The protection of your personal data is taken very seriously when you use this website. You will be informed below about the collection, processing and use of your personal data when you visit this website and use the services offered there.

1. Information on personal data

(1) Personal data is individual information that relates to a person or that can be used to establish a connection to a person, such as a name, postal address, telephone number, e-mail address, bank details, etc. Personal data can therefore be used to identify a person. Personal data can therefore be used to infer the identity of a person under certain circumstances

(2)The controller is: HYPION GmbH, Hamburger Hof 3, 25746 Heide.

2. Rights of data subjects

You have the following rights in connection with our processing of your data:

(1) Right to information pursuant to Art. 15 GDPR on the processing of your personal data by us regarding the purpose of processing, categories of processed data, recipients or categories of recipients, duration of storage or criteria for determining the duration, right to rectification, erasure, restriction of processing or objection to processing, right to lodge a complaint with the supervisory authority, information on the origin of the data and the existence of automated decision-making and, if applicable, information on guarantees pursuant to Art. 46 GDPR in the event of transfer to a third country or international organizations;

(2) Right to immediate correction of incorrect or completion of incomplete personal data in accordance with Art. 16 GDPR;

(3) Right to erasure of the stored personal data in accordance with Art. 17 GDPR if the data is no longer necessary for the purposes for which it was collected or otherwise processed, if consent has been withdrawn and there is no other legal basis, if an objection to the processing has been lodged and the data may no longer be processed in accordance with Art. 21 para. 1 or 2 GDPR, if the data has been processed unlawfully, if the deletion is necessary to fulfill a legal obligation or if the data was collected in relation to information society services offered in accordance with Art. 8 para. 1 GDPR. This does not apply if the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims;

(4) Right to restriction of processing pursuant to Art. 18 GDPR if you contest the accuracy of the data (for the period necessary to verify the accuracy), if the processing is unlawful but you oppose the erasure and request the restriction of its use instead, if we no longer need the data for the purposes of the processing, but you require the data for the establishment, exercise or defense of legal claims, or if you have objected to processing pursuant to Art. 21 para. 1 GDPR, as long as it is not yet clear whether our legitimate reasons outweigh your legitimate reasons;

(5) Right to object to the processing of your personal data pursuant to Art. 21 para. 2 GDPR (if the data is processed for the purpose of direct marketing) or pursuant to Art. 21 para. 1 GDPR (if the processing is carried out pursuant to Art. 6 para. 1 sentence 1 e) or f) GDPR, on grounds relating to your particular situation, unless we have compelling legitimate grounds for the processing which override your interests or the processing serves the establishment, exercise or defence of legal claims). For more information on the right to object, please also refer to section 13 below;

(6) Right to data portability pursuant to Art. 20 GDPR, i.e. the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format or to transmit those data to another controller;

(7) Right to withdraw consent given at any time in accordance with Art. 7 (3) GDPR. The revocation has the consequence that we may no longer carry out data processing for the future from the time of revocation. See also section 14. below;

(8) Right to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR. The supervisory authority responsible for us can be found in section 4 below. The right to lodge a complaint applies without prejudice to any other administrative or judicial remedies.

(9) Please send all requests for information, requests for information or objections to data processing by e-mail to info@hypion.eu or to the address given under point 1 para. 2.

3. Automated decision-making

Automated decision-making is not used here.

4. Supervisory authority

The address of the supervisory authority responsible for us is:

Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein,

Holstenstraße 98, 24103 Kiel, Tel.: +49 431 988-1200, Fax: +49 431 988-1223,

E-Mail: mail@datenschutzzentrum.de Homepage: www.datenschutzzentrum.de

5. Saving access data

(1) Each time you access our website, access data is stored in a log file on our provider’s server.

(2) This data record consists, for example, of your IP address, the date and time of the request, the name of the requested file, the amount of data transferred and the access status, a description of the web browser and operating system used and the name of your Internet service provider.

(3) This data is collected for technical reasons. An evaluation is carried out exclusively for statistical purposes and without personal reference (visitor numbers and page popularity). Deletion takes place automatically after 14 days at the latest.

6. Collection of personal data for informational use

(1) If you use the website for informational purposes only, i.e. if you do not log in to use the website, register or otherwise provide us with information, we do not collect any personal data, with the exception of the data mentioned under 5.2, which your browser transmits to technically enable you to visit the website.

