible to enforce the rights of EU citizens, or not fully enforce them, e.g. when US security authorities store and analyse data. Please check carefully what personal information and messages you provide via LinkedIn and if in doubt, use other contact options we offer.
We may also receive statistics from LinkedIn regarding the use of our social media presence (such as the number of views of articles and posts, interactions such as "likes" and comments, and aggregated demographic and other information such as aggregated positions and locations of followers and group members or other statistics).
6. Disclosure of data
In principle, we will only pass on the data we collect if:
In addition, data may be disclosed in connection with official requests, court orders and legal proceedings if this is necessary to pursue or enforce rights.
7. Your rights
You have the right to information about how we process your personal data at any time. When providing this information, we will explain the data processing to you and provide you with an overview of the data stored about you.
If data stored by us is incorrect or no longer up to date, you have the right to have this data corrected.
You may also demand that your data be erased. Should the erasure not be possible in exceptional cases due to other legal regulations, the data will be blocked so that it is only available for that legal purpose.
You are also entitled to have the processing of your data restricted, e.g. if you believe that the data we have stored is incorrect. You also have the right to data portability, which means that on request we will send you a digital copy of the personal data you have provided.
In order to assert your rights described here, you can contact us at any time using the contact details provided in Section 1 above. This also applies if you wish to receive copies of safeguards in order to prove an adequate level of data protection.
In addition, you have the right to object to data processing if it occurs based on Art. 6(1) lit. f DSGVO or for direct marketing purposes. Finally, you have the right to lodge a complaint with our competent data protection supervisory authority. You can assert this right by contacting a supervisory authority in the Member State of your habitual residence, your place of work or the place of the alleged infringement. The competent supervisory authority in Berlin is: Berlin Commissioner for Data Protection and Freedom of Information, Friedrichstr. 219, 10969 Berlin.
Right of withdrawal and objection. Pursuant to Art. 7(3) DSGVO, you have the right to withdraw the consent you gave us at any time. As a result of this, we will cease the data processing based on this consent with future effect. This withdrawal of your consent will not affect the lawfulness of the processing carried out on the basis of the consent prior to the withdrawal.
If we process your data on the basis of legitimate interests pursuant to Art. 6(1)(f) DSGVO, you have the right under Art. 21 DSGVO to object to the processing of your data, and to give us reasons which arise from your particular situation which, in your opinion, show that your legitimate interests override ours. If your objection is to data processing for direct marketing purposes, you have a general right of objection, which we will implement without requiring you to give reasons.
If you would like to make use of your right of withdrawal or objection, it is sufficient to simply notify us using the contact details provided above.