Skip to content
Get started

Privacy Policy of Dino Lab GmbH

1. Introduction

Dino Lab GmbH ("we", "our", or "us") is committed to protecting your privacy and the confidentiality of your personal information. This Privacy Policy outlines how we collect, use, store, and process your personal data when you interact with our website and services.

We comply with the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG), and other relevant German data protection laws.

2. Data Controller

The data controller responsible for your personal data is:

Dino Lab GmbH Unterscheibenrain 11 78166 Donaueschingen Deutschland Telefon: 077117514583 E-Mail: post@dino-lab.io

3. Data Protection Officer

Our Data Protection Officer can be reached at:

Dino Lab GmbH Unterscheibenrain 11 78166 Donaueschingen Deutschland E-Mail: datenschutz@dino-lab.io

4. Data We Process and Legal Basis

We collect and process the following categories of personal data, along with the legal basis for processing:

  • Identity Data: This includes your first name, last name, title, and date of birth. (Art. 6 (1) (b) GDPR - contractual necessity).
  • Contact Data: This includes your billing address, delivery address, email address, and telephone numbers. (Art. 6 (1) (b) GDPR - contractual necessity).
  • Technical Data: This includes your internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website. We also use cookies and similar technologies (see Section 13: Cookies and Similar Technologies). (Art. 6 (1) (f) GDPR - legitimate interests, such as website optimization and security; Art. 6 (1) (a) GDPR - consent for non-essential cookies).
  • Marketing Data: This includes your preferences in receiving marketing communications from us and your communication preferences. (Art. 6 (1) (a) GDPR - consent).
  • Interaction Data (Storylane): If you interact with embedded Storylane demos on our website, Storylane may collect your IP address and, if you choose to provide it through a lead capture form, your lead information (e.g., name, email address). Anonymous interaction data is collected for users who do not provide lead information. (Art. 6 (1) (f) GDPR - legitimate interests of Storylane and Dino Lab GmbH for analyzing demo usage; Art. 6 (1) (a) GDPR - consent for lead capture).

We may also process anonymized and aggregated data for statistical and analytical purposes. This data is not considered personal data as it cannot directly or indirectly identify you.

5. Special Categories of Personal Data

We do not collect any special categories of personal data about you (e.g., data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health data, or data concerning your sex life or sexual orientation).

6. Legal Basis for Processing (Consolidated)

We process your personal data based on the following legal grounds:

  • Contractual Necessity (Art. 6 (1) (b) GDPR): To fulfill our contractual obligations to you.
  • Consent (Art. 6 (1) (a) GDPR): For specific purposes, such as marketing or non-essential cookies. You can withdraw your consent at any time.
  • Legitimate Interests (Art. 6 (1) (f) GDPR): For purposes such as website improvement, fraud prevention, and network security, always balanced against your rights.
  • Legal Obligations (Art. 6 (1) (c) GDPR): To comply with legal requirements.

7. Data Security

We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, accidental or unlawful destruction, loss, alteration, and disclosure. These measures include:

  • Encryption of data sent between us using Transport Layer Security (TLS) with SHA 256 hashing algorithm.
  • Regular security assessments and updates.
  • Access controls and restrictions on who can access your data.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. The specific retention period may vary depending on the type of data and the purpose of processing. For example, data related to cookies is retained according to the durations listed in Section 13.

9. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right of Access (Art. 15 GDPR): You have the right to request access to your personal data and information about how we process it.
  • Right to Rectification (Art. 16 GDPR): You have the right to request correction of inaccurate or incomplete personal data.
  • Right to Erasure ("Right to be Forgotten") (Art. 17 GDPR): You have the right to request deletion of your personal data under certain circumstances.
  • Right to Restriction of Processing (Art. 18 GDPR): You have the right to request restriction of processing of your personal data under certain circumstances.
  • Right to Data Portability (Art. 20 GDPR): You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller.
  • Right to Object (Art. 21 GDPR): You have the right to object to the processing of your personal data under certain circumstances, including processing based on legitimate interests.
  • Right to Withdraw Consent (Art. 7 (3) GDPR): You have the right to withdraw your consent to the processing of your personal data at any time if the processing is based on consent. This does not affect the lawfulness of processing based on consent before its withdrawal.

To exercise your rights, please contact our Data Protection Officer using the contact details provided above. We will respond to your request within one month, as required by the GDPR.

10. Complaints

If you have any concerns about our data processing practices, you have the right to lodge a complaint with the competent supervisory authority. In Germany, the competent supervisory authority for Dino Lab GmbH (located in Baden-Württemberg) is:

Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg Königstraße 10a 70173 Stuttgart Website: https://www.baden-wuerttemberg.datenschutz.de/

11. Updates to this Privacy Policy

We may update this Privacy Policy from time to time. We will post any changes on our website and, if the changes are significant, we may also notify you by other means (e.g., email). The date of the last update is shown at the end of this policy.

12. Contact Us

If you have any questions about this Privacy Policy, please contact our Data Protection Officer using the contact details provided above.

13. Cookies and Similar Technologies

Our website uses cookies and similar technologies (e.g., session storage) to enhance your browsing experience, analyze website traffic, and for other purposes described below.

  • What are Cookies? Cookies are small text files that are placed on your computer or mobile device by websites that you visit. They are widely used to make websites work, or work more efficiently, as well as to provide information to the owners of the site.

  • Types of Cookies We Use:

    • Necessary Cookies: These cookies are essential for the website to function properly. They enable basic features like secure log-in and consent preference management. They do not store any personally identifiable information.
      • __cf_bm (Deliveru): Used for Cloudflare Bot Management (Duration: 1 hour).
      • _cfuvid (Deliveru): Used by Calendly for session consistency and personalized services (Duration: session).
    • Analytics Cookies: These cookies help us understand how visitors interact with our website by collecting and reporting information anonymously.
      • ajs_anonymous_id (Segment): Counts the number of unique visitors (Duration: Never Expires).
    • Performance Cookies: These cookies help us analyze and improve the performance of our website.
      • loglevel (Squarespace): Maintains settings and outputs for developer tools (Duration: Never Expires).
    • Third-Party Cookies / Tracking:
      • Storylane: When you interact with embedded Storylane demos, Storylane stores your IP address. If you fill out a lead capture form within a Storylane demo, Storylane will also store the information you provide. Interactions with demos are tracked anonymously for users who do not provide lead information. This data is stored, in part, using session storage, which is cleared when you close your browser. Storylane is GDPR compliant, and their DPA is available in their trust center.
      • Cloudflare: Provides services such as bot management.
      • Deliveru: Provides services related to content delivery.

  • Managing Cookies: You can control and manage cookies through our cookie consent banner and your browser settings. You can choose to accept or reject all cookies, or to be notified when a cookie is set. Please note that blocking necessary cookies may affect the functionality of our website.

  • Session Storage: We also use session storage, which is similar to cookies but stores data only for the duration of your browser session. This data is automatically deleted when you close your browser. We use session storage for essential website functionality and, as part of Storylane's service, to store interaction data temporarily.

Last Updated: 01.01.2025