(2) Cookies are stored on your computer when you use the website. Cookies are small text files that are stored on your hard disk assigned to the browser you are using and through which certain information flows to the body that sets the cookie (in this case us). Cookies cannot execute programs or transmit viruses to your computer. They only serve to make the website more user-friendly and effective overall. For example, we use cookies toidentify you for subsequent visits if you have an account with us. Otherwise you would have to log in again for each visit.

a) This website uses cookies to the following extent: – Transient cookies (temporary use) – Persistent cookies (time-limited use).

b) Transient cookies are automatically deleted when you close the browser. These include session cookies in particular. These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. This allows your computer to be recognised when you return to the website. The session cookies are deleted when you log out or close the browser.

c) Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can delete the cookies at any time in the security settings of your browser.

d) You can configure your browser settings according to your wishes and, for example, refuse to accept third-party cookies or all cookies. However, we would like to point out that you may then not be able to use all the functions of this website.

e) The Flash cookies used are not recorded by your browser, but by your Flash plug-in. These store the necessary data independently of the browser you use and do not have an automatic expiry date. If you do not want Flash cookies to be processed, you must install an appropriate add-on, e.g. ‘Better Privacy’ for Mozilla Firefox (https://addons.mozilla.org/de/firefox/addon/betterprivacy/) or Adobe Flash Killer Cookie for Google Chrome. The legal basis for this data processing is Art. 6 para. 1 sentence 1 f) GDPR. Our legitimate interest lies in the fact that data processing enables us to carry out statistical evaluations regarding the use of our website and to optimise our Internet offerings for users.

The following technically necessary cookies are currently used:

vB-VJGFtkCKblh and wHJva-R: Protection against spam and abuse, storage period: 1 day

pll_language. Storage of the language setting, storage period: 11 months and 30 days

7. Use of functions on our website

(1) In addition to the purely informational use of our website, we offer various services that you can use if you are interested. To do so, you must generally provide additional personal data that we use to provide the respective service. If additional voluntary information is possible, this is labelled accordingly.

(2) When you contact the service provider by e-mail or via the contact form, your e-mail address and, if you specify this, your name and telephone number will be stored by us in order to answer your questions.

8. Contact form

On our website, you have the option of sending us an encrypted e-mail with your request using the ‘Contact’ form. Here you can, for example, ask questions about our company, our products or our services.

In order to be able to process your request, we ask you to enter personal data in our input mask. This includes your name, your e-mail address and other information such as the subject of your enquiry and the text of your message. This information enables us to respond to your enquiry comprehensively. The communication of the data you provide in this context is expressly on a voluntary basis. The personal data transmitted to us from your above-mentioned details and the time of contact are used exclusively for the purpose for which you provide them to us when contacting us – in particular the processing of your enquiry. The information you provide will only be used to process your enquiry. The data will not be used for other purposes or passed on to third parties without your express consent. This does not apply to HYPION GmbH’s partner companies, insofar as this is necessary to fulfil your request. These may be, for example Our suppliers and our trading partners. If there are no statutory retention obligations, your personal data will be deleted after your request has been processed. The legal basis for data processing is Art. 6 para. 1 sentence 1 f) GDPR. Our legitimate interest is that we need your data in order to process or respond to your message.

9.  Disclosure of data

Your personal data will only be passed on to third parties if you have given your express consent to this in accordance with Art. 6 para. 1 sentence 1 a) GDPR;

• if the disclosure is necessary for the fulfilment of contractual obligations pursuant to Art. 6 para. 1 sentence 1 b) GDPR;
• if we are legally obliged to pass on the data within the meaning of Art. 6 para. 1 sentence 1 c) GDPR;
• if the disclosure of the data is in the public interest within the meaning of Art. 6 para. 1 e) GDPR or;
• if the disclosure of the data pursuant to Art. 6 para. 1 sentence 1 f) GDPR is necessary to protect our legitimate interests or the legitimate interests of a third party, unless your interests in the protection of your data prevail.

10. Categories of data

We process the following categories of data: master data (such as company, contact person if applicable, address), communication data, contract data, receivables data, payment and default information if applicable. See the information above.

11. Third party receiver

In order to process your requests satisfactorily, we may have to pass on your personal data to third party recipients. Third-party recipients may be shareholders of HYPION GmbH, our suppliers and our trading partners.

12. Duration for which personal data are stored

Your data will be stored by us for as long as it is required for the purposes on which the processing is based. Beyond this, we only store data insofar as we are legally obliged to do so, e.g. due to statutory retention obligations

13. Information on the right to object

An objection to the processing of personal data concerning you on the basis of Art. 6 para. 1 e) (data processing in the public interest) or f) (data processing to safeguard legitimate interests on the basis of a balancing of interests) is possible at any time in accordance with Art. 21 GDPR. In the event of an objection, the personal data will no longer be processed unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims. Please send your objection to the e-mail address info@hypion.eu.

14. Information the right of withdrawal

If you have given us your consent to process your personal data, you can withdraw this consent at any time. Of course, this also applies to declarations of consent given to us before May 25, 2018 (before the GDPR came into force). The revocation of consent can only take effect for the future. The legality of the processing is not retroactively removed by a revocation. Please send your revocation by e-mail to info@hypion.eu